| vikingr55 | 31.08.2013 16:31 |
Windows 7 Starter: Avira Trojaner-Fund lässt sich nicht beseitigen (Atraps.Gen2)
Hallo zusammen,
Avira meldet mir seit einiger Zeit Trojaner-Funde. Mit dem Druck auf entfernen ist es leider nicht getan und es kommen immer neue dazu.
Über Hilfe würde ich mich sehr freuen!
Hier die Logs:
FRST Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2013 03
Ran by Jenny (administrator) on JENNY-PC on 31-08-2013 15:48:54
Running from C:\Users\Jenny\Dropbox\Dokumente
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) c:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Jenny\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
(Farbar) C:\Users\Jenny\Dropbox\Dokumente\FRST-1.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GfxServiceInstall] - C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-30] ()
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [715368 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-08-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKCU\...\Run: [Global Registration] - "C:\Program Files\Packard Bell\Registration\GREG.exe" /boot [x]
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
MountPoints2: {b99e8a81-bdc8-11e2-a9d4-047d7b27bb43} - D:\LaunchU3.exe -a
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files\Packard Bell\Screensaver\run_Packard Bell.exe [ 2010-07-29] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jenny\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Lyrmix - {115b65d1-cd23-4411-8d8c-f8967d4f553c} - C:\Program Files\Lyrmix\131.dll (Lyrmix)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll No File
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Winsock: Catalog9 12 mswsock.dll File Not found ()
Winsock: Catalog9 13 mswsock.dll File Not found ()
Winsock: Catalog9 14 mswsock.dll File Not found ()
Winsock: Catalog9 15 mswsock.dll File Not found ()
Winsock: Catalog9 16 mswsock.dll File Not found ()
Winsock: Catalog9 17 mswsock.dll File Not found ()
Winsock: Catalog9 18 mswsock.dll File Not found ()
Winsock: Catalog9 19 mswsock.dll File Not found ()
Winsock: Catalog9 20 mswsock.dll File Not found ()
Winsock: Catalog9 21 mswsock.dll File Not found ()
Winsock: Catalog9 22 mswsock.dll File Not found ()
Winsock: Catalog9 23 mswsock.dll File Not found ()
Winsock: Catalog9 24 mswsock.dll File Not found ()
Winsock: Catalog9 25 mswsock.dll File Not found ()
Winsock: Catalog9 26 mswsock.dll File Not found ()
Winsock: Catalog9 27 mswsock.dll File Not found ()
Winsock: Catalog9 28 mswsock.dll File Not found ()
Winsock: Catalog9 29 mswsock.dll File Not found ()
Winsock: Catalog9 30 mswsock.dll File Not found ()
Winsock: Catalog9 31 mswsock.dll File Not found ()
Winsock: Catalog9 32 mswsock.dll File Not found ()
Winsock: Catalog9 33 mswsock.dll File Not found ()
Winsock: Catalog9 34 mswsock.dll File Not found ()
Winsock: Catalog9 35 mswsock.dll File Not found ()
Winsock: Catalog9 36 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\lw94r33j.default
FF user.js: detected! => C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\lw94r33j.default\user.js
FF Keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jenny\AppData\Roaming\Mozilla\Firefox\Profiles\lw94r33j.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{ef7f760f-6a65-4dd9-8946-2f7e24e00c28}] C:\Program Files\Lyrmix\131.xpi
FF Extension: No Name - C:\Program Files\Lyrmix\131.xpi
FF StartMenuInternet: FIREFOX.EXE - C:\Programme\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Plugin: ( "name": "Shockwave Flash",) - "path": "C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll", No File
CHR Plugin: ( "name": "Chrome Remote Desktop Viewer",) - "path": "internal-remoting-viewer",
CHR Plugin: ( "name": "Native Client",) - "path": "C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll", No File
CHR Plugin: ( "name": "Chrome PDF Viewer",) - "path": "C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll", No File
CHR Plugin: ( "name": "Adobe Acrobat",) - "path": "C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll", No File
CHR Plugin: ( "name": "QuickTime Plug-in 7.7.4",) - "path": "C:\Program Files\QuickTime\plugins\npqtplugin.dll", No File
CHR Plugin: ( "name": "QuickTime Plug-in 7.7.4",) - "path": "C:\Program Files\QuickTime\plugins\npqtplugin2.dll", No File
CHR Plugin: ( "name": "QuickTime Plug-in 7.7.4",) - "path": "C:\Program Files\QuickTime\plugins\npqtplugin3.dll", No File
CHR Plugin: ( "name": "QuickTime Plug-in 7.7.4",) - "path": "C:\Program Files\QuickTime\plugins\npqtplugin4.dll", No File
CHR Plugin: ( "name": "QuickTime Plug-in 7.7.4",) - "path": "C:\Program Files\QuickTime\plugins\npqtplugin5.dll", No File
CHR Plugin: ( "name": "Google Update",) - "path": "C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll", No File
CHR Plugin: ( "name": "Java(TM) Platform SE 7 U21",) - "path": "C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll", No File
CHR Plugin: ( "name": "McAfee Security Scanner +",) - "path": "C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll", No File
CHR Plugin: ( "name": "Windows Live™ Photo Gallery",) - "path": "C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll", No File
CHR Plugin: ( "name": "iTunes Application Detector",) - "path": "C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll", No File
CHR Plugin: ( "name": "VLC Web Plugin",) - "path": "C:\Programme\VideoLAN\VLC\npvlc.dll", No File
CHR Plugin: ( "name": "Shockwave Flash",) - "path": "C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll", No File
CHR Plugin: ( "name": "Silverlight Plug-In",) - "path": "c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll", No File
CHR Extension: (Google Docs) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\Jenny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [kidmhllhjmmmnpbiaihafgchacpmokof] - C:\Program Files\Lyrmix\131.crx
========================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor9.0; c:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-08-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-20] (Avira Operations GmbH & Co. KG)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\ \...\???\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-08-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-08-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-31] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [30360 2011-09-02] (Logitech, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-05-29] (Malwarebytes Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-31 15:44 - 2013-08-31 15:44 - 00000000 _____ C:\Users\Jenny\defogger_reenable
2013-08-31 14:36 - 2013-08-31 14:36 - 95103849 _____ C:\Windows\system32\c
2013-08-30 13:04 - 2013-08-30 13:04 - 94748418 _____ C:\Windows\system32\鞢皏Y
2013-08-29 21:17 - 2013-08-29 21:17 - 94663095 _____ C:\Windows\system32\뀁�]
2013-08-29 11:41 - 2013-08-29 11:41 - 00000000 ____D C:\Program Files\Lyrmix
2013-08-28 21:19 - 2013-08-28 21:19 - 101009872 _____ C:\Windows\system32\皵㧘b
2013-08-28 15:07 - 2012-07-05 12:36 - 681535488 _____ C:\Users\Jenny\Downloads\dexterbd_dl_s02e12.avi
2013-08-28 14:51 - 2012-07-05 11:25 - 681766912 _____ C:\Users\Jenny\Downloads\dexterbd_dl_s02e11.avi
2013-08-28 14:35 - 2012-07-05 10:14 - 681474048 _____ C:\Users\Jenny\Downloads\dexterbd_dl_s02e10.avi
2013-08-28 14:18 - 2012-07-05 08:59 - 681551872 _____ C:\Users\Jenny\Downloads\dexterbd_dl_s02e09.avi
2013-08-28 14:03 - 2012-07-05 07:50 - 681525248 _____ C:\Users\Jenny\Downloads\dexterbd_dl_s02e08.avi
2013-08-25 19:17 - 2013-08-25 19:17 - 100156396 _____ C:\Windows\system32\촙暇Y
2013-08-25 13:45 - 2013-08-16 11:36 - 00000000 ____D C:\Users\Jenny\Downloads\Dan.Brown.-.Inferno.Mp3.Vbr
2013-08-25 11:35 - 2013-08-23 05:41 - 00000000 ____D C:\Users\Jenny\Downloads\DEX.XVID.S07E10.GDR
2013-08-25 09:17 - 2012-02-02 22:35 - 1032504440 _____ C:\Users\Jenny\Downloads\Wag the Dog Wenn der Schwanz mit dem Hund wedelt.HQ.avi
