Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
bProtector for Windows searchplugins

bProtector for Windows searchplugins


Plagegeister aller Art und deren Bekämpfung: bProtector for Windows searchplugins

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.07.2012, 13:27   #1
t'john
/// Helfer-Team
 
bProtector for Windows searchplugins - Standard

bProtector for Windows searchplugins


Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
ATTFilter
:OTL
MOD - c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll () 
SRV - (bProtector) -- C:\ProgramData\bProtectorForWindows\2.2.463.83\bProtect.exe (bProtector) 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found 
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found 
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found 
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found 
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.) 
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} 
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227975 
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3227975 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3227975 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.) 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\SearchScopes,bProtectorDefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}: "URL" = http://search.pdfcreator-toolbar.org/search?p=Q&ts=ne&w={searchTerms}&csrc=search-field 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\SearchScopes\{379378E5-2813-4E77-81D1-880619D81CB6}: "URL" = http://www.google.de/search?q={searchTerms} 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227975 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 
IE - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1 
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 
FF - user.js - File not found 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) 
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.2.463.83\FirefoxExtension [2012.07.14 17:30:07 | 000,000,000 | ---D | M] 
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll 
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) 
O2 - BHO: (Reg Error: Value error.) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation) 
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation) 
O3 - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH) 
O3 - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll () 
O3 - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.) 
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found 
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () 
O4 - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent File not found 
O4 - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 
O7 - HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found 
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found 
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url_de.pl?http://www.ebay.de/ File not found 
O20 - AppInit_DLLs: (c:\progra~2\bprote~1\22463~1.83\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll () 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] 
O33 - MountPoints2\{15e5c95e-2107-11df-a9b2-00a0d16c74bb}\Shell\AutoRun\command - "" = RECYCLER\autorun.exe 
O33 - MountPoints2\{15e5c95e-2107-11df-a9b2-00a0d16c74bb}\Shell\open\command - "" = RECYCLER\autorun.exe 
O33 - MountPoints2\{3bc04713-b6a9-11dc-843e-00a0d16c74bb}\Shell - "" = AutoRun 
O33 - MountPoints2\{3bc04713-b6a9-11dc-843e-00a0d16c74bb}\Shell\AutoRun\command - "" = D:\AutoRun.exe 
O33 - MountPoints2\{3bc0472d-b6a9-11dc-843e-00a0d16c74bb}\Shell - "" = AutoRun 
O33 - MountPoints2\{3bc0472d-b6a9-11dc-843e-00a0d16c74bb}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{8423d886-ec3c-11dd-9a8e-00a0d16c74bb}\Shell - "" = AutoRun 
O33 - MountPoints2\{8423d886-ec3c-11dd-9a8e-00a0d16c74bb}\Shell\AutoRun\command - "" = D:\AutoRun.exe 
O33 - MountPoints2\{c276349d-b95b-11dc-b533-00a0d16c74bb}\Shell - "" = AutoRun 
O33 - MountPoints2\{c276349d-b95b-11dc-b533-00a0d16c74bb}\Shell\AutoRun\command - "" = D:\AutoRun.exe 
O33 - MountPoints2\{c86227dd-128b-11dd-8f2e-806e6f6e6963}\Shell - "" = AutoRun 
O33 - MountPoints2\{c86227dd-128b-11dd-8f2e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe 
O33 - MountPoints2\{ce76eadd-1230-11dd-91e7-806e6f6e6963}\Shell - "" = AutoRun 
O33 - MountPoints2\{ce76eadd-1230-11dd-91e7-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun.exe 
O33 - MountPoints2\{ce76ec36-1230-11dd-91e7-00a0d16c74bb}\Shell - "" = AutoRun 
O33 - MountPoints2\{ce76ec36-1230-11dd-91e7-00a0d16c74bb}\Shell\AutoRun\command - "" = D:\AutoRun.exe 
O33 - MountPoints2\F\Shell - "" = AutoRun 
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe 

