Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS

WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS


Plagegeister aller Art und deren Bekämpfung: WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.07.2012, 18:12   #1
haasthomas
 
WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS - Standard

WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS


Hallo,

vorab, ich bin einfacher Anwender und bitte um HILFE!
Habe den Trojaner BKA 5.2 (Österreich).
Ich habe das WLAN abgedreht und alles ist in Ordnung, doch sobald ich es wieder aufdrehe, setzt die Sperre ein.
Habe mit OTL by Oldtimer einen Scan durchgeführt und die TXT dateien angehängt.

Ich hoffe ihr könnt mir helfen.

LG
Thomas Haas

Alt 19.07.2012, 20:20   #2
t'john
/// Helfer-Team
 
WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS - Standard

WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS




Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
ATTFilter
:OTL
PRC - C:\Documents and Settings\Simone\Local Settings\Temp\nlbsmkxperkyvbgtrnebhxq.exe (Asus) 
PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask) 
PRC - C:\Program Files\3DataManager\WTGService.exe () 
PRC - C:\Program Files\Smart Watchdog\SWDsvc.exe () 
PRC - C:\Program Files\Common Files\NMSAccessU.exe () 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} 
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-606747145-287218729-839522115-1003\..\URLSearchHook: - No CLSID value found 
IE - HKU\S-1-5-21-606747145-287218729-839522115-1003\..\SearchScopes,DefaultScope = {BF517EF7-E8A9-442E-9533-A512C04E6D6F} 
IE - HKU\S-1-5-21-606747145-287218729-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC 
IE - HKU\S-1-5-21-606747145-287218729-839522115-1003\..\SearchScopes\{1177A8D3-C79C-4FD6-B502-AC16398796CD}: "URL" = http://www.google.de/search?q={searchTerms}&rlz=1I7ADRA_en 
IE - HKU\S-1-5-21-606747145-287218729-839522115-1003\..\SearchScopes\{18A613ED-4E18-4F16-9029-FE3DB5C5B5B9}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10397&src=crm&q={searchTerms}&locale=en_AT&apn_ptnrs=^ABV&apn_dtid=^YYYYYY^YY^AT&apn_uid=37731160-6B2D-48EF-880D-576AC5759F71&apn_sauid=29F5FF87-76A6-4C05-96E6-69C9B3D15AD4 
IE - HKU\S-1-5-21-606747145-287218729-839522115-1003\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd 
IE - HKU\S-1-5-21-606747145-287218729-839522115-1003\..\SearchScopes\{BF517EF7-E8A9-442E-9533-A512C04E6D6F}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=18&tid={CB5B2E5F-52C5-4bf0-B9F8-26CE3A1CC49E} 
IE - HKU\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) 
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) 
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) 
O3 - HKU\S-1-5-21-606747145-287218729-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. 
O3 - HKU\S-1-5-21-606747145-287218729-839522115-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) 
O4 - HKLM..\Run: [] File not found 
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) 
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () 
O4 - HKLM..\Run: [Smart Watch Dog] C:\Program Files\Smart Watchdog\SmartWD.exe () 
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found 
O4 - HKU\S-1-5-21-606747145-287218729-839522115-1003..\Run: [] C:\Documents and Settings\Simone\Local Settings\Temp\nlbsmkxperkyvbgtrnebhxq.exe (Asus) 
O4 - HKU\S-1-5-21-606747145-287218729-839522115-1003..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\S-1-5-21-606747145-287218729-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.) 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) 
O20 - Winlogon\Notify\psfus: DllName - (C:\WINDOWS\system32\psqlpwd.dll) - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.) 
O32 - HKLM CDRom: AutoRun - 1 
O33 - MountPoints2\{01334ba8-0145-11e0-a239-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{01334ba8-0145-11e0-a239-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{01334ba8-0145-11e0-a239-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{01334baa-0145-11e0-a239-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{01334baa-0145-11e0-a239-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{01334baa-0145-11e0-a239-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{04d0f0c4-1b1b-11de-9f23-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{04d0f0c4-1b1b-11de-9f23-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{04d0f0c4-1b1b-11de-9f23-002170ab9d8d}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{04d0f0c5-1b1b-11de-9f23-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{04d0f0c5-1b1b-11de-9f23-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{04d0f0c5-1b1b-11de-9f23-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{486ce46e-05db-11e0-a242-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{486ce46e-05db-11e0-a242-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{486ce46e-05db-11e0-a242-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{62339c2c-6bdd-11de-9fac-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{62339c2c-6bdd-11de-9fac-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{62339c2c-6bdd-11de-9fac-002170ab9d8d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn 
O33 - MountPoints2\{686689c2-1a18-11de-9f22-0080bdfb8b65}\Shell - "" = AutoRun 
O33 - MountPoints2\{686689c2-1a18-11de-9f22-0080bdfb8b65}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{686689c2-1a18-11de-9f22-0080bdfb8b65}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{686689c5-1a18-11de-9f22-0080bdfb8b65}\Shell - "" = AutoRun 
O33 - MountPoints2\{686689c5-1a18-11de-9f22-0080bdfb8b65}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{686689c5-1a18-11de-9f22-0080bdfb8b65}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{75960f12-73ac-11de-9fb4-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{75960f12-73ac-11de-9fb4-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{75960f12-73ac-11de-9fb4-002170ab9d8d}\Shell\AutoRun\command - "" = F:\AutoRun.exe 
O33 - MountPoints2\{8079759a-c5a4-11df-a1e4-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{8079759a-c5a4-11df-a1e4-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{8079759a-c5a4-11df-a1e4-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{80cd8774-03cb-11e0-a23d-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{80cd8774-03cb-11e0-a23d-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{80cd8774-03cb-11e0-a23d-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{a45a1e70-c571-11df-a1e3-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{a45a1e70-c571-11df-a1e3-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{a45a1e70-c571-11df-a1e3-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{d9aecf69-02cb-11e0-a23b-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{d9aecf69-02cb-11e0-a23b-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{d9aecf69-02cb-11e0-a23b-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{f148de6e-1342-11e0-a24e-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{f148de6e-1342-11e0-a24e-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{f148de6e-1342-11e0-a24e-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{f148de6f-1342-11e0-a24e-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{f148de6f-1342-11e0-a24e-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{f148de6f-1342-11e0-a24e-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
O33 - MountPoints2\{f401bae8-79ee-11de-9fbe-002170ab9d8d}\Shell - "" = AutoRun 
O33 - MountPoints2\{f401bae8-79ee-11de-9fbe-002170ab9d8d}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{f401bae8-79ee-11de-9fbe-002170ab9d8d}\Shell\AutoRun\command - "" = E:\AutoRun.exe 
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] 
[2012.07.19 19:04:01 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job 
[2012.07.19 19:04:01 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job 
[2012.07.19 18:58:47 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job 
[2012.07.19 18:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simone\Application Data\Dropbox 
[2012.07.15 16:57:02 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job 
:Files
C:\Documents and Settings\Simone\Local Settings\Temp\nlbsmkxperkyvbgtrnebhxq.exe

