Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
acroff.dl im appdata/roaming verzeichnis

acroff.dl im appdata/roaming verzeichnis


Log-Analyse und Auswertung: acroff.dl im appdata/roaming verzeichnis

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 01.12.2011, 14:59   #1
Drokkahl
 
acroff.dl im appdata/roaming verzeichnis - Standard

acroff.dl im appdata/roaming verzeichnis


Hallo liebe Community, ich habe seit ca. 4-5 Tagen ein Problem mit offensichtliche Malware. Mein seit Jahrtausenden nicht mehr geupdatetes Avira 9 (welches ich einfach nicht runterbekomme vom PC) meldet sekündlich quasi Virusfunde im Verzeichnis User/Appdata/Roaming/50xx/acroff, das merkwürdige ist das mein AVG Antivirus welches ich benutze nicht wirklich was findet wenn ich den Appdataordner scanne, bin jetzt etwas besorgt weil ich nicht weiß ob ich mir nun Trojaner eingefangen hab oder nicht.

Mache Onlinebanking auf meinem Rechner und diverse andere Sachen wo Kennwörter ausgelesen werden könnten, würde gerne meinen Rechner aber nicht komplett killen sondern erstmal hier versuchen ob mir jemand helfen kann.

Vielen Dank im Vorraus

Alt 01.12.2011, 15:05   #2
Drokkahl
 
acroff.dl im appdata/roaming verzeichnis - Standard

acroff.dl im appdata/roaming verzeichnis


Vergessen die Logfiles zu machen,wird sofort nachgeholt und gleich hier gepostet.
__________________
Alt 01.12.2011, 16:06   #3
Drokkahl
 
acroff.dl im appdata/roaming verzeichnis - Standard

acroff.dl im appdata/roaming verzeichnis


Defogger ausgeführt zwecks Daemon Tools, OTL.exe ausgeführt und habe keine Extra.txt file bekommen, nur die normale OTL.txt File.

Code:
ATTFilter
OTL logfile created on: 01.12.2011 15:16:38 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\KexxZ\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 60,46% Memory free
6,20 Gb Paging File | 4,77 Gb Available in Paging File | 76,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 47,39 Gb Free Space | 20,35% Space Free | Partition Type: NTFS
Drive D: | 223,12 Gb Total Space | 221,08 Gb Free Space | 99,09% Space Free | Partition Type: NTFS
Drive E: | 336,80 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: KEXXZ-PC | User Name: KexxZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\KexxZ\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\PROGRA~1\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\honestech Audio Recorder 2.0 Deluxe\HTARLauncher.exe (Honest Technology)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe (ASUS)
PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe (Cognizance Corporation)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\KexxZ\AppData\Roaming\5052\components\AcroFF052.dll ()
MOD - C:\Program Files\Notepad++\NppShell_04.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll ()
MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (ASBroker) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll (Cognizance Corporation)
SRV - (ASChannel) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll (Cognizance Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\Windows\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (Emsi Software GmbH)
DRV - (a2injectiondriver) -- C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys (Emsi Software GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (VCam_WDM) -- C:\Windows\System32\drivers\VCam_WDM.sys (e2eSoft)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (a2util) -- C:\Program Files\Emsisoft Anti-Malware\a2util32.sys (Emsi Software GmbH)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20090303.002\IDSvix86.sys (Symantec Corporation)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (lullaby) -- C:\Windows\system32\DRIVERS\lullaby.sys (Windows (R) Codename Longhorn DDK provider)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (ManyCam) -- C:\Windows\System32\drivers\ManyCam.sys (ManyCam LLC.)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 48 27 D2 0C AF CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1865
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\KexxZ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011.11.09 12:49:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.11 11:19:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.11 11:19:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\KexxZ\AppData\Roaming\5052 [2011.12.01 12:32:10 | 000,000,000 | ---D | M]
 