[2012.07.14 17:31:11 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe 
[2012.07.14 17:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\bProtectorForWindows 
[182 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] 
[2012.07.31 09:46:48 | 000,032,128 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\nvModes.001 
[2012.07.30 14:44:58 | 000,032,128 | ---- | M] () -- C:\Users\Hannes\AppData\Roaming\nvModes.dat 
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:24051EFF 
[2012.07.31 10:25:45 | 000,000,000 | ---D | C] -- C:\Users\Hannes\Desktop\bProtectorForWindows 
[2012.07.31 10:03:40 | 000,000,000 | ---D | C] -- C:\Users\Hannes\Desktop\searchplugins 
[2012.07.31 07:45:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\searchplugins 
[2012.07.31 07:45:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\bProtectorForWindows 
[2012.07.20 14:57:09 | 000,000,000 | ---D | C] -- C:\Users\Hannes\bProtectorForWindows 
[2012.07.14 17:31:20 | 000,000,000 | ---D | C] -- C:\Users\Hannes\AppData\Roaming\PerformerSoft 
[2012.07.14 17:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\PC Performer 
[2012.07.14 17:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit 
[2012.07.14 17:30:33 | 000,000,000 | ---D | C] -- C:\Users\Hannes\AppData\Local\Conduit 
[2012.07.14 17:30:07 | 000,000,000 | ---D | C] -- C:\Users\Hannes\searchplugins 
[2012.07.14 17:30:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions 
[2012.07.14 17:30:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins 
[2012.07.14 17:30:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\bProtectorForWindows 
[2012.07.14 17:30:46 | 000,000,009 | ---- | M] () -- C:\END 
[2012.07.31 13:25:19 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job 
[2012.07.31 12:52:22 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job 
[2012.07.31 12:53:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 
[2012.07.31 12:53:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 
[2012.07.31 09:52:01 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job 

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________
Mfg, t'john
Das TB unterstützen