2013-08-21 23:14 - 2013-08-22 13:16 - 99750289 _____ C:\Windows\system32\蓂滄s
2013-08-20 17:16 - 2013-08-20 17:16 - 99562272 _____ C:\Windows\system32\䗢뎫c
2013-08-16 10:10 - 2013-08-31 11:31 - 00000338 _____ C:\Windows\Tasks\Lyrmix Update.job
2013-08-16 03:10 - 2013-08-16 03:19 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 01:28 - 2013-08-16 01:28 - 00000000 ____D C:\Users\Jenny\Downloads\Body.of.Proof.S03E13.Die.letzte.Zeugin.GERMAN.DUBBED.WebHDRiP.XviD-SOF
2013-08-15 12:58 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 12:58 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 12:58 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 12:58 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 12:58 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 12:58 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 12:58 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 12:58 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 23:50 - 2013-08-19 17:47 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\WindSolutions
2013-08-14 23:50 - 2013-08-19 17:15 - 00000000 ____D C:\ProgramData\WindSolutions
2013-08-14 23:50 - 2013-08-14 23:50 - 04279392 _____ (WindSolutions) C:\Users\Jenny\Downloads\Install_CopyTrans_Suite.exe
2013-08-14 23:50 - 2013-08-14 23:50 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2013-08-13 18:28 - 2013-08-13 18:28 - 00000000 ____D C:\Users\Jenny\AppData\Local\Cockatrice
2013-08-13 18:19 - 2013-08-13 18:19 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cockatrice
2013-08-13 18:19 - 2013-08-13 18:19 - 00000000 ____D C:\Program Files\Cockatrice
2013-08-13 18:18 - 2013-08-13 18:19 - 13834479 _____ C:\Users\Jenny\Downloads\cockatrice_win32_20130509_git-d462870.exe
2013-08-12 21:06 - 2013-08-12 21:06 - 05102112 _____ C:\Users\Jenny\Downloads\WTH_0186_iOS.ipa
2013-08-12 21:03 - 2013-08-12 21:19 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\iFunbox_UserCache
2013-08-12 21:03 - 2013-08-12 21:03 - 00000000 ____D C:\Program Files\i-Funbox DevTeam
2013-08-12 21:00 - 2013-08-12 21:01 - 15043804 _____ ( ) C:\Users\Jenny\Downloads\ifunbox_setup.exe
2013-08-12 19:36 - 2013-08-12 19:39 - 00000000 ____D C:\Users\Jenny\AppData\Local\libimobiledevice
2013-08-12 19:35 - 2013-08-12 19:35 - 00000000 __RSH C:\MSDOS.SYS
2013-08-12 19:35 - 2013-08-12 19:35 - 00000000 __RSH C:\IO.SYS
2013-08-12 19:09 - 2013-08-12 19:10 - 00137569 _____ C:\Users\Jenny\Downloads\evasi0n-win-1.5.3.zip
2013-08-12 01:57 - 2013-01-13 07:33 - 182403058 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e24.avi
2013-08-12 01:46 - 2013-01-05 16:53 - 182387774 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e23.avi
2013-08-12 01:35 - 2012-12-20 18:49 - 182386178 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e21.avi
2013-08-12 01:27 - 2012-12-29 17:50 - 182348596 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e22.avi
2013-08-12 01:08 - 2012-12-13 22:15 - 182227500 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e20.avi
2013-08-12 00:57 - 2013-08-01 01:05 - 205473198 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e19.avi
2013-08-12 00:45 - 2012-11-29 20:01 - 182464954 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e18.avi
2013-08-12 00:34 - 2012-11-21 23:33 - 182371694 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e17.avi
2013-08-12 00:23 - 2012-11-14 23:56 - 182335634 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e16.avi
2013-08-12 00:12 - 2012-11-07 22:26 - 182292008 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e15.avi
2013-08-12 00:01 - 2013-08-01 00:33 - 191252820 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e14.avi
2013-08-11 23:37 - 2012-10-18 01:17 - 182364968 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e12.avi
2013-08-11 23:24 - 2012-10-11 14:33 - 182301702 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e11.avi
2013-08-11 23:11 - 2013-07-29 08:07 - 201620374 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e10.avi
2013-08-11 22:58 - 2012-09-26 23:52 - 182340244 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e09.avi
2013-08-11 22:46 - 2012-09-21 16:59 - 182433820 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e08.avi
2013-08-11 22:35 - 2012-09-15 14:46 - 182297378 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e07rp.avi
2013-08-11 22:24 - 2012-09-06 14:41 - 182388466 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e06.avi
2013-08-11 22:13 - 2012-08-30 13:58 - 182319866 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e05.avi
2013-08-11 22:02 - 2012-08-24 13:42 - 182361922 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e04.avi
2013-08-11 21:51 - 2012-08-15 23:57 - 182268884 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e03.avi
2013-08-11 21:40 - 2012-08-09 12:01 - 182424090 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e02.avi
2013-08-11 21:30 - 2012-08-01 21:34 - 181856256 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e01.avi
2013-08-11 13:38 - 2013-08-11 13:38 - 00000000 ____D C:\Users\Jenny\Downloads\Papas 50.ter
2013-08-09 16:37 - 2013-08-09 16:38 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-08-01 02:44 - 2012-10-26 02:23 - 243615860 _____ C:\Users\Jenny\Downloads\Parks.and.Recreation.S01E02.Canvassing.GERMAN.DUBBED.WS.DVDRip.XviD-TVP.avi
2013-08-01 02:44 - 2012-10-26 02:23 - 243567684 _____ C:\Users\Jenny\Downloads\Parks.and.Recreation.S01E04.Boys.Club.GERMAN.DUBBED.WS.DVDRip.XviD-TVP.avi
2013-08-01 02:44 - 2012-10-26 02:23 - 243164638 _____ C:\Users\Jenny\Downloads\Parks.and.Recreation.S01E06.Rock.Show.GERMAN.DUBBED.WS.DVDRip.XviD-TVP.avi
2013-08-01 02:44 - 2012-10-26 02:23 - 241455150 _____ C:\Users\Jenny\Downloads\Parks.and.Recreation.S01E05.The.Banquet.GERMAN.DUBBED.WS.DVDRip.XviD-TVP.avi
2013-08-01 02:43 - 2012-10-26 02:23 - 243256072 _____ C:\Users\Jenny\Downloads\Parks.and.Recreation.S01E03.The.Reporter.GERMAN.DUBBED.WS.DVDRip.XviD-TVP.avi
2013-08-01 02:43 - 2012-10-26 02:23 - 181842246 _____ C:\Users\Jenny\Downloads\Parks.and.Recreation.S01E01.Pilot.GERMAN.DUBBED.WS.DVDRip.XviD-TVP.avi
2013-08-01 01:11 - 2013-07-27 01:43 - 261537792 _____ C:\Users\Jenny\Downloads\Up.All.Night.S01E08.Amy.allein.zu.Haus.DL.German.Dubbed.WEBRip.XviD-GDR.avi
2013-08-01 00:52 - 2013-07-27 01:42 - 261842944 _____ C:\Users\Jenny\Downloads\Up.All.Night.S01E07.Muetter.und.Toechter.DL.German.Dubbed.WEBRip.XviD-GDR.avi
2013-08-01 00:39 - 2013-07-22 18:47 - 261984256 _____ C:\Users\Jenny\Downloads\Up.All.Night.S01E06.Hallo.Amy.DL.German.Dubbed.WEBRip.XviD-GDR.avi
2013-08-01 00:19 - 2013-07-22 18:46 - 262055936 _____ C:\Users\Jenny\Downloads\Up.All.Night.S01E05.Eine.1A.Karrieremutter.DL.German.Dubbed.WEBRip.XviD-GDR.avi
2013-08-01 00:06 - 2013-07-12 23:57 - 261556224 _____ C:\Users\Jenny\Downloads\Up.All.Night.S01E04.Das.neue.Auto.DL.German.Dubbed.WEBRip.XviD-GDR.avi
==================== One Month Modified Files and Folders =======
2013-08-31 15:49 - 2013-07-14 20:44 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-31 15:48 - 2013-08-31 15:48 - 00000000 ____D C:\FRST
2013-08-31 15:47 - 2012-10-05 19:56 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Dropbox
2013-08-31 15:44 - 2013-08-31 15:44 - 00000000 _____ C:\Users\Jenny\defogger_reenable
2013-08-31 15:44 - 2012-09-27 16:59 - 00000000 ____D C:\Users\Jenny
2013-08-31 15:09 - 2012-09-27 21:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 14:40 - 2012-09-27 21:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-31 14:36 - 2013-08-31 14:36 - 95103849 _____ C:\Windows\system32\c
2013-08-31 12:38 - 2009-07-14 06:39 - 00210994 _____ C:\Windows\setupact.log
2013-08-31 11:31 - 2013-08-16 10:10 - 00000338 _____ C:\Windows\Tasks\Lyrmix Update.job
2013-08-31 09:31 - 2012-09-30 20:10 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\vlc
2013-08-31 08:37 - 2012-11-24 18:32 - 00000000 ____D C:\Users\Jenny\AppData\Local\CrashDumps