[2011.11.28 10:22:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KexxZ\AppData\Roaming\mozilla\Extensions
[2011.11.30 19:44:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KexxZ\AppData\Roaming\mozilla\Firefox\Profiles\fii1ejrd.default\extensions
[2011.11.29 19:22:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\KexxZ\AppData\Roaming\mozilla\Firefox\Profiles\fii1ejrd.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.24 19:56:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010.09.20 15:56:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.01.31 10:01:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.06.29 23:15:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.11.09 12:49:38 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2011.12.01 12:32:10 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\KEXXZ\APPDATA\ROAMING\5052
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.29 00:18:33 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.29 00:18:33 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.29 00:18:33 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.29 00:18:33 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.29 00:18:33 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O4 - HKLM..\Run: [a-squared] C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [ManyCam] C:\Program Files\ManyCam 2.4\ManyCam.exe (ManyCam LLC)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\KexxZ\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} hxxp://webserver.dyyno.com/tng/dyyno-client/DyynoCAB.CAB (DyynoX Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05EA5CF8-DECD-42E2-AF16-0DD240942CA9}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C15A586-7BFC-4517-8159-AE2090321B7D}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHOOK.DLL) -C:\Windows\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0df4eab6-c029-11de-bddc-00235472289f}\Shell - "" = AutoRun
O33 - MountPoints2\{0df4eab6-c029-11de-bddc-00235472289f}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{f723e35b-a8eb-11dd-aa08-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f723e35b-a8eb-11dd-aa08-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2010.08.05 16:19:06 | 000,393,080 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.01 12:32:17 | 000,326,608 | ---- | C] (Adobe Systems, Incorporated) -- C:\Users\KexxZ\AppData\Roaming\AcroIEHelpe054.dll
[2011.12.01 12:32:08 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\5052
[2011.11.29 21:10:44 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\skypePM
[2011.11.29 21:10:43 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\UAs
[2011.11.29 21:03:32 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\Skype
[2011.11.28 19:14:37 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\kock
[2011.11.28 18:13:42 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\5051
[2011.11.28 14:38:28 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\TS3Client
[2011.11.28 10:10:37 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\Phase6
[2011.11.28 10:07:59 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\Macromedia
[2011.11.28 10:07:52 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\Adobe
[2011.11.28 10:07:40 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Local\{A22D662C-A796-4527-8597-32BF267357BB}
[2011.11.28 10:07:09 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Local\{FA8A7244-605D-4FA8-B11C-EC28EA3545D6}
[2011.11.28 10:06:42 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\Apple Computer
[2011.11.28 10:06:20 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\ManyCam
[2011.11.28 10:06:07 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\ICQ
[2011.11.28 10:05:27 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\xmldm
[2011.11.24 14:10:26 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011.11.23 10:50:11 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\Dcomponents
[2011.11.23 10:50:11 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\D
[2011.11.18 15:06:20 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Local\{81C05EA6-4A2E-409D-A7A9-7C23F3D84006}
[2011.11.18 15:05:46 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Local\{38B6CAB3-1098-4DD5-86DF-BFD0872D8719}
[2011.11.17 13:03:37 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Local\{63105DFA-5917-4CDB-9C6A-C39078D094B9}
[2011.11.17 13:03:04 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Local\{65981DB8-86D6-4AC6-B95C-389E373B5E1B}
[2011.11.16 22:50:00 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\Desktop\Gotye-Making_Mirrors-2011-OZM
[2011.11.13 10:29:37 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Local\{FC5F64B0-9526-404D-8B57-C54B85FE717E}
[2011.11.13 10:29:34 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Local\{48A9340B-9D86-4EF5-B816-374202C32451}
[2011.11.10 19:22:36 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\.phase-6
[2011.11.10 19:13:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\phase-6
[2011.11.10 19:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase6
[2011.11.10 19:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\phase-6
[2011.11.09 20:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.11.09 20:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011.11.09 20:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2011.11.09 20:11:04 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\KexxZ\Desktop\OTL.exe
[2011.11.09 18:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Data Recovery
[2011.11.09 18:31:35 | 000,000,000 | ---D | C] -- C:\Program Files\Smart PC Solutions
[2011.11.09 12:53:55 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\AVG2012
[2011.11.09 12:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011.11.09 12:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011.11.09 12:47:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011.11.09 12:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.11.01 20:11:59 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2011.11.01 20:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2011.11.01 20:11:53 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2011.11.01 20:02:01 | 000,000,000 | ---D | C] -- C:\Users\KexxZ\Desktop\SA-Emoticons
[2008.06.03 22:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[2007.07.04 10:28:51 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\KexxZ\AppData\Roaming\*.tmp files -> C:\Users\KexxZ\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.01 15:16:21 | 000,000,072 | ---- | M] () -- C:\Users\KexxZ\AppData\Roaming\blckdom.res
[2011.12.01 15:10:53 | 000,138,795 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.12.01 15:10:53 | 000,138,795 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.12.01 15:10:03 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2011.12.01 15:09:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.01 15:09:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.01 15:09:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.01 15:09:23 | 3220,295,680 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.01 15:08:06 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.12.01 15:07:30 | 000,000,176 | ---- | M] () -- C:\Users\KexxZ\defogger_reenable