Alt 31.07.2012, 14:17   #2
johofer
 
bProtector for Windows searchplugins - Standard

bProtector for Windows searchplugins


All processes killed
========== OTL ==========
Service bProtector stopped successfully!
Service bProtector deleted successfully!
File move failed. C:\ProgramData\bProtectorForWindows\2.2.463.83\bProtect.exe scheduled to be moved on reboot.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys File not found not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\system32\drivers\blbdrive.sys File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully.
C:\Programme\Winamp Toolbar\winamptb.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\SearchScopes\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4a1d-AC25-2834D952D9B4}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\SearchScopes\{379378E5-2813-4E77-81D1-880619D81CB6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{379378E5-2813-4E77-81D1-880619D81CB6}\ not found.
Registry key HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
HKU\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll not found.
File HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.2.463.83\FirefoxExtension not found.
File C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ not found.
File move failed. C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ deleted successfully.
C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{90222687-F593-4738-B738-FBEE9C7B26DF} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90222687-F593-4738-B738-FBEE9C7B26DF}\ deleted successfully.
C:\Programme\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ deleted successfully.
c:\Programme\Google\GoogleToolbar1.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}\ not found.
C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ deleted successfully.
File C:\Programme\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
C:\Programme\Winamp\winampa.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\TOSCDSPD deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3763147448-2540374928-1796028379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C08CAF1D-C0A3-40D5-9970-06D067EAC017}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C08CAF1D-C0A3-40D5-9970-06D067EAC017}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\bprote~1\22463~1.83\protec~1.dll deleted successfully.
File move failed. c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll scheduled to be moved on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15e5c95e-2107-11df-a9b2-00a0d16c74bb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15e5c95e-2107-11df-a9b2-00a0d16c74bb}\ not found.
File C:\RECYCLER\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15e5c95e-2107-11df-a9b2-00a0d16c74bb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15e5c95e-2107-11df-a9b2-00a0d16c74bb}\ not found.
File C:\RECYCLER\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bc04713-b6a9-11dc-843e-00a0d16c74bb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3bc04713-b6a9-11dc-843e-00a0d16c74bb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bc04713-b6a9-11dc-843e-00a0d16c74bb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3bc04713-b6a9-11dc-843e-00a0d16c74bb}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bc0472d-b6a9-11dc-843e-00a0d16c74bb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3bc0472d-b6a9-11dc-843e-00a0d16c74bb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3bc0472d-b6a9-11dc-843e-00a0d16c74bb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3bc0472d-b6a9-11dc-843e-00a0d16c74bb}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8423d886-ec3c-11dd-9a8e-00a0d16c74bb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8423d886-ec3c-11dd-9a8e-00a0d16c74bb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8423d886-ec3c-11dd-9a8e-00a0d16c74bb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8423d886-ec3c-11dd-9a8e-00a0d16c74bb}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c276349d-b95b-11dc-b533-00a0d16c74bb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c276349d-b95b-11dc-b533-00a0d16c74bb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c276349d-b95b-11dc-b533-00a0d16c74bb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c276349d-b95b-11dc-b533-00a0d16c74bb}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c86227dd-128b-11dd-8f2e-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86227dd-128b-11dd-8f2e-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c86227dd-128b-11dd-8f2e-