2013-08-30 20:49 - 2013-07-14 20:44 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-30 14:35 - 2010-11-20 23:01 - 01499844 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-30 13:14 - 2009-07-14 06:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-30 13:14 - 2009-07-14 06:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-30 13:07 - 2012-10-05 20:01 - 00000000 ___RD C:\Users\Jenny\Dropbox
2013-08-30 13:05 - 2010-11-20 23:48 - 00820604 _____ C:\Windows\PFRO.log
2013-08-30 13:05 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-30 13:04 - 2013-08-30 13:04 - 94748418 _____ C:\Windows\system32\鞢皏Y
2013-08-29 21:17 - 2013-08-29 21:17 - 94663095 _____ C:\Windows\system32\뀁�]
2013-08-29 11:41 - 2013-08-29 11:41 - 00000000 ____D C:\Program Files\Lyrmix
2013-08-28 21:19 - 2013-08-28 21:19 - 101009872 _____ C:\Windows\system32\皵㧘b
2013-08-25 19:17 - 2013-08-25 19:17 - 100156396 _____ C:\Windows\system32\촙暇Y
2013-08-23 05:41 - 2013-08-25 11:35 - 00000000 ____D C:\Users\Jenny\Downloads\DEX.XVID.S07E10.GDR
2013-08-22 13:16 - 2013-08-21 23:14 - 99750289 _____ C:\Windows\system32\蓂滄s
2013-08-21 09:09 - 2012-09-27 21:43 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 09:09 - 2011-12-16 14:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-20 17:21 - 2012-02-09 00:43 - 01254242 _____ C:\Windows\WindowsUpdate.log
2013-08-20 17:16 - 2013-08-20 17:16 - 99562272 _____ C:\Windows\system32\䗢뎫c
2013-08-20 11:14 - 2013-05-02 11:35 - 00066144 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-20 11:14 - 2012-12-01 23:08 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-20 11:14 - 2012-12-01 23:08 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-19 17:47 - 2013-08-14 23:50 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\WindSolutions
2013-08-19 17:41 - 2013-07-14 20:44 - 00000000 ____D C:\Program Files\Google
2013-08-19 17:41 - 2013-07-14 20:43 - 00000000 ____D C:\Users\Jenny\AppData\Local\Google
2013-08-19 17:15 - 2013-08-14 23:50 - 00000000 ____D C:\ProgramData\WindSolutions
2013-08-16 11:36 - 2013-08-25 13:45 - 00000000 ____D C:\Users\Jenny\Downloads\Dan.Brown.-.Inferno.Mp3.Vbr
2013-08-16 04:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-16 03:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-16 03:29 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-16 03:19 - 2013-08-16 03:10 - 00000000 ____D C:\Windows\system32\MRT
2013-08-16 03:10 - 2012-09-29 09:08 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-16 01:28 - 2013-08-16 01:28 - 00000000 ____D C:\Users\Jenny\Downloads\Body.of.Proof.S03E13.Die.letzte.Zeugin.GERMAN.DUBBED.WebHDRiP.XviD-SOF
2013-08-14 23:50 - 2013-08-14 23:50 - 04279392 _____ (WindSolutions) C:\Users\Jenny\Downloads\Install_CopyTrans_Suite.exe
2013-08-14 23:50 - 2013-08-14 23:50 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2013-08-14 23:50 - 2012-09-27 17:02 - 00000000 ____D C:\Users\Jenny\AppData\Local\Adobe
2013-08-13 18:28 - 2013-08-13 18:28 - 00000000 ____D C:\Users\Jenny\AppData\Local\Cockatrice
2013-08-13 18:19 - 2013-08-13 18:19 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cockatrice
2013-08-13 18:19 - 2013-08-13 18:19 - 00000000 ____D C:\Program Files\Cockatrice
2013-08-13 18:19 - 2013-08-13 18:18 - 13834479 _____ C:\Users\Jenny\Downloads\cockatrice_win32_20130509_git-d462870.exe
2013-08-12 21:19 - 2013-08-12 21:03 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\iFunbox_UserCache
2013-08-12 21:06 - 2013-08-12 21:06 - 05102112 _____ C:\Users\Jenny\Downloads\WTH_0186_iOS.ipa
2013-08-12 21:03 - 2013-08-12 21:03 - 00000000 ____D C:\Program Files\i-Funbox DevTeam
2013-08-12 21:01 - 2013-08-12 21:00 - 15043804 _____ ( ) C:\Users\Jenny\Downloads\ifunbox_setup.exe
2013-08-12 20:10 - 2011-12-16 13:26 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-12 19:39 - 2013-08-12 19:36 - 00000000 ____D C:\Users\Jenny\AppData\Local\libimobiledevice
2013-08-12 19:35 - 2013-08-12 19:35 - 00000000 __RSH C:\MSDOS.SYS
2013-08-12 19:35 - 2013-08-12 19:35 - 00000000 __RSH C:\IO.SYS
2013-08-12 19:10 - 2013-08-12 19:09 - 00137569 _____ C:\Users\Jenny\Downloads\evasi0n-win-1.5.3.zip
2013-08-11 20:51 - 2012-09-27 20:56 - 00016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-08-11 20:51 - 2012-09-27 20:56 - 00001018 _____ C:\Windows\LkmdfCoInst.log
2013-08-11 13:38 - 2013-08-11 13:38 - 00000000 ____D C:\Users\Jenny\Downloads\Papas 50.ter
2013-08-10 13:46 - 2013-07-31 08:50 - 00000000 ____D C:\Program Files\Microsoft Application Virtualization Client
2013-08-09 16:38 - 2013-08-09 16:37 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-08-09 16:23 - 2013-07-31 08:53 - 00000000 ____D C:\Users\Jenny\AppData\Roaming\SoftGrid Client
2013-08-01 01:05 - 2013-08-12 00:57 - 205473198 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e19.avi
2013-08-01 00:33 - 2013-08-12 00:01 - 191252820 _____ C:\Users\Jenny\Downloads\idtv-parksandrecreation_s02e14.avi
ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini
Files to move or delete:
====================
ZeroAccess:
C:\Users\Jenny\AppData\Local\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}
ZeroAccess:
C:\Program Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}
C:\Users\Jenny\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Jenny\AppData\Local\Temp\AskSLib.dll
C:\Users\Jenny\AppData\Local\Temp\DeltaTB.exe
C:\Users\Jenny\AppData\Local\Temp\evasi0n.exe
C:\Users\Jenny\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Jenny\AppData\Local\Temp\install_flashplayer11x32_mssa_aih_1.exe
C:\Users\Jenny\AppData\Local\Temp\JDownloaderSetup.exe
C:\Users\Jenny\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Jenny\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Jenny\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jenny\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Jenny\AppData\Local\Temp\lrxtmp.exe
C:\Users\Jenny\AppData\Local\Temp\LyricsPal_1060-8101_v122.exe
C:\Users\Jenny\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Jenny\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Jenny\AppData\Local\Temp\pricepeep_130001_0101.exe
C:\Users\Jenny\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\Jenny\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Jenny\AppData\Local\Temp\vlc-2.0.4-win32.exe
C:\Users\Jenny\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Jenny\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Jenny\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\Jenny\AppData\Local\Temp\VuuPCSetup_full.exe
C:\Users\Jenny\AppData\Local\Temp\VuuPCSilentSetup.exe
C:\Users\Jenny\AppData\Local\Temp\{418E3B39-9C16-45DC-AEE4-451F7A4615F0}\setup.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-f9828f91-ccff-43f1-8b4e-2d9fd4994336\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-df11a757-6279-4c5f-a96a-b11f9b6427da\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-dd3fc29f-e044-4df7-95ed-cccd2f0e116a\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-d9ebd02f-22bd-4d14-96f2-266c53718cf6\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-b9beaf83-c1d0-4dac-9d92-c31f2b62a484\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-a5523f60-b9e3-4ebd-9e4b-1c498e778935\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-71bb890a-20c1-4fcc-b2ca-02084f7a8ef3\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-65b76649-e652-4cc6-8c0a-04363e63c692\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-61dbd859-29da-47eb-a444-20c8db768db1\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-48ae1904-47fa-4fad-ae0b-be3ca5fed1c0\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-19810a32-d206-4e9f-9d1b-b6d6c32e4ca6\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-10dd4352-012f-4379-ab78-8fe4aa6670f7\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-086e1090-6a5d-4252-ba39-1ead4b2ee81f\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\uninstaller-WTA-01a38139-d0ef-483e-981f-b4464594d737\Uninstaller.exe
