Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
gvu trojaner hat mich erwischt

gvu trojaner hat mich erwischt


Log-Analyse und Auswertung: gvu trojaner hat mich erwischt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 29.08.2013, 17:50   #1
Indirie
 
gvu trojaner hat mich erwischt - Standard

gvu trojaner hat mich erwischt


Hallo!

Der gvu Trojaner hat mich erwischt und hält mich seitdem in Atem. Sperrbildschirm blockiert alles und Windows startet in abgesichertem Modus von selbst neu.
Ich habe mir einige andere Forumsbeiträge mit dem gleichen Problem angeschaut und nach den Anleitungen dort mit frst ein scanlog erstellt (otlpen hab ich auch noch). Da ich aber nicht weiß, wonach ich schauen muss und unter den anderen Beiträgen stand, dass die Lösungen individuell gestrickt werden, hoffe ich nun, dass ihr mir auch sagen könnt, wie ich Sperrbildschirm und Trojaner loswerden kann.

Achja: ich hab nach dem Scan mit frst noch versucht, den Trojaner mit BitDefender (Rescue CD) und Kaspersky (Rescue CD) zu eliminieren. BitDefender hat zwar Trojaner gefunden und gelöscht, aber der gvu war offensichtlich nicht dabei. Kaspersky hatte auch einen Fund und löschte ihn, brauchte dann aber ewig zum scannen von c: (ewig = er schätze, mehr als zwei Tage), da habe ich es abgebrochen.


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013
Ran by SYSTEM on 29-08-2013 19:11:46
Running from I:\
Windows 7 Home Premium (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-09-04] (cyberlink)
HKLM\...\Run: [CLMLServer] - C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [P2Go_Menu] - C:\Program Files\HomeCinema\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\HomeCinema\PowerDirector\MUITransfer\MUIStartMenu.exe [218408 2007-08-14] (CyberLink Corp.)
HKLM\...\Run: [EPSON Stylus DX3800 Series] - C:\Windows\TEMP\E_S6CF7.tmp [66 2011-05-27] ()
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [101144 2011-09-29] (Logitech Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-07-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort12reminder] - C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PDFHook] - C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [PDF5 Registry Controller] - C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [ControlCenter4] - C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKU\kris\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\kris\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\InstallShield\UpdateService\ISUSPM.exe [ 2005-02-16] (InstallShield Software Corporation)
HKU\kris\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [ 2013-07-26] (Valve Corporation)
HKU\kris\...\Run: [Panda PDF Converter563705.exe] - "C:\Users\kris\AppData\Local\Temp\Panda PDF Converter563705.exe" /XML="C:\Users\kris\AppData\Local\Temp\2E41.tmp" /STP=0:2 [x] <===== ATTENTION
HKU\kris\...\Run: [AdobeBridge] -  [x]
HKU\kris\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [ 2009-05-05] (Acresso Corporation)
HKU\kris\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe [ 2013-08-27] (Valve Corporation) <===== ATTENTION
HKU\kris\...\Command Processor: "C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe" <===== ATTENTION!
HKU\UpdatusUser\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\UpdatusUser\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\InstallShield\UpdateService\ISUSPM.exe [ 2005-02-16] (InstallShield Software Corporation)
HKU\UpdatusUser\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [ 2013-07-26] (Valve Corporation)
HKU\UpdatusUser\...\Run: [Panda PDF Converter563705.exe] - "C:\Users\kris\AppData\Local\Temp\Panda PDF Converter563705.exe" /XML="C:\Users\kris\AppData\Local\Temp\2E41.tmp" /STP=0:2 [x] <===== ATTENTION
HKU\UpdatusUser\...\Run: [AdobeBridge] -  [x]
HKU\UpdatusUser\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [ 2009-05-05] (Acresso Corporation)
Startup: C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

========================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.)
S2 DFSVC; C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe [288768 2009-10-21] (T-Systems International GmbH)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
S2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
S2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
S2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
S2 StumbleUponUpdater; C:\Users\kris\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()