[2011.12.01 12:30:55 | 111,175,485 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.11.28 17:31:24 | 000,121,221 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011.11.24 18:50:27 | 000,230,301 | ---- | M] () -- C:\Users\KexxZ\Documents\ts3_clientui-win32-12815-2011-11-24 18_50_25.829000.dmp
[2011.11.24 14:08:51 | 001,162,192 | ---- | M] () -- C:\Users\KexxZ\AppData\Roaming\AcroFF049.dll
[2011.11.22 16:21:54 | 000,066,291 | ---- | M] () -- C:\Users\KexxZ\Desktop\image201111220001.jpg
[2011.11.22 16:10:56 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011.11.17 13:08:47 | 000,690,562 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.17 13:08:47 | 000,632,978 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.17 13:08:47 | 000,150,738 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.17 13:08:47 | 000,118,746 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.16 23:37:41 | 000,000,000 | ---- | M] () -- C:\Users\KexxZ\AppData\Local\prvlcl.dat
[2011.11.16 08:45:29 | 000,070,816 | ---- | M] () -- C:\Users\KexxZ\Desktop\skyrim.jpg
[2011.11.16 08:44:09 | 000,069,361 | ---- | M] () -- C:\Users\KexxZ\Desktop\image201111160001.jpg
[2011.11.10 19:13:07 | 000,001,156 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
[2011.11.10 19:13:05 | 000,001,004 | ---- | M] () -- C:\Users\Public\Desktop\phase-6 basic.lnk
[2011.11.09 20:16:41 | 000,001,819 | ---- | M] () -- C:\Users\KexxZ\Desktop\CrystalDiskInfo.lnk
[2011.11.09 20:11:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\KexxZ\Desktop\OTL.exe
[2011.11.09 18:31:41 | 000,001,944 | ---- | M] () -- C:\Users\KexxZ\Desktop\Klicken Sie hier, um PC-Fehler zu finden und zu reparieren.lnk
[2011.11.09 18:31:39 | 000,001,177 | ---- | M] () -- C:\Users\KexxZ\Desktop\Smart Data Recovery.lnk
[2011.11.06 23:50:56 | 000,013,277 | ---- | M] () -- C:\Users\KexxZ\Desktop\lolwas1234.jpg
[2011.11.01 17:41:26 | 000,006,899 | ---- | M] () -- C:\Users\KexxZ\Desktop\MussoliniAlbertP.jpg
[2011.11.01 17:40:51 | 000,261,616 | ---- | M] () -- C:\Users\KexxZ\Desktop\MussoliniAlbertP.png
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\KexxZ\AppData\Roaming\*.tmp files -> C:\Users\KexxZ\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.01 15:07:06 | 000,000,176 | ---- | C] () -- C:\Users\KexxZ\defogger_reenable
[2011.12.01 12:30:55 | 111,175,485 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.11.28 17:31:24 | 000,121,221 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011.11.28 10:05:47 | 000,000,072 | ---- | C] () -- C:\Users\KexxZ\AppData\Roaming\blckdom.res
[2011.11.24 18:50:25 | 000,230,301 | ---- | C] () -- C:\Users\KexxZ\Documents\ts3_clientui-win32-12815-2011-11-24 18_50_25.829000.dmp
[2011.11.24 14:08:50 | 001,162,192 | ---- | C] () -- C:\Users\KexxZ\AppData\Roaming\AcroFF049.dll
[2011.11.22 16:21:54 | 000,066,291 | ---- | C] () -- C:\Users\KexxZ\Desktop\image201111220001.jpg
[2011.11.16 08:45:29 | 000,070,816 | ---- | C] () -- C:\Users\KexxZ\Desktop\skyrim.jpg
[2011.11.16 08:44:09 | 000,069,361 | ---- | C] () -- C:\Users\KexxZ\Desktop\image201111160001.jpg
[2011.11.10 19:13:07 | 000,001,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
[2011.11.10 19:13:05 | 000,001,004 | ---- | C] () -- C:\Users\Public\Desktop\phase-6 basic.lnk
[2011.11.09 20:16:41 | 000,001,819 | ---- | C] () -- C:\Users\KexxZ\Desktop\CrystalDiskInfo.lnk
[2011.11.09 18:31:41 | 000,001,944 | ---- | C] () -- C:\Users\KexxZ\Desktop\Klicken Sie hier, um PC-Fehler zu finden und zu reparieren.lnk
[2011.11.09 18:31:39 | 000,001,177 | ---- | C] () -- C:\Users\KexxZ\Desktop\Smart Data Recovery.lnk
[2011.11.09 12:49:38 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011.11.06 23:50:56 | 000,013,277 | ---- | C] () -- C:\Users\KexxZ\Desktop\lolwas1234.jpg
[2011.11.01 17:41:26 | 000,006,899 | ---- | C] () -- C:\Users\KexxZ\Desktop\MussoliniAlbertP.jpg
[2011.11.01 17:40:49 | 000,261,616 | ---- | C] () -- C:\Users\KexxZ\Desktop\MussoliniAlbertP.png
[2011.03.09 11:53:00 | 000,000,000 | ---- | C] () -- C:\Users\KexxZ\AppData\Local\prvlcl.dat
[2010.08.06 14:58:27 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010.06.09 08:35:48 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2010.05.27 11:22:30 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.05.27 11:22:28 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.05.27 11:22:23 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010.05.27 11:22:23 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.05.27 11:22:23 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.05.27 11:22:19 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.03.24 07:27:00 | 000,000,680 | ---- | C] () -- C:\Users\KexxZ\AppData\Local\d3d9caps.dat
[2009.11.22 13:57:41 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.09.24 17:56:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 17:56:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.07.16 12:49:42 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.06.04 16:57:33 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2009.05.30 10:29:45 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.05.30 10:29:39 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.05.29 12:45:26 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009.04.08 20:40:07 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.03.07 16:15:43 | 000,097,792 | ---- | C] () -- C:\Users\KexxZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.07 15:47:44 | 000,138,795 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.03.07 15:47:42 | 000,138,795 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.12.09 16:23:13 | 000,050,744 | ---- | C] () -- C:\Users\KexxZ\AppData\Roaming\appconf32.exe
[2008.11.02 16:19:48 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2008.11.02 14:57:15 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.11.02 14:17:39 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.30 02:33:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll
[2008.07.02 04:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
[2008.05.13 07:35:23 | 001,772,544 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008.04.16 12:11:34 | 000,690,562 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 12:11:34 | 000,150,738 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007.05.09 08:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2007.04.16 12:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,389,376 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,632,978 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,118,746 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.05.19 04:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2006.03.09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.04.03 15:29:59 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[2001.11.14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1998.05.06 20:09:59 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll
 