C:\Users\Jenny\AppData\Local\Temp\nst80E1.tmp\DropboxNSISTools.dll
C:\Users\Jenny\AppData\Local\Temp\nss18C.tmp\DropboxNSISTools.dll
C:\Users\Jenny\AppData\Local\Temp\nsrA249.tmp\DropboxNSISTools.dll
C:\Users\Jenny\AppData\Local\Temp\nsrA249.tmp\UAC.dll
C:\Users\Jenny\AppData\Local\Temp\nsnF167.tmp\DropboxNSISTools.dll
C:\Users\Jenny\AppData\Local\Temp\lu\1_spp_1000095.exe
C:\Users\Jenny\AppData\Local\Temp\lu\sp_10032_5_setpoint_logitech_32.exe
C:\Users\Jenny\AppData\Local\Temp\lu\sp_20032_6_unifying_logitech_32.exe
C:\Users\Jenny\AppData\Local\Temp\lu\sp_40032_7a_lu_logitech_32.exe
C:\Users\Jenny\AppData\Local\Temp\is1070216317\ActiveMailSetup.exe
C:\Users\Jenny\AppData\Local\Temp\is1070216317\bundlesweetimsetup.exe
C:\Users\Jenny\AppData\Local\Temp\is1070216317\JDownloaderSetup_IC.exe
C:\Users\Jenny\AppData\Local\Temp\is-6QI14.tmp\OptProCrash.dll
C:\Users\Jenny\AppData\Local\Temp\AF23.dir\InstallFlashPlayer.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\hpzc3212.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\hpzids01.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\HPZIDS40.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\hpzsetup.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\HPZstub.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\Setup.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\hpwlcfg\instmsia.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\hpwlcfg\instmsiw.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\hpwlcfg\setup.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\cfgedt\hpbcfgap.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\cfgedt\hpbcfgre.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\cfgedt\hpbcfgui.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\cfgedt\HPBDMC32.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\cfgedt\HPCDMC32.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\cfgedt\hpcdmc64.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\hpqrrx08.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\scrub2k.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\WindowsInstaller-KB884016-v2-x86.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\trk\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\trk\WindowsXP-KB822603-x86-TRK.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\sve\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\sve\WindowsXP-KB822603-x86-SVE.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\rus\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\rus\WindowsXP-KB822603-x86-RUS.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\ptb\Q283787_W2K_SP3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\ptb\WindowsXP-KB822603-x86-ptb.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\plk\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\plk\WindowsXP-KB822603-x86-PLK.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\nob\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\nob\WindowsXP-KB822603-x86-NOR.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\nld\Q283787_W2K_SP3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\nld\WindowsXP-KB822603-x86-NLD.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\kor\Q283787_W2K_SP3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\kor\WindowsXP-KB822603-x86-KOR.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\jpn\Q283787_W2K_SP3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\jpn\WindowsXP-KB822603-x86-jpn.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\ita\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\ita\WindowsXP-KB822603-x86-ITA.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\hun\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\hun\WindowsXP-KB822603-x86-HUN.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\fra\Q283787_W2K_SP3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\fra\WindowsXP-KB822603-x86-fra.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\fin\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\fin\WindowsXP-KB822603-x86-FIN.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\esn\Q283787_W2K_SP3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\esn\WindowsXP-KB822603-x86-esn.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\enu\Q283787_W2K_SP3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\enu\WindowsXP-KB822603-x86-enu.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\ell\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\ell\WindowsXP-KB822603-x86-ELL.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\DeviceInfo.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\HpAppEgn.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\HpSdUi.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\HPSysDig.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\logging.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\systeminfo.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\zlib.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\tu\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\tc\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\sw\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\sp\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\sc\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\ru\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\pol\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\po\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\no\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\ko\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\ja\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\it\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\hu\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\gr\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\ge\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\fr\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\fi\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\en\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\du\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\da\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\diagnostics\loc\cz\HpSdRes.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\deu\Q283787_W2K_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\deu\WindowsXP-KB822603-x86-DEU.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\dan\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\dan\WindowsXP-KB822603-x86-DAN.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\csy\Q283787_w2k_sp3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\csy\WindowsXP-KB822603-x86-CSY.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\cht\Q283787_W2K_SP3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\cht\WindowsXP-KB822603-x86-CHT.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\chs\Q283787_W2K_SP3_x86.EXE