==================== Drivers (Whitelisted) ====================

S2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [501560 2008-01-23] (Protect Software GmbH)
S0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [10632 2007-10-12] (Advanced Micro Devices)
S2 athsgt; C:\Windows\System32\DRIVERS\athsgt.sys [164992 2005-09-28] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2009-12-05] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-07-18] (Avira GmbH)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-07-18] (Avira GmbH)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2012-07-18] (Avira GmbH)
S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 DFSYS; C:\Program Files\T-Home\Dialerschutz-Software\DFSYS.SYS [14624 2009-10-15] (T-Systems International GmbH)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCi386.sys [378568 2011-10-19] (Logitech)
S3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRi386.sys [317384 2011-10-19] (Logitech)
S3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2011-10-19] (Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2011-10-19] (Logitech Inc.)
S2 limsgt; C:\Windows\System32\DRIVERS\limsgt.sys [12544 2005-09-28] ()
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2009-12-05] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63096 2009-02-03] (Protection Technology (StarForce))
S3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH)
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [28168 2008-01-24] (Logitech Inc.)
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2008-02-15] (Cyberlink Corp.)
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [87536 2009-09-01] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-28 12:05 - 2013-08-29 19:14 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-08-28 07:08 - 2013-08-28 07:49 - 00093510 _____ C:\OTL.Txt
2013-08-28 00:07 - 2013-08-28 00:07 - 00000000 ____D C:\FRST
2013-08-27 22:11 - 2013-08-27 22:11 - 00163051 _____ C:\ProgramData\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163050 _____ C:\Users\kris\AppData\Local\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163042 _____ C:\Users\kris\AppData\Roaming\2433f433
2013-08-27 22:06 - 2013-08-27 22:07 - 00000000 ____D C:\Users\kris\AppData\Local\{2F107E66-5380-458B-ADBA-7F347D321870}
2013-08-27 09:27 - 2013-08-27 09:27 - 00000000 ____D C:\Users\kris\AppData\Local\{97409275-1CA2-46A1-AB8B-AB43203A1784}
2013-08-26 21:16 - 2013-08-26 21:17 - 00000000 ____D C:\Users\kris\AppData\Local\{1C602653-A811-4924-98C4-8ED5C70EDC18}
2013-08-25 19:51 - 2013-08-25 19:51 - 00000000 ____D C:\Users\kris\AppData\Local\{7E35D571-5801-4608-85AC-30C53FAEDC3E}
2013-08-24 20:40 - 2013-08-24 20:41 - 00000000 ____D C:\Users\kris\AppData\Local\{96164550-6089-430A-A3CF-83E86BE3B2F1}
2013-08-22 21:18 - 2013-08-22 21:18 - 00000000 ____D C:\Users\kris\AppData\Local\{9455D03B-46DB-479E-A3FE-55A18FA04A88}
2013-08-21 21:30 - 2013-08-21 21:31 - 00000000 ____D C:\Users\kris\AppData\Local\{D24DB011-8CA1-493A-B10A-3FFE618F8C55}
2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\Users\kris\AppData\Local\{95190ABE-6234-4C77-96E2-46FEE2448E0A}
2013-08-20 10:39 - 2013-08-20 10:39 - 00000000 ____D C:\Users\kris\AppData\Local\{91A37DE0-06E5-4967-8B8F-88E3FE916C07}
2013-08-19 11:03 - 2013-07-26 04:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-19 11:03 - 2013-07-26 04:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-19 11:03 - 2013-07-26 04:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-19 11:03 - 2013-07-26 04:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-19 11:03 - 2013-07-26 04:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-19 11:03 - 2013-07-26 04:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-19 11:03 - 2013-07-26 03:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-19 11:03 - 2013-07-26 02:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-19 10:48 - 2013-08-19 10:49 - 00000000 ____D C:\Users\kris\AppData\Local\{FE03934B-E8C6-41BF-8E4A-CF0BD7249030}
