ich habe mir den bka virus eingefangen und habe otl laufen lassen. wenn ich es richtig verstanden habe, soll ich die otl textdatei hier posten.

all meine uni-daten sind weg, bitte um schnelle hilfe

auf hilfe hoffende, verzweifelte userin!


All processes killed
========== OTL ==========
HKLM\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files\Winload\tbWin0.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{e36df325-3f4b-476f-8f89-123bc5d51a30} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e36df325-3f4b-476f-8f89-123bc5d51a30}\ not found.
File C:\Program Files\ClipGrab\prxtbClip.dll not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Unable to set value : HKU\Christian_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E!
Unable to set value : HKU\Christian_ON_C\Software\Microsoft\Internet Explorer\Main\\StartPageCache| /E!
Registry key HKEY_USERS\Christian_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_USERS\Christian_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
File C:\Program Files\Winload\tbWin0.dll not found.
Registry key HKEY_USERS\Christian_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e36df325-3f4b-476f-8f89-123bc5d51a30}\ not found.
File C:\Program Files\ClipGrab\prxtbClip.dll not found.
Prefs.js: "hxxp://www.tram-tram.de.vu/" removed from browser.startup.homepage
Prefs.js: toolbar@ask.com:3.12.2.16749 removed from extensions.enabledItems
Prefs.js: sparweltgutscheinewl@sparwelt.de:1.0 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry key HKEY_USERS\Christian_ON_C\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Users\Christian\AppData\Roaming\Qeyl\byuci.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\Christian_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\Christian_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer not found.
Registry key HKEY_USERS\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File E:\AUTOMODE not found.
File X:\AUTORUN.INF not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
Unable to delete ADS C:\ProgramData\TEMP:0EE09C55 .
Unable to delete ADS C:\Users\Christian\Documents\Ihre Abobestellung von www_eisenbahnwelt_de.eml:OECustomProperty .
Unable to delete ADS C:\Users\Christian\Documents\Willkommen auf „js-home_org“***.eml:OECustomProperty .
Unable to delete ADS C:\Users\Christian\Documents\Schaden ***.eml:OECustomProperty .
Unable to delete ADS C:\Users\Christian\Documents\Eventim***.eml:OECustomProperty .
Unable to delete ADS C:\Users\Christian\Documents\MOTOR-TALK_***.eml:OECustomProperty .
Unable to delete ADS C:\ProgramData\TEMP:E88BE39E .
========== FILES ==========
File\Folder C:\Users\Christian\AppData\Roaming\Qeyl\byuci.exe not found.
File\Folder C:\Users\Christian\AppData\Roaming\Qeyl not found.
File\Folder C:\Users\Christian\AppData\Roaming\Emaxu not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Blumentapete\Downloads\cmd.bat deleted successfully.
C:\Users\Blumentapete\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Blumentapete
->Temp folder emptied: 1644684594 bytes
->Temporary Internet Files folder emptied: 355883855 bytes
->Java cache emptied: 2002 bytes
->FireFox cache emptied: 1102314960 bytes
->Google Chrome cache emptied: 7328279 bytes
->Opera cache emptied: 2156703 bytes
->Flash cache emptied: 7897881 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 2836 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 297471381 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67698 bytes
RecycleBin emptied: 43272665591 bytes

Total Files Cleaned = 44.528,00 mb


OTL by OldTimer - Version 3.2.46.1 log created on 06052012_203827

Files\Folders moved on Reboot...
C:\Users\Blumentapete\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Zitat:

wenn ich es richtig verstanden habe, soll ich die otl textdatei hier posten.

Ich wünschte du hättest auch mal richtig gelesen
In eigentlich jedem Thread zu einem OTL-Fix steht sowas!

Zitat:

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!