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\util\ccc\chs\WindowsXP-KB822603-x86-CHS.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\blocksysuserinstall.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\devicedisconnect.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\difxapi.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPCommunication.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\hpdot4chk.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPeDiag.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPeSupport.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\hpprtchk.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\hpqrrx08.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPScripting.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\hpwlpd01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\hpxpschk.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZarp01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZcdl01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZchk01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZdui01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZdui40.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\hpzfwx01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZgat01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZmsi01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZnop01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\hpznui01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZnui40.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\hpznuiprn01.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\hpznuiprn40.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZpnp01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZpnp40.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZprl01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZprl40.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZpsc01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZpsl01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZrcn01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZrcv01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZrein01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZscr01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZscr40.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZshl01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZshl40.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZtim01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZwis01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZwrp01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\HPZwup01.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\InstallMetrics.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\InternetUtil.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\msvcp60.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\msvcr80.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\msxml3.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\msxml3a.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\msxml3r.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\RulesEngine.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\TwainFix.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\usbready.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\x64\difxapi.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\wis\Win2K_XP\instmsi.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\setup\bpdhelp\help\detectlang2.exe
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x64\hpovst11.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x64\hpwtiop3.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x64\hpwtscl3.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x64\hpwwiax3.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x64\hpwwiax4.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x32\hpovst11.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x32\hpwtiop3.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x32\hpwtscl3.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x32\hpwtusd1.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x32\hpwwiax3.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\scanner\x32\hpwwiax4.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\dot4\win2000\difxapi.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\dot4\win2000\hppldcoi.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\dot4\win2000\hpzc3212.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\dot4\amd64\winxp\difxapi.dll
C:\Users\Jenny\AppData\Local\Temp\7zS3331\OJJ4500_Basic_13\drivers\dot4\amd64\winxp\hppldcoi.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
LastRegBack: 2013-08-22 00:28
==================== End Of Log ============================
FRST Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-08-2013 03
Ran by Jenny at 2013-08-31 15:52:44
Running from C:\Users\Jenny\Dropbox\Dokumente
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
32 Bit HP CIO Components Installer (Version: 6.1.1)
4500_Help (Version: 1.00.0000)
7-Zip 9.20 (Version: 9.20.00.0)
Adobe AIR (Version: 2.7.1.19610)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Reader X (10.1.7) MUI (Version: 10.1.7)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 13.0.0.4045)
Bonjour (Version: 3.0.0.10)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 50.0.165.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 130.0.331.000)
Bundled software uninstaller
Cockatrice
Cyberduck 4.2.1 (9350) (Version: 4.2.1 (9350))
D3DX10 (Version: 15.4.2368.0902)
Dropbox (HKCU Version: 2.0.22)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
eReg (Version: 1.20.138.34)
Evernote v. 4.5.1 (Version: 4.5.1.5451)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 29.0.1547.62)
Google Update Helper (Version: 1.3.21.153)
HP Officejet J4500 Series (Version: 13.0)
iCloud (Version: 2.1.2.8)
Identity Card (Version: 1.00.3501)
iFunbox (v2.6.2375.747), iFunbox DevTeam (Version: v2.6.2375.747)
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Graphics Media Accelerator Driver (Version: 8.14.8.1065)
Intel(R) Rapid Storage Technology (Version: 10.1.0.1008)
Internet Explorer Toolbar 4.6 by SweetPacks (Version: 4.6.0004)
iTunes (Version: 11.0.4.4)
J4500 (Version: 50.0.165.000)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
JDownloader 0.9 (Version: 0.9)
Joboshare iPhone iBooks Transfer (Version: 3.4.5.1204)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.7)
Logitech SetPoint 6.32 (Version: 6.32.20)
Lyrmix
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Security Scan Plus (Version: 3.0.318.3)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (Version: 14.0.5128.5002)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
mkv2vob (Version: 2.4.9)
Mozilla Firefox 15.0.1 (x86 de) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.37)
Packard Bell Power Management (Version: 6.00.3008)
Packard Bell Recovery Management (Version: 5.00.3504)
Packard Bell ScreenSaver (Version: 1.1.0124.2011)
Packard Bell Updater (Version: 1.02.3500)
Poczta usługi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Pošta Windows Live (Version: 15.4.3502.0922)
ProductContext (Version: 50.0.165.000)
QuickTime (Version: 7.74.80.86)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (Version: 7.49.927.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6374)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
Scan (Version: 13.0.0.0)
Synaptics Pointing Device Driver (Version: 15.1.18.0)
Toolbox (Version: 130.0.648.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Video Web Camera (Version: 1.5.2108.00)
VLC media player 2.0.8 (Version: 2.0.8)
WebReg (Version: 130.0.132.017)
Windows Live Argazki Galeria (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Live 影像中心 (Version: 15.4.3502.0922)
Windows Live 程式集 (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
Συλλογή φωτογραφιών του Windows Live (Version: 15.4.3502.0922)
Основные компоненты Windows Live (Version: 15.4.3502.0922)
Почта Windows Live (Version: 15.4.3502.0922)
Фотоальбом Windows Live (Version: 15.4.3502.0922)
Фотогалерия на Windows Live (Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (Version: 15.4.3502.0922)
بريد Windows Live (Version: 15.4.3502.0922)
معرض صور Windows Live (Version: 15.4.3502.0922)
==================== Restore Points =========================
22-08-2013 11:21:30 Geplanter Prüfpunkt
29-08-2013 12:15:05 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {12CC230B-DF3C-461D-B016-485BC3D4A4FB} - System32\Tasks\Lyrmix Update => C:\Program Files\Lyrmix\LymxUD.exe [2013-08-29] ()
Task: {42CC5CC8-6E5D-4564-A7DA-D16F64CCF52D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {48B8517B-21B9-494A-AF82-4667DBDE0351} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-14] (Google Inc.)