========== LOP Check ==========
 
[2011.11.28 18:13:46 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\5051
[2011.12.01 12:32:10 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\5052
[2011.11.09 12:53:55 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\AVG2012
[2010.09.20 11:37:38 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\Braid
[2009.07.16 23:20:30 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\CasualForge
[2011.11.23 10:50:11 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\D
[2009.10.24 00:13:24 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\DAEMON Tools Lite
[2011.03.12 01:36:32 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\DarksporeData
[2011.11.23 10:50:11 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\Dcomponents
[2009.06.01 16:55:57 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\DreamDale
[2011.02.15 22:11:05 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.04.02 18:02:45 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\dyyno-vlc
[2010.10.25 20:21:04 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\EurekaLog
[2009.10.11 00:45:14 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\GetRightToGo
[2011.12.01 15:16:32 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\ICQ
[2011.11.28 19:14:37 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\kock
[2010.07.10 12:21:43 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\LolClient
[2010.01.11 22:27:09 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2011.11.28 10:06:20 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\ManyCam
[2011.11.28 10:10:37 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\Phase6
[2011.11.28 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\TS3Client
[2011.11.30 04:05:12 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\UAs
[2011.11.30 04:06:05 | 000,000,000 | ---D | M] -- C:\Users\KexxZ\AppData\Roaming\xmldm
[2011.12.01 15:08:11 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.11.24 14:10:26 | 000,000,000 | -H-D | M] -- C:\$AVG
[2010.05.27 08:42:00 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2008.11.02 16:10:35 | 000,000,000 | -H-D | M] -- C:\ASUS.SYS
[2011.03.10 15:47:12 | 000,000,000 | ---D | M] -- C:\BDS
[2009.12.01 18:07:24 | 000,000,000 | -HSD | M] -- C:\Boot
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.05.14 16:52:50 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft
[2009.12.22 09:16:18 | 000,000,000 | -HSD | M] -- C:\found.000
[2011.02.12 03:30:09 | 000,000,000 | -HSD | M] -- C:\found.001
[2011.01.12 19:15:28 | 000,000,000 | ---D | M] -- C:\Fraps
[2008.11.02 13:36:42 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2010.04.28 13:32:14 | 000,000,000 | R--D | M] -- C:\Need For Speed Carbon
[2010.08.06 18:12:40 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.11.10 19:12:40 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.11.10 19:13:02 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.11.06 12:10:02 | 000,000,000 | ---D | M] -- C:\Riot Games
[2011.12.01 15:20:43 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.03.25 20:13:54 | 000,000,000 | ---D | M] -- C:\Temp
[2009.03.07 14:18:31 | 000,000,000 | R--D | M] -- C:\Users
[2011.11.09 12:08:53 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
 