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________

__________________
Alt 20.07.2012, 10:44   #3
haasthomas
 
WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS - Standard

WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS


Hat funktioniert, danke
Logfile:
All processes killed
========== OTL ==========
No active process named nlbsmkxperkyvbgtrnebhxq.exe was found!
No active process named Updater.exe was found!
No active process named WTGService.exe was found!
No active process named SWDsvc.exe was found!
No active process named NMSAccessU.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKU\.DEFAULT\Software\Microsoaft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1177A8D3-C79C-4FD6-B502-AC16398796CD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1177A8D3-C79C-4FD6-B502-AC16398796CD}\ not found.
Registry key HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{18A613ED-4E18-4F16-9029-FE3DB5C5B5B9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18A613ED-4E18-4F16-9029-FE3DB5C5B5B9}\ not found.
Registry key HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{BF517EF7-E8A9-442E-9533-A512C04E6D6F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF517EF7-E8A9-442E-9533-A512C04E6D6F}\ not found.
HKU\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Program Files\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LanguageShortcut deleted successfully.
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Smart Watch Dog deleted successfully.
C:\Program Files\Smart Watchdog\SmartWD.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.
Registry value HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\Documents and Settings\Simone\Local Settings\Temp\nlbsmkxperkyvbgtrnebhxq.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\OM_Monitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-606747145-287218729-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
C:\WINDOWS\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus\ deleted successfully.
C:\WINDOWS\system32\psqlpwd.dll moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01334ba8-0145-11e0-a239-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01334ba8-0145-11e0-a239-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01334ba8-0145-11e0-a239-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01334ba8-0145-11e0-a239-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01334ba8-0145-11e0-a239-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01334ba8-0145-11e0-a239-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01334baa-0145-11e0-a239-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01334baa-0145-11e0-a239-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01334baa-0145-11e0-a239-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01334baa-0145-11e0-a239-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01334baa-0145-11e0-a239-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01334baa-0145-11e0-a239-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d0f0c4-1b1b-11de-9f23-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d0f0c4-1b1b-11de-9f23-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d0f0c4-1b1b-11de-9f23-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d0f0c4-1b1b-11de-9f23-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d0f0c4-1b1b-11de-9f23-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d0f0c4-1b1b-11de-9f23-002170ab9d8d}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d0f0c5-1b1b-11de-9f23-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d0f0c5-1b1b-11de-9f23-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d0f0c5-1b1b-11de-9f23-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d0f0c5-1b1b-11de-9f23-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{04d0f0c5-1b1b-11de-9f23-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04d0f0c5-1b1b-11de-9f23-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{486ce46e-05db-11e0-a242-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{486ce46e-05db-11e0-a242-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{486ce46e-05db-11e0-a242-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{486ce46e-05db-11e0-a242-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{486ce46e-05db-11e0-a242-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{486ce46e-05db-11e0-a242-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62339c2c-6bdd-11de-9fac-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62339c2c-6bdd-11de-9fac-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62339c2c-6bdd-11de-9fac-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62339c2c-6bdd-11de-9fac-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62339c2c-6bdd-11de-9fac-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62339c2c-6bdd-11de-9fac-002170ab9d8d}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{686689c2-1a18-11de-9f22-0080bdfb8b65}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686689c2-1a18-11de-9f22-0080bdfb8b65}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{686689c2-1a18-11de-9f22-0080bdfb8b65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686689c2-1a18-11de-9f22-0080bdfb8b65}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{686689c2-1a18-11de-9f22-0080bdfb8b65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686689c2-1a18-11de-9f22-0080bdfb8b65}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{686689c5-1a18-11de-9f22-0080bdfb8b65}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686689c5-1a18-11de-9f22