Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Live Security Platinum Virus - wirklich entfernt?

Live Security Platinum Virus - wirklich entfernt?


Plagegeister aller Art und deren Bekämpfung: Live Security Platinum Virus - wirklich entfernt?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.08.2012, 16:19   #1
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Live Security Platinum Virus - wirklich entfernt? - Standard

Live Security Platinum Virus - wirklich entfernt?


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
IE - HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://medion.msn.com [binary data]
IE - HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://medion.msn.com [binary data]
IE - HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aldi.com
IE - HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
FF - user.js - File not found
[2012.08.12 00:13:27 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin-1.xml
[2010.10.24 18:26:16 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin-2.xml
[2010.10.28 17:39:24 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin-3.xml
[2010.12.11 15:48:08 | 000,000,950 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin-4.xml
[2010.10.13 22:47:45 | 000,001,056 | ---- | M] () -- C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin.xml
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{051b1071-c618-11e1-a22b-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{051b1071-c618-11e1-a22b-00262dbf99ae}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{051b108b-c618-11e1-a22b-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{051b108b-c618-11e1-a22b-00262dbf99ae}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{1c5a4a52-c3ac-11e1-8313-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{1c5a4a52-c3ac-11e1-8313-00262dbf99ae}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{1da23f82-c469-11e1-b50e-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{1da23f82-c469-11e1-b50e-00262dbf99ae}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{1da23f98-c469-11e1-b50e-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{1da23f98-c469-11e1-b50e-00262dbf99ae}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{2c67b6f3-c439-11e1-9e50-001e101f8aaa}\Shell - "" = AutoRun
O33 - MountPoints2\{2c67b6f3-c439-11e1-9e50-001e101f8aaa}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{2c67b701-c439-11e1-9e50-001e101f8aaa}\Shell - "" = AutoRun
O33 - MountPoints2\{2c67b701-c439-11e1-9e50-001e101f8aaa}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{2c67b712-c439-11e1-9e50-001e101f8aaa}\Shell - "" = AutoRun
O33 - MountPoints2\{2c67b712-c439-11e1-9e50-001e101f8aaa}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{2c67b738-c439-11e1-9e50-001e101f8aaa}\Shell - "" = AutoRun
O33 - MountPoints2\{2c67b738-c439-11e1-9e50-001e101f8aaa}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{2c67b745-c439-11e1-9e50-001e101f8aaa}\Shell - "" = AutoRun
O33 - MountPoints2\{2c67b745-c439-11e1-9e50-001e101f8aaa}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{5ce62b86-c40e-11e1-b120-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{5ce62b86-c40e-11e1-b120-00262dbf99ae}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{7b448482-84e1-11df-afd0-1c4bd6e5ac1c}\Shell - "" = AutoRun
O33 - MountPoints2\{7b448482-84e1-11df-afd0-1c4bd6e5ac1c}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7b448493-84e1-11df-afd0-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{7b448493-84e1-11df-afd0-00262dbf99ae}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{82b1f876-c35a-11e1-b13d-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{82b1f876-c35a-11e1-b13d-00262dbf99ae}\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\{8ad9c209-850d-11df-9a78-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{8ad9c209-850d-11df-9a78-00262dbf99ae}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8ad9c221-850d-11df-9a78-00262dbf99ae}\Shell - "" = AutoRun
O33 - MountPoints2\{8ad9c221-850d-11df-9a78-00262dbf99ae}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\Setup.exe AUTORUN=1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\AutoRun.exe
@Alternate Data Stream - 1131 bytes -> C:\Users\Anne\AppData\Local\sBRx8uaW4jsDpa:UZx3r6cEDs006sVzXVnEuQwp3l
:Files
C:\Users\Anne\AppData\Local\sBRx8uaW4jsDpa
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache
C:\ProgramData\6C82D0E90007E17A025E048A4F147CE7
C:\Windows\Installer\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\@
C:\Users\Anne\AppData\Local\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\@
C:\Windows\Installer\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\L
C:\Users\Anne\AppData\Local\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\L
C:\Windows\Installer\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\U
C:\Users\Anne\AppData\Local\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\U
C:\Windows\Installer\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\n
C:\Users\Anne\AppData\Local\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\n
C:\Users\Anne\öojölk.aup
C:\Users\Anne\AppData\Roaming\.#
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.08.2012, 16:44   #2
BlegJakun
 
Live Security Platinum Virus - wirklich entfernt? - Standard

Live Security Platinum Virus - wirklich entfernt?