Task: {50FE001B-B62D-4EC3-82AE-79C326C3E289} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-14] (Google Inc.)
Task: {61E10246-FC57-401D-8756-F877F6834460} - System32\Tasks\AdobeAAMUpdater-1.0-Jenny-PC-Jenny => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {CCF4E59F-C1A4-4E66-A37F-577307F46A51} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {EEB6565D-55AD-42F8-9515-F764AF34836A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrmix Update.job => C:\Program Files\Lyrmix\LymxUD.exe
==================== Loaded Modules (whitelisted) =============
2012-02-09 01:25 - 2011-08-02 13:00 - 00215656 _____ (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\SysHook.dll
2012-05-11 07:21 - 2012-05-11 07:21 - 00172544 _____ () C:\Windows\system32\iMobileDisk.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01079184 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00053648 _____ (Open Source Software community project) C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00124816 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00043408 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01292136 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00923496 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 16303976 _____ (The ICU Project) C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00075664 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
2012-12-21 17:19 - 2012-12-21 17:19 - 00704176 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:43 - 2013-04-21 21:43 - 02464072 _____ (Apple, Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00456592 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-31 00:05 - 2011-08-31 00:05 - 00073064 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2012-07-02 19:01 - 2012-07-02 19:01 - 00268176 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Program Files\Common Files\Apple\Mobile Device Support\SSLEAY32.dll
2012-07-02 19:01 - 2012-07-02 19:01 - 01116048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Program Files\Common Files\Apple\Mobile Device Support\LIBEAY32.dll
2010-11-20 23:29 - 2010-11-20 23:29 - 00232448 _____ () C:\Windows\system32\mswsock.dll
2010-11-20 23:29 - 2010-11-20 23:29 - 00232448 _____ (Microsoft Corporation) \\.\globalroot\systemroot\system32\mswsock.dll
2012-01-06 09:49 - 2011-12-30 12:03 - 00094720 _____ (Intel Corporation) C:\Windows\System32\hccutils.DLL
2012-01-06 09:49 - 2011-12-30 12:04 - 00056832 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2012-01-06 09:49 - 2011-12-30 12:03 - 00284160 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2012-01-06 09:49 - 2011-12-30 12:04 - 09030656 _____ (Intel Corporation) C:\Windows\System32\igfxress.dll
2012-01-06 09:49 - 2011-12-30 12:04 - 00200704 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2012-01-06 09:49 - 2011-12-30 12:03 - 00224768 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2011-12-16 12:22 - 2009-07-20 09:12 - 00137736 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\ComFnUtl.dll
2011-12-16 12:22 - 2009-07-14 08:53 - 00128008 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\CDRomUtl.dll
2011-12-16 12:22 - 2009-07-27 06:42 - 00062472 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\MixerUtl.dll
2011-12-16 12:22 - 2009-07-27 06:47 - 00068104 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\Wnd2File.dll
2011-12-16 12:22 - 2009-07-27 12:43 - 00068104 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\PowerUtl.dll
2011-12-16 12:22 - 2009-12-30 11:13 - 00326736 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\OSDUtl2.dll
2011-12-16 12:22 - 2009-07-27 06:38 - 00088584 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\SzUPFUtl.dll
2011-12-16 12:22 - 2011-06-30 09:01 - 00431696 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\RadioWndUtl.dll
2011-12-16 12:22 - 2011-07-01 04:51 - 00393808 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\aipflib.dll
2011-12-16 12:22 - 2010-11-03 11:00 - 00092240 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\LmSmbKel.dll
2011-12-16 12:22 - 2009-07-03 10:29 - 00147464 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\VistaVol.DLL
2011-12-16 12:24 - 2010-10-08 12:31 - 00173352 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2011-12-16 12:24 - 2010-10-08 12:31 - 00173352 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2012-02-09 01:25 - 2011-08-02 13:00 - 00174696 _____ (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\BrightnessControl.dll
2012-02-09 01:25 - 2011-08-02 13:00 - 00174696 _____ (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\PowerSettingControl.dll
2012-02-09 01:25 - 2011-08-02 13:00 - 00174696 _____ (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\CommonControl.dll
2012-01-06 09:49 - 2011-12-30 12:04 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2011-10-07 11:40 - 2011-10-07 11:40 - 00039704 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\khalwrapper.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 00122648 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\KemUtil.dll
2012-10-06 08:48 - 2012-10-06 08:48 - 03781960 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 00070936 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\KemXML.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 00135448 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\kemutb.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 00105752 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\KemWnd.dll
2011-10-07 11:40 - 2011-10-07 11:40 - 00031000 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPointCOM.dll
2012-10-06 08:48 - 2012-10-06 08:48 - 00063312 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL
2011-10-07 11:41 - 2011-10-07 11:41 - 00879896 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2011-10-07 11:40 - 2011-10-07 11:40 - 00032024 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll
2012-10-06 08:48 - 2012-10-06 08:48 - 00159048 _____ (Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
2011-10-07 11:41 - 2011-10-07 11:41 - 00134936 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll
2011-10-07 11:41 - 2011-10-07 11:41 - 00207640 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll
2011-10-07 11:41 - 2011-10-07 11:41 - 00173336 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 00024856 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\KemMon.dll
2011-09-27 21:05 - 2011-09-27 21:05 - 00501528 _____ (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KhalApi.dll
2011-09-27 21:03 - 2011-09-27 21:03 - 00134936 _____ (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 00064280 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\kgame.dll
2011-10-07 11:40 - 2011-10-07 11:40 - 00107800 _____ (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\LCabHandler.dll
2011-12-16 12:22 - 2011-03-14 13:44 - 00075856 _____ (Dritek System Inc.) C:\Program Files\Launch Manager\NTKCUtl.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 04422992 _____ (Microsoft Corporation) C:\Windows\system32\mfc100u.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\Windows\system32\MSVCR100.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP100.dll
2010-11-20 23:29 - 2010-11-20 23:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\LOGONCLI.DLL
2012-09-28 09:19 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\BROWCLI.DLL
2011-06-11 01:58 - 2011-06-11 01:58 - 00064336 _____ (Microsoft Corporation) C:\Windows\system32\MFC100DEU.DLL
