| |
| |||||||
Log-Analyse und Auswertung: gvu trojaner hat mich erwischtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
29.08.2013, 17:50
| #1 |
| |  gvu trojaner hat mich erwischt Hallo! Der gvu Trojaner hat mich erwischt und hält mich seitdem in Atem. Sperrbildschirm blockiert alles und Windows startet in abgesichertem Modus von selbst neu. Ich habe mir einige andere Forumsbeiträge mit dem gleichen Problem angeschaut und nach den Anleitungen dort mit frst ein scanlog erstellt (otlpen hab ich auch noch). Da ich aber nicht weiß, wonach ich schauen muss und unter den anderen Beiträgen stand, dass die Lösungen individuell gestrickt werden, hoffe ich nun, dass ihr mir auch sagen könnt, wie ich Sperrbildschirm und Trojaner loswerden kann. Achja: ich hab nach dem Scan mit frst noch versucht, den Trojaner mit BitDefender (Rescue CD) und Kaspersky (Rescue CD) zu eliminieren. BitDefender hat zwar Trojaner gefunden und gelöscht, aber der gvu war offensichtlich nicht dabei. Kaspersky hatte auch einen Fund und löschte ihn, brauchte dann aber ewig zum scannen von c: (ewig = er schätze, mehr als zwei Tage), da habe ich es abgebrochen. FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013
Ran by SYSTEM on 29-08-2013 19:11:46
Running from I:\
Windows 7 Home Premium (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-09-04] (cyberlink)
HKLM\...\Run: [CLMLServer] - C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [P2Go_Menu] - C:\Program Files\HomeCinema\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\HomeCinema\PowerDirector\MUITransfer\MUIStartMenu.exe [218408 2007-08-14] (CyberLink Corp.)
HKLM\...\Run: [EPSON Stylus DX3800 Series] - C:\Windows\TEMP\E_S6CF7.tmp [66 2011-05-27] ()
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [101144 2011-09-29] (Logitech Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-07-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort12reminder] - C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PDFHook] - C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [PDF5 Registry Controller] - C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [ControlCenter4] - C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKU\kris\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\kris\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\InstallShield\UpdateService\ISUSPM.exe [ 2005-02-16] (InstallShield Software Corporation)
HKU\kris\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [ 2013-07-26] (Valve Corporation)
HKU\kris\...\Run: [Panda PDF Converter563705.exe] - "C:\Users\kris\AppData\Local\Temp\Panda PDF Converter563705.exe" /XML="C:\Users\kris\AppData\Local\Temp\2E41.tmp" /STP=0:2 [x] <===== ATTENTION
HKU\kris\...\Run: [AdobeBridge] - [x]
HKU\kris\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [ 2009-05-05] (Acresso Corporation)
HKU\kris\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe [ 2013-08-27] (Valve Corporation) <===== ATTENTION
HKU\kris\...\Command Processor: "C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe" <===== ATTENTION!
HKU\UpdatusUser\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\UpdatusUser\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\InstallShield\UpdateService\ISUSPM.exe [ 2005-02-16] (InstallShield Software Corporation)
HKU\UpdatusUser\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [ 2013-07-26] (Valve Corporation)
HKU\UpdatusUser\...\Run: [Panda PDF Converter563705.exe] - "C:\Users\kris\AppData\Local\Temp\Panda PDF Converter563705.exe" /XML="C:\Users\kris\AppData\Local\Temp\2E41.tmp" /STP=0:2 [x] <===== ATTENTION
HKU\UpdatusUser\...\Run: [AdobeBridge] - [x]
HKU\UpdatusUser\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [ 2009-05-05] (Acresso Corporation)
Startup: C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
========================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.)
S2 DFSVC; C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe [288768 2009-10-21] (T-Systems International GmbH)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
S2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
S2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
S2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
S2 StumbleUponUpdater; C:\Users\kris\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()
==================== Drivers (Whitelisted) ====================
S2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [501560 2008-01-23] (Protect Software GmbH)
S0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [10632 2007-10-12] (Advanced Micro Devices)
S2 athsgt; C:\Windows\System32\DRIVERS\athsgt.sys [164992 2005-09-28] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2009-12-05] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-07-18] (Avira GmbH)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-07-18] (Avira GmbH)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2012-07-18] (Avira GmbH)
S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 DFSYS; C:\Program Files\T-Home\Dialerschutz-Software\DFSYS.SYS [14624 2009-10-15] (T-Systems International GmbH)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCi386.sys [378568 2011-10-19] (Logitech)
S3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRi386.sys [317384 2011-10-19] (Logitech)
S3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2011-10-19] (Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2011-10-19] (Logitech Inc.)
S2 limsgt; C:\Windows\System32\DRIVERS\limsgt.sys [12544 2005-09-28] ()
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2009-12-05] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63096 2009-02-03] (Protection Technology (StarForce))
S3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH)
S1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [28168 2008-01-24] (Logitech Inc.)
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2008-02-15] (Cyberlink Corp.)
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [87536 2009-09-01] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-28 12:05 - 2013-08-29 19:14 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-08-28 07:08 - 2013-08-28 07:49 - 00093510 _____ C:\OTL.Txt
2013-08-28 00:07 - 2013-08-28 00:07 - 00000000 ____D C:\FRST
2013-08-27 22:11 - 2013-08-27 22:11 - 00163051 _____ C:\ProgramData\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163050 _____ C:\Users\kris\AppData\Local\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163042 _____ C:\Users\kris\AppData\Roaming\2433f433
2013-08-27 22:06 - 2013-08-27 22:07 - 00000000 ____D C:\Users\kris\AppData\Local\{2F107E66-5380-458B-ADBA-7F347D321870}
2013-08-27 09:27 - 2013-08-27 09:27 - 00000000 ____D C:\Users\kris\AppData\Local\{97409275-1CA2-46A1-AB8B-AB43203A1784}
2013-08-26 21:16 - 2013-08-26 21:17 - 00000000 ____D C:\Users\kris\AppData\Local\{1C602653-A811-4924-98C4-8ED5C70EDC18}
2013-08-25 19:51 - 2013-08-25 19:51 - 00000000 ____D C:\Users\kris\AppData\Local\{7E35D571-5801-4608-85AC-30C53FAEDC3E}
2013-08-24 20:40 - 2013-08-24 20:41 - 00000000 ____D C:\Users\kris\AppData\Local\{96164550-6089-430A-A3CF-83E86BE3B2F1}
2013-08-22 21:18 - 2013-08-22 21:18 - 00000000 ____D C:\Users\kris\AppData\Local\{9455D03B-46DB-479E-A3FE-55A18FA04A88}
2013-08-21 21:30 - 2013-08-21 21:31 - 00000000 ____D C:\Users\kris\AppData\Local\{D24DB011-8CA1-493A-B10A-3FFE618F8C55}
2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\Users\kris\AppData\Local\{95190ABE-6234-4C77-96E2-46FEE2448E0A}
2013-08-20 10:39 - 2013-08-20 10:39 - 00000000 ____D C:\Users\kris\AppData\Local\{91A37DE0-06E5-4967-8B8F-88E3FE916C07}
2013-08-19 11:03 - 2013-07-26 04:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-19 11:03 - 2013-07-26 04:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-19 11:03 - 2013-07-26 04:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-19 11:03 - 2013-07-26 04:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-19 11:03 - 2013-07-26 04:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-19 11:03 - 2013-07-26 04:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-19 11:03 - 2013-07-26 04:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-19 11:03 - 2013-07-26 03:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-19 11:03 - 2013-07-26 02:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-19 10:48 - 2013-08-19 10:49 - 00000000 ____D C:\Users\kris\AppData\Local\{FE03934B-E8C6-41BF-8E4A-CF0BD7249030}
2013-08-19 10:48 - 2013-07-09 06:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-08-19 10:48 - 2013-07-09 06:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-19 10:48 - 2013-07-09 05:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-19 10:48 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-19 10:48 - 2013-07-09 05:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-19 10:48 - 2013-07-09 05:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-19 10:48 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-19 10:48 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-19 10:47 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-19 10:47 - 2013-07-19 02:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-19 10:47 - 2013-07-06 06:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-19 10:47 - 2013-06-15 04:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-12 12:15 - 2013-08-12 12:16 - 00000000 ____D C:\Users\kris\AppData\Local\{AEB3B2D9-79A5-4023-A261-3C8EF18EB7C3}
2013-08-11 14:11 - 2013-08-11 14:56 - 00000000 ____D C:\Users\kris\AppData\Roaming\AllDup
2013-08-11 14:11 - 2013-08-11 14:11 - 00000941 _____ C:\Users\kris\Desktop\AllDup.lnk
2013-08-11 14:11 - 2013-08-11 14:11 - 00000000 ____D C:\ProgramData\AllDup
2013-08-11 14:11 - 2013-08-11 14:11 - 00000000 ____D C:\Program Files\AllDup
2013-08-11 14:11 - 2010-10-13 05:42 - 02369456 _____ (Codejock Software) C:\Windows\System32\Codejock.CommandBars.v13.4.2.ocx
2013-08-11 14:11 - 2010-08-20 20:53 - 00086016 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtSplitter.ocx
2013-08-11 14:11 - 2010-06-11 09:50 - 00089888 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtFrame.ocx
2013-08-11 14:11 - 2010-06-01 13:45 - 01005088 _____ (Bennet-Tec Information Systems, Inc) C:\Windows\System32\TList8.ocx
2013-08-11 14:11 - 2010-03-25 09:33 - 00171752 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtRTF2.ocx
2013-08-11 14:11 - 2009-10-12 23:02 - 00044736 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtSubclass.dll
2013-08-11 14:11 - 2009-10-12 23:01 - 00077504 _____ (Michael Thummerer Software Design) C:\Windows\System32\mtScrollContainer.ocx
2013-08-11 14:11 - 2008-01-29 06:57 - 00450560 _____ (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\System32\fldrvw90.ocx
2013-08-11 14:10 - 2013-08-11 14:10 - 03503200 _____ (Michael Thummerer Software Design ) C:\Users\kris\Downloads\alldup_3.4.24.exe
2013-08-11 13:50 - 2013-08-11 13:50 - 00000000 ____D C:\Users\kris\AppData\Local\{B60CE9CE-57AE-4182-889A-B1CBCC75603C}
2013-08-10 22:00 - 2013-08-10 22:34 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00002535 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ___RD C:\Program Files\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ____D C:\ProgramData\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-10 21:58 - 2013-08-10 21:59 - 32776560 _____ (Skype Technologies S.A.) C:\Users\kris\Downloads\SkypeSetupFull.exe
2013-08-10 10:14 - 2013-08-10 10:15 - 00000000 ____D C:\Users\kris\AppData\Local\{A1CAA020-027D-4FBF-B46D-FEB9F33D3941}
2013-08-08 11:47 - 2013-08-08 11:47 - 00000000 ____D C:\Users\kris\AppData\Local\{F40FAC76-0C23-432A-A705-11788FB7C4E1}
2013-08-07 14:13 - 2013-08-07 14:13 - 00000000 ____D C:\Users\kris\AppData\Local\{944D7E36-3625-43A4-BD6F-1A4859ED3784}
==================== One Month Modified Files and Folders =======
2013-08-29 18:05 - 2012-05-16 10:11 - 00000000 ____D C:\Program Files\Steam
2013-08-29 18:04 - 2009-07-14 05:39 - 178396830 _____ C:\Windows\setupact.log
2013-08-29 18:04 - 2008-04-30 10:59 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-29 16:54 - 2011-02-05 18:43 - 01496023 _____ C:\Windows\WindowsUpdate.log
2013-08-29 16:54 - 2011-02-05 17:47 - 00010896 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 16:54 - 2011-02-05 17:47 - 00010896 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-28 10:00 - 2012-01-27 13:31 - 00000000 ____D C:\Users\kris\AppData\Roaming\Dropbox
2013-08-28 07:49 - 2013-08-28 07:08 - 00093510 _____ C:\OTL.Txt
2013-08-28 07:05 - 2011-02-05 17:50 - 00000000 ____D C:\users\kris
2013-08-28 01:06 - 2011-02-05 17:49 - 01574762 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-28 01:04 - 2013-06-14 07:59 - 00000000 ____D C:\Program Files\Nuance
2013-08-28 00:07 - 2013-08-28 00:07 - 00000000 ____D C:\FRST
2013-08-27 22:11 - 2013-08-27 22:11 - 00163051 _____ C:\ProgramData\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163050 _____ C:\Users\kris\AppData\Local\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163042 _____ C:\Users\kris\AppData\Roaming\2433f433
2013-08-27 22:07 - 2013-08-27 22:06 - 00000000 ____D C:\Users\kris\AppData\Local\{2F107E66-5380-458B-ADBA-7F347D321870}
2013-08-27 21:47 - 2012-01-27 13:33 - 00000000 ___RD C:\Users\kris\Dropbox
2013-08-27 12:25 - 2011-04-19 17:03 - 00000000 ___RD C:\brittas dinge
2013-08-27 10:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-08-27 09:27 - 2013-08-27 09:27 - 00000000 ____D C:\Users\kris\AppData\Local\{97409275-1CA2-46A1-AB8B-AB43203A1784}
2013-08-26 21:17 - 2013-08-26 21:16 - 00000000 ____D C:\Users\kris\AppData\Local\{1C602653-A811-4924-98C4-8ED5C70EDC18}
2013-08-25 19:51 - 2013-08-25 19:51 - 00000000 ____D C:\Users\kris\AppData\Local\{7E35D571-5801-4608-85AC-30C53FAEDC3E}