Hallo Arne,

habe alles gemacht. Hier der Logfile:

Code:
ATTFilter
All processes killed
========== OTL ==========
HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-2798720663-2893779436-2618775443-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2798720663-2893779436-2618775443-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-2798720663-2893779436-2618775443-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2798720663-2893779436-2618775443-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=" removed from keyword.URL
C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\xmw4219a.default\searchplugins\icqplugin.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-2798720663-2893779436-2618775443-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{051b1071-c618-11e1-a22b-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{051b1071-c618-11e1-a22b-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{051b1071-c618-11e1-a22b-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{051b1071-c618-11e1-a22b-00262dbf99ae}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{051b108b-c618-11e1-a22b-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{051b108b-c618-11e1-a22b-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{051b108b-c618-11e1-a22b-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{051b108b-c618-11e1-a22b-00262dbf99ae}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c5a4a52-c3ac-11e1-8313-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c5a4a52-c3ac-11e1-8313-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c5a4a52-c3ac-11e1-8313-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c5a4a52-c3ac-11e1-8313-00262dbf99ae}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1da23f82-c469-11e1-b50e-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1da23f82-c469-11e1-b50e-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1da23f82-c469-11e1-b50e-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1da23f82-c469-11e1-b50e-00262dbf99ae}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1da23f98-c469-11e1-b50e-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1da23f98-c469-11e1-b50e-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1da23f98-c469-11e1-b50e-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1da23f98-c469-11e1-b50e-00262dbf99ae}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b6f3-c439-11e1-9e50-001e101f8aaa}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b6f3-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b6f3-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b6f3-c439-11e1-9e50-001e101f8aaa}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b701-c439-11e1-9e50-001e101f8aaa}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b701-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b701-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b701-c439-11e1-9e50-001e101f8aaa}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b712-c439-11e1-9e50-001e101f8aaa}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b712-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b712-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b712-c439-11e1-9e50-001e101f8aaa}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b738-c439-11e1-9e50-001e101f8aaa}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b738-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b738-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b738-c439-11e1-9e50-001e101f8aaa}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b745-c439-11e1-9e50-001e101f8aaa}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b745-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c67b745-c439-11e1-9e50-001e101f8aaa}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c67b745-c439-11e1-9e50-001e101f8aaa}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ce62b86-c40e-11e1-b120-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ce62b86-c40e-11e1-b120-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ce62b86-c40e-11e1-b120-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ce62b86-c40e-11e1-b120-00262dbf99ae}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b448482-84e1-11df-afd0-1c4bd6e5ac1c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b448482-84e1-11df-afd0-1c4bd6e5ac1c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b448482-84e1-11df-afd0-1c4bd6e5ac1c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b448482-84e1-11df-afd0-1c4bd6e5ac1c}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b448493-84e1-11df-afd0-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b448493-84e1-11df-afd0-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b448493-84e1-11df-afd0-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b448493-84e1-11df-afd0-00262dbf99ae}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82b1f876-c35a-11e1-b13d-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82b1f876-c35a-11e1-b13d-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82b1f876-c35a-11e1-b13d-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82b1f876-c35a-11e1-b13d-00262dbf99ae}\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ad9c209-850d-11df-9a78-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ad9c209-850d-11df-9a78-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ad9c209-850d-11df-9a78-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ad9c209-850d-11df-9a78-00262dbf99ae}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ad9c221-850d-11df-9a78-00262dbf99ae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ad9c221-850d-11df-9a78-00262dbf99ae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8ad9c221-850d-11df-9a78-00262dbf99ae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ad9c221-850d-11df-9a78-00262dbf99ae}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\.\Setup.exe AUTORUN=1 not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K\ not found.
File K:\AutoRun.exe not found.
ADS C:\Users\Anne\AppData\Local\sBRx8uaW4jsDpa:UZx3r6cEDs006sVzXVnEuQwp3l deleted successfully.
========== FILES ==========
C:\Users\Anne\AppData\Local\sBRx8uaW4jsDpa folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Anne\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
C:\ProgramData\6C82D0E90007E17A025E048A4F147CE7 folder moved successfully.
C:\Windows\Installer\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\@ moved successfully.
C:\Users\Anne\AppData\Local\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\@ moved successfully.
C:\Windows\Installer\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\L folder moved successfully.
C:\Users\Anne\AppData\Local\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\L folder moved successfully.
C:\Windows\Installer\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\U folder moved successfully.
C:\Users\Anne\AppData\Local\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\U folder moved successfully.
File\Folder C:\Windows\Installer\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\n not found.
File\Folder C:\Users\Anne\AppData\Local\{9bf1ab19-96ea-154c-b06d-b30e206f8d97}\n not found.
C:\Users\Anne\öojölk.aup moved successfully.
C:\Users\Anne\AppData\Roaming\.# folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Anne
->Temp folder emptied: 401720722 bytes
->Temporary Internet Files folder emptied: 81313052 bytes
->FireFox cache emptied: 53657032 bytes
->Flash cache emptied: 930 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11867043 bytes
RecycleBin emptied: 205180916 bytes
 