2013-08-19 10:48 - 2013-07-09 06:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-08-19 10:48 - 2013-07-09 06:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-19 10:48 - 2013-07-09 05:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-19 10:48 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-19 10:48 - 2013-07-09 05:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-19 10:48 - 2013-07-09 05:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-19 10:48 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-19 10:48 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-19 10:47 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-19 10:47 - 2013-07-19 02:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-19 10:47 - 2013-07-06 06:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-19 10:47 - 2013-06-15 04:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-12 12:15 - 2013-08-12 12:16 - 00000000 ____D C:\Users\kris\AppData\Local\{AEB3B2D9-79A5-4023-A261-3C8EF18EB7C3}
2013-08-11 14:11 - 2013-08-11 14:56 - 00000000 ____D C:\Users\kris\AppData\Roaming\AllDup
2013-08-11 14:11 - 2013-08-11 14:11 - 00000941 _____ C:\Users\kris\Desktop\AllDup.lnk
2013-08-11 14:11 - 2013-08-11 14:11 - 00000000 ____D C:\ProgramData\AllDup
2013-08-11 14:11 - 2013-08-11 14:11 - 00000000 ____D C:\Program Files\AllDup
2013-08-11 14:11 - 2010-10-13 05:42 - 02369456 _____ (Codejock Software) C:\Windows\System32\Codejock.CommandBars.v13.4.2.ocx
2013-08-11 14:11 - 2010-08-20 20:53 - 00086016 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtSplitter.ocx
2013-08-11 14:11 - 2010-06-11 09:50 - 00089888 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtFrame.ocx
2013-08-11 14:11 - 2010-06-01 13:45 - 01005088 _____ (Bennet-Tec Information Systems, Inc) C:\Windows\System32\TList8.ocx
2013-08-11 14:11 - 2010-03-25 09:33 - 00171752 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtRTF2.ocx
2013-08-11 14:11 - 2009-10-12 23:02 - 00044736 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtSubclass.dll
2013-08-11 14:11 - 2009-10-12 23:01 - 00077504 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtScrollContainer.ocx
2013-08-11 14:11 - 2008-01-29 06:57 - 00450560 _____ (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\System32\fldrvw90.ocx
2013-08-11 14:10 - 2013-08-11 14:10 - 03503200 _____ (Michael Thummerer Software Design                           ) C:\Users\kris\Downloads\alldup_3.4.24.exe
2013-08-11 13:50 - 2013-08-11 13:50 - 00000000 ____D C:\Users\kris\AppData\Local\{B60CE9CE-57AE-4182-889A-B1CBCC75603C}
2013-08-10 22:00 - 2013-08-10 22:34 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00002535 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ___RD C:\Program Files\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ____D C:\ProgramData\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-10 21:58 - 2013-08-10 21:59 - 32776560 _____ (Skype Technologies S.A.) C:\Users\kris\Downloads\SkypeSetupFull.exe
2013-08-10 10:14 - 2013-08-10 10:15 - 00000000 ____D C:\Users\kris\AppData\Local\{A1CAA020-027D-4FBF-B46D-FEB9F33D3941}
2013-08-08 11:47 - 2013-08-08 11:47 - 00000000 ____D C:\Users\kris\AppData\Local\{F40FAC76-0C23-432A-A705-11788FB7C4E1}
2013-08-07 14:13 - 2013-08-07 14:13 - 00000000 ____D C:\Users\kris\AppData\Local\{944D7E36-3625-43A4-BD6F-1A4859ED3784}

