| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BUNDESPOLIZEI / Ihr Computer wurde gesperrtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.07.2012, 21:02
| #9 |
 |  BUNDESPOLIZEI / Ihr Computer wurde gesperrt Hallo Arne, ich habe den Scan mit OTL durchgeführt. Hier der Imhalt der LOG-Datei: Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{e36df325-3f4b-476f-8f89-123bc5d51a30} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e36df325-3f4b-476f-8f89-123bc5d51a30}\ deleted successfully.
C:\Program Files (x86)\ClipGrab\prxtbCli0.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\S-1-5-21-4284497293-1136568860-3551687546-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-4284497293-1136568860-3551687546-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{e36df325-3f4b-476f-8f89-123bc5d51a30} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e36df325-3f4b-476f-8f89-123bc5d51a30}\ not found.
File C:\Program Files (x86)\ClipGrab\prxtbCli0.dll not found.
HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ not found.
Registry key HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "ClipGrab Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2536373&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "ClipGrab Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.bearshare.net" removed from browser.startup.homepage
Prefs.js: ffxtlbr@babylon.com:1.2.0 removed from extensions.enabledItems
Prefs.js: "hxxp://search.babylon.com/?affID=110819&babsrc=KW_ss&mntrId=604962b5000000000000964ce51719e9&q=" removed from keyword.URL
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\components folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\searchbar folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\options folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\uwa folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\radio\images folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\radio\css folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\radio folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\images folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\css folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\com.djboxservice.dj.DJBox folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\modules folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\lib folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\data\search folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\data folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{e36df325-3f4b-476f-8f89-123bc5d51a30}\searchplugin folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{e36df325-3f4b-476f-8f89-123bc5d51a30}\modules folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{e36df325-3f4b-476f-8f89-123bc5d51a30}\META-INF folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{e36df325-3f4b-476f-8f89-123bc5d51a30}\defaults folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{e36df325-3f4b-476f-8f89-123bc5d51a30}\components folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{e36df325-3f4b-476f-8f89-123bc5d51a30}\chrome folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{e36df325-3f4b-476f-8f89-123bc5d51a30} folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\defaults\preferences folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\defaults folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome\content\images folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome\content folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\crossriderapp2258@crossrider.com\skin folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\crossriderapp2258@crossrider.com\locale\en-US folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\crossriderapp2258@crossrider.com\locale folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\crossriderapp2258@crossrider.com\defaults\preferences folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\crossriderapp2258@crossrider.com\defaults folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\crossriderapp2258@crossrider.com\chrome\content\lib folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\crossriderapp2258@crossrider.com\chrome\content folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\crossriderapp2258@crossrider.com\chrome folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\crossriderapp2258@crossrider.com folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.
C:\Users\K&S\AppData\Roaming\mozilla\Firefox\Profiles\al0jc1yx.default\extensions\ffxtlbr@babylon.com folder moved successfully.
C:\Users\K&S\AppData\Roaming\Mozilla\Firefox\Profiles\al0jc1yx.default\searchplugins\conduit.xml moved successfully.
C:\Users\K&S\AppData\Roaming\Mozilla\Firefox\Profiles\al0jc1yx.default\searchplugins\Search_Results.xml moved successfully.
C:\PROGRAM FILES (X86)\BEARSHARE APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION\content folder moved successfully.
C:\PROGRAM FILES (X86)\BEARSHARE APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION\components folder moved successfully.
C:\PROGRAM FILES (X86)\BEARSHARE APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION folder moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B939CF93-F2CB-443d-956C-DC523D85C9DB}\ deleted successfully.
C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\BROWSE~1.DLL moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443d-956C-DC523D85C9DB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B939CF93-F2CB-443d-956C-DC523D85C9DB}\ deleted successfully.
C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\BROWSE~1.DLL moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ deleted successfully.
C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e36df325-3f4b-476f-8f89-123bc5d51a30}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e36df325-3f4b-476f-8f89-123bc5d51a30}\ not found.
File C:\Program Files (x86)\ClipGrab\prxtbCli0.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
File C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{e36df325-3f4b-476f-8f89-123bc5d51a30} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e36df325-3f4b-476f-8f89-123bc5d51a30}\ not found.
File C:\Program Files (x86)\ClipGrab\prxtbCli0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll not found.
Registry value HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E36DF325-3F4B-476F-8F89-123BC5D51A30} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E36DF325-3F4B-476F-8F89-123BC5D51A30}\ not found.
File C:\Program Files (x86)\ClipGrab\prxtbCli0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully.
C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\PLD_FrameworkRunOnce deleted successfully.
