Trojaner-Board - Virenbefall?

Code:

# AdwCleaner v6.030 - Logfile created 30/10/2016 at 18:54:28

# Updated on 19/10/2016 by Malwarebytes

# Database : 2016-10-30.1 [Server]

# Operating System : Windows 10 Home  (X64)

# Username : hannibla34 - WO

# Running from : C:\Users\hannibla34\Downloads\AdwCleaner_6.030.exe

# Mode: Clean

# Support : hxxps://www.malwarebytes.com/support
 
 
 

***** [ Services ] *****
 
 
 

***** [ Folders ] *****
 
 
 

***** [ Files ] *****
 

[-] File deleted: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml
 
 

***** [ DLL ] *****
 
 
 

***** [ WMI ] *****
 
 
 

***** [ Shortcuts ] *****
 
 
 

***** [ Scheduled Tasks ] *****
 
 
 

***** [ Registry ] *****
 

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
 
 

***** [ Web browsers ] *****
 

[-] Chrome preferences cleaned: "pttl.menu-search-groups-tab" -  false

[-] Chrome preferences cleaned: "pttl.menu-search-groups-win" -  false
 
 

*************************
 

:: "Tracing" keys deleted

:: Winsock settings cleared

:: "Prefetch" files deleted

:: Proxy settings cleared

:: IE policies deleted

:: Chrome policies deleted
 

*************************
 

C:\AdwCleaner\AdwCleaner[C1].txt - [1304 Bytes] - [23/04/2016 15:58:37]

C:\AdwCleaner\AdwCleaner[C2].txt - [1215 Bytes] - [05/05/2016 18:10:52]

C:\AdwCleaner\AdwCleaner[C3].txt - [1339 Bytes] - [15/05/2016 23:40:33]

C:\AdwCleaner\AdwCleaner[C4].txt - [1638 Bytes] - [04/08/2016 22:51:49]

C:\AdwCleaner\AdwCleaner[C5].txt - [2015 Bytes] - [13/10/2016 12:44:52]

C:\AdwCleaner\AdwCleaner[C6].txt - [1882 Bytes] - [30/10/2016 18:54:28]

C:\AdwCleaner\AdwCleaner[S10].txt - [2817 Bytes] - [30/10/2016 18:49:15]

C:\AdwCleaner\AdwCleaner[S1].txt - [1187 Bytes] - [23/04/2016 15:39:47]

C:\AdwCleaner\AdwCleaner[S2].txt - [896 Bytes] - [24/04/2016 16:28:13]

C:\AdwCleaner\AdwCleaner[S3].txt - [1046 Bytes] - [05/05/2016 18:09:33]

C:\AdwCleaner\AdwCleaner[S4].txt - [1247 Bytes] - [15/05/2016 23:35:46]

C:\AdwCleaner\AdwCleaner[S5].txt - [1287 Bytes] - [29/05/2016 14:31:39]

C:\AdwCleaner\AdwCleaner[S6].txt - [1473 Bytes] - [02/07/2016 23:41:12]

C:\AdwCleaner\AdwCleaner[S7].txt - [1546 Bytes] - [04/08/2016 22:50:41]

C:\AdwCleaner\AdwCleaner[S8].txt - [2085 Bytes] - [13/10/2016 12:43:07]

C:\AdwCleaner\AdwCleaner[S9].txt - [2082 Bytes] - [13/10/2016 12:50:00]
 

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [2685 Bytes] ##########

Code:

# AdwCleaner v6.030 - Logfile created 30/10/2016 at 18:54:28

# Updated on 19/10/2016 by Malwarebytes

# Database : 2016-10-30.1 [Server]

# Operating System : Windows 10 Home  (X64)

# Username : hannibla34 - WO

# Running from : C:\Users\hannibla34\Downloads\AdwCleaner_6.030.exe

# Mode: Clean

# Support : hxxps://www.malwarebytes.com/support
 
 
 

***** [ Services ] *****
 
 
 

***** [ Folders ] *****
 
 
 

***** [ Files ] *****
 

[-] File deleted: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml
 
 

***** [ DLL ] *****
 
 
 

***** [ WMI ] *****
 
 
 