-0080bdfb8b65}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{686689c5-1a18-11de-9f22-0080bdfb8b65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686689c5-1a18-11de-9f22-0080bdfb8b65}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{686689c5-1a18-11de-9f22-0080bdfb8b65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686689c5-1a18-11de-9f22-0080bdfb8b65}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75960f12-73ac-11de-9fb4-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75960f12-73ac-11de-9fb4-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75960f12-73ac-11de-9fb4-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75960f12-73ac-11de-9fb4-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75960f12-73ac-11de-9fb4-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75960f12-73ac-11de-9fb4-002170ab9d8d}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8079759a-c5a4-11df-a1e4-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8079759a-c5a4-11df-a1e4-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8079759a-c5a4-11df-a1e4-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8079759a-c5a4-11df-a1e4-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8079759a-c5a4-11df-a1e4-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8079759a-c5a4-11df-a1e4-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80cd8774-03cb-11e0-a23d-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80cd8774-03cb-11e0-a23d-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80cd8774-03cb-11e0-a23d-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80cd8774-03cb-11e0-a23d-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80cd8774-03cb-11e0-a23d-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80cd8774-03cb-11e0-a23d-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a45a1e70-c571-11df-a1e3-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a45a1e70-c571-11df-a1e3-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a45a1e70-c571-11df-a1e3-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a45a1e70-c571-11df-a1e3-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a45a1e70-c571-11df-a1e3-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a45a1e70-c571-11df-a1e3-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9aecf69-02cb-11e0-a23b-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9aecf69-02cb-11e0-a23b-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9aecf69-02cb-11e0-a23b-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9aecf69-02cb-11e0-a23b-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9aecf69-02cb-11e0-a23b-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9aecf69-02cb-11e0-a23b-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f148de6e-1342-11e0-a24e-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f148de6e-1342-11e0-a24e-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f148de6e-1342-11e0-a24e-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f148de6e-1342-11e0-a24e-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f148de6e-1342-11e0-a24e-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f148de6e-1342-11e0-a24e-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f148de6f-1342-11e0-a24e-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f148de6f-1342-11e0-a24e-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f148de6f-1342-11e0-a24e-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f148de6f-1342-11e0-a24e-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f148de6f-1342-11e0-a24e-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f148de6f-1342-11e0-a24e-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f401bae8-79ee-11de-9fbe-002170ab9d8d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f401bae8-79ee-11de-9fbe-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f401bae8-79ee-11de-9fbe-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f401bae8-79ee-11de-9fbe-002170ab9d8d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f401bae8-79ee-11de-9fbe-002170ab9d8d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f401bae8-79ee-11de-9fbe-002170ab9d8d}\ not found.
File E:\AutoRun.exe not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
File C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job not found.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Documents and Settings\Simone\Application Data\Dropbox\shellext\l folder moved successfully.
C:\Documents and Settings\Simone\Application Data\Dropbox\shellext\dump folder moved successfully.
C:\Documents and Settings\Simone\Application Data\Dropbox\shellext folder moved successfully.
C:\Documents and Settings\Simone\Application Data\Dropbox\l folder moved successfully.
C:\Documents and Settings\Simone\Application Data\Dropbox\installer\l folder moved successfully.
C:\Documents and Settings\Simone\Application Data\Dropbox\installer folder moved successfully.
C:\Documents and Settings\Simone\Application Data\Dropbox\bin folder moved successfully.
C:\Documents and Settings\Simone\Application Data\Dropbox folder moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== FILES ==========
File\Folder C:\Documents and Settings\Simone\Local Settings\Temp\nlbsmkxperkyvbgtrnebhxq.exe not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Simone\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Simone\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Guest
->Temp folder emptied: 587497 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2853263 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes