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c86227dd-128b-11dd-8f2e-806e6f6e6963}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce76eadd-1230-11dd-91e7-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce76eadd-1230-11dd-91e7-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce76eadd-1230-11dd-91e7-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce76eadd-1230-11dd-91e7-806e6f6e6963}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce76ec36-1230-11dd-91e7-00a0d16c74bb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce76ec36-1230-11dd-91e7-00a0d16c74bb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce76ec36-1230-11dd-91e7-00a0d16c74bb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce76ec36-1230-11dd-91e7-00a0d16c74bb}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\setup.exe not found.
C:\Windows\System32\roboot.exe moved successfully.
C:\ProgramData\bProtectorForWindows\2.2.463.83\traking_settings folder moved successfully.
C:\ProgramData\bProtectorForWindows\2.2.463.83\FirefoxExtension\searchplugins folder moved successfully.
C:\ProgramData\bProtectorForWindows\2.2.463.83\FirefoxExtension\content folder moved successfully.
C:\ProgramData\bProtectorForWindows\2.2.463.83\FirefoxExtension\components folder moved successfully.
C:\ProgramData\bProtectorForWindows\2.2.463.83\FirefoxExtension folder moved successfully.
C:\ProgramData\bProtectorForWindows\2.2.463.83\crashReports folder moved successfully.
Folder move failed. C:\ProgramData\bProtectorForWindows\2.2.463.83 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\bProtectorForWindows scheduled to be moved on reboot.
C:\Windows\System32\zch1095.tmp deleted successfully.
C:\Windows\System32\zch10E.tmp deleted successfully.
C:\Windows\System32\zch1129.tmp deleted successfully.
C:\Windows\System32\zch127.tmp deleted successfully.
C:\Windows\System32\zch144E.tmp deleted successfully.
C:\Windows\System32\zch14D.tmp deleted successfully.
C:\Windows\System32\zch14FC.tmp deleted successfully.
C:\Windows\System32\zch153E.tmp deleted successfully.
C:\Windows\System32\zch1560.tmp deleted successfully.
C:\Windows\System32\zch1600.tmp deleted successfully.
C:\Windows\System32\zch1630.tmp deleted successfully.
C:\Windows\System32\zch17C9.tmp deleted successfully.
C:\Windows\System32\zch19AB.tmp deleted successfully.
C:\Windows\System32\zch1A5C.tmp deleted successfully.
C:\Windows\System32\zch1C61.tmp deleted successfully.
C:\Windows\System32\zch1D10.tmp deleted successfully.
C:\Windows\System32\zch1EAA.tmp deleted successfully.
C:\Windows\System32\zch1ECA.tmp deleted successfully.
C:\Windows\System32\zch2386.tmp deleted successfully.
C:\Windows\System32\zch2609.tmp deleted successfully.
C:\Windows\System32\zch2CEF.tmp deleted successfully.
C:\Windows\System32\zch2D2.tmp deleted successfully.
C:\Windows\System32\zch2F4.tmp deleted successfully.
C:\Windows\System32\zch31DD.tmp deleted successfully.
C:\Windows\System32\zch324C.tmp deleted successfully.
C:\Windows\System32\zch391.tmp deleted successfully.
C:\Windows\System32\zch3A64.tmp deleted successfully.
C:\Windows\System32\zch3E4B.tmp deleted successfully.
C:\Windows\System32\zch433.tmp deleted successfully.
C:\Windows\System32\zch445C.tmp deleted successfully.
C:\Windows\System32\zch452A.tmp deleted successfully.
C:\Windows\System32\zch45EB.tmp deleted successfully.
C:\Windows\System32\zch474A.tmp deleted successfully.
C:\Windows\System32\zch47BA.tmp deleted successfully.
C:\Windows\System32\zch47DD.tmp deleted successfully.
C:\Windows\System32\zch489A.tmp deleted successfully.
C:\Windows\System32\zch492.tmp deleted successfully.
C:\Windows\System32\zch4A1.tmp deleted successfully.
C:\Windows\System32\zch4D69.tmp deleted successfully.
C:\Windows\System32\zch4E8C.tmp deleted successfully.
C:\Windows\System32\zch500.tmp deleted successfully.
C:\Windows\System32\zch5092.tmp deleted successfully.
C:\Windows\System32\zch51AE.tmp deleted successfully.
C:\Windows\System32\zch51EF.tmp deleted successfully.
C:\Windows\System32\zch5280.tmp deleted successfully.
C:\Windows\System32\zch5472.tmp deleted successfully.
C:\Windows\System32\zch55EC.tmp deleted successfully.
C:\Windows\System32\zch5777.tmp deleted successfully.
C:\Windows\System32\zch5A79.tmp deleted successfully.
C:\Windows\System32\zch5A8C.tmp deleted successfully.
C:\Windows\System32\zch5A9B.tmp deleted successfully.
C:\Windows\System32\zch5ADA.tmp deleted successfully.
C:\Windows\System32\zch5B4C.tmp deleted successfully.
C:\Windows\System32\zch5B69.tmp deleted successfully.