==================== One Month Modified Files and Folders =======

2013-08-29 18:05 - 2012-05-16 10:11 - 00000000 ____D C:\Program Files\Steam
2013-08-29 18:04 - 2009-07-14 05:39 - 178396830 _____ C:\Windows\setupact.log
2013-08-29 18:04 - 2008-04-30 10:59 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-29 16:54 - 2011-02-05 18:43 - 01496023 _____ C:\Windows\WindowsUpdate.log
2013-08-29 16:54 - 2011-02-05 17:47 - 00010896 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 16:54 - 2011-02-05 17:47 - 00010896 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-28 10:00 - 2012-01-27 13:31 - 00000000 ____D C:\Users\kris\AppData\Roaming\Dropbox
2013-08-28 07:49 - 2013-08-28 07:08 - 00093510 _____ C:\OTL.Txt
2013-08-28 07:05 - 2011-02-05 17:50 - 00000000 ____D C:\users\kris
2013-08-28 01:06 - 2011-02-05 17:49 - 01574762 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-28 01:04 - 2013-06-14 07:59 - 00000000 ____D C:\Program Files\Nuance
2013-08-28 00:07 - 2013-08-28 00:07 - 00000000 ____D C:\FRST
2013-08-27 22:11 - 2013-08-27 22:11 - 00163051 _____ C:\ProgramData\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163050 _____ C:\Users\kris\AppData\Local\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163042 _____ C:\Users\kris\AppData\Roaming\2433f433
2013-08-27 22:07 - 2013-08-27 22:06 - 00000000 ____D C:\Users\kris\AppData\Local\{2F107E66-5380-458B-ADBA-7F347D321870}
2013-08-27 21:47 - 2012-01-27 13:33 - 00000000 ___RD C:\Users\kris\Dropbox
2013-08-27 12:25 - 2011-04-19 17:03 - 00000000 ___RD C:\brittas dinge
2013-08-27 10:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-08-27 09:27 - 2013-08-27 09:27 - 00000000 ____D C:\Users\kris\AppData\Local\{97409275-1CA2-46A1-AB8B-AB43203A1784}
2013-08-26 21:17 - 2013-08-26 21:16 - 00000000 ____D C:\Users\kris\AppData\Local\{1C602653-A811-4924-98C4-8ED5C70EDC18}
2013-08-25 19:51 - 2013-08-25 19:51 - 00000000 ____D C:\Users\kris\AppData\Local\{7E35D571-5801-4608-85AC-30C53FAEDC3E}
2013-08-24 20:41 - 2013-08-24 20:40 - 00000000 ____D C:\Users\kris\AppData\Local\{96164550-6089-430A-A3CF-83E86BE3B2F1}
2013-08-22 21:56 - 2012-06-27 10:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-08-22 21:56 - 2011-07-25 05:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-08-22 21:47 - 2013-02-18 22:57 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-22 21:18 - 2013-08-22 21:18 - 00000000 ____D C:\Users\kris\AppData\Local\{9455D03B-46DB-479E-A3FE-55A18FA04A88}
2013-08-21 21:31 - 2013-08-21 21:30 - 00000000 ____D C:\Users\kris\AppData\Local\{D24DB011-8CA1-493A-B10A-3FFE618F8C55}
2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\Users\kris\AppData\Local\{95190ABE-6234-4C77-96E2-46FEE2448E0A}
2013-08-20 10:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-20 10:39 - 2013-08-20 10:39 - 00000000 ____D C:\Users\kris\AppData\Local\{91A37DE0-06E5-4967-8B8F-88E3FE916C07}
2013-08-20 10:06 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-08-19 10:49 - 2013-08-19 10:48 - 00000000 ____D C:\Users\kris\AppData\Local\{FE03934B-E8C6-41BF-8E4A-CF0BD7249030}
2013-08-12 12:16 - 2013-08-12 12:15 - 00000000 ____D C:\Users\kris\AppData\Local\{AEB3B2D9-79A5-4023-A261-3C8EF18EB7C3}
2013-08-11 14:56 - 2013-08-11 14:11 - 00000000 ____D C:\Users\kris\AppData\Roaming\AllDup
2013-08-11 14:11 - 2013-08-11 14:11 - 00000941 _____ C:\Users\kris\Desktop\AllDup.lnk
2013-08-11 14:11 - 2013-08-11 14:11 - 00000000 ____D C:\ProgramData\AllDup
2013-08-11 14:11 - 2013-08-11 14:11 - 00000000 ____D C:\Program Files\AllDup
2013-08-11 14:10 - 2013-08-11 14:10 - 03503200 _____ (Michael Thummerer Software Design                           ) C:\Users\kris\Downloads\alldup_3.4.24.exe
2013-08-11 13:50 - 2013-08-11 13:50 - 00000000 ____D C:\Users\kris\AppData\Local\{B60CE9CE-57AE-4182-889A-B1CBCC75603C}
2013-08-10 22:34 - 2013-08-10 22:00 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00002535 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ___RD C:\Program Files\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ____D C:\ProgramData\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-10 21:59 - 2013-08-10 21:58 - 32776560 _____ (Skype Technologies S.A.) C:\Users\kris\Downloads\SkypeSetupFull.exe
2013-08-10 10:15 - 2013-08-10 10:14 - 00000000 ____D C:\Users\kris\AppData\Local\{A1CAA020-027D-4FBF-B46D-FEB9F33D3941}
2013-08-08 19:36 - 2009-02-27 17:14 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-08-08 11:47 - 2013-08-08 11:47 - 00000000 ____D C:\Users\kris\AppData\Local\{F40FAC76-0C23-432A-A705-11788FB7C4E1}
2013-08-07 14:13 - 2013-08-07 14:13 - 00000000 ____D C:\Users\kris\AppData\Local\{944D7E36-3625-43A4-BD6F-1A4859ED3784}
2013-08-06 14:42 - 2008-05-31 13:59 - 00000000 ____D C:\Program Files\Google