2013-08-24 20:41 - 2013-08-24 20:40 - 00000000 ____D C:\Users\kris\AppData\Local\{96164550-6089-430A-A3CF-83E86BE3B2F1}
2013-08-22 21:56 - 2012-06-27 10:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-08-22 21:56 - 2011-07-25 05:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-08-22 21:47 - 2013-02-18 22:57 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-22 21:18 - 2013-08-22 21:18 - 00000000 ____D C:\Users\kris\AppData\Local\{9455D03B-46DB-479E-A3FE-55A18FA04A88}
2013-08-21 21:31 - 2013-08-21 21:30 - 00000000 ____D C:\Users\kris\AppData\Local\{D24DB011-8CA1-493A-B10A-3FFE618F8C55}
2013-08-20 22:50 - 2013-08-20 22:50 - 00000000 ____D C:\Users\kris\AppData\Local\{95190ABE-6234-4C77-96E2-46FEE2448E0A}
2013-08-20 10:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-20 10:39 - 2013-08-20 10:39 - 00000000 ____D C:\Users\kris\AppData\Local\{91A37DE0-06E5-4967-8B8F-88E3FE916C07}
2013-08-20 10:06 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-08-19 10:49 - 2013-08-19 10:48 - 00000000 ____D C:\Users\kris\AppData\Local\{FE03934B-E8C6-41BF-8E4A-CF0BD7249030}
2013-08-12 12:16 - 2013-08-12 12:15 - 00000000 ____D C:\Users\kris\AppData\Local\{AEB3B2D9-79A5-4023-A261-3C8EF18EB7C3}
2013-08-11 14:56 - 2013-08-11 14:11 - 00000000 ____D C:\Users\kris\AppData\Roaming\AllDup
2013-08-11 14:11 - 2013-08-11 14:11 - 00000941 _____ C:\Users\kris\Desktop\AllDup.lnk
2013-08-11 14:11 - 2013-08-11 14:11 - 00000000 ____D C:\ProgramData\AllDup
2013-08-11 14:11 - 2013-08-11 14:11 - 00000000 ____D C:\Program Files\AllDup
2013-08-11 14:10 - 2013-08-11 14:10 - 03503200 _____ (Michael Thummerer Software Design ) C:\Users\kris\Downloads\alldup_3.4.24.exe
2013-08-11 13:50 - 2013-08-11 13:50 - 00000000 ____D C:\Users\kris\AppData\Local\{B60CE9CE-57AE-4182-889A-B1CBCC75603C}
2013-08-10 22:34 - 2013-08-10 22:00 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00002535 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ___RD C:\Program Files\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ____D C:\ProgramData\Skype
2013-08-10 22:00 - 2013-08-10 22:00 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-10 21:59 - 2013-08-10 21:58 - 32776560 _____ (Skype Technologies S.A.) C:\Users\kris\Downloads\SkypeSetupFull.exe
2013-08-10 10:15 - 2013-08-10 10:14 - 00000000 ____D C:\Users\kris\AppData\Local\{A1CAA020-027D-4FBF-B46D-FEB9F33D3941}
2013-08-08 19:36 - 2009-02-27 17:14 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-08-08 11:47 - 2013-08-08 11:47 - 00000000 ____D C:\Users\kris\AppData\Local\{F40FAC76-0C23-432A-A705-11788FB7C4E1}
2013-08-07 14:13 - 2013-08-07 14:13 - 00000000 ____D C:\Users\kris\AppData\Local\{944D7E36-3625-43A4-BD6F-1A4859ED3784}
2013-08-06 14:42 - 2008-05-31 13:59 - 00000000 ____D C:\Program Files\Google
Files to move or delete:
====================
C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe
C:\Users\kris\AppData\Local\Temp\AskSLib.dll
C:\Users\kris\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE
C:\Users\kris\AppData\Local\Temp\Gw2.exe
C:\Users\kris\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\kris\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\kris\AppData\Local\Temp\mgxfonts.exe
C:\Users\kris\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\kris\AppData\Local\Temp\nsx70AF.tmp.tbFile.dll
C:\Users\kris\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\kris\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\kris\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\kris\AppData\Local\Temp\nvStInst.exe
C:\Users\kris\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\kris\AppData\Local\Temp\tbedrs.dll
C:\Users\kris\AppData\Local\Temp\_isFA65.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\difxapi.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ScnUtil\BrScUtil.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\AddrBook.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\pcfxcom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxDial.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxSet.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrMuSNMP.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrNetSti.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\Brnsplg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrWiaNCp.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\Brinstck.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrMfNt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdSti.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdWia.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DrvLangChg\DrvLangChg.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\DeviceSearch.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcAssoc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcBoot.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDevMan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRcR.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcExtPg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFaxRx.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFcnv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFile.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFtp.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImgR.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLUsa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcMapi.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcOcr.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPcc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPrnt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcScan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcSmon.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcThumb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcUxSys.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCtrlCntr.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImageConversion.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgPDF.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgProc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrMapiSend.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrScnImgProc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTPGSplash.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTwnAccs.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfbmp15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfcmp15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lffax15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfj2k15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfpng15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lftif15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltclr15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltdis15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltfil15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgcor15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgutl15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltkrn15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\PtProv64.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRHOOK.DLL
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brif03a.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brlm03a.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRLMW03A.DLL
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrMonitor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BroSNMP.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrYNSvc.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrFirmUpdateCheck.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrMfNt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrmfPrint.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHrv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolInd.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSlv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSrl.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTha.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolUkr.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolVit.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherNetTool.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherOfflineChk.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherUSBTool.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonW.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRes.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRtlRes.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBUsa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\prnadmin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\THoop.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRLFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BROFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRUFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\DPInst.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\dpinst2k.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10hook.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10rdeu.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10renx.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10shrd.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\install_flash_player_active_x.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipworks6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipwssl6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\mobile.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\psapi.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\riched32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\spchapi.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\srpump.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\sx96v32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\upgrdll.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\wav.dll
C:\Users\kris\AppData\Local\Temp\{ABF65704-698A-428C-B606-EA133AE37F9A}\setup.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver2.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\iGdiCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IScrCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\ISRT.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IUserCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\objpscnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\_ISRES1033.dll
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\ISSetup.dll
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\_Setup.dll
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DEVICEOP.EXE
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DIFxAPI.dll
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\E_S1LAC2.EXE
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\SETUP.EXE
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\UAC.dll
C:\Users\kris\AppData\Local\Temp\nsw892E.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsr1749.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsm3BAA.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsl37B.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsgCD5E.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\LGS-8.12.030\vcredist.exe
C:\Users\kris\AppData\Local\Temp\isp62BC.tmp\_Setup.dll
C:\Users\kris\AppData\Local\Temp\isp3DCD.tmp\_Setup.dll
C:\Users\kris\AppData\Local\Temp\gw2cache-{CC6E1952-3ECB-16D5-5119-6ECCCB3ED516}\icudt.dll
C:\Users\kris\AppData\Local\Temp\E_DUPXXX_Temp\SDX3800_W2K_592Gs.exe
C:\Users\kris\AppData\Local\Temp\E39B.dir\InstallFlashPlayer.exe
C:\Users\kris\AppData\Local\Temp\DSOClient\D3DX9_43.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMODEX.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT_NET.DLL
C:\Users\kris\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll
C:\Users\kris\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
C:\Users\kris\AppData\Local\Temp\B155.dir\InstallFlashPlayer.exe
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-07-19 20:33:03
Restore point made on: 2013-07-27 21:02:59
Restore point made on: 2013-08-06 14:03:39
Restore point made on: 2013-08-19 10:43:25
Restore point made on: 2013-08-19 11:03:10
Restore point made on: 2013-08-23 21:44:58
Restore point made on: 2013-08-27 21:51:52
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 3070.18 MB
Available physical RAM: 2621.37 MB
Total Pagefile: 3068.46 MB
Available Pagefile: 2622.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.38 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:445.75 GB) (Free:147.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:10.66 GB) FAT32
Drive i: (DATENBOTE) (Removable) (Total:0.97 GB) (Free:0.15 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AE01280A)
Partition 1: (Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
========================================================
Disk: 4 (Size: 1000 MB) (Disk ID: 91F72D24)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
LastRegBack: 2013-08-24 20:26
==================== End Of Log ============================
--- --- --- Viele Grüße! indirie p.s.: sorry, hatte erst später gesehen, dass man den logfile nicht anhängen, sondern einfügen soll. habe den angehängten aber nicht mehr entfernt bekommen. da er vor den beiden rescue CDs gemacht wurde, ist er ohnehin veraltet - der eingefügte ist der richtige und ganz frisch. tut mir leid wegen der Dopplung! Geändert von Indirie (29.08.2013 um 18:18 Uhr) |
|
29.08.2013, 17:56
| #2 |
| /// the machine /// TB-Ausbilder    | gvu trojaner hat mich erwischt hi,
__________________Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\kris\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe [ 2013-08-27] (Valve Corporation) <===== ATTENTION
HKU\kris\...\Command Processor: "C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe" <===== ATTENTION!