C:\Windows\System32\zch5B8B.tmp deleted successfully.
C:\Windows\System32\zch5BAD.tmp deleted successfully.
C:\Windows\System32\zch5BC.tmp deleted successfully.
C:\Windows\System32\zch5CEF.tmp deleted successfully.
C:\Windows\System32\zch5D29.tmp deleted successfully.
C:\Windows\System32\zch5D50.tmp deleted successfully.
C:\Windows\System32\zch5D5E.tmp deleted successfully.
C:\Windows\System32\zch5D91.tmp deleted successfully.
C:\Windows\System32\zch5F56.tmp deleted successfully.
C:\Windows\System32\zch5FC8.tmp deleted successfully.
C:\Windows\System32\zch60D.tmp deleted successfully.
C:\Windows\System32\zch6582.tmp deleted successfully.
C:\Windows\System32\zch65A.tmp deleted successfully.
C:\Windows\System32\zch65D3.tmp deleted successfully.
C:\Windows\System32\zch6605.tmp deleted successfully.
C:\Windows\System32\zch6627.tmp deleted successfully.
C:\Windows\System32\zch6726.tmp deleted successfully.
C:\Windows\System32\zch67F4.tmp deleted successfully.
C:\Windows\System32\zch6893.tmp deleted successfully.
C:\Windows\System32\zch6AC9.tmp deleted successfully.
C:\Windows\System32\zch6C04.tmp deleted successfully.
C:\Windows\System32\zch6F31.tmp deleted successfully.
C:\Windows\System32\zch6F70.tmp deleted successfully.
C:\Windows\System32\zch709.tmp deleted successfully.
C:\Windows\System32\zch70E.tmp deleted successfully.
C:\Windows\System32\zch73D3.tmp deleted successfully.
C:\Windows\System32\zch74D.tmp deleted successfully.
C:\Windows\System32\zch74D1.tmp deleted successfully.
C:\Windows\System32\zch780F.tmp deleted successfully.
C:\Windows\System32\zch79D6.tmp deleted successfully.
C:\Windows\System32\zch7A65.tmp deleted successfully.
C:\Windows\System32\zch7C7D.tmp deleted successfully.
C:\Windows\System32\zch844.tmp deleted successfully.
C:\Windows\System32\zch85E.tmp deleted successfully.
C:\Windows\System32\zch875.tmp deleted successfully.
C:\Windows\System32\zch87B9.tmp deleted successfully.
C:\Windows\System32\zch8874.tmp deleted successfully.
C:\Windows\System32\zch8E.tmp deleted successfully.
C:\Windows\System32\zch90B9.tmp deleted successfully.
C:\Windows\System32\zch91A6.tmp deleted successfully.
C:\Windows\System32\zch940F.tmp deleted successfully.
C:\Windows\System32\zch9410.tmp deleted successfully.
C:\Windows\System32\zch9543.tmp deleted successfully.
C:\Windows\System32\zch960.tmp deleted successfully.
C:\Windows\System32\zch985.tmp deleted successfully.
C:\Windows\System32\zch9A98.tmp deleted successfully.
C:\Windows\System32\zch9D2E.tmp deleted successfully.
C:\Windows\System32\zch9F13.tmp deleted successfully.
C:\Windows\System32\zchA2DB.tmp deleted successfully.
C:\Windows\System32\zchA2EB.tmp deleted successfully.
C:\Windows\System32\zchA31D.tmp deleted successfully.
C:\Windows\System32\zchA598.tmp deleted successfully.
C:\Windows\System32\zchA5B.tmp deleted successfully.
C:\Windows\System32\zchA72C.tmp deleted successfully.
C:\Windows\System32\zchA749.tmp deleted successfully.
C:\Windows\System32\zchA97E.tmp deleted successfully.
C:\Windows\System32\zchAA1D.tmp deleted successfully.
C:\Windows\System32\zchB21D.tmp deleted successfully.
C:\Windows\System32\zchB34A.tmp deleted successfully.
C:\Windows\System32\zchB399.tmp deleted successfully.
C:\Windows\System32\zchB3C1.tmp deleted successfully.
C:\Windows\System32\zchB421.tmp deleted successfully.
C:\Windows\System32\zchB5AC.tmp deleted successfully.
C:\Windows\System32\zchB68D.tmp deleted successfully.
C:\Windows\System32\zchBA0A.tmp deleted successfully.
C:\Windows\System32\zchBA59.tmp deleted successfully.
C:\Windows\System32\zchBAE3.tmp deleted successfully.
C:\Windows\System32\zchBBC2.tmp deleted successfully.
C:\Windows\System32\zchBC03.tmp deleted successfully.
C:\Windows\System32\zchBD40.tmp deleted successfully.
C:\Windows\System32\zchBD82.tmp deleted successfully.
C:\Windows\System32\zchBDC1.tmp deleted successfully.
C:\Windows\System32\zchBDF1.tmp deleted successfully.
C:\Windows\System32\zchBFD6.tmp deleted successfully.
C:\Windows\System32\zchC0E2.tmp deleted successfully.
C:\Windows\System32\zchC161.tmp deleted successfully.
C:\Windows\System32\zchC16F.tmp deleted successfully.
C:\Windows\System32\zchC1C2.tmp deleted successfully.
C:\Windows\System32\zchC1F4.tmp deleted successfully.
C:\Windows\System32\zchC275.tmp deleted successfully.
C:\Windows\System32\zchC27B.tmp deleted successfully.
C:\Windows\System32\zchC2E3.tmp deleted successfully.
C:\Windows\System32\zchC508.tmp deleted successfully.
C:\Windows\System32\zchC57C.tmp deleted successfully.
C:\Windows\System32\zchC692.tmp deleted successfully.
