| |
| |||||||
Log-Analyse und Auswertung: win8.1 tablet mit unbekanntem wiederkehrenden Trojaner infiziertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
28.06.2015, 09:49
| #1 |
| |  win8.1 tablet mit unbekanntem wiederkehrenden Trojaner infiziert Hallo, ich benötige dringend fachmännische Hilfe. Mein Tablet wurde vom ersten Tag an gehackt. Ein paar der Symptome sind: - Fehlermeldungen beim Start von Programmen wie GMER usw: Load Driver( "C:\Users\SH98AC 1\AppData\Local\Temp\pgldipdo.sys")error 0xC0000428:Windws cannot verify the digital signature for... -Bluescreens/Tablet stirbt ab/fährt nicht herunter, obwohl ich es angeklickt habe. -ich habe das tablet beteits mehrfach auf werkseinstellungen zurueckgesetzt, jedoch der trojaner ist immer wieder da -Programme öffnen sich von selbst -Dateien verschwinden, Ordner sind leer obwohl ich Sie mit Dateien befüllt habe -Ich kann Virenprogramme wie gamer, Avira, ... nicht einmal herunterladen und starten.(dll,registry) - Andere Virenprogramme wie avg zeigen fakeberichte - touchscreen/tastatur macht was sie will Log files von gestern mit otl:OTL Logfile: Code:
ATTFilter OTL logfile created on: 2015-06-27 6:58:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\shè\Downloads
An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17842)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd
951.41 Mb Total Physical Memory | 61.93 Mb Available Physical Memory | 6.51% Memory free
3.21 Gb Paging File | 0.70 Gb Available in Paging File | 21.77% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 23.14 Gb Total Space | 15.08 Gb Free Space | 65.16% Space Free | Partition Type: NTFS
Computer Name: XHÈ | User Name: shè | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\shè\Downloads\pferd.exe (OldTimer Tools)
PRC - C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe (NETGATE Technologies s.r.o.)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2015\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2015\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2015\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Hotspot Shield\bin\cmw_srv.exe (AnchorFree Inc.)
PRC - C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files\Hotspot Shield\bin\HSSCP.exe (AnchorFree Inc.)
PRC - C:\Program Files\Hotspot Shield\bin\af_proxy_cmd.exe (AnchorFree Inc.)
PRC - C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe (Locktime Software)
PRC - C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe (Locktime Software)
PRC - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
PRC - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe (NETGATE Technologies s.r.o.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\igfxEM.exe (Intel Corporation)
PRC - C:\Windows\System32\igfxCUIService.exe (Intel Corporation)
PRC - C:\Windows\System32\igfxHK.exe (Intel Corporation)
PRC - C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation)
PRC - C:\Windows\System32\DptfPolicyLpmService.exe (Intel Corporation)
PRC - C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation)
PRC - C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
PRC - C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
PRC - C:\Windows\System32\taskhostex.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Windows\System32\RuntimeBroker.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Intel(R) Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\NLClientApp.Modules\66030d0fdf0ac1f13c7477386276c06b\NLClientApp.Modules.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CoreLibNet\b4c0fe92eb15bd8e12dd5cce28b9f5f8\CoreLibNet.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\NLInterop\dec3e1ce9b0ab4684751f8e0ef284c70\NLInterop.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\NetLimiter\78e1616e0ab0134a897835d6465e4287\NetLimiter.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\NLClientApp.Core\4f18b6e38e508bd7da88b2196862a8c1\NLClientApp.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Locktime.WPF\32e42ccc909606d10b474838d24237f5\Locktime.WPF.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\c926f90d88838d450951cd6c5b41c961\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\3be4139a741b447ab35a2c788a2f4559\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\NLClientApp\092816fba14624e9b3bc66c695b86789\NLClientApp.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\fc3b086418e8d8807cfb6b88ccae1c64\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\7159bb28e23de8ed898a2acb1dbfef6c\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\1c09d6db83322a23a1744d75c4836f85\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43edd630a9f8cd6ac38c527b106ec94f\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\6281ab590224520bad7c4f5b3ef37575\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\592a40dd076e6e46b4a8bc95bb64b2e8\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\662aae610c401a254416904a4861b189\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8efdc7a3726640f79d9333da88accaf8\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\814dd462b742d7c16c620e79397b2463\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\eb62bc6e97d1d2aafbf3a101d7f029e1\PresentationFramework.Aero2.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\ec27e642d9ec3d9dfde1ece6c9b12426\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\41d56a9ca758109d5fe17cffba55346e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\eae66374b80515eff6a84e373b9e036e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\67bdc09fa286920c1f42f2a98c400f95\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\1c5fe4cb68f67046baec4c3a854f722f\System.ni.dll ()
MOD - C:\Program Files\Hotspot Shield\bin\af_proxy.dll ()
MOD - C:\Program Files\CCleaner\Lang\lang-1031.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c90ef9a73ea0044641d31b19023aad61\mscorlib.ni.dll ()
========== Services (SafeList) ==========
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (HssTrayService) -- C:\Program Files\Hotspot Shield\bin\HSSTrayService.exe ()
SRV - (hshld) -- C:\Program Files\Hotspot Shield\bin\cmw_srv.exe (AnchorFree Inc.)