Total Files Cleaned = 719,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Anne
->Flash cache emptied: 0 bytes
 
User: Default
 
User: Default User
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.56.0 log created on 08132012_173922

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Lieben Gruß,

Tim
__________________
Antwort

Themen zu Live Security Platinum Virus - wirklich entfernt?
audacity, autorun, avira, bho, bonjour, booten, chip.de, error, excel, explorer, fehler, firefox, flash player, format, home, infizierte, infizierte dateien, install.exe, live security platinum, locker, logfile, ntdll.dll, office 2007, opera, plug-in, realtek, registry, richtlinie, rundll, security, software, super, superantispyware, system, trojaner, usb 2.0, virus, windows


« Windows Vista friert nach kurzer Zeit ein; Mauszeiger bewegbar | Trace.Registry.trojan-dropper.win32.inject!E1 entfernen »


Ähnliche Themen: Live Security Platinum Virus - wirklich entfernt?


  1. Virenbefall: Live Security Platinum Virus
    Log-Analyse und Auswertung - 15.11.2012 (32)
  2. Live Security Platinum Virus
    Plagegeister aller Art und deren Bekämpfung - 26.09.2012 (15)
  3. LIVE SECURITY PLATINUM Trojaner entfernt. Avira Antivir startet aber keinen Suchlauf!
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (16)
  4. live security platinum warnung, wirklich entfernt?
    Plagegeister aller Art und deren Bekämpfung - 03.09.2012 (3)
  5. LIVE SECURITY PLATINUM: kein Browser ruft Webseiten auf - habe versehentlich alle Malwarebytes-Funde entfernt
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (1)
  6. (2x) Live Security Platinum Virus
    Mülltonne - 17.08.2012 (1)
  7. Live Security Platinum 3.6.1 vollständig entfernt?
    Log-Analyse und Auswertung - 14.08.2012 (24)
  8. Live Security Platinum Virus
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (3)
  9. Live Security Platinum - Virus eingefangen
    Log-Analyse und Auswertung - 01.08.2012 (5)
  10. Live Security Platinum komplett entfernt??
    Log-Analyse und Auswertung - 30.07.2012 (3)
  11. Live Security Platinum nach System-Neuinstallation wirklich entfernt?
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (1)
  12. Live Security Platinum entfernt?
    Log-Analyse und Auswertung - 29.07.2012 (1)
  13. Live Security Platinum Virus
    Plagegeister aller Art und deren Bekämpfung - 24.07.2012 (22)
  14. Live Security Platinum vollständig entfernt?
    Log-Analyse und Auswertung - 16.07.2012 (1)
  15. Live Security Platinum entfernt?
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (1)
  16. ist live security platinum erfolgreich entfernt worden?
    Log-Analyse und Auswertung - 28.06.2012 (1)
  17. live security platinum entfernt, Bitte um Logfileanalyse
    Log-Analyse und Auswertung - 19.06.2012 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Live Security Platinum Virus - wirklich entfernt? - Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert - Live Security Platinum Virus - wirklich entfernt?...
Archiv
Du betrachtest: Live Security Platinum Virus - wirklich entfernt? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131