2012-12-01 23:08 - 2013-08-20 11:14 - 00749112 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00055352 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\cfglib.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00349752 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccguard.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00029240 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgrdrc.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00229432 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgrdw.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00059448 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avipc.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00419384 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccwgrd.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00807992 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgen.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00049720 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgenrc.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00220216 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccupdate.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00028728 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccupdrc.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00083000 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\cclic.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00009784 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\cclicrc.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00237624 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccmsg.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00010296 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccmsgrc.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00014392 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccmainrc.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 04786744 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00212536 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00415288 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00218168 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\gpipc.dll
2013-05-31 11:56 - 2013-05-31 11:56 - 00148808 _____ (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.dll
2013-05-31 12:39 - 2013-05-31 12:39 - 00041800 _____ (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.Resources\de.lproj\iTunesHelperLocalized.DLL
2013-05-31 11:56 - 2013-05-31 11:56 - 00040264 _____ (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
2012-12-21 17:27 - 2012-12-21 17:27 - 01449648 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
2011-08-31 00:05 - 2011-08-31 00:05 - 00121704 _____ (Apple Inc.) C:\Program Files\Bonjour\mdnsNSP.dll
2013-07-12 12:44 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2009-07-14 01:45 - 2009-07-14 03:15 - 00226816 _____ (Microsoft Corporation) C:\Windows\System32\LocationApi.dll
2013-02-28 00:40 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\D3D10Warp.dll
2013-03-15 17:06 - 2013-03-15 17:06 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2009-07-14 01:40 - 2009-07-14 03:16 - 00108544 _____ (Microsoft Corporation) C:\Program Files\Windows Sidebar\wlsrvc.dll
2010-11-20 23:29 - 2010-11-20 23:29 - 00232448 _____ () C:\Windows\system32\MSWSOCK.dll
2010-11-20 23:29 - 2010-11-20 23:29 - 00232448 _____ (Microsoft Corporation) \\?\globalroot\systemroot\system32\mswsock.DLL
2009-07-14 01:33 - 2009-07-14 03:09 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\security.dll
2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Jenny\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2009-07-14 01:53 - 2009-07-14 03:15 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Jenny\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Jenny\AppData\Roaming\Dropbox\bin\icudt.dll
2011-09-27 21:05 - 2011-09-27 21:05 - 00501528 _____ (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALAPI.DLL
2011-09-27 21:05 - 2011-09-27 21:05 - 00268056 _____ (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALITCH.DLL
2011-09-27 21:05 - 2011-09-27 21:05 - 00272152 _____ (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMW.DLL
2011-09-27 21:05 - 2011-09-27 21:05 - 00729368 _____ (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALHPP.DLL
2011-09-27 21:05 - 2011-09-27 21:05 - 00296728 _____ (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMOU.DLL
2011-09-27 21:05 - 2011-09-27 21:05 - 00347416 _____ (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALHID.DLL
2011-09-27 21:05 - 2011-09-27 21:05 - 00293144 _____ (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALUSB.DLL
2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\Jenny\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2013-04-05 12:58 - 2013-04-05 12:58 - 00657736 _____ (Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll
2012-12-01 23:08 - 2013-08-20 11:14 - 00154680 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\shlext.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 00055808 _____ (Igor Pavlov) C:\Programme\7-Zip\7-zip.dll
2010-11-20 23:29 - 2010-11-20 23:29 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2009-07-14 02:13 - 2009-07-14 03:16 - 02255360 _____ (Microsoft Corporation) C:\Windows\System32\NLSData0007.dll
2010-11-20 23:29 - 2010-11-20 23:29 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2013-05-10 09:57 - 2013-05-10 09:57 - 00396864 _____ (Adobe Systems, Inc.) C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
2012-01-06 09:49 - 2011-12-30 12:03 - 00094720 _____ (Intel Corporation) C:\Windows\system32\hccutils.DLL
2012-09-27 21:00 - 2012-09-06 03:24 - 00770384 _____ (Microsoft Corporation) C:\Programme\Mozilla Firefox\MSVCR100.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00068576 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\mozglue.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00171488 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\nspr4.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00021472 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\plc4.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00020960 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\plds4.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00015840 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\mozalloc.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00813536 _____ (sqlite.org) C:\Programme\Mozilla Firefox\mozsqlite3.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00092640 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\nssutil3.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00155104 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\softokn3.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00638432 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\nss3.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00145376 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\ssl3.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00091104 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\smime3.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 02244064 _____ () C:\Programme\Mozilla Firefox\mozjs.dll
2012-09-27 21:00 - 2012-09-06 03:24 - 00421200 _____ (Microsoft Corporation) C:\Programme\Mozilla Firefox\MSVCP100.dll
2012-09-27 21:00 - 2012-09-06 03:26 - 15632352 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\xul.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 02288608 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\gkmedias.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00019424 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\xpcom.dll
2012-09-27 21:00 - 2012-09-06 03:26 - 00266720 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\components\browsercomps.dll
2010-11-20 23:29 - 2010-11-20 23:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2012-01-06 09:49 - 2011-12-30 11:57 - 01201664 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2012-01-06 09:49 - 2011-12-30 12:01 - 00817152 _____ (Intel Corporation) C:\Windows\system32\igddxva32.dll
2012-01-06 09:49 - 2011-12-30 12:01 - 00074240 _____ (Intel Corporation) C:\Windows\system32\igdvidproc32.dll
2012-01-06 09:49 - 2011-12-30 12:03 - 00025088 _____ (Intel Corporation) C:\Windows\system32\igdaux32.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00096224 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\nssdbm3.dll
2012-09-27 21:00 - 2012-09-06 03:24 - 00258528 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\freebl3.dll