C:\Windows\System32\zchCABE.tmp deleted successfully.
C:\Windows\System32\zchCC35.tmp deleted successfully.
C:\Windows\System32\zchCC52.tmp deleted successfully.
C:\Windows\System32\zchCE16.tmp deleted successfully.
C:\Windows\System32\zchCF5E.tmp deleted successfully.
C:\Windows\System32\zchD02C.tmp deleted successfully.
C:\Windows\System32\zchD05E.tmp deleted successfully.
C:\Windows\System32\zchD0AA.tmp deleted successfully.
C:\Windows\System32\zchD0CA.tmp deleted successfully.
C:\Windows\System32\zchD255.tmp deleted successfully.
C:\Windows\System32\zchD2E1.tmp deleted successfully.
C:\Windows\System32\zchD646.tmp deleted successfully.
C:\Windows\System32\zchD9CF.tmp deleted successfully.
C:\Windows\System32\zchDA96.tmp deleted successfully.
C:\Windows\System32\zchDA9C.tmp deleted successfully.
C:\Windows\System32\zchDB82.tmp deleted successfully.
C:\Windows\System32\zchDBBA.tmp deleted successfully.
C:\Windows\System32\zchDBF0.tmp deleted successfully.
C:\Windows\System32\zchDC01.tmp deleted successfully.
C:\Windows\System32\zchDF7E.tmp deleted successfully.
C:\Windows\System32\zchE154.tmp deleted successfully.
C:\Windows\System32\zchE6B3.tmp deleted successfully.
C:\Windows\System32\zchE762.tmp deleted successfully.
C:\Windows\System32\zchEB7C.tmp deleted successfully.
C:\Windows\System32\zchEB96.tmp deleted successfully.
C:\Windows\System32\zchEBE7.tmp deleted successfully.
C:\Windows\System32\zchEE1D.tmp deleted successfully.
C:\Windows\System32\zchEF66.tmp deleted successfully.
C:\Windows\System32\zchEFA0.tmp deleted successfully.
C:\Windows\System32\zchF0E9.tmp deleted successfully.
C:\Windows\System32\zchF3D9.tmp deleted successfully.
C:\Windows\System32\zchF855.tmp deleted successfully.
C:\Windows\System32\zchF8A4.tmp deleted successfully.
C:\Windows\System32\zchF8F0.tmp deleted successfully.
C:\Windows\System32\zchF9BE.tmp deleted successfully.
C:\Windows\System32\zchF9C6.tmp deleted successfully.
C:\Windows\System32\zchFB.tmp deleted successfully.
C:\Windows\System32\zchFBF0.tmp deleted successfully.
C:\Windows\System32\zchFD1B.tmp deleted successfully.
C:\Windows\System32\zchFD31.tmp deleted successfully.
C:\Windows\System32\zchFD4D.tmp deleted successfully.
C:\Windows\System32\zchFE1D.tmp deleted successfully.
C:\Windows\System32\zchFEF1.tmp deleted successfully.
C:\Users\Hannes\AppData\Roaming\nvModes.001 moved successfully.
C:\Users\Hannes\AppData\Roaming\nvModes.dat moved successfully.
ADS C:\ProgramData\TEMP:24051EFF deleted successfully.
C:\Users\Hannes\Desktop\bProtectorForWindows\2.2.463.83 folder moved successfully.
C:\Users\Hannes\Desktop\bProtectorForWindows folder moved successfully.
C:\Users\Hannes\Desktop\searchplugins folder moved successfully.
C:\Program Files\Common Files\searchplugins folder moved successfully.
C:\Program Files\Common Files\bProtectorForWindows\2.2.463.83 folder moved successfully.
C:\Program Files\Common Files\bProtectorForWindows folder moved successfully.
C:\Users\Hannes\bProtectorForWindows\2.2.463.83 folder moved successfully.
C:\Users\Hannes\bProtectorForWindows folder moved successfully.
C:\Users\Hannes\AppData\Roaming\PerformerSoft folder moved successfully.
C:\Program Files\PC Performer\searchplugins folder moved successfully.
C:\Program Files\PC Performer\bProtectorForWindows\2.2.463.83 folder moved successfully.
C:\Program Files\PC Performer\bProtectorForWindows folder moved successfully.
C:\Program Files\PC Performer folder moved successfully.
C:\Program Files\Conduit\Community Alerts folder moved successfully.
C:\Program Files\Conduit folder moved successfully.
C:\Users\Hannes\AppData\Local\Conduit folder moved successfully.
C:\Users\Hannes\searchplugins folder moved successfully.
C:\Windows\System32\Extensions folder moved successfully.
C:\Windows\System32\searchplugins folder moved successfully.
C:\Windows\System32\bProtectorForWindows\2.2.463.83 folder moved successfully.
C:\Windows\System32\bProtectorForWindows folder moved successfully.
C:\END moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Hannes\Desktop\cmd.bat deleted successfully.
C:\Users\Hannes\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Christina
->Temp folder emptied: 161370 bytes
->Temporary Internet Files folder emptied: 455626 bytes
->Java cache emptied: 25544425 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Hannes
->Temp folder emptied: 101410550 bytes
->Temporary Internet Files folder emptied: 249140506 bytes
->Java cache emptied: 270845547 bytes
->Google Chrome cache emptied: 242289088 bytes
->Flash cache emptied: 2061938 bytes

