System verseucht mit Trojan.Win32.Jorik1456291289

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} not found.
HKCUSOFTWAREMicrosoftInternet ExplorerMain\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerURLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
C:Program Files (x86)Ask.comGenericAskToolbar.dll moved successfully.
HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerSearchScopes\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftInternet ExplorerSearchScopes{A1D5327E-0719-43CE-BC12-07727B6BDAF1} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A1D5327E-0719-43CE-BC12-07727B6BDAF1} not found.
HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings\ProxyEnable|dword:0 /E : value set successfully!
HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings\ProxyOverride| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: "hxxp://www.google.de/" removed from browser.startup.homepage
Prefs.js: 0 removed from network.proxy.type
64bit-Registry key HKEY_LOCAL_MACHINESoftwareMozillaPlugins@adobe.com/FlashPlayer deleted successfully.
Registry key HKEY_LOCAL_MACHINESoftwareMozillaPlugins@Apple.com/iTunes,version= deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
File C:Program Files (x86)Ask.comGenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\ deleted successfully.
Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun\ApnUpdater deleted successfully.
C:Program Files (x86)Ask.comUpdaterUpdater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer\NoDriveTypeAutoRun deleted successfully.
64bit-Registry key HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExtAn OneNote s&enden deleted successfully.
64bit-Registry key HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExtNach Microsoft E&xcel exportieren deleted successfully.
Registry key HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExtAn OneNote s&enden not found.
Registry key HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExtNach Microsoft E&xcel exportieren not found.
64bit-Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{E6FB5E20-DE35-11CF-9C87-00AA005127ED} not found.
Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShellServiceObjectDelayLoad\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{E6FB5E20-DE35-11CF-9C87-00AA005127ED} not found.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCdrom\AutoRun|DWORD:1 /E : value set successfully!
Folder C:UsersabcAppDataRoamingOpenCandy not found.
C:WindowsInstaller{e98f47b8-6818-7ee8-758e-57d62ed72e4a}L0000004.@ moved successfully.
C:WindowsInstaller{e98f47b8-6818-7ee8-758e-57d62ed72e4a}@ moved successfully.
File C:UsersabcAppDataLocal{e98f47b8-6818-7ee8-758e-57d62ed72e4a}@ not found.
========== FILES ==========
C:windowsInstaller{e98f47b8-6818-7ee8-758e-57d62ed72e4a}U folder moved successfully.
C:windowsInstaller{e98f47b8-6818-7ee8-758e-57d62ed72e4a}L folder moved successfully.
C:windowsInstaller{e98f47b8-6818-7ee8-758e-57d62ed72e4a} folder moved successfully.
Folder C:UsersabcAppDataLocal{e98f47b8-6818-7ee8-758e-57d62ed72e4a} not found.
FileFolder C:UsersabcAppDataLocal{*} not found.
C:ProgramDataFullRemove.exe moved successfully.
C:ProgramDataTemp{CB099890-1D5F-11D5-9EA9-0050BAE317E1} folder moved successfully.
C:ProgramDataTemp{C59C179C-668D-49A9-B6EA-0121CCFC1243} folder moved successfully.
C:ProgramDataTemp{B7A0CE06-068E-11D6-97FD-0050BACBF861} folder moved successfully.
C:ProgramDataTemp{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41} folder moved successfully.
C:ProgramDataTemp{40BF1E83-20EB-11D8-97C5-0009C5020658} folder moved successfully.
C:ProgramDataTemp{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47} folder moved successfully.
C:ProgramDataTemp{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} folder moved successfully.
C:ProgramDataTemp{01FB4998-33C4-4431-85ED-079E3EEFE75D} folder moved successfully.
C:ProgramDataTemp folder moved successfully.
FileFolder C:UsersabcAppDataLocalTemp*.exe not found.
FileFolder C:UsersabcAppDataLocalLowSunJavaDeploymentcache not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:UsersasaDesktopcmd.bat deleted successfully.
C:UsersasaDesktopcmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: asa
->Temp folder emptied: 17599883 bytes
->Temporary Internet Files folder emptied: 1809508 bytes
->FireFox cache emptied: 86956200 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 859 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%System32 .tmp files removed: 0 bytes
%systemroot%System32 (64bit) .tmp files removed: 0 bytes
%systemroot%System32drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 209076 bytes
%systemroot%sysnativeconfigsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet Files folder emptied: 36030261 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 136.00 mb
 
 
OTL by OldTimer - Version 3.2.58.1 log created on 08252012_192741
 
FilesFolders moved on Reboot...
C:UsersasaAppDataLocalTempFXSAPIDebugLogFile.txt moved successfully.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...