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008.01.21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 03:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-13 02:03:51
 
<           >

< End of report >
gmer.txt folgt gleich
__________________
Alt 01.12.2011, 16:40   #4
Drokkahl
 
acroff.dl im appdata/roaming verzeichnis - Standard

acroff.dl im appdata/roaming verzeichnis


Gmer.txt als ZIP

Antwort

Themen zu acroff.dl im appdata/roaming verzeichnis
andere, antivirus, avg, avg antivirus, avira, diverse, ebanking, einfach, eingefangen, kennwörter, komplett, melde, meldet, merkwürdige, nicht mehr, onlinebanking, problem, rechner, sache, sachen, scan, scanne, trojaner, trojaner eingefangen, versuche, verzeichnis, wirklich, würde, wörter


« Mein Computer zeigt diesen Trojaner an, was soll ich machen? | stimme die etwas von cookies und brownser erzählt »


Ähnliche Themen: acroff.dl im appdata/roaming verzeichnis


  1. Windows 8 Problem AppData\Roaming\5.exe
    Plagegeister aller Art und deren Bekämpfung - 11.10.2015 (10)
  2. svhost.exe im AppData/Roaming/Microsoft
    Plagegeister aller Art und deren Bekämpfung - 10.12.2013 (12)
  3. Fehlermeldung AppData\Roaming\OpenCandy
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (15)
  4. AppData // Roaming Virus.exe?
    Plagegeister aller Art und deren Bekämpfung - 22.04.2013 (11)
  5. TR/Spy.Banker.Gen' in 'C:\Users\***\AppData\Roaming\01040\components\AcroFF.dll
    Plagegeister aller Art und deren Bekämpfung - 12.03.2013 (6)
  6. Online- Banking gesperrt! Trojan.FakeAlert.Gen & Trojan.ZbotR.Gen in (C:\Users\\AppData\Temp & C:\Users\\AppData\Roaming\Osje\rutaap.exe)
    Log-Analyse und Auswertung - 06.02.2013 (1)
  7. Virus? AppData Roaming
    Plagegeister aller Art und deren Bekämpfung - 21.01.2013 (4)
  8. RunDLL Probleme beim Starten von C:\users\***\AppData\Roaming\pndeb.dll & AppData\Local\powstak.dll
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (5)
  9. C:\Users\*\AppData\Roaming\14001.019\components->AcroFF seit längerem auf den Pc ?
    Plagegeister aller Art und deren Bekämpfung - 05.09.2012 (7)
  10. Viren in C:\Users\***\AppData\Roaming\BAcroIEHelpe*.dll
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (5)
  11. RunDll fehler /AppData/Roaming....
    Plagegeister aller Art und deren Bekämpfung - 06.03.2012 (14)
  12. c:\Users\Name\AppData\Roaming\acroiehelpe050.dll
    Log-Analyse und Auswertung - 05.12.2011 (15)
  13. RunDll fehler /AppData/Roaming....
    Plagegeister aller Art und deren Bekämpfung - 14.07.2011 (25)
  14. C:\User\msi\AppData\Roaming\UUSoQLdiE9hE.exe
    Plagegeister aller Art und deren Bekämpfung - 20.11.2010 (1)
  15. TR/Spy.Zb.aaw.14997 in C:\Users\ICH\appdata\Roaming\...
    Plagegeister aller Art und deren Bekämpfung - 11.07.2010 (17)
  16. Users/***/Appdata/Roaming/Winlogon.exe
    Log-Analyse und Auswertung - 04.07.2010 (7)
  17. Trojaner in AppData\Roaming
    Plagegeister aller Art und deren Bekämpfung - 01.07.2010 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema acroff.dl im appdata/roaming verzeichnis - Hallo liebe Community, ich habe seit ca. 4-5 Tagen ein Problem mit offensichtliche Malware. Mein seit Jahrtausenden nicht mehr geupdatetes Avira 9 (welches ich einfach nicht runterbekomme vom PC) meldet - acroff.dl im appdata/roaming verzeichnis...
Archiv
Du betrachtest: acroff.dl im appdata/roaming verzeichnis auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19