2013-08-27 22:11 - 2013-08-27 22:11 - 00163051 _____ C:\ProgramData\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163050 _____ C:\Users\kris\AppData\Local\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163042 _____ C:\Users\kris\AppData\Roaming\2433f433
C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe
C:\Users\kris\AppData\Local\Temp\AskSLib.dll
C:\Users\kris\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE
C:\Users\kris\AppData\Local\Temp\Gw2.exe
C:\Users\kris\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\kris\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\kris\AppData\Local\Temp\mgxfonts.exe
C:\Users\kris\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\kris\AppData\Local\Temp\nsx70AF.tmp.tbFile.dll
C:\Users\kris\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\kris\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\kris\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\kris\AppData\Local\Temp\nvStInst.exe
C:\Users\kris\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\kris\AppData\Local\Temp\tbedrs.dll
C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.dll
C:\Users\kris\AppData\Local\Temp\_isFA65.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\difxapi.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ScnUtil\BrScUtil.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\AddrBook.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\pcfxcom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxDial.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxSet.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrMuSNMP.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrNetSti.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\Brnsplg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrWiaNCp.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\Brinstck.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrMfNt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdSti.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdWia.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DrvLangChg\DrvLangChg.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\DeviceSearch.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcAssoc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcBoot.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDevMan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRcR.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcExtPg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFaxRx.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFcnv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFile.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFtp.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImgR.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLUsa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcMapi.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcOcr.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPcc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPrnt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcScan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcSmon.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcThumb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcUxSys.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCtrlCntr.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImageConversion.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgPDF.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgProc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrMapiSend.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrScnImgProc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTPGSplash.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTwnAccs.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfbmp15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfcmp15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lffax15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfj2k15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfpng15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lftif15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltclr15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltdis15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltfil15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgcor15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgutl15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltkrn15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\PtProv64.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRHOOK.DLL
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brif03a.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brlm03a.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRLMW03A.DLL
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrMonitor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BroSNMP.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrYNSvc.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrFirmUpdateCheck.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrMfNt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrmfPrint.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHrv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolInd.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSlv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSrl.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTha.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolUkr.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolVit.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherNetTool.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherOfflineChk.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherUSBTool.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonW.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRes.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRtlRes.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBUsa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\prnadmin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\THoop.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRLFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BROFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRUFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\DPInst.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\dpinst2k.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10hook.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10rdeu.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10renx.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10shrd.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\install_flash_player_active_x.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipworks6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipwssl6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\mobile.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\psapi.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\riched32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\spchapi.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\srpump.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\sx96v32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\upgrdll.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\wav.dll
C:\Users\kris\AppData\Local\Temp\{ABF65704-698A-428C-B606-EA133AE37F9A}\setup.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver2.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\iGdiCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IScrCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\ISRT.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IUserCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\objpscnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\_ISRES1033.dll
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\ISSetup.dll
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\_Setup.dll
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DEVICEOP.EXE
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DIFxAPI.dll
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\E_S1LAC2.EXE
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\SETUP.EXE
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\UAC.dll
C:\Users\kris\AppData\Local\Temp\nsw892E.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsr1749.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsm3BAA.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsl37B.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsgCD5E.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\LGS-8.12.030\vcredist.exe
C:\Users\kris\AppData\Local\Temp\isp62BC.tmp\_Setup.dll
C:\Users\kris\AppData\Local\Temp\isp3DCD.tmp\_Setup.dll
C:\Users\kris\AppData\Local\Temp\gw2cache-{CC6E1952-3ECB-16D5-5119-6ECCCB3ED516}\icudt.dll
C:\Users\kris\AppData\Local\Temp\E_DUPXXX_Temp\SDX3800_W2K_592Gs.exe
C:\Users\kris\AppData\Local\Temp\E39B.dir\InstallFlashPlayer.exe
C:\Users\kris\AppData\Local\Temp\DSOClient\D3DX9_43.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMODEX.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT_NET.DLL
C:\Users\kris\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll
C:\Users\kris\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
C:\Users\kris\AppData\Local\Temp\B155.dir\InstallFlashPlayer.exe
C:\Users\kris\AppData\Local\Temp\AA34.dir\InstallFlashPlayer.exe
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier. Rechner normal starten 
__________________ |
|
29.08.2013, 20:08
| #3 |
| | gvu trojaner hat mich erwischt Hallo Schrauber!
__________________Huch, das ging ja wirklich schnell, danke! Habe die Fixlist ihren Zauber wirken lassen, hier ist das Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-08-2013
Ran by SYSTEM at 2013-08-29 19:34:32 Run:1
Running from I:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
HKU\kris\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] - C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe [ 2013-08-27] (Valve Corporation) <===== ATTENTION
HKU\kris\...\Command Processor: "C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe" <===== ATTENTION!
2013-08-27 22:11 - 2013-08-27 22:11 - 00163051 _____ C:\ProgramData\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163050 _____ C:\Users\kris\AppData\Local\2433f433
2013-08-27 22:11 - 2013-08-27 22:11 - 00163042 _____ C:\Users\kris\AppData\Roaming\2433f433
C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe
C:\Users\kris\AppData\Local\Temp\AskSLib.dll
C:\Users\kris\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE
C:\Users\kris\AppData\Local\Temp\Gw2.exe
C:\Users\kris\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\kris\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\kris\AppData\Local\Temp\mgxfonts.exe
C:\Users\kris\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\kris\AppData\Local\Temp\nsx70AF.tmp.tbFile.dll
C:\Users\kris\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\kris\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\kris\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\kris\AppData\Local\Temp\nvStInst.exe
C:\Users\kris\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\kris\AppData\Local\Temp\tbedrs.dll
C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.dll
C:\Users\kris\AppData\Local\Temp\_isFA65.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\difxapi.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ScnUtil\BrScUtil.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\AddrBook.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\pcfxcom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxDial.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxSet.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrMuSNMP.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrNetSti.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\Brnsplg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrWiaNCp.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\Brinstck.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrMfNt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdSti.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdWia.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DrvLangChg\DrvLangChg.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\DeviceSearch.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcAssoc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcBoot.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDevMan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRcR.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcExtPg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFaxRx.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFcnv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFile.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFtp.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImg.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImgR.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLUsa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcMapi.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcOcr.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPcc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPrnt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcScan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcSmon.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcThumb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcUxSys.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCtrlCntr.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImageConversion.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgPDF.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgProc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrMapiSend.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrScnImgProc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTPGSplash.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTwnAccs.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfbmp15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfcmp15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lffax15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfj2k15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfpng15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lftif15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltclr15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltdis15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltfil15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgcor15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgutl15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltkrn15u.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\PtProv64.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRHOOK.DLL
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brif03a.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brlm03a.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRLMW03A.DLL
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrMonitor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BroSNMP.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrYNSvc.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrFirmUpdateCheck.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrMfNt.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrmfPrint.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHrv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolInd.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSlv.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSrl.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTha.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolUkr.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolVit.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherNetTool.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherOfflineChk.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherUSBTool.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonW.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRes.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRtlRes.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBAru.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBBul.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBChn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCht.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCze.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDan.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDut.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBEng.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFrc.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFre.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBGer.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBHun.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBIta.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBJpn.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBKor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBNor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPol.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPor.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPtb.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRom.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRus.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSpa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSvk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSwe.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBTrk.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBUsa.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\NSSearch.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\prnadmin.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\THoop.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRLFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BROFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRUFX05C.dll
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\DPInst.exe
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\dpinst2k.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10hook.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10rdeu.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10renx.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10shrd.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\install_flash_player_active_x.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipworks6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipwssl6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\mobile.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\psapi.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\riched32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\spchapi.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\srpump.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\sx96v32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\upgrdll.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\wav.dll
C:\Users\kris\AppData\Local\Temp\{ABF65704-698A-428C-B606-EA133AE37F9A}\setup.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver2.exe
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\iGdiCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IScrCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\ISRT.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IUserCnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\objpscnv.dll
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\_ISRES1033.dll
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\ISSetup.dll
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\_Setup.dll
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DEVICEOP.EXE
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DIFxAPI.dll
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\E_S1LAC2.EXE
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\SETUP.EXE
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\UAC.dll
C:\Users\kris\AppData\Local\Temp\nsw892E.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsr1749.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsm3BAA.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsl37B.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\nsgCD5E.tmp\DropboxNSISTools.dll
C:\Users\kris\AppData\Local\Temp\LGS-8.12.030\vcredist.exe
C:\Users\kris\AppData\Local\Temp\isp62BC.tmp\_Setup.dll
C:\Users\kris\AppData\Local\Temp\isp3DCD.tmp\_Setup.dll
C:\Users\kris\AppData\Local\Temp\gw2cache-{CC6E1952-3ECB-16D5-5119-6ECCCB3ED516}\icudt.dll
C:\Users\kris\AppData\Local\Temp\E_DUPXXX_Temp\SDX3800_W2K_592Gs.exe
C:\Users\kris\AppData\Local\Temp\E39B.dir\InstallFlashPlayer.exe
C:\Users\kris\AppData\Local\Temp\DSOClient\D3DX9_43.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMODEX.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT.DLL
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT_NET.DLL
C:\Users\kris\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll
C:\Users\kris\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
C:\Users\kris\AppData\Local\Temp\B155.dir\InstallFlashPlayer.exe
C:\Users\kris\AppData\Local\Temp\AA34.dir\InstallFlashPlayer.exe
*****************
HKU\kris\Software\Microsoft\Windows\CurrentVersion\Run\\qcgce2mrvjq91kk1e7pnbb19m52fx => Value deleted successfully.
HKU\kris\Software\Microsoft\Command Processor\\AutoRun => Value deleted successfully.
C:\ProgramData\2433f433 => Moved successfully.
C:\Users\kris\AppData\Local\2433f433 => Moved successfully.
C:\Users\kris\AppData\Roaming\2433f433 => Moved successfully.
C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\AskSLib.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\EpsonInkjetDriverDownloader.EXE => Moved successfully.
C:\Users\kris\AppData\Local\Temp\Gw2.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\mgxfonts.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\MgxVistaTools.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nsx70AF.tmp.tbFile.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nvSCPAPISvr.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nvStereoApiI.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nvStInst.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\swt-win32-3349.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\tbedrs.dll => Moved successfully.
"C:\Users\kris\AppData\Local\Temp\vakasijqxpcbqbtgs.dll" => File/Directory not found.