Files to move or delete:
====================
C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe
C:\Users\kris\AppData\Local\Temp\AskSLib.dll
C:\Users\kris\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE
C:\Users\kris\AppData\Local\Temp\Gw2.exe
C:\Users\kris\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\kris\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\kris\AppData\Local\Temp\mgxfonts.exe
C:\Users\kris\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\kris\AppData\Local\Temp\nsx70AF.tmp.tbFile.dll
C:\Users\kris\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\kris\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\kris\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\kris\AppData\Local\Temp\nvStInst.exe
C:\Users\kris\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\kris\AppData\Local\Temp\tbedrs.dll
C:\Users\kris\AppData\Local\Temp\_isFA65.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\difxapi.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ScnUtil\BrScUtil.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\AddrBook.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\pcfxcom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxDial.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxSet.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrMuSNMP.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrNetSti.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\Brnsplg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrWiaNCp.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\Brinstck.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrMfNt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdSti.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdWia.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DrvLangChg\DrvLangChg.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\DeviceSearch.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcAssoc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcBoot.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDevMan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRcR.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcExtPg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFaxRx.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFcnv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFile.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFtp.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImgR.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLUsa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcMapi.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcOcr.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPcc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPrnt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcScan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcSmon.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcThumb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcUxSys.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCtrlCntr.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImageConversion.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgPDF.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgProc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrMapiSend.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrScnImgProc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTPGSplash.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTwnAccs.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfbmp15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfcmp15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lffax15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfj2k15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfpng15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lftif15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltclr15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltdis15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltfil15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgcor15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgutl15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltkrn15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\PtProv64.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRHOOK.DLL
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brif03a.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brlm03a.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRLMW03A.DLL
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrMonitor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BroSNMP.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrYNSvc.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrFirmUpdateCheck.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrMfNt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrmfPrint.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHrv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolInd.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSlv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSrl.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTha.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolUkr.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolVit.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherNetTool.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherOfflineChk.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherUSBTool.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonW.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRes.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRtlRes.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBUsa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\prnadmin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\THoop.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRLFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BROFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRUFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\DPInst.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\dpinst2k.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10hook.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10rdeu.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10renx.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10shrd.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\install_flash_player_active_x.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipworks6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipwssl6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\mobile.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\psapi.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\riched32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\spchapi.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\srpump.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\sx96v32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\upgrdll.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\wav.dll
C:\Users\kris\AppData\Local\Temp\{ABF65704-698A-428C-B606-EA133AE37F9A}\setup.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver2.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\iGdiCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IScrCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\ISRT.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IUserCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\objpscnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\_ISRES1033.dll
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\ISSetup.dll
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\_Setup.dll
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DEVICEOP.EXE
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DIFxAPI.dll
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\E_S1LAC2.EXE
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\SETUP.EXE
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\UAC.dll
C:\Users\kris\AppData\Local\Temp\nsw892E.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsr1749.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsm3BAA.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsl37B.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsgCD5E.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\LGS-8.12.030\vcredist.exe
C:\Users\kris\AppData\Local\Temp\isp62BC.tmp\_Setup.dll
C:\Users\kris\AppData\Local\Temp\isp3DCD.tmp\_Setup.dll
C:\Users\kris\AppData\Local\Temp\gw2cache-{CC6E1952-3ECB-16D5-5119-6ECCCB3ED516}\icudt.dll
C:\Users\kris\AppData\Local\Temp\E_DUPXXX_Temp\SDX3800_W2K_592Gs.exe
C:\Users\kris\AppData\Local\Temp\E39B.dir\InstallFlashPlayer.exe
C:\Users\kris\AppData\Local\Temp\DSOClient\D3DX9_43.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMODEX.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT_NET.DLL
C:\Users\kris\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll
C:\Users\kris\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
C:\Users\kris\AppData\Local\Temp\B155.dir\InstallFlashPlayer.exe

