Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Erneuter Virusbefall

Erneuter Virusbefall


Plagegeister aller Art und deren Bekämpfung: Erneuter Virusbefall

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 10.12.2013, 20:58   #16
Tobi R.
 
Erneuter Virusbefall - Standard

Erneuter Virusbefall


Code:
ATTFilter
notcheckup31.txt 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````

Code:
ATTFilter

	
Code: 

 
ATTFilter


  

	
HitmanPro 3.7.8.208
www.hitmanpro.com

   Computer name . . . . : TOBIASROSSMANN
   Windows . . . . . . . : 6.1.1.7601.X86/2
   User name . . . . . . : TobiasRossmann\Tobias Rossmann
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2013-12-04 21:11:56
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 10m 1s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 227

   Objects scanned . . . : 1.922.143
   Files scanned . . . . : 187.161
   Remnants scanned  . . : 646.339 files / 1.088.643 keys

Potential Unwanted Programs _________________________________________________

   HKU\.DEFAULT\Software\Ask.com\ (AskBar)
   HKU\.DEFAULT\Software\AskToolbar\ (AskBar)
   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
   HKU\S-1-5-18\Software\Ask.com\ (AskBar)
   HKU\S-1-5-18\Software\AskToolbar\ (AskBar)
   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
   HKU\S-1-5-21-1016556084-3091970497-507946437-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
   HKU\S-1-5-21-1016556084-3091970497-507946437-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro)

Cookies _____________________________________________________________________

   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:action.media6degrees.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.12mnkys.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.ad-srv.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adnet.biz
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adnet.de
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.auditude.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.de
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.lokalisten.de
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.movad.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:adopteunmec.solution.weborama.fr
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adacado.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adk2.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.brandwire.tv
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.cpxcenter.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.escinteractive.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.glispa.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.lzjl.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.myswitzerland.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.smartstream.tv
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserv.quality-channel.de
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.adtech.de
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:aka-cdn-ns.adtech.de
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:audiag.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:clicksor.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:de.sitestat.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:deutschepostag.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas4.emediate.eu
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.pgmediaserve.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:exoclick.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:fr.sitestat.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftsto.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:nikonjp.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:nl.sitestat.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:olympiaverlag.122.2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:overture.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool-eu-ie.creative-serving.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:premiumtv.122.2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:sonyeurope.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.bmw.de
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:tomorrowfocustechnologiesgmbh.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.effiliation.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww251.smartadserver.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww400.smartadserver.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:www4.smartadserver.com
   C:\Users\Tobias Rossmann\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\5ERG9KQW.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\7940R3FZ.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\88YDNYAE.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\DJUIQW03.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\E3KM1207.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\FAHZC44Z.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\FP5J1BS6.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\HH1JBDEF.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\KLYDJTVN.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\KSP2J1P8.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\MWA6PJOF.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\QDGMIA6R.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@2o7[1].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@ad.adnet[1].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@ad.yieldmanager[1].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@ar.atwola[1].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@atwola[1].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@content.yieldmanager[1].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@content.yieldmanager[3].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@de.at.atwola[1].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@partypoker[2].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@sevenoneintermedia.112.2o7[1].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\tobias_rossmann@youporn[1].txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\X9323WUO.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\Z3GW074X.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\Z816LORG.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Microsoft\Windows\Cookies\ZM838LRR.txt
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad-emea.doubleclick.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.360yield.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.ad-srv.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.adc-serv.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.adition.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.admitad.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.adnet.biz
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.adnet.de
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.adserver01.de
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.dyntracker.de
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.lokalisten.de
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.movad.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.reklamport.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ad.youporn.videobox.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:adbrite.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:adinterax.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads-lb.creative-serving.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads.adtiger.de
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads.crakmedia.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads.escinteractive.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads.jinkads.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads.medienhaus.de
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads.trafficjunky.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads.travelaudience.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ads.yahoo.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:adserver.gs
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:adserverplus.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:adtech.de
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:adultfriendfinder.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:advertising.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:adviva.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:apmebf.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:at.atwola.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:atdmt.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:audiag.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:c.atdmt.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:casalemedia.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:chipxonioonlinegmbh.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:clickbank.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:conrad.122.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:creatives.livejasmin.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:de.sitestat.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:de.youporn.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:doubleclick.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:eas.apm.emediate.eu
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:eas4.emediate.eu
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:emjcd.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:engine.pgmediaserve.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:engine.phn.doublepimp.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:exoclick.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:fastclick.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:fl01.ct2.comclick.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:fr.sitestat.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:guj.122.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:in.getclicky.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:interclick.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:invitemedia.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:livejasmin.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:mathworks.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:media6degrees.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:mediaplex.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:meinsextagebuch.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:msnportal.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:naked.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:olympiaverlag.122.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:openx.sexsearch.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:partypoker.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:pool-eu-ie.creative-serving.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:premiumtv.122.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:questionmarket.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:realmedia.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:restoredchurchofgod.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:revsci.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:rotator.adjuggler.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ru4.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:serving-sys.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:sevenoneintermedia.112.2o7.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:sexad.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:smartadserver.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:specificclick.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:stat.aldi.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:statcounter.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:track.adform.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:track.effiliation.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:track.webtrekk.de
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:tradedoubler.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:tribalfusion.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:ww251.smartadserver.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:www.emjcd.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:www.etracker.de
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:www.sex-hunger.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:www.youporn.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:xiti.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:yieldmanager.net
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:youporn.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:youporninhd.com
   C:\Users\Tobias Rossmann\AppData\Roaming\Mozilla\Firefox\Profiles\eb85k963.default\cookies.sqlite:zedo.com