C:\Windows\SysNative\OEM\_waitAndLaunch_PLD_Framework_NoWait.vbs moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4284497293-1136568860-3551687546-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll deleted successfully.
C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll deleted successfully.
C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll deleted successfully.
C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\datamngr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll deleted successfully.
C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\IEBHO.dll moved successfully.
C:\ProgramData\FullRemove.exe moved successfully.
C:\xmldm folder moved successfully.
ADS C:\ProgramData\TEMP:ABE89FFE deleted successfully.
ADS C:\ProgramData\TEMP:E3C56885 deleted successfully.
ADS C:\ProgramData\TEMP:E1F04E8D deleted successfully.
ADS C:\ProgramData\TEMP:5D7E5A8F deleted successfully.
ADS C:\ProgramData\TEMP:4CF61E54 deleted successfully.
ADS C:\ProgramData\TEMP:444C53BA deleted successfully.
ADS C:\ProgramData\TEMP:AB689DEA deleted successfully.
ADS C:\ProgramData\TEMP:0B9176C0 deleted successfully.
ADS C:\ProgramData\TEMP:4D066AD2 deleted successfully.
ADS C:\ProgramData\TEMP:93DE1838 deleted successfully.
========== FILES ==========
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\x64 folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\components folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\searchbar folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\css folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\skin folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\modules folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\data\search folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content\data folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome\content folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar\chrome folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr\ToolBar folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar\Datamngr folder moved successfully.
C:\PROGRA~2\BearShare Applications\MediaBar folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\Images folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\videosview\images folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\videosview folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\images folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\colorsbubble\images folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\colorsbubble folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\cdripview folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\artistsview\images folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\artistsview folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\albumsview\images folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html\albumsview folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins\html folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\Skins folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\HTML\Images folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare\HTML folder moved successfully.
C:\PROGRA~2\BearShare Applications\BearShare folder moved successfully.
C:\PROGRA~2\BearShare Applications folder moved successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh folder moved successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17 folder moved successfully.
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar folder moved successfully.
C:\Program Files (x86)\BabylonToolbar folder moved successfully.
C:\Users\K&S\AppData\Roaming\.# folder moved successfully.
C:\Users\Sebastian\AppData\Roaming\.# folder moved successfully.
C:\Users\Sebastian\AppData\Roaming\kock folder moved successfully.
C:\Users\Kristina\AppData\Roaming\.# folder moved successfully.
C:\ProgramData\ssrahfwjarrbynh moved successfully.
C:\ProgramData\dolzowms.exe moved successfully.
C:\Users\Sebastian\AppData\Roaming\UAs folder moved successfully.
C:\Users\Sebastian\AppData\Roaming\xmldm folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: K&S
->Temp folder emptied: 544605 bytes
->Temporary Internet Files folder emptied: 51908802 bytes
->Java cache emptied: 3536423 bytes
->FireFox cache emptied: 44933947 bytes
->Flash cache emptied: 6684 bytes
User: Kristina
->Temp folder emptied: 24241205 bytes
->Temporary Internet Files folder emptied: 129087903 bytes
->Java cache emptied: 7140 bytes
->FireFox cache emptied: 3621680 bytes
->Flash cache emptied: 187623 bytes
User: Michael
User: Public
User: Rezepte
User: Sebastian
->Temp folder emptied: 114061758 bytes
->Temporary Internet Files folder emptied: 280590135 bytes
->Java cache emptied: 157604 bytes
->FireFox cache emptied: 76041010 bytes
->Google Chrome cache emptied: 159991035 bytes
->Flash cache emptied: 390038 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1592 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84895 bytes
RecycleBin emptied: 286104 bytes
Total Files Cleaned = 848,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: K&S
->Flash cache emptied: 0 bytes
User: Kristina
->Flash cache emptied: 0 bytes
User: Michael
User: Public
User: Rezepte
User: Sebastian
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.53.1 log created on 07022012_214022
Files\Folders moved on Reboot...
C:\Users\K&S\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\K&S\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
Gruß Michael |
| Themen zu BUNDESPOLIZEI / Ihr Computer wurde gesperrt |
| .dll, 192.168.0.2, ad-aware, alternate, avg, babylon toolbar, babylontoolbar, bho, bildschirm, bonjour, canon, clipgrab, computer, conduit, dealply, entfernen, excel, explorer, firefox, format, gesperrt, home, infizierte, infizierte dateien, launch, logfile, mp3, plug-in, realtek, registry, scan, search the web, searchscopes, software, taskmanager, trojaner bundespolizei system gesperrt, trojaner-board, version=1.0, windows |
Baum-Darstellung