User: Neuer Ordner

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81162047 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 928,00 mb


[EMPTYFLASH]

User: All Users

User: Christina

User: Default

User: Default User

User: Hannes
->Flash cache emptied: 0 bytes

User: Neuer Ordner

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.55.0 log created on 07312012_143431

Files\Folders moved on Reboot...
C:\ProgramData\bProtectorForWindows\2.2.463.83\bProtect.exe moved successfully.
File move failed. C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll scheduled to be moved on reboot.
File move failed. c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll scheduled to be moved on reboot.
C:\ProgramData\bProtectorForWindows\2.2.463.83\traking_settings folder moved successfully.
Folder move failed. C:\ProgramData\bProtectorForWindows\2.2.463.83 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\bProtectorForWindows\2.2.463.83 scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\bProtectorForWindows scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\ProgramData\bProtectorForWindows\2.2.463.83\bProtect.exe not found!
[2006.10.22 23:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated) C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll : MD5=C11F6A1F61481E24BE3FDC06EA6F7D2A
[2012.07.14 17:30:01 | 002,008,096 | ---- | M] () c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll : Unable to obtain MD5
File C:\ProgramData\bProtectorForWindows\2.2.463.83 not found!
File C:\ProgramData\bProtectorForWindows not found!
[2012.07.31 14:57:43 | 000,003,168 | -H-- | M] () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 : Unable to obtain MD5
[2012.07.31 14:57:42 | 000,003,168 | -H-- | M] () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 : Unable to obtain MD5

Registry entries deleted on Reboot...
__________________
Antwort

Themen zu bProtector for Windows searchplugins
anti-malware, bprotector, bprotector for windows, durchgeführt, externe, inter, interne, internen, malwarebytes, malwarebytes anti-malware, searchplugins, windows


« RunDLL Meldung beim Start | BKA Trojaner - Ist er entfernt? »


Ähnliche Themen: bProtector for Windows searchplugins


  1. Avira Fund TR/BProtector Windows 7
    Plagegeister aller Art und deren Bekämpfung - 21.08.2014 (4)
  2. TR/BProtector.Gen auf Windows 7
    Plagegeister aller Art und deren Bekämpfung - 22.04.2014 (21)
  3. TR/BProtector.Gen mehrfach auf Windows /
    Plagegeister aller Art und deren Bekämpfung - 08.04.2014 (7)
  4. BProtector auf Windows 7 - mal wieder...
    Log-Analyse und Auswertung - 03.04.2014 (10)
  5. Windows 7: TR/BProtector.Gen gefunden
    Log-Analyse und Auswertung - 02.04.2014 (10)
  6. Windows 8: TR/Bprotector.Gen2 in rundll32.exe
    Log-Analyse und Auswertung - 02.04.2014 (7)
  7. Windows 7 TR/BProtector.Gen
    Log-Analyse und Auswertung - 02.04.2014 (9)
  8. Windows 7: TR/BProtector.Gen
    Log-Analyse und Auswertung - 30.03.2014 (5)
  9. Win7 x64 | Bitguard-Trojaner? - BProtector.F , BProtector.E , BHO.Bprotector.1.4
    Log-Analyse und Auswertung - 15.12.2013 (11)
  10. Windows 7 - ADWARE/BPROTECTOR.E
    Plagegeister aller Art und deren Bekämpfung - 06.12.2013 (7)
  11. bProtector for Windows & Claro search
    Plagegeister aller Art und deren Bekämpfung - 07.06.2013 (17)
  12. bProtector for Windows
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (11)
  13. bProtector for Windows
    Plagegeister aller Art und deren Bekämpfung - 25.05.2013 (13)
  14. bProtector for windows in C:\ProgrammData\
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (5)
  15. bProtector for Windows und Searchplugins
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (4)
  16. bProtector for Windows Virus
    Plagegeister aller Art und deren Bekämpfung - 07.08.2012 (24)
  17. (2x) bProtector for Windows Virus
    Mülltonne - 28.07.2012 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema bProtector for Windows searchplugins - Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( nicht woanders hin ). Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc. - bProtector for Windows searchplugins...
Archiv
Du betrachtest: bProtector for Windows searchplugins auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132