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7a6b6887f1f06a498a626a1eb7a2ed38
# engine=16202
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-10 11:51:54
# local_time=2013-12-10 12:51:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 95 59367 10712549 52144 0
# compatibility_mode=5893 16776574 100 94 10712266 138307505 0 0
# scanned=331177
# found=0
# cleaned=0
# scan_time=14396

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-12-2013 01
Ran by Tobias Rossmann at 2013-12-04 20:04:15 Run:1
Running from C:\Users\Tobias Rossmann\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
C:\Users\Tobias Rossmann\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\FM9WUZPD\search.babylon[1].xml
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\Zipper.exe" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|ComponentFactory.Krypton.Toolkit.dll" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|FileBrowser.dll" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|Uninstall.exe" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|VAFUpdate.exe" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|Zipper.exe" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-chromeinstaller" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-codedownloader" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-enabler" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-firefoxinstaller" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-updater" /f
Reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1016556084-3091970497-507946437-1000\Software\ICQ\ICQToolBar" /f
end
*****************

C:\Users\Tobias Rossmann\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\FM9WUZPD\search.babylon[1].xml => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard" /f =========

FEHLER: Zugriff verweigert



========= End of Reg: =========


========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\IntelliType Pro\AppSpecific\Zipper.exe" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|ComponentFactory.Krypton.Toolkit.dll" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|FileBrowser.dll" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|Uninstall.exe" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|VAFUpdate.exe" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|Program Files|Tuguu SL|Zipper|Zipper.exe" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-chromeinstaller" /f =========

FEHLER: Zugriff verweigert



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-codedownloader" /f =========

FEHLER: Zugriff verweigert



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-enabler" /f =========

FEHLER: Zugriff verweigert



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-firefoxinstaller" /f =========

FEHLER: Zugriff verweigert



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Pricora 6.1-updater" /f =========

FEHLER: Zugriff verweigert



========= End of Reg: =========


========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1016556084-3091970497-507946437-1000\Software\ICQ\ICQToolBar" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


==== End of Fixlog ====

So, ich hoffe das hat alles geklappt.

viele Grüße,
Tobias

 

Themen zu Erneuter Virusbefall
ausgelastet, erhalte, frage, hallo zusammen, loswerden, pup.optional.babylon.a, pup.optional.conduit.a, pup.optional.crx.a, pup.optional.delta, pup.optional.filescout.a, pup.optional.iminent.a, pup.optional.performersoft.a, pup.optional.softonic, seite, seiten, thread, verdächtige, wetter, wichtiger, wochen, zusammen


« Spam-Mail "Abmahnung" - Dateianhang geöffnet | Trojaner "Bundespolizei " sperrt Firefox »


Ähnliche Themen: Erneuter Virusbefall


  1. Crypto Wars 3.0: Erneuter Streit um Quellen-TKÜ
    Nachrichten - 30.01.2015 (0)
  2. Windows XP: erneuter Schädlingsbefall?
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (3)
  3. win7 startet nicht - nur schwarzer Bildschim und erneuter S+tart
    Alles rund um Windows - 14.09.2014 (24)
  4. Syrian Electronic Army: Erneuter Angriff auf Reuters
    Nachrichten - 23.06.2014 (0)
  5. Erneuter Datenklau: BSI will Nutzer "mit Hochdruck" informieren
    Nachrichten - 04.04.2014 (0)
  6. Erneuter Datenklau: 18 Millionen E-Mail-Passwörter aufgetaucht
    Nachrichten - 03.04.2014 (0)
  7. virusbefall
    Plagegeister aller Art und deren Bekämpfung - 01.12.2013 (5)
  8. Erneuter Hackerangriff auf US-Medienkonzerne
    Nachrichten - 16.08.2013 (0)
  9. erneuter GVU Angriff!
    Plagegeister aller Art und deren Bekämpfung - 03.07.2013 (16)
  10. 2x | Erneuter Befall von js/agent.axquo
    Mülltonne - 06.03.2013 (1)
  11. Erneuter schädlingsfund von Virustotal ist die Seite überhaupt zuverlässig
    Log-Analyse und Auswertung - 11.02.2013 (1)
  12. Erneuter Ukasha Trojaner
    Plagegeister aller Art und deren Bekämpfung - 28.11.2012 (12)
  13. erneuter TR/ATRAPS.Gen2 Trojaner- Befall
    Log-Analyse und Auswertung - 31.01.2012 (15)
  14. Erneuter Ruf nach Vorratsdatenspeicherung
    Nachrichten - 27.11.2011 (0)
  15. Erneuter BKA-Trojaner-Befall
    Log-Analyse und Auswertung - 12.09.2011 (20)
  16. BKA Virusbefall
    Plagegeister aller Art und deren Bekämpfung - 28.07.2011 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Erneuter Virusbefall - Code: Alles auswählen Aufklappen ATTFilter notcheckup31.txt `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log`````````````````````` Code: Alles auswählen Aufklappen ATTFilter Code: Alles auswählen Aufklappen ATTFilter HitmanPro 3.7.8.208 www.hitmanpro.com - Erneuter Virusbefall...
Archiv
Du betrachtest: Erneuter Virusbefall auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19