C:\Users\kris\AppData\Local\Temp\_isFA65.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\difxapi.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ScnUtil\BrScUtil.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\AddrBook.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\pcfxcom.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxDial.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\PcfaxTx\PCfxSet.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrMuSNMP.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrNetSti.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\Brnsplg.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\BrWiaNCp.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\NetScn\SysDir\NSSearch.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctEng.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrIctGer.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\Brinstck.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrMfNt.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdSti.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\Instck\BrScdWia.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DrvLangChg\DrvLangChg.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\DeviceSearch.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\DevSearch\NSSearch.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcAssoc.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcBoot.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDevMan.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRc.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcDlgRcR.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcExtPg.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFaxRx.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFcnv.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFile.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcFtp.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImg.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcGrImgR.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLAru.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLBul.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLChn.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCht.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLCze.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDan.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLDut.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLEng.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFin.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFrc.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLFre.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLGer.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLHun.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLIta.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLJpn.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLKor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLNor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPol.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLPtb.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRom.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLRus.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSpa.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSvk.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLSwe.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLTrk.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcLUsa.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcMapi.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcOcr.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPcc.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcPrnt.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcScan.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcSmon.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcThumb.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCcUxSys.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrCtrlCntr.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImageConversion.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgPDF.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrImgProc.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrMapiSend.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrScnImgProc.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTPGSplash.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\BrTwnAccs.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfbmp15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfcmp15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lffax15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfj2k15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lfpng15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Lftif15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltclr15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltdis15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltfil15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgcor15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltimgutl15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\Ltkrn15u.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\ControlCenter\PtProv64.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRHOOK.DLL => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brif03a.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\brlm03a.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BRLMW03A.DLL => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrMonitor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BroSNMP.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\BrYNSvc.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrFirmUpdateCheck.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrMfNt.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrmfPrint.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolAru.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolBul.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolChn.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCht.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolCze.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDan.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolDut.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolEng.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFin.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFrc.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolFre.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolGer.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHrv.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolHun.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolInd.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolIta.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolJpn.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolKor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolNor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPol.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolPtb.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRom.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolRus.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSlv.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSpa.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSrl.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSvk.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolSwe.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTha.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolTrk.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolUkr.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrNetToolVit.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherNetTool.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherOfflineChk.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrotherUSBTool.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonW.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRes.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrStMonWRtlRes.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBAru.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBBul.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBChn.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCht.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBCze.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDan.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBDut.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBEng.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFin.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFrc.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBFre.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBGer.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBHun.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBIta.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBJpn.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBKor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBNor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPol.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPor.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBPtb.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRom.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBRus.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSpa.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSvk.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBSwe.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBTrk.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\BrUSBUsa.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\NSSearch.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\prnadmin.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}\browny02\Company\THoop.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRLFX05C.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BROFX05C.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\PCFAX\BRUFX05C.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\DPInst.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ECCAA614-39AD-4E82-88C8-7A9DF5BADFBA}\Drivers\dpinst2k.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10hook.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10rdeu.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10renx.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10shrd.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\install_flash_player_active_x.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipworks6.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipwssl6.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\mobile.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\psapi.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\riched32.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\spchapi.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\srpump.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\sx96v32.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\upgrdll.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\wav.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{ABF65704-698A-428C-B606-EA133AE37F9A}\setup.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver2.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\iGdiCnv.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IScrCnv.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\ISRT.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IUserCnv.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\objpscnv.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\_ISRES1033.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\ISSetup.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\{7C861726-262B-44EC-9ACC-486056752E44}\_Setup.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DEVICEOP.EXE => Moved successfully.
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\DIFxAPI.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\E_S1LAC2.EXE => Moved successfully.
C:\Users\kris\AppData\Local\Temp\SDX3800_W2K_592Gs\DEUTSCH\WINXP_2K\SETUP\SETUP.EXE => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nsxA027.tmp\UAC.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nsw892E.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nsr1749.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nsm3BAA.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nsl37B.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\nsgCD5E.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\LGS-8.12.030\vcredist.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\isp62BC.tmp\_Setup.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\isp3DCD.tmp\_Setup.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\gw2cache-{CC6E1952-3ECB-16D5-5119-6ECCCB3ED516}\icudt.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\E_DUPXXX_Temp\SDX3800_W2K_592Gs.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\E39B.dir\InstallFlashPlayer.exe => Moved successfully.
C:\Users\kris\AppData\Local\Temp\DSOClient\D3DX9_43.DLL => Moved successfully.
C:\Users\kris\AppData\Local\Temp\DSOClient\FMODEX.DLL => Moved successfully.
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT.DLL => Moved successfully.
C:\Users\kris\AppData\Local\Temp\DSOClient\FMOD_EVENT_NET.DLL => Moved successfully.
C:\Users\kris\AppData\Local\Temp\com.nvidia\NVIDIA GPU_Reader\1.3.3\GPU_Reader.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll => Moved successfully.
C:\Users\kris\AppData\Local\Temp\B155.dir\InstallFlashPlayer.exe => Moved successfully.
"C:\Users\kris\AppData\Local\Temp\AA34.dir\InstallFlashPlayer.exe" => File/Directory not found.
==== End of Fixlog ====
Indirie p.s.: da worte gut und schön sind, aber eben nicht alles, hab ich mal euren spendenknopf benutzt für ein kleines Dankeschön. Schön, dass es euch im Netz gibt! |
|
30.08.2013, 13:05
| #4 |
| /// the machine /// TB-Ausbilder | gvu trojaner hat mich erwischt Kontrollscans im normalen Modus: Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.08.2013, 20:01
| #5 |
| | gvu trojaner hat mich erwischt hallo schrauber! dann kommt hier jetzt ein rudel logfiles. erst einmal malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.30.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16660 kris :: WIN-RA7029Q8VPN [Administrator] Schutz: Aktiviert 30.08.2013 17:01:47 MBAM-log-2013-08-30 (19-46-12).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 543951 Laufzeit: 2 Stunde(n), 22 Minute(n), 26 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 4 C:\FRST\Quarantine\vakasijqxpcbqbtgs.exe (Backdoor.Bot) -> Keine Aktion durchgeführt. C:\Program Files\AskPartnerNetwork\Toolbar\APNSetup.exe (PUP.Optional.ASKToolbar.A) -> Keine Aktion durchgeführt. C:\Users\kris\AppData\Local\Temp\ibtmpaa19529\component_527 (PUP.CrossRider.SSK) -> Keine Aktion durchgeführt. C:\Users\kris\Downloads\SoftonicDownloader_fuer_free-wav-to-mp3-converter.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter # AdwCleaner v3.001 - Report created 30/08/2013 at 20:07:37
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : kris - WIN-RA7029Q8VPN
# Running from : C:\Users\kris\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
Service Deleted : StumbleUponUpdater
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Users\kris\AppData\Local\Temp\apn
Folder Deleted : C:\Users\kris\AppData\LocalLow\StumbleUpon
Folder Deleted : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg
File Deleted : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\searchplugins\11-suche.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg
Key Deleted : HKLM\SOFTWARE\Classes\AppID\StumbleUpon.DLL
Key Deleted : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio
Key Deleted : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_audiocatalyst_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_audiocatalyst_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_audiocon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_audiocon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-wav-to-mp3-converter_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-wav-to-mp3-converter_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StumbleUpon
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\StumbleUpon
Key Deleted : HKLM\Software\AskPartnerNetwork
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\prefs.js ]
-\\ Google Chrome v29.0.1547.57
[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4125 octets] - [30/08/2013 19:59:32]
AdwCleaner[R1].txt - [4185 octets] - [30/08/2013 20:05:18]
AdwCleaner[S0].txt - [4076 octets] - [30/08/2013 20:07:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4136 octets] ##########
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013
Ran by kris (administrator) on 30-08-2013 20:38:45
Running from C:\Users\kris\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(T-Systems International GmbH) C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(CyberLink) C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Dropbox, Inc.) C:\Users\kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\NuanceWDS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-09-04] (cyberlink)
HKLM\...\Run: [CLMLServer] - C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [P2Go_Menu] - C:\Program Files\HomeCinema\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\HomeCinema\PowerDirector\MUITransfer\MUIStartMenu.exe [218408 2007-08-14] (CyberLink Corp.)
HKLM\...\Run: [EPSON Stylus DX3800 Series] - C:\Windows\TEMP\E_S6CF7.tmp [66 2011-05-27] ()
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [101144 2011-09-29] (Logitech Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort12reminder] - C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PDFHook] - C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [PDF5 Registry Controller] - C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [ControlCenter4] - C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-29] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCInstallQueue] - rundll32 netman.dll,ProcessQueue [280576 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKCU\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [1807272 2013-07-27] (Valve Corporation)
HKCU\...\Run: [Panda PDF Converter563705.exe] - "C:\Users\kris\AppData\Local\Temp\Panda PDF Converter563705.exe" /XML="C:\Users\kris\AppData\Local\Temp\2E41.tmp" /STP=0:2 [x] <===== ATTENTION
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
MountPoints2: {9dcc0d4a-1db4-11e0-b7b1-806e6f6e6963} - J:\iStudio.exe
HKU\UpdatusUser\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\UpdatusUser\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\InstallShield\UpdateService\ISUSPM.exe [ 2005-02-16] (InstallShield Software Corporation)
HKU\UpdatusUser\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [ 2013-07-27] (Valve Corporation)
HKU\UpdatusUser\...\Run: [Panda PDF Converter563705.exe] - "C:\Users\kris\AppData\Local\Temp\Panda PDF Converter563705.exe" /XML="C:\Users\kris\AppData\Local\Temp\2E41.tmp" /STP=0:2 [x] <===== ATTENTION
HKU\UpdatusUser\...\Run: [AdobeBridge] - [x]
HKU\UpdatusUser\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [ 2009-05-05] (Acresso Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.11.3088 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.3146 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.11.3006 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: toolbar - C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\Extensions\toolbar@web.de.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Extension: (YouTube) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-08-29] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.)
R2 DFSVC; C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe [288768 2009-10-21] (T-Systems International GmbH)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
==================== Drivers (Whitelisted) ====================
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [501560 2008-01-23] (Protect Software GmbH)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [10632 2007-10-12] (Advanced Micro Devices)
R2 athsgt; C:\Windows\System32\DRIVERS\athsgt.sys [164992 2005-09-28] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2009-12-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-08-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-08-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-08-29] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 DFSYS; C:\Program Files\T-Home\Dialerschutz-Software\DFSYS.SYS [14624 2009-10-15] (T-Systems International GmbH)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCi386.sys [378568 2011-10-19] (Logitech)
S3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRi386.sys [317384 2011-10-19] (Logitech)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2011-10-19] (Logitech Inc.)
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2011-10-19] (Logitech Inc.)
