Hilfe Virus eingefangen: Windows blockiert!

Lina S.

Lieber Chris,

ich war schon einen Schritt weiter und habe die Malwarebytes Software installiert und über eine Stunde lang ausgeführt, bis ich deine Nachricht gesehen habe. In dieser Zeit hatte er schon 10 infizierte Dateien entdeckt. Ich musste aber abbrechen, um den Fix zu machen. Muss ich jetzt nochmal den Fullscan mit Malwarebytes machen?

Hier der Report:
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SkypeM deleted successfully.
C:\Users\Yahya\AppData\Local\Skype\Skype.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Userinit deleted successfully.
C:\Users\Yahya\AppData\Roaming\appconf32.exe moved successfully.
S:\AUTORUN.INF moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12e45d0c-aba9-11de-b4c2-82379398e654}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12e45d0c-aba9-11de-b4c2-82379398e654}\ not found.
File C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a476124f-9fd1-11de-b1d3-a43c4364def5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a476124f-9fd1-11de-b1d3-a43c4364def5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a476124f-9fd1-11de-b1d3-a43c4364def5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a476124f-9fd1-11de-b1d3-a43c4364def5}\ not found.
File D:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4761271-9fd1-11de-b1d3-a43c4364def5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4761271-9fd1-11de-b1d3-a43c4364def5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4761271-9fd1-11de-b1d3-a43c4364def5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a4761271-9fd1-11de-b1d3-a43c4364def5}\ not found.
File D:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a476128d-9fd1-11de-b1d3-a43c4364def5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a476128d-9fd1-11de-b1d3-a43c4364def5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a476128d-9fd1-11de-b1d3-a43c4364def5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a476128d-9fd1-11de-b1d3-a43c4364def5}\ not found.
File D:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5f24b19-a826-11de-b93d-d9244b3cf710}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5f24b19-a826-11de-b93d-d9244b3cf710}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5f24b19-a826-11de-b93d-d9244b3cf710}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5f24b19-a826-11de-b93d-d9244b3cf710}\ not found.
File D:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5f24b1c-a826-11de-b93d-d9244b3cf710}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5f24b1c-a826-11de-b93d-d9244b3cf710}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5f24b1c-a826-11de-b93d-d9244b3cf710}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5f24b1c-a826-11de-b93d-d9244b3cf710}\ not found.
File D:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c9157f82-61bb-11df-b85a-b03a80523b67}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c9157f82-61bb-11df-b85a-b03a80523b67}\ not found.
File D:\Launcher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccb75be1-9eb4-11de-b5ed-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ccb75be1-9eb4-11de-b5ed-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccb75be1-9eb4-11de-b5ed-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ccb75be1-9eb4-11de-b5ed-806e6f6e6963}\ not found.
File D:\setup_vmc_lite.exe /checkApplicationPresence not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0daaf0c-dab1-11de-b67f-b8519259bcf8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0daaf0c-dab1-11de-b67f-b8519259bcf8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e0daaf0c-dab1-11de-b67f-b8519259bcf8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e0daaf0c-dab1-11de-b67f-b8519259bcf8}\ not found.
File D:\setup_vmc_lite.exe /checkApplicationPresence not found.
C:\Users\Yahya\AppData\Roaming\01009\components folder moved successfully.
C:\Users\Yahya\AppData\Roaming\01009 folder moved successfully.
C:\Users\Yahya\AppData\Roaming\AcroIEHelpe.dll moved successfully.
File C:\Users\Yahya\AppData\Roaming\AcroIEHelpe.dll not found.
C:\Users\Yahya\AppData\Roaming\BAcroIEHelpe.dll moved successfully.
C:\Users\Yahya\AppData\Roaming\xmldm folder moved successfully.
C:\Users\Yahya\AppData\Roaming\kock folder moved successfully.
C:\Users\Yahya\AppData\Roaming\blckdom.res moved successfully.
C:\Users\Yahya\Desktop\~$رَّحِيمِ الرَّحْمَنِ اللَّهِ بِسْمِ.docx moved successfully.
File C:\Users\Yahya\Desktop\~$رَّحِيمِ الرَّحْمَنِ اللَّهِ بِسْمِ.docx not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\"DisableMonitoring" |dword:0x00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\"DisableMonitoring" |dword:0x00 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\"DisableMonitoring" |dword:0x00 /E : value set successfully!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\"AntiVirusOverride" | dword:0x00 /E!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes

User: Gast
->Temp folder emptied: 547290 bytes
->Flash cache emptied: 571 bytes

User: Public

User: Yahya
->Temp folder emptied: 1350712 bytes
->Java cache emptied: 63333934 bytes
->FireFox cache emptied: 18871901 bytes
->Google Chrome cache emptied: 387638464 bytes
->Apple Safari cache emptied: 11821056 bytes
->Flash cache emptied: 5780 bytes

User: Yahya_2
->Temp folder emptied: 38740349 bytes
->Java cache emptied: 7617554 bytes
->Flash cache emptied: 5299 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 50299154 bytes
RecycleBin emptied: 44180566 bytes

Total Files Cleaned = 595,00 mb


OTL by OldTimer - Version 3.2.33.2 log created on 02292012_143645

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...