***** [ Shortcuts ] *****
 
 
 

***** [ Scheduled Tasks ] *****
 
 
 

***** [ Registry ] *****
 

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
 
 

***** [ Web browsers ] *****
 

[-] Chrome preferences cleaned: "pttl.menu-search-groups-tab" -  false

[-] Chrome preferences cleaned: "pttl.menu-search-groups-win" -  false
 
 

*************************
 

:: "Tracing" keys deleted

:: Winsock settings cleared

:: "Prefetch" files deleted

:: Proxy settings cleared

:: IE policies deleted

:: Chrome policies deleted
 

*************************
 

C:\AdwCleaner\AdwCleaner[C1].txt - [1304 Bytes] - [23/04/2016 15:58:37]

C:\AdwCleaner\AdwCleaner[C2].txt - [1215 Bytes] - [05/05/2016 18:10:52]

C:\AdwCleaner\AdwCleaner[C3].txt - [1339 Bytes] - [15/05/2016 23:40:33]

C:\AdwCleaner\AdwCleaner[C4].txt - [1638 Bytes] - [04/08/2016 22:51:49]

C:\AdwCleaner\AdwCleaner[C5].txt - [2015 Bytes] - [13/10/2016 12:44:52]

C:\AdwCleaner\AdwCleaner[C6].txt - [1882 Bytes] - [30/10/2016 18:54:28]

C:\AdwCleaner\AdwCleaner[S10].txt - [2817 Bytes] - [30/10/2016 18:49:15]

C:\AdwCleaner\AdwCleaner[S1].txt - [1187 Bytes] - [23/04/2016 15:39:47]

C:\AdwCleaner\AdwCleaner[S2].txt - [896 Bytes] - [24/04/2016 16:28:13]

C:\AdwCleaner\AdwCleaner[S3].txt - [1046 Bytes] - [05/05/2016 18:09:33]

C:\AdwCleaner\AdwCleaner[S4].txt - [1247 Bytes] - [15/05/2016 23:35:46]

C:\AdwCleaner\AdwCleaner[S5].txt - [1287 Bytes] - [29/05/2016 14:31:39]

C:\AdwCleaner\AdwCleaner[S6].txt - [1473 Bytes] - [02/07/2016 23:41:12]

C:\AdwCleaner\AdwCleaner[S7].txt - [1546 Bytes] - [04/08/2016 22:50:41]

C:\AdwCleaner\AdwCleaner[S8].txt - [2085 Bytes] - [13/10/2016 12:43:07]

C:\AdwCleaner\AdwCleaner[S9].txt - [2082 Bytes] - [13/10/2016 12:50:00]
 

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [2685 Bytes] ##########

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlaufdatum: 30.10.2016

Suchlaufzeit: 19:01

Protokolldatei: mbam.txt

Administrator: Ja
 

Version: 2.2.1.1043

Malware-Datenbank: v2016.10.30.08

Rootkit-Datenbank: v2016.09.26.02

Lizenz: Kostenlose Version

Malware-Schutz: Deaktiviert

Schutz vor bösartigen Websites: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 10

CPU: x64

Dateisystem: NTFS

Benutzer: hannibla34
 

Suchlauftyp: Bedrohungssuchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 364550

Abgelaufene Zeit: 8 Min., 38 Sek.
 

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Aktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(keine bösartigen Elemente erkannt)
 

Module: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 0

(keine bösartigen Elemente erkannt)
 

Registrierungswerte: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 0

(keine bösartigen Elemente erkannt)
 

Dateien: 0

(keine bösartigen Elemente erkannt)
 

Physische Sektoren: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

Code:

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=bbc325deb6b1fe468703cfd14ab7732b

# end=init

# utc_time=2016-10-30 06:35:27

# local_time=2016-10-30 07:35:27 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=6.2.9200 NT 

Update Init

Update Download

Update Finalize

Updated modules version: 31247

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=bbc325deb6b1fe468703cfd14ab7732b

# end=updated

# utc_time=2016-10-30 06:39:42

# local_time=2016-10-30 07:39:42 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=6.2.9200 NT 

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=bbc325deb6b1fe468703cfd14ab7732b