R2 limsgt; C:\Windows\System32\DRIVERS\limsgt.sys [12544 2005-09-28] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2009-12-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63096 2009-02-03] (Protection Technology (StarForce))
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-29] (Avira GmbH)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [28168 2008-01-24] (Logitech Inc.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2008-02-15] (Cyberlink Corp.)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [87536 2009-09-01] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-30 20:33 - 2013-08-30 20:33 - 00203408 _____ C:\Users\kris\Desktop\JRT.txt
2013-08-30 20:28 - 2013-08-30 20:28 - 00000000 ____D C:\Windows\ERUNT
2013-08-30 20:23 - 2013-08-30 20:24 - 01023533 _____ (Thisisu) C:\Users\kris\Desktop\JRT.exe
2013-08-30 20:20 - 2013-08-30 20:20 - 00004216 _____ C:\Users\kris\Desktop\AdwCleaner[S0].txt
2013-08-30 19:59 - 2013-08-30 20:07 - 00000000 ____D C:\AdwCleaner
2013-08-30 19:59 - 2013-08-30 19:59 - 00994642 _____ C:\Users\kris\Downloads\adwcleaner.exe
2013-08-30 19:22 - 2013-08-30 19:26 - 178531632 _____ C:\Users\kris\Downloads\Anjas Bewerbungswusel.zip
2013-08-30 16:59 - 2013-08-30 16:59 - 00001089 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\Users\kris\AppData\Roaming\Malwarebytes
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-30 16:59 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-30 16:58 - 2013-08-30 16:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kris\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-30 16:53 - 2013-08-30 16:53 - 00000000 ____D C:\Users\kris\AppData\Local\Macromedia
2013-08-29 21:31 - 2013-08-29 21:31 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-29 21:31 - 2013-08-29 21:31 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-29 21:31 - 2013-08-29 21:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-29 21:30 - 2013-08-29 21:30 - 00282008 _____ (Mozilla) C:\Users\kris\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-29 21:28 - 2013-08-29 21:28 - 00000000 ____D C:\Users\kris\AppData\Roaming\Avira
2013-08-29 21:24 - 2013-08-29 21:24 - 00067168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-29 21:22 - 2013-08-29 21:22 - 00001950 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-29 21:22 - 2013-08-29 21:22 - 00000000 ____D C:\Program Files\Avira
2013-08-29 21:22 - 2013-08-29 19:47 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-29 21:22 - 2013-08-29 19:47 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-29 21:22 - 2013-08-29 19:47 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-29 21:22 - 2013-08-29 19:47 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-08-28 13:05 - 2013-08-29 20:14 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-08-28 08:08 - 2013-08-28 08:49 - 00093510 _____ C:\OTL.Txt
2013-08-28 01:07 - 2013-08-28 01:07 - 00000000 ____D C:\FRST
2013-08-19 12:03 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 12:03 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 12:03 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-19 12:03 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 12:03 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 12:03 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-19 12:03 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 12:03 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-19 11:48 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-19 11:48 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-19 11:48 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-19 11:48 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-19 11:48 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-19 11:48 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-19 11:48 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-19 11:48 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-19 11:47 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-19 11:47 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-19 11:47 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-19 11:47 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 15:11 - 2013-08-11 15:56 - 00000000 ____D C:\Users\kris\AppData\Roaming\AllDup
2013-08-11 15:11 - 2013-08-11 15:11 - 00000941 _____ C:\Users\kris\Desktop\AllDup.lnk
2013-08-11 15:11 - 2013-08-11 15:11 - 00000000 ____D C:\ProgramData\AllDup
2013-08-11 15:11 - 2013-08-11 15:11 - 00000000 ____D C:\Program Files\AllDup
2013-08-11 15:11 - 2010-10-13 06:42 - 02369456 _____ (Codejock Software) C:\Windows\system32\Codejock.CommandBars.v13.4.2.ocx
2013-08-11 15:11 - 2010-08-20 21:53 - 00086016 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSplitter.ocx
2013-08-11 15:11 - 2010-06-11 10:50 - 00089888 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtFrame.ocx
2013-08-11 15:11 - 2010-06-01 14:45 - 01005088 _____ (Bennet-Tec Information Systems, Inc) C:\Windows\system32\TList8.ocx
2013-08-11 15:11 - 2010-03-25 10:33 - 00171752 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtRTF2.ocx
2013-08-11 15:11 - 2009-10-13 00:02 - 00044736 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSubclass.dll
2013-08-11 15:11 - 2009-10-13 00:01 - 00077504 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtScrollContainer.ocx
2013-08-11 15:11 - 2008-01-29 07:57 - 00450560 _____ (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\system32\fldrvw90.ocx
2013-08-11 15:10 - 2013-08-11 15:10 - 03503200 _____ (Michael Thummerer Software Design ) C:\Users\kris\Downloads\alldup_3.4.24.exe
2013-08-10 23:00 - 2013-08-10 23:34 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00002535 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ___RD C:\Program Files\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ____D C:\ProgramData\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-10 22:58 - 2013-08-10 22:59 - 32776560 _____ (Skype Technologies S.A.) C:\Users\kris\Downloads\SkypeSetupFull.exe
==================== One Month Modified Files and Folders =======
2013-08-30 20:39 - 2010-11-19 19:43 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-30 20:33 - 2013-08-30 20:33 - 00203408 _____ C:\Users\kris\Desktop\JRT.txt
2013-08-30 20:28 - 2013-08-30 20:28 - 00000000 ____D C:\Windows\ERUNT
2013-08-30 20:24 - 2013-08-30 20:23 - 01023533 _____ (Thisisu) C:\Users\kris\Desktop\JRT.exe
2013-08-30 20:24 - 2011-02-05 18:47 - 00010896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-30 20:24 - 2011-02-05 18:47 - 00010896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-30 20:21 - 2011-02-05 18:49 - 01574762 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-30 20:20 - 2013-08-30 20:20 - 00004216 _____ C:\Users\kris\Desktop\AdwCleaner[S0].txt
2013-08-30 20:20 - 2012-05-16 11:11 - 00000000 ____D C:\Program Files\Steam
2013-08-30 20:20 - 2011-02-05 19:43 - 01582708 _____ C:\Windows\WindowsUpdate.log
2013-08-30 20:19 - 2012-01-27 14:33 - 00000000 ___RD C:\Users\kris\Dropbox
2013-08-30 20:19 - 2012-01-27 14:31 - 00000000 ____D C:\Users\kris\AppData\Roaming\Dropbox
2013-08-30 20:17 - 2009-07-14 06:39 - 179375752 _____ C:\Windows\setupact.log
2013-08-30 20:16 - 2010-11-19 19:43 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-30 20:16 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-30 20:16 - 2008-04-30 11:59 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-30 20:07 - 2013-08-30 19:59 - 00000000 ____D C:\AdwCleaner
2013-08-30 19:59 - 2013-08-30 19:59 - 00994642 _____ C:\Users\kris\Downloads\adwcleaner.exe
2013-08-30 19:55 - 2012-06-27 11:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-30 19:48 - 2011-02-05 19:30 - 00378424 _____ C:\Windows\PFRO.log
2013-08-30 19:48 - 2008-08-09 10:06 - 00000000 ____D C:\Windows\Downloaded Installations
2013-08-30 19:26 - 2013-08-30 19:22 - 178531632 _____ C:\Users\kris\Downloads\Anjas Bewerbungswusel.zip
2013-08-30 17:02 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-30 16:59 - 2013-08-30 16:59 - 00001089 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\Users\kris\AppData\Roaming\Malwarebytes
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-30 16:58 - 2013-08-30 16:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kris\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-30 16:53 - 2013-08-30 16:53 - 00000000 ____D C:\Users\kris\AppData\Local\Macromedia
2013-08-29 21:32 - 2008-06-28 22:01 - 00000000 ____D C:\Users\kris\AppData\Roaming\Mozilla
2013-08-29 21:31 - 2013-08-29 21:31 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-29 21:31 - 2013-08-29 21:31 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-29 21:31 - 2013-08-29 21:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-29 21:31 - 2008-06-28 22:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-29 21:30 - 2013-08-29 21:30 - 00282008 _____ (Mozilla) C:\Users\kris\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-29 21:28 - 2013-08-29 21:28 - 00000000 ____D C:\Users\kris\AppData\Roaming\Avira
2013-08-29 21:24 - 2013-08-29 21:24 - 00067168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-29 21:22 - 2013-08-29 21:22 - 00001950 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-29 21:22 - 2013-08-29 21:22 - 00000000 ____D C:\Program Files\Avira
2013-08-29 21:22 - 2008-05-31 17:22 - 00000000 ____D C:\ProgramData\Avira
2013-08-29 20:14 - 2013-08-28 13:05 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-08-29 19:47 - 2013-08-29 21:22 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-29 19:47 - 2013-08-29 21:22 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-29 19:47 - 2013-08-29 21:22 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-29 19:47 - 2013-08-29 21:22 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-08-28 08:49 - 2013-08-28 08:08 - 00093510 _____ C:\OTL.Txt
2013-08-28 08:05 - 2011-02-05 18:50 - 00000000 ____D C:\Users\kris
2013-08-28 02:04 - 2013-06-14 08:59 - 00000000 ____D C:\Program Files\Nuance
2013-08-28 01:07 - 2013-08-28 01:07 - 00000000 ____D C:\FRST
2013-08-27 23:41 - 2013-08-30 20:38 - 01072975 _____ (Farbar) C:\Users\kris\Desktop\FRST.exe
2013-08-27 13:25 - 2011-04-19 18:03 - 00000000 ___RD C:\brittas dinge
2013-08-27 11:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-22 22:56 - 2012-06-27 11:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-22 22:56 - 2011-07-25 06:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-22 22:47 - 2013-02-18 23:57 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-20 11:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-20 11:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-11 15:56 - 2013-08-11 15:11 - 00000000 ____D C:\Users\kris\AppData\Roaming\AllDup
2013-08-11 15:11 - 2013-08-11 15:11 - 00000941 _____ C:\Users\kris\Desktop\AllDup.lnk
2013-08-11 15:11 - 2013-08-11 15:11 - 00000000 ____D C:\ProgramData\AllDup
2013-08-11 15:11 - 2013-08-11 15:11 - 00000000 ____D C:\Program Files\AllDup
2013-08-11 15:10 - 2013-08-11 15:10 - 03503200 _____ (Michael Thummerer Software Design ) C:\Users\kris\Downloads\alldup_3.4.24.exe
2013-08-10 23:34 - 2013-08-10 23:00 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00002535 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ___RD C:\Program Files\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ____D C:\ProgramData\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-10 22:59 - 2013-08-10 22:58 - 32776560 _____ (Skype Technologies S.A.) C:\Users\kris\Downloads\SkypeSetupFull.exe
2013-08-08 20:36 - 2009-02-27 18:14 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-08-06 15:42 - 2008-05-31 14:59 - 00000000 ____D C:\Program Files\Google
Files to move or delete:
====================