User: Simone
->Temp folder emptied: 1437481708 bytes
->Temporary Internet Files folder emptied: 145329334 bytes
->Java cache emptied: 5690414 bytes
->Flash cache emptied: 47900 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1138618 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 83477168 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 272196722 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 210841126 bytes

Total Files Cleaned = 2.060,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: Guest

User: LocalService

User: NetworkService

User: Simone
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.54.0 log created on 07202012_021930

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
__________________
Alt 20.07.2012, 20:13   #4
t'john
/// Helfer-Team
 
WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS - Standard

WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS


Sehr gut!

Wie laeuft der Rechner?

1. Schritt

Neue Version! Bitte neu runterladen!
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
Mfg, t'john
Das TB unterstützen

Alt 30.07.2012, 20:37   #5
t'john
/// Helfer-Team
 
WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS - Standard

WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS


Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.

__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS
anwender, bitte um hilfe, dateien, durchgeführt, einfacher, hoffe, oldtimer, ordnung, otl scan, scan, scans, setzt, sobald, sperre, troja, trojaner, winxp, wlan, Österreich


« Bundespolizei - Trojaner 1.13 - Window 7 | GVU-Trojaner Vers. 2.07 »


Ähnliche Themen: WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS


  1. Scans finden ständig neue Trojaner, Spammails etc.
    Plagegeister aller Art und deren Bekämpfung - 31.03.2015 (13)
  2. WinXP SP3 Malware - Virenscanner usw. lassen sich nicht installieren! Dualbootsystem WinXP/Win7
    Log-Analyse und Auswertung - 13.12.2013 (15)
  3. BKA Trojaner Österreich
    Plagegeister aller Art und deren Bekämpfung - 22.10.2013 (15)
  4. Polizeit Trojaner Österreich
    Plagegeister aller Art und deren Bekämpfung - 05.04.2013 (16)
  5. Polizei-Trojaner Österreich
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (4)
  6. BKA Trojaner Österreich
    Log-Analyse und Auswertung - 09.10.2012 (2)
  7. BKA Österreich Trojaner auf Win XP
    Plagegeister aller Art und deren Bekämpfung - 21.08.2012 (7)
  8. BKA Trojaner Österreich
    Log-Analyse und Auswertung - 16.08.2012 (5)
  9. Polizeitrojaner (Österreich) Der PC ist für die Verletzung der Gesetzte der Rep. Österreich...
    Plagegeister aller Art und deren Bekämpfung - 13.08.2012 (18)
  10. BKA Trojaner Österreich
    Plagegeister aller Art und deren Bekämpfung - 12.08.2012 (14)
  11. Verschlüsselungstrojaner Österreich Version "Der Computer ist (...)Republik Österreich blockiert"
    Plagegeister aller Art und deren Bekämpfung - 01.08.2012 (3)
  12. BKA-Trojaner Österreich
    Plagegeister aller Art und deren Bekämpfung - 04.07.2012 (9)
  13. Trojaner TR/Crypt.xpack.Gen wird gemeldt, in scans nicht erkannt
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (1)
  14. Bundeskriminalamt.eu (Österreich) Trojaner
    Log-Analyse und Auswertung - 22.04.2012 (11)
  15. Trojaner bei Windows Vista - Logs und Scans nicht durchführbar!
    Plagegeister aller Art und deren Bekämpfung - 14.03.2012 (1)
  16. Trojaner verhindert sicherheitsrelevante Internetseiten und Scans
    Mülltonne - 23.10.2008 (0)
  17. Virus o. Trojaner - Scans finden nichts
    Plagegeister aller Art und deren Bekämpfung - 21.01.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS - Hallo, vorab, ich bin einfacher Anwender und bitte um HILFE! Habe den Trojaner BKA 5.2 (Österreich). Ich habe das WLAN abgedreht und alles ist in Ordnung, doch sobald ich es - WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS...
Archiv
Du betrachtest: WINXP Trojaner BKA 5.2 (Österreich) + OTL SCANS auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131