2012-09-27 21:00 - 2012-09-06 03:25 - 00370656 _____ (Mozilla Foundation) C:\Programme\Mozilla Firefox\nssckbi.dll
2009-07-14 01:29 - 2009-07-14 03:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\tschannel.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/31/2013 03:53:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1f00
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (08/31/2013 03:52:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xf3c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (08/31/2013 03:51:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1b58
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (08/31/2013 03:50:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1af0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (08/31/2013 03:49:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1198
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (08/31/2013 03:48:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1144
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (08/31/2013 03:47:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1534
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (08/31/2013 03:46:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1eb0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (08/31/2013 03:45:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x2e0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (08/31/2013 03:43:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x550
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
System errors:
=============
Error: (08/31/2013 08:34:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (08/31/2013 08:34:40 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (08/31/2013 08:34:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (08/31/2013 08:34:32 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (08/31/2013 01:03:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (08/31/2013 01:03:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (08/30/2013 01:08:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (08/30/2013 01:08:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (08/30/2013 01:07:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/30/2013 01:07:36 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Microsoft Office Sessions:
=========================
Error: (08/31/2013 03:53:15 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005000000001f0001cea651700e0347C:\Windows\System32\svchost.exeunknownae6d155c-1244-11e3-8c64-047d7b27bb43
Error: (08/31/2013 03:52:13 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000500000000f3c01cea6514b2d4ab8C:\Windows\System32\svchost.exeunknown8957fe86-1244-11e3-8c64-047d7b27bb43
Error: (08/31/2013 03:51:11 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005000000001b5801cea65126459518C:\Windows\System32\svchost.exeunknown64b550cf-1244-11e3-8c64-047d7b27bb43
Error: (08/31/2013 03:50:09 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005000000001af001cea65101e32c88C:\Windows\System32\svchost.exeunknown3fc8d86f-1244-11e3-8c64-047d7b27bb43
Error: (08/31/2013 03:49:08 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000500000000119801cea650dcbd1defC:\Windows\System32\svchost.exeunknown1b65faad-1244-11e3-8c64-047d7b27bb43
Error: (08/31/2013 03:48:06 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000500000000114401cea650b7ca2d49C:\Windows\System32\svchost.exeunknownf616345c-1243-11e3-8c64-047d7b27bb43
Error: (08/31/2013 03:47:04 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000500000000153401cea65092d1a6f7C:\Windows\System32\svchost.exeunknownd1520c50-1243-11e3-8c64-047d7b27bb43
Error: (08/31/2013 03:46:02 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005000000001eb001cea6506e681a46C:\Windows\System32\svchost.exeunknownac5288ed-1243-11e3-8c64-047d7b27bb43
Error: (08/31/2013 03:45:01 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005000000002e001cea65049264642C:\Windows\System32\svchost.exeunknown87ee14e3-1243-11e3-8c64-047d7b27bb43
Error: (08/31/2013 03:43:58 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000050000000055001cea65024c5068dC:\Windows\System32\svchost.exeunknown62a85114-1243-11e3-8c64-047d7b27bb43
==================== Memory info ===========================
Percentage of memory in use: 85%
Total physical RAM: 1012.3 MB
Available physical RAM: 144.02 MB
Total Pagefile: 2168.3 MB
Available Pagefile: 778.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1888.61 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:284.99 GB) (Free:165.16 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 02EA307F)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1397 GB) (Disk ID: 076F11AF)
Partition 1: (Not Active) - (Size=-698721377792) - (Type=AF)
==================== End Of Log ============================
GMER Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-08-31 16:36:50
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD32 rev.01.0 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Jenny\AppData\Local\Temp\fgdoypog.sys
---- System - GMER 2.1 ----
SSDT 8C8C88DE ZwCreateSection
SSDT 8C8C88E8 ZwRequestWaitReplyPort
SSDT 8C8C88E3 ZwSetContextThread
SSDT 8C8C88ED ZwSetSecurityObject
SSDT 8C8C88F2 ZwSystemDebugControl
SSDT 8C8C887F ZwTerminateProcess
INT 0x51 ? 90F117D8
INT 0x91 ? 90F11058
INT 0xA1 ? 90F112D8
INT 0xA2 ? 90F11A58
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82E919F5 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82ECB1F2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82ED253C 4 Bytes [DE, 88, 8C, 8C]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82ED2898 4 Bytes [E8, 88, 8C, 8C]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82ED28DC 4 Bytes [E3, 88, 8C, 8C]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82ED2958 4 Bytes [ED, 88, 8C, 8C]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82ED29AC 4 Bytes [F2, 88, 8C, 8C]
.text ...
? system32\DRIVERS\avkmgr.sys Das System kann den angegebenen Pfad nicht finden. !
---- User code sections - GMER 2.1 ----
.text C:\Windows\Explorer.EXE[2732] SHELL32.dll!RealDriveType + 1561 76CEFC54 4 Bytes [F0, EB, 3E, 6D] {JMP 0x41; INS DWORD [ES:EDI], DX}
.text C:\Windows\Explorer.EXE[2732] SHELL32.dll!RealDriveType + 1765 76CEFE58 4 Bytes JMP E67D6D3E
.text C:\Windows\System32\svchost.exe[3100] user32.dll!GetCursorPos 765AA4B3 5 Bytes JMP 0095000A
.text C:\Windows\System32\svchost.exe[3100] user32.dll!DialogBoxIndirectParamAorW 765D3B40 5 Bytes JMP 0096000A
.text C:\Windows\System32\svchost.exe[3100] ole32.DLL!CoCreateInstance 778E9D0B 5 Bytes JMP 0094000A
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\
Reg HKLM\SYSTEM\CurrentControlSet\services\@Parameters\0\x202e\x2764 868
Reg HKLM\SYSTEM\ControlSet002\services\ (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\@Parameters\0\x202e\x2764 868
---- EOF - GMER 2.1 ----
Avira Code:
Exportierte Ereignisse:
31.08.2013 17:22 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.08.2013 17:21 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.08.2013 17:21 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.08.2013 17:19 [System-Scanner] Malware gefunden
Die Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
enthielt einen Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '549e974c.qua'
verschoben!
31.08.2013 17:19 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.08.2013 17:19 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.08.2013 17:18 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.08.2013 17:18 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.08.2013 17:16 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
31.08.2013 17:16 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Program
Files\Google\Desktop\Install\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\
\...\*ﯹ๛\{c2d977a4-36dd-58e1-93d4-1e5df1f598d6}\U\80000032.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
Vielen Dank für eure Unterstützung. Bitte lasst mich wissen, wenn etwas fehlt. |
FRST 32-Bit | FRST 64-Bit
Farbar Service Scanner