C:\Users\kris\AppData\Local\Temp\Quarantine.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10hook.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10rdeu.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10renx.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10shrd.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\install_flash_player_active_x.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipworks6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipwssl6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\mobile.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\psapi.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\riched32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\spchapi.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\srpump.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\sx96v32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\upgrdll.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\wav.dll
C:\Users\kris\AppData\Local\Temp\{6D1F314F-27CC-46F1-BDC3-A84FA91FF832}\ISRT.dll
C:\Users\kris\AppData\Local\Temp\{6D1F314F-27CC-46F1-BDC3-A84FA91FF832}\_isres.dll
C:\Users\kris\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-24 21:26
==================== End Of Log ============================
--- --- --- --- --- --- und seiner addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-08-2013 Ran by kris at 2013-08-30 20:39:59 Running from C:\Users\kris\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Adobe AIR (Version: 3.2.0.2070) Adobe Community Help (Version: 3.0.0) Adobe Community Help (Version: 3.0.0.400) Adobe Flash Player 11 ActiveX (Version: 11.8.800.94) Adobe Flash Player 11 Plugin (Version: 11.8.800.94) Adobe Media Player (Version: 1.8) Adobe Photoshop 5.5 (Version: 5.5) Adobe Photoshop CS5 (Version: 12.0) Adobe Reader X (10.1.5) - Deutsch (Version: 10.1.5) Adobe Shockwave Player (Version: 11) AGEIA GAME System Software (Version: 2.7.2) AGEIA GAME System Software (Version: 2.7.3) AllDup 3.4.24 (Version: 3.4.24) Amazon MP3-Downloader 1.0.9 Apple Application Support (Version: 2.3.3) Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (Version: 2.1.3.127) Applian FLV Player (Version: 2.0.24) ATI Catalyst Install Manager (Version: 3.0.664.0) AutoUpdate (Version: 1.1) Avira Free Antivirus (Version: 13.0.0.3885) Avira SearchFree Toolbar plus Web Protection (Version: 12.2.2.663) Baldur's Gate: Enhanced Edition Bamboo (Version: 5.2.4-6) Bamboo Dock (Version: 3.5.0) Bamboo Dock 3.3 (Version: 3.3) Bonjour (Version: 3.0.0.10) Brother MFL-Pro Suite MFC-J430W (Version: 1.1.6.0) Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (Version: 1.4) Camera Window (Version: 4.0.1) Canon Camera WIA Driver (Version: 5.0.0) Canon Camera Window for ZoomBrowser EX (Version: 4.0.1) Canon PhotoRecord Canon PowerShot G3 WIA-Treiber (Version: 5.0.0) Canon Utilities FileViewerUtility 1.0 (Version: 1.0) Canon Utilities PhotoStitch 3.1 (Version: 3.1.8) Canon Utilities RemoteCapture 2.6 (Version: 2.6.0) Canon Utilities ZoomBrowser EX (Version: 04.00.0200) Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000) CyberLink PhotoNow! (Version: 1.1.5203) CyberLink Power2Go (Version: 6.0.2001) CyberLink PowerDirector (Version: 6.5.3305) CyberLink PowerDVD (Version: 7.3.5711.0) D3DX10 (Version: 15.4.2368.0902) DivX Codec (Version: 6.8.2) DivX Player (Version: 6.7.0) Dragon NaturallySpeaking 10 (Version: 10.0.200) Dropbox (HKCU Version: 2.0.22) easyHTML ElsterFormular (Version: 14.3.11574) EPSON-Drucker-Software Far Cry (Patch 1.3) (Version: 1.00.0000) Far Cry (Patch 1.31) (Version: 1.00.0000) Far Cry (Patch 1.32) (Version: 1.00.0000) Far Cry (Patch 1.33) (Version: 1.00.0000) Far Cry (Patch 1.4) (Version: 1.00.0000) Firebird SQL Server - MAGIX Edition (Version: 2.0.1.8) FlatOut Ultimate Carnage Free WAV to MP3 Converter (Version: 1.01) GameSpy Arcade GIMP 2.6.11 (Version: 2.6.11) Google Chrome (Version: 29.0.1547.57) Google Earth Plug-in (Version: 7.1.1.1888) Google Toolbar for Internet Explorer (Version: 1.0.0) Google Toolbar for Internet Explorer (Version: 7.5.4413.1752) Google Update Helper (Version: 1.3.21.153) Guild Wars 2 IrfanView (remove only) (Version: 4.30) iTunes (Version: 11.0.2.26) Jack Keane Java Auto Updater (Version: 2.0.5.1) Java(TM) 6 Update 26 (Version: 6.0.260) Java(TM) 6 Update 4 (Version: 1.6.0.40) Java(TM) 6 Update 6 (Version: 1.6.0.60) Java(TM) 6 Update 7 (Version: 1.6.0.70) Junk Mail filter update (Version: 15.4.3502.0922) LetsTrade Komponenten Logitech Gaming Software 5.02 (Version: 5.02.116) Logitech Gaming Software 8.12 (Version: 8.12.030) Lucidity Magicka MAGIX Music Maker Rock Edition 4.0.0.13 (D) (Version: 4.0.0.13) MAGIX Online Druck Service 2.3.2.0 (D) (Version: 2.3.2.0) MakeDisc (Version: 3.0.2601) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) Mass Effect (Version: 1.00) Mass Effect 2 (Version: 1.02) MCE Software Encoder 1.1 (Version: 1.1.0.1918) MediaShow (Version: 3.0.4325) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 (Version: 1.1.4322) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0) Microsoft Games for Windows Marketplace (Version: 3.5.50.0) Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Works (Version: 9.7.0621) Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0) Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053) Microsoft_VC90_ATL_x86 (Version: 1.00.0000) Microsoft_VC90_CRT_x86 (Version: 1.00.0000) Microsoft_VC90_MFC_x86 (Version: 1.00.0000) Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1) Mozilla Maintenance Service (Version: 23.0.1) MSVCRT (Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0) MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (Version: 4.30.2100.0) MSXML4 Parser (Version: 1.0.0) MuseScore 1.2 MuseScore score typesetter (Version: 1.2.0) Nero 8 Essentials (Version: 8.3.124) neroxml (Version: 1.0.0) Nexus Mod Manager (Version: 0.14.2) Nuance PaperPort 12 (Version: 12.1.0000) Nuance PDF Viewer Plus (Version: 5.30.3290) NVIDIA 3D Vision Controller Driver (Version: 280.19) NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07) NVIDIA 3D Vision Treiber 314.07 (Version: 314.07) NVIDIA Grafiktreiber 314.07 (Version: 314.07) NVIDIA Install Application (Version: 2.1002.109.706) NVIDIA PhysX (Version: 9.12.1031) NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031) NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1407) NVIDIA Systemsteuerung 314.07 (Version: 314.07) NVIDIA Update 1.12.12 (Version: 1.12.12) NVIDIA Update Components (Version: 1.12.12) Nvu 1.0 (Version: 1.0) Oblivion (Version: 1.2.0416) OpenAL OpenOffice.org 3.4.1 (Version: 3.41.9593) Operation Wintersonne Pando Media Booster (Version: 2.3.6.0) PaperPort Image Printer (Version: 1.00.0001) PDF Architect (Version: 1.0.41.8362) PDF Settings CS5 (Version: 10.0) PhotoStitch (Version: 3.1.8) Pinnacle VideoSpin (Version: 2.0.0.669) PixiePack Codec Pack (Version: 0.10.6.0) Plants vs. Zombies: Game of the Year Play Movie (Version: BD+HD 1.5.3815) PowerProducer (Version: 4.2.2612) Prince of Persia T2T ProtectDisc Driver, Version 11 (Version: 11.0.0.10) PVSonyDll (Version: 1.00.0001) QuickTime (Version: 7.69.80.9) RealPlayer Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000) Realtek High Definition Audio Driver redist (Version: 1.0.0.0) SAMSUNG Intelli-studio Scansoft PDF Professional Sceneo AbsolutTV Skype™ 6.7 (Version: 6.7.102) Sound Forge 4.0 for Windows 95 and Windows NT (x86) Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0) Star Trek Online Steam (Version: 1.0.0.0) System Requirements Lab Text-To-Speech-Runtime (Version: 1.0.0.0) T-Home Dialerschutz-Software TVsweeper 3 (Version: 3.0.3) Ulead PhotoImpact 12 (Version: 12.0) Unofficial Oblivion Patch v3.2.0 (Version: 3.2.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) VCRedistSetup (Version: 1.0.0) Visual C++ Runtime for Dragon NaturallySpeaking (Version: 10.00.200.017) VLC media player 1.1.9 (Version: 1.1.9) WebTablet IE Plugin (Version: 1.1.0.7) WebTablet Netscape Plugin (Version: 1.1.0.5) Winamp Anwendungserkennung (HKCU Version: 1.0.0.1) Windows 7 Upgrade Advisor (Version: 2.0.5000.0) Windows Live Communications Platform (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3555.0308) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (Version: 15.4.3502.0922) Windows Live Mail (Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Photo Common (Version: 15.4.3502.0922) Windows Live PIMT Platform (Version: 15.4.3508.1109) Windows Live SOXE (Version: 15.4.3502.0922) Windows Live SOXE Definitions (Version: 15.4.3502.0922) Windows Live UX Platform (Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (Version: 15.4.3508.1109) Windows Live Writer (Version: 15.4.3502.0922) Windows Live Writer Resources (Version: 15.4.3502.0922) WinRAR World of Warcraft (Version: 5.1.0.16357) XviD MPEG-4 Video Codec (Version: XviD-1.0.3-20122004) ==================== Restore Points ========================= 19-07-2013 19:32:49 Windows Update 27-07-2013 20:02:46 Windows Update 06-08-2013 13:03:06 Windows Update 19-08-2013 09:43:02 Windows Update 19-08-2013 10:02:59 Windows Update 23-08-2013 20:44:43 Windows Update 27-08-2013 20:51:40 Windows Update ==================== Hosts content: ========================== 2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {05EE699F-AB25-42D8-8781-558C5D1D2FAD} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation) Task: {0A01E57E-9691-4550-A4B6-1806AEE4A3B4} - System32\Tasks\User_Feed_Synchronization-{C148D573-7DF9-4177-B824-931D63420C07} => C:\Windows\system32\msfeedssync.exe [2013-05-25] (Microsoft Corporation) Task: {0E12083C-0335-49DB-9542-BA1EC6D83ECC} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => C:\Windows\System32\ndfapi.dll [2009-07-14] (Microsoft Corporation) Task: {18E6D428-D26C-4169-BEDF-3B5BDDC952F6} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\System32\aepdu.dll [2010-11-20] (Microsoft Corporation) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {1EC9510D-A439-4950-9399-B6399EDF9EA7} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => C:\Windows\System32\acproxy.dll [2009-07-14] (Microsoft Corporation) Task: {261A7D85-235B-47CE-A642-5CE1916B47BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-22] (Adobe Systems Incorporated) Task: {2E283384-D380-48A5-9B63-4CCF2276E257} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => C:\Windows\System32\dfdts.dll [2009-07-14] (Microsoft Corporation) Task: {3105F511-62C6-496A-9769-360EA22DF59D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {31E31545-9676-4DD6-B6D0-D546B6975521} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2010-11-20] (Microsoft Corporation) Task: {395EDD6B-61F0-4D91-9D43-C80E504A6B40} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation) Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs No File Task: {5C2C622F-70E9-4194-A7DA-033E827365AD} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => C:\Windows\System32\bfe.dll [2010-11-20] (Microsoft Corporation) Task: {656CAC6D-4B53-48CD-94E5-11FCCE4FBAE5} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2009-07-14] (Microsoft Corp.) Task: {80072A85-84F0-4BCE-8742-2194E43CA936} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {84959CAF-1582-4A47-819A-23D9772B67D3} - System32\Tasks\AdobeAAMUpdater-1.0-WIN-RA7029Q8VPN-kris => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {9334C323-F100-4656-9BA0-E4AA69C0F9C2} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\System32\srrstr.dll [2010-11-20] (Microsoft Corporation) Task: {9B58A3D4-E8C3-46B3-A449-00594050892C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {AEEB46AF-E60E-4BD6-B791-58A1E3B4ADDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-19] (Google Inc.) Task: {DD4589B4-5D92-4D98-9A48-8A5B5F4E850E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-19] (Google Inc.) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs No File Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\ProgramData\TEMP:F35A93AD ==================== Faulty Device Manager Devices ============= Name: StarForce Protection Synchronization Driver (version 2.x) Description: StarForce Protection Synchronization Driver (version 2.x) Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: sfsync02 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 49% Total physical RAM: 3070.18 MB Available physical RAM: 1562.63 MB Total Pagefile: 6138.65 MB Available Pagefile: 4309.75 MB Total Virtual: 2047.88 MB Available Virtual: 1922.61 MB ==================== Drives ================================ Drive c: (BOOT) (Fixed) (Total:445.75 GB) (Free:145.62 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:10.66 GB) FAT32 Drive f: (DATENBOTE) (Removable) (Total:0.97 GB) (Free:0.15 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AE01280A) Partition 1: (Active) - (Size=446 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended) ======================================================== Disk: 4 (Size: 1000 MB) (Disk ID: 91F72D24) Partition 1: (Active) - (Size=1000 MB) - (Type=0B) ==================== End Of Log ============================ noch nie war mein computer so blitzblankgescannt ;-) der jrt file ist zu lang für die texteingabe und zu groß als anhang... habe nach der fehlermeldung auf die erklärung zu "als archiv anhängen"geklickt, doch der server war gerade ausgelastet. ich probiere es gleich nochmal. |