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-07-19 20:33:03
Restore point made on: 2013-07-27 21:02:59
Restore point made on: 2013-08-06 14:03:39
Restore point made on: 2013-08-19 10:43:25
Restore point made on: 2013-08-19 11:03:10
Restore point made on: 2013-08-23 21:44:58
Restore point made on: 2013-08-27 21:51:52

==================== Memory info =========================== 

Percentage of memory in use: 14%
Total physical RAM: 3070.18 MB
Available physical RAM: 2621.37 MB
Total Pagefile: 3068.46 MB
Available Pagefile: 2622.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.38 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:445.75 GB) (Free:147.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:10.66 GB) FAT32
Drive i: (DATENBOTE) (Removable) (Total:0.97 GB) (Free:0.15 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AE01280A)
Partition 1: (Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

========================================================
Disk: 4 (Size: 1000 MB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)


LastRegBack: 2013-08-24 20:26

==================== End Of Log ============================
--- --- ---

--- --- ---


Viele Grüße!
indirie

p.s.: sorry, hatte erst später gesehen, dass man den logfile nicht anhängen, sondern einfügen soll. habe den angehängten aber nicht mehr entfernt bekommen. da er vor den beiden rescue CDs gemacht wurde, ist er ohnehin veraltet - der eingefügte ist der richtige und ganz frisch. tut mir leid wegen der Dopplung!
Geändert von Indirie (29.08.2013 um 18:18 Uhr)

 

Themen zu gvu trojaner hat mich erwischt
andere, anleitungen, association, backdoor.bot, blockiert, erstellt, erwischt, farbar, farbar recovery scan tool, gvu trojaner, hoffe, launch, loswerden, lösungen, otlpe, problem, pup.crossrider.ssk, pup.offerbundler.st, pup.optional.asktoolbar.a, rojaner gefunden, stand, starte, troja, trojaner, von selbst, windows, wonach


« donedrive.net problem | Windows XP: EXP/JAVA.Edilage.Gen von Avira entdeckt »


Ähnliche Themen: gvu trojaner hat mich erwischt


  1. GVU Trojaner hat mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (24)
  2. GVU Trojaner hat mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 05.01.2013 (11)
  3. Auch mich aht der GVU Trojaner erwischt
    Plagegeister aller Art und deren Bekämpfung - 03.01.2013 (2)
  4. GVU-Trojaner ... hat mich auch erwischt :(
    Plagegeister aller Art und deren Bekämpfung - 01.01.2013 (9)
  5. GVU-Trojaner hat mich auch erwischt
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (7)
  6. Polizei Trojaner hat mich erwischt
    Log-Analyse und Auswertung - 06.10.2012 (9)
  7. Polizei-Trojaner hat mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (31)
  8. Trojaner hat mich ebenfalls erwischt.
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (5)
  9. AKM Trojaner hat mich erwischt, wie vorgehen?
    Log-Analyse und Auswertung - 23.07.2012 (3)
  10. GVU-Trojaner 2.07 hat mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 17.07.2012 (14)
  11. doppelt: GVU Trojaner hat mich erwischt
    Mülltonne - 04.07.2012 (0)
  12. Verschlüsselungs-Trojaner hat mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (3)
  13. Bundespolizei Trojaner hat mich erwischt!!
    Plagegeister aller Art und deren Bekämpfung - 14.03.2012 (13)
  14. 50€ Trojaner hat mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 13.03.2012 (1)
  15. Trojaner hat mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 22.11.2011 (2)
  16. Bundespolizei Trojaner hat mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 15.08.2011 (5)
  17. Nu hat es mich auch erwischt! trojaner
    Plagegeister aller Art und deren Bekämpfung - 10.09.2005 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema gvu trojaner hat mich erwischt - Hallo! Der gvu Trojaner hat mich erwischt und hält mich seitdem in Atem. Sperrbildschirm blockiert alles und Windows startet in abgesichertem Modus von selbst neu. Ich habe mir einige andere - gvu trojaner hat mich erwischt...
Archiv
Du betrachtest: gvu trojaner hat mich erwischt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131