# engine=31247

# end=stopped

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2016-10-30 07:16:16

# local_time=2016-10-30 08:16:16 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1031

# osver=6.2.9200 NT 

# compatibility_mode_1='avast! Antivirus'

# compatibility_mode=788 16777213 83 84 123164 4933824 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 3790556 9185592 0 0

# scanned=105056

# found=4

# cleaned=0

# scan_time=2194

sh=928A536FBFF196495B90E4BD51B932485B84A099 ft=1 fh=748b6a41a833329e vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\hannibla34\AppData\Local\Temp\DMR\dmr_72.exe"

sh=188E07E3879E3365A31BEEFDF77AAA19C0CFC185 ft=1 fh=35a766c08afb02cb vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\hannibla34\Documents\Eigene Dateien\Downloads\Samsung Kies - CHIP-Installer.exe"

sh=B10C1CADFC621E4F27E2AEC38BF7E3DECE3C1391 ft=1 fh=6854dfdadbbb262a vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\hannibla34\Downloads\Atomuhr Allzeit Atomzeit - CHIP-Installer.exe"

sh=839CB94D1444F52CE2F6986ADB8F035BAF151924 ft=1 fh=44593bc053fe86c0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\hannibla34\Downloads\TDSSKiller - CHIP-Installer.exe"

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=bbc325deb6b1fe468703cfd14ab7732b

# end=init

# utc_time=2016-10-30 07:17:44

# local_time=2016-10-30 08:17:44 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=6.2.9200 NT 

Update Init

Update Download

esets_scanner_update returned -1 esets_gle=53251

Update Finalize

Updated modules version: 31247

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=bbc325deb6b1fe468703cfd14ab7732b

# end=updated

# utc_time=2016-10-30 07:18:45

# local_time=2016-10-30 08:18:45 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=6.2.9200 NT 

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=bbc325deb6b1fe468703cfd14ab7732b

# engine=31247

# end=stopped

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2016-10-30 07:32:21

# local_time=2016-10-30 08:32:21 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1031

# osver=6.2.9200 NT 

# compatibility_mode_1='avast! Antivirus'

# compatibility_mode=788 16777213 83 84 124129 4934789 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 3791521 9186557 0 0

# scanned=39769

# found=0

# cleaned=0

# scan_time=815

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=bbc325deb6b1fe468703cfd14ab7732b

# end=init

# utc_time=2016-10-30 07:34:10

# local_time=2016-10-30 08:34:10 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=6.2.9200 NT 

Update Init

Update Download

esets_scanner_update returned -1 esets_gle=53251

Update Finalize

Updated modules version: 31247

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=bbc325deb6b1fe468703cfd14ab7732b

# end=updated

# utc_time=2016-10-30 07:35:06

# local_time=2016-10-30 08:35:06 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=6.2.9200 NT 

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=bbc325deb6b1fe468703cfd14ab7732b

# engine=31247

# end=stopped

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2016-10-30 09:01:00

# local_time=2016-10-30 10:01:00 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1031

# osver=6.2.9200 NT 

# compatibility_mode_1='avast! Antivirus'

# compatibility_mode=788 16777213 83 84 129448 4940108 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 3796840 9191876 0 0

# scanned=297479

# found=4

# cleaned=0

# scan_time=5154

sh=928A536FBFF196495B90E4BD51B932485B84A099 ft=1 fh=748b6a41a833329e vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\hannibla34\AppData\Local\Temp\DMR\dmr_72.exe"

sh=188E07E3879E3365A31BEEFDF77AAA19C0CFC185 ft=1 fh=35a766c08afb02cb vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\hannibla34\Documents\Eigene Dateien\Downloads\Samsung Kies - CHIP-Installer.exe"

sh=B10C1CADFC621E4F27E2AEC38BF7E3DECE3C1391 ft=1 fh=6854dfdadbbb262a vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\hannibla34\Downloads\Atomuhr Allzeit Atomzeit - CHIP-Installer.exe"

sh=839CB94D1444F52CE2F6986ADB8F035BAF151924 ft=1 fh=44593bc053fe86c0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\hannibla34\Downloads\TDSSKiller - CHIP-Installer.exe"