|
30.08.2013, 20:10
| #6 |
| | gvu trojaner hat mich erwischt hier der jrt logfile gezippt als anhang - anders passt es nicht oder ich weiß nicht, wie? hoffe, es ist okay! |
|
31.08.2013, 10:47
| #7 |
| /// the machine /// TB-Ausbilder | gvu trojaner hat mich erwischtESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2013, 15:52
| #8 |
| | gvu trojaner hat mich erwischt hi schrauber! hier der eset logfile: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b704751b08ec254c9865626c374e3b2c
# engine=14974
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-01 01:51:12
# local_time=2013-09-01 03:51:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 95 7277 148714777 45 0
# compatibility_mode=5893 16776574 100 94 406752 129674663 0 0
# scanned=311374
# found=0
# cleaned=0
# scan_time=6990
und hier dann die checkup-ergebnisse von securitycheck: Code:
ATTFilter Results of screen317's Security Check version 0.99.72 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java(TM) 6 Update 26 Java(TM) 6 Update 4 Java(TM) 6 Update 6 Java(TM) 6 Update 7 Java version out of Date! Adobe Flash Player 11.8.800.94 Adobe Reader 8 Adobe Reader out of Date! Adobe Reader 10.1.5 Adobe Reader out of Date! Mozilla Firefox (23.0.1) Google Chrome 28.0.1500.95 Google Chrome 29.0.1547.57 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-09-2013
Ran by kris (administrator) on WIN-RA7029Q8VPN on 01-09-2013 16:42:20
Running from C:\Users\kris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\86MB3V65
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(T-Systems International GmbH) C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(CyberLink) C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Dropbox, Inc.) C:\Users\kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCcUxSys.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
() C:\Users\kris\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-09-04] (cyberlink)
HKLM\...\Run: [CLMLServer] - C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe [104936 2008-07-18] (CyberLink)
HKLM\...\Run: [P2Go_Menu] - C:\Program Files\HomeCinema\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\HomeCinema\PowerDirector\MUITransfer\MUIStartMenu.exe [218408 2007-08-14] (CyberLink Corp.)
HKLM\...\Run: [EPSON Stylus DX3800 Series] - C:\Windows\TEMP\E_S6CF7.tmp [66 2011-05-27] ()
HKLM\...\Run: [SSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [101144 2011-09-29] (Logitech Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [IndexSearch] - C:\Program Files\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort12reminder] - C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PDFHook] - C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [PDF5 Registry Controller] - C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM\...\Run: [ControlCenter4] - C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] - C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-08-29] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCInstallQueue] - rundll32 netman.dll,ProcessQueue [280576 2009-07-14] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [BindDirectlyToPropertySetStorage] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKCU\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [Panda PDF Converter563705.exe] - "C:\Users\kris\AppData\Local\Temp\Panda PDF Converter563705.exe" /XML="C:\Users\kris\AppData\Local\Temp\2E41.tmp" /STP=0:2 [x] <===== ATTENTION
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKCU\...\Policies\Explorer: [NoCDBurning] 1
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKCU\...\Policies\Explorer: [NoSaveSettings] 1
HKCU\...\Policies\Explorer: [TaskbarNoNotification] 1
MountPoints2: {9dcc0d4a-1db4-11e0-b7b1-806e6f6e6963} - J:\iStudio.exe
HKU\UpdatusUser\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2010-11-20] (Microsoft Corporation)
HKU\UpdatusUser\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\InstallShield\UpdateService\ISUSPM.exe [ 2005-02-16] (InstallShield Software Corporation)
HKU\UpdatusUser\...\Run: [Steam] - C:\Program Files\Steam\steam.exe [ 2013-08-28] (Valve Corporation)
HKU\UpdatusUser\...\Run: [Panda PDF Converter563705.exe] - "C:\Users\kris\AppData\Local\Temp\Panda PDF Converter563705.exe" /XML="C:\Users\kris\AppData\Local\Temp\2E41.tmp" /STP=0:2 [x] <===== ATTENTION
HKU\UpdatusUser\...\Run: [AdobeBridge] - [x]
HKU\UpdatusUser\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [ 2009-05-05] (Acresso Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.11.3088 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.3146 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.11.3006 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: toolbar - C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\z46axcfd.default\Extensions\toolbar@web.de.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Extension: (YouTube) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-08-29] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.)
R2 DFSVC; C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe [288768 2009-10-21] (T-Systems International GmbH)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1801216 2008-02-28] (Buhl Data Service GmbH)
==================== Drivers (Whitelisted) ====================
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [501560 2008-01-23] (Protect Software GmbH)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [10632 2007-10-12] (Advanced Micro Devices)
R2 athsgt; C:\Windows\System32\DRIVERS\athsgt.sys [164992 2005-09-28] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2009-12-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-08-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-08-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-08-29] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 DFSYS; C:\Program Files\T-Home\Dialerschutz-Software\DFSYS.SYS [14624 2009-10-15] (T-Systems International GmbH)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
S3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCi386.sys [378568 2011-10-19] (Logitech)
S3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRi386.sys [317384 2011-10-19] (Logitech)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2011-10-19] (Logitech Inc.)
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2011-10-19] (Logitech Inc.)
R2 limsgt; C:\Windows\System32\DRIVERS\limsgt.sys [12544 2005-09-28] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2009-12-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
R0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63096 2009-02-03] (Protection Technology (StarForce))
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-29] (Avira GmbH)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [28168 2008-01-24] (Logitech Inc.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2008-02-15] (Cyberlink Corp.)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [87536 2009-09-01] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-01 13:51 - 2013-09-01 13:51 - 02347384 _____ (ESET) C:\Users\kris\Downloads\esetsmartinstaller_enu.exe
2013-09-01 13:49 - 2013-09-01 13:49 - 00000000 ____D C:\Users\kris\AppData\Local\{38595779-4E02-4884-BE24-D8B49259867F}
2013-08-30 22:31 - 2013-08-30 22:31 - 00000000 ____D C:\Users\kris\AppData\Local\{4F7D8FA5-F84A-4AE3-B232-C31DF78F4C1B}
2013-08-30 20:40 - 2013-08-30 20:40 - 00040867 _____ C:\Users\kris\Desktop\FRST.txt
2013-08-30 20:39 - 2013-08-30 20:40 - 00016379 _____ C:\Users\kris\Desktop\Addition.txt
2013-08-30 20:33 - 2013-08-30 20:33 - 00203408 _____ C:\Users\kris\Desktop\JRT.txt
2013-08-30 20:28 - 2013-08-30 20:28 - 00000000 ____D C:\Windows\ERUNT
2013-08-30 20:23 - 2013-08-30 20:24 - 01023533 _____ (Thisisu) C:\Users\kris\Desktop\JRT.exe
2013-08-30 20:20 - 2013-08-30 20:20 - 00004216 _____ C:\Users\kris\Desktop\AdwCleaner[S0].txt
2013-08-30 19:59 - 2013-08-30 20:07 - 00000000 ____D C:\AdwCleaner
2013-08-30 19:59 - 2013-08-30 19:59 - 00994642 _____ C:\Users\kris\Downloads\adwcleaner.exe
2013-08-30 19:22 - 2013-08-30 19:26 - 178531632 _____ C:\Users\kris\Downloads\Anjas Bewerbungswusel.zip
2013-08-30 16:59 - 2013-08-30 16:59 - 00001089 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\Users\kris\AppData\Roaming\Malwarebytes
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-30 16:59 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-30 16:58 - 2013-08-30 16:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kris\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-30 16:53 - 2013-08-30 16:53 - 00000000 ____D C:\Users\kris\AppData\Local\Macromedia
2013-08-29 21:31 - 2013-08-29 21:31 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-29 21:31 - 2013-08-29 21:31 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-29 21:31 - 2013-08-29 21:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-29 21:30 - 2013-08-29 21:30 - 00282008 _____ (Mozilla) C:\Users\kris\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-29 21:28 - 2013-08-29 21:28 - 00000000 ____D C:\Users\kris\AppData\Roaming\Avira
2013-08-29 21:24 - 2013-08-29 21:24 - 00067168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-29 21:22 - 2013-08-29 21:22 - 00001950 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-29 21:22 - 2013-08-29 21:22 - 00000000 ____D C:\Program Files\Avira
2013-08-29 21:22 - 2013-08-29 19:47 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-29 21:22 - 2013-08-29 19:47 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-29 21:22 - 2013-08-29 19:47 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-29 21:22 - 2013-08-29 19:47 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-08-28 13:05 - 2013-08-29 20:14 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-08-28 08:08 - 2013-08-28 08:49 - 00093510 _____ C:\OTL.Txt
2013-08-28 01:07 - 2013-08-28 01:07 - 00000000 ____D C:\FRST
2013-08-19 12:03 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-19 12:03 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-19 12:03 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-19 12:03 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-19 12:03 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-19 12:03 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-19 12:03 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-19 12:03 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-19 12:03 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-19 11:48 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-19 11:48 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-19 11:48 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-19 11:48 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-19 11:48 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-19 11:48 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-19 11:48 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-19 11:48 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-19 11:47 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-19 11:47 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-19 11:47 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-19 11:47 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 15:11 - 2013-08-11 15:56 - 00000000 ____D C:\Users\kris\AppData\Roaming\AllDup
2013-08-11 15:11 - 2013-08-11 15:11 - 00000941 _____ C:\Users\kris\Desktop\AllDup.lnk
2013-08-11 15:11 - 2013-08-11 15:11 - 00000000 ____D C:\ProgramData\AllDup
2013-08-11 15:11 - 2013-08-11 15:11 - 00000000 ____D C:\Program Files\AllDup
2013-08-11 15:11 - 2010-10-13 06:42 - 02369456 _____ (Codejock Software) C:\Windows\system32\Codejock.CommandBars.v13.4.2.ocx
2013-08-11 15:11 - 2010-08-20 21:53 - 00086016 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSplitter.ocx
2013-08-11 15:11 - 2010-06-11 10:50 - 00089888 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtFrame.ocx
2013-08-11 15:11 - 2010-06-01 14:45 - 01005088 _____ (Bennet-Tec Information Systems, Inc) C:\Windows\system32\TList8.ocx
2013-08-11 15:11 - 2010-03-25 10:33 - 00171752 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtRTF2.ocx
2013-08-11 15:11 - 2009-10-13 00:02 - 00044736 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtSubclass.dll
2013-08-11 15:11 - 2009-10-13 00:01 - 00077504 _____ (Michael Thummerer Software Design) C:\Windows\system32\mtScrollContainer.ocx
2013-08-11 15:11 - 2008-01-29 07:57 - 00450560 _____ (LogicNP Software (hxxp://www.ssware.com)) C:\Windows\system32\fldrvw90.ocx
2013-08-11 15:10 - 2013-08-11 15:10 - 03503200 _____ (Michael Thummerer Software Design ) C:\Users\kris\Downloads\alldup_3.4.24.exe
2013-08-10 23:00 - 2013-08-10 23:34 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00002535 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ___RD C:\Program Files\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ____D C:\ProgramData\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-10 22:58 - 2013-08-10 22:59 - 32776560 _____ (Skype Technologies S.A.) C:\Users\kris\Downloads\SkypeSetupFull.exe
==================== One Month Modified Files and Folders =======
2013-09-01 16:39 - 2010-11-19 19:43 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-01 16:19 - 2013-09-01 16:19 - 00891115 _____ C:\Users\kris\Desktop\SecurityCheck.exe
2013-09-01 15:55 - 2012-06-27 11:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-01 15:38 - 2011-02-05 19:43 - 01628892 _____ C:\Windows\WindowsUpdate.log
2013-09-01 14:34 - 2011-05-08 16:54 - 00000000 ____D C:\Users\kris\AppData\Local\CrashDumps
2013-09-01 14:31 - 2012-01-27 14:33 - 00000000 ___RD C:\Users\kris\Dropbox
2013-09-01 14:31 - 2012-01-27 14:31 - 00000000 ____D C:\Users\kris\AppData\Roaming\Dropbox
2013-09-01 13:51 - 2013-09-01 13:51 - 02347384 _____ (ESET) C:\Users\kris\Downloads\esetsmartinstaller_enu.exe
2013-09-01 13:51 - 2011-02-05 18:47 - 00010896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-01 13:51 - 2011-02-05 18:47 - 00010896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-01 13:50 - 2011-02-05 18:49 - 01574762 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-01 13:49 - 2013-09-01 13:49 - 00000000 ____D C:\Users\kris\AppData\Local\{38595779-4E02-4884-BE24-D8B49259867F}
2013-09-01 13:46 - 2012-05-16 11:11 - 00000000 ____D C:\Program Files\Steam
2013-09-01 13:46 - 2009-02-27 18:14 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-09-01 13:44 - 2010-11-19 19:43 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-01 13:44 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-01 13:44 - 2009-07-14 06:39 - 179795290 _____ C:\Windows\setupact.log
2013-09-01 13:44 - 2008-04-30 11:59 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-30 22:31 - 2013-08-30 22:31 - 00000000 ____D C:\Users\kris\AppData\Local\{4F7D8FA5-F84A-4AE3-B232-C31DF78F4C1B}
2013-08-30 20:40 - 2013-08-30 20:40 - 00040867 _____ C:\Users\kris\Desktop\FRST.txt
2013-08-30 20:40 - 2013-08-30 20:39 - 00016379 _____ C:\Users\kris\Desktop\Addition.txt
2013-08-30 20:33 - 2013-08-30 20:33 - 00203408 _____ C:\Users\kris\Desktop\JRT.txt
2013-08-30 20:28 - 2013-08-30 20:28 - 00000000 ____D C:\Windows\ERUNT
2013-08-30 20:24 - 2013-08-30 20:23 - 01023533 _____ (Thisisu) C:\Users\kris\Desktop\JRT.exe
2013-08-30 20:20 - 2013-08-30 20:20 - 00004216 _____ C:\Users\kris\Desktop\AdwCleaner[S0].txt
2013-08-30 20:07 - 2013-08-30 19:59 - 00000000 ____D C:\AdwCleaner
2013-08-30 19:59 - 2013-08-30 19:59 - 00994642 _____ C:\Users\kris\Downloads\adwcleaner.exe
2013-08-30 19:48 - 2011-02-05 19:30 - 00378424 _____ C:\Windows\PFRO.log
2013-08-30 19:48 - 2008-08-09 10:06 - 00000000 ____D C:\Windows\Downloaded Installations
2013-08-30 19:26 - 2013-08-30 19:22 - 178531632 _____ C:\Users\kris\Downloads\Anjas Bewerbungswusel.zip
2013-08-30 17:02 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-30 16:59 - 2013-08-30 16:59 - 00001089 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\Users\kris\AppData\Roaming\Malwarebytes
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 16:59 - 2013-08-30 16:59 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-30 16:58 - 2013-08-30 16:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\kris\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-30 16:53 - 2013-08-30 16:53 - 00000000 ____D C:\Users\kris\AppData\Local\Macromedia
2013-08-29 21:32 - 2008-06-28 22:01 - 00000000 ____D C:\Users\kris\AppData\Roaming\Mozilla
2013-08-29 21:31 - 2013-08-29 21:31 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-29 21:31 - 2013-08-29 21:31 - 00000000 ____D C:\ProgramData\Mozilla
2013-08-29 21:31 - 2013-08-29 21:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-29 21:31 - 2008-06-28 22:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-29 21:30 - 2013-08-29 21:30 - 00282008 _____ (Mozilla) C:\Users\kris\Downloads\Firefox Setup Stub 23.0.1.exe
2013-08-29 21:28 - 2013-08-29 21:28 - 00000000 ____D C:\Users\kris\AppData\Roaming\Avira
2013-08-29 21:24 - 2013-08-29 21:24 - 00067168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-29 21:22 - 2013-08-29 21:22 - 00001950 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-29 21:22 - 2013-08-29 21:22 - 00000000 ____D C:\Program Files\Avira
2013-08-29 21:22 - 2008-05-31 17:22 - 00000000 ____D C:\ProgramData\Avira
2013-08-29 20:14 - 2013-08-28 13:05 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-08-29 19:47 - 2013-08-29 21:22 - 00135136 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-29 19:47 - 2013-08-29 21:22 - 00084744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-29 19:47 - 2013-08-29 21:22 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-29 19:47 - 2013-08-29 21:22 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-08-28 08:49 - 2013-08-28 08:08 - 00093510 _____ C:\OTL.Txt
2013-08-28 08:05 - 2011-02-05 18:50 - 00000000 ____D C:\Users\kris
2013-08-28 02:04 - 2013-06-14 08:59 - 00000000 ____D C:\Program Files\Nuance
2013-08-28 01:07 - 2013-08-28 01:07 - 00000000 ____D C:\FRST
2013-08-27 13:25 - 2011-04-19 18:03 - 00000000 ___RD C:\brittas dinge
2013-08-27 11:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-22 22:56 - 2012-06-27 11:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-22 22:56 - 2011-07-25 06:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-22 22:47 - 2013-02-18 23:57 - 00002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-20 11:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-20 11:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-11 15:56 - 2013-08-11 15:11 - 00000000 ____D C:\Users\kris\AppData\Roaming\AllDup
2013-08-11 15:11 - 2013-08-11 15:11 - 00000941 _____ C:\Users\kris\Desktop\AllDup.lnk
2013-08-11 15:11 - 2013-08-11 15:11 - 00000000 ____D C:\ProgramData\AllDup
2013-08-11 15:11 - 2013-08-11 15:11 - 00000000 ____D C:\Program Files\AllDup
2013-08-11 15:10 - 2013-08-11 15:10 - 03503200 _____ (Michael Thummerer Software Design ) C:\Users\kris\Downloads\alldup_3.4.24.exe
2013-08-10 23:34 - 2013-08-10 23:00 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00002535 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ___RD C:\Program Files\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ____D C:\ProgramData\Skype
2013-08-10 23:00 - 2013-08-10 23:00 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-08-10 22:59 - 2013-08-10 22:58 - 32776560 _____ (Skype Technologies S.A.) C:\Users\kris\Downloads\SkypeSetupFull.exe
2013-08-06 15:42 - 2008-05-31 14:59 - 00000000 ____D C:\Program Files\Google
Files to move or delete:
====================
C:\Users\kris\AppData\Local\Temp\Quarantine.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10hook.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10rdeu.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10renx.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\dd10shrd.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\install_flash_player_active_x.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipworks6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\ipwssl6.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\mobile.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\psapi.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\riched32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\spchapi.exe
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\srpump.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\sx96v32.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\upgrdll.dll
C:\Users\kris\AppData\Local\Temp\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}\wav.dll
C:\Users\kris\AppData\Local\Temp\{6D1F314F-27CC-46F1-BDC3-A84FA91FF832}\ISRT.dll
C:\Users\kris\AppData\Local\Temp\{6D1F314F-27CC-46F1-BDC3-A84FA91FF832}\_isres.dll
C:\Users\kris\AppData\Local\Temp\RarSFX0\SecurityCheck\Objlist.exe
C:\Users\kris\AppData\Local\Temp\RarSFX0\SecurityCheck\runprocesses.exe
C:\Users\kris\AppData\Local\Temp\RarSFX0\SecurityCheck\uninstalllist.exe
C:\Users\kris\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\cmdinfo.exe
C:\Users\kris\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\nircmdc.exe
C:\Users\kris\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exe
C:\Users\kris\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\swreg.exe
C:\Users\kris\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-24 21:26
==================== End Of Log ============================
--- --- --- |
|
01.09.2013, 17:30
| #9 |
| /// the machine /// TB-Ausbilder | gvu trojaner hat mich erwischt Java und Adobe updaten. Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.09.2013, 19:15
| #10 |
| | gvu trojaner hat mich erwischt hallo schrauber! danke für die letzten tipps und hinweise - ich denke, das wird alles glatt laufen, so dass ich keine weiteren fragen habe. du hast mir super geholfen, vielen, vielen dank! alles gute! indirie |
|
09.09.2013, 04:49
| #11 |
| /// the machine /// TB-Ausbilder | gvu trojaner hat mich erwischt Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu gvu trojaner hat mich erwischt |
| andere, anleitungen, association, backdoor.bot, blockiert, erstellt, erwischt, farbar, farbar recovery scan tool, gvu trojaner, hoffe, launch, loswerden, lösungen, otlpe, problem, pup.crossrider.ssk, pup.offerbundler.st, pup.optional.asktoolbar.a, stand, starte, troja, trojaner, von selbst, windows, wonach |
Linear-Darstellung