SRV - (HssWd) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe ()
SRV - (nlsvc) -- C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe (Locktime Software)
SRV - (SpyEmrgSrv) -- C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe (NETGATE Technologies s.r.o.)
SRV - (AudioEndpointBuilder) -- C:\Windows\System32\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll (Microsoft Corporation)
SRV - (SystemEventsBroker) -- C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV - (BrokerInfrastructure) -- C:\Windows\System32\bisrv.dll (Microsoft Corporation)
SRV - (workfolderssvc) -- C:\Windows\System32\workfolderssvc.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (AppXSvc) -- C:\Windows\System32\AppXDeploymentServer.dll (Microsoft Corporation)
SRV - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (igfxCUIService1.0.0.0) -- C:\Windows\System32\igfxCUIService.exe (Intel Corporation)
SRV - (DptfPolicyCriticalService) -- C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation)
SRV - (DptfPolicyLpmService) -- C:\Windows\System32\DptfPolicyLpmService.exe (Intel Corporation)
SRV - (DptfParticipantProcessorService) -- C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation)
SRV - (BTDevManager) -- C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe ()
SRV - (HP Support Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\System32\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (LSM) -- C:\Windows\System32\lsm.dll (Microsoft Corporation)
SRV - (AppReadiness) -- C:\Windows\System32\AppReadiness.dll (Microsoft Corporation)
SRV - (Wcmsvc) -- C:\Windows\System32\wcmsvc.dll (Microsoft Corporation)
SRV - (WSService) -- C:\Windows\System32\WSService.dll (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
SRV - (DeviceAssociationService) -- C:\Windows\System32\das.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (jhi_service) -- C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (WEPHOSTSVC) -- C:\Windows\System32\wephostsvc.dll (Microsoft Corporation)
SRV - (EFS) -- C:\Windows\System32\efssvc.dll (Microsoft Corporation)
SRV - (WiaRpc) -- C:\Windows\System32\wiarpc.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (svsvc) -- C:\Windows\System32\svsvc.dll (Microsoft Corporation)
SRV - (fhsvc) -- C:\Windows\System32\fhsvc.dll (Microsoft Corporation)
SRV - (NcaSvc) -- C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
SRV - (vmicvss) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmictimesync) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicshutdown) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicrdv) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmickvpexchange) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicheartbeat) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (vmicguestinterface) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\System32\smphost.dll (Microsoft Corporation)
SRV - (ScDeviceEnum) -- C:\Windows\System32\ScDeviceEnum.dll (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\System32\keyiso.dll (Microsoft Corporation)
SRV - (TimeBroker) -- C:\Windows\System32\TimeBrokerServer.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation)
SRV - (NcbService) -- C:\Windows\System32\ncbservice.dll (Microsoft Corporation)
SRV - (VaultSvc) -- C:\Windows\System32\vaultsvc.dll (Microsoft Corporation)
SRV - (DsmSvc) -- C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
SRV - (NcdAutoSetup) -- C:\Windows\System32\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (Intel(R) -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe (Intel(R) Corporation)
SRV - (Intel(R) -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Intel(R) Corporation)
========== Driver Services (SafeList) ==========
DRV - (avkmgr) -- C:\Windows\system32\DRIVERS\avkmgr.sys File not found
DRV - (pgldipob) -- C:\Users\shè\AppData\Local\Temp\pgldipob.sys (GMER)
DRV - (nldrv) -- C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys (Locktime Software)
DRV - (ssmdrv) -- C:\Windows\System32\Drivers\ssmdrv.sys (Avira Operations GmbH & Co. KG)
DRV - (AVGIDSDriver) -- C:\Windows\System32\Drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\Drivers\avgidsshimw8x.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgwfpx) -- C:\Windows\System32\Drivers\avgwfpx.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSHX) -- C:\Windows\System32\Drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (taphss6) -- C:\Windows\System32\Drivers\taphss6.sys (Anchorfree Inc.)
DRV - (HssDRV6) -- C:\Windows\System32\Drivers\hssdrv6.sys (AnchorFree Inc.)
DRV - (Avglogx) -- C:\Windows\System32\Drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgbootx) -- C:\Windows\System32\Drivers\avgbootx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgdiskx) -- C:\Windows\System32\Drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.)
DRV - (SpyEmrgGuard) -- C:\Windows\System32\Drivers\spyemrg_guard.sys (NETGATE Technologies s.r.o.)
DRV - (CLFS) -- C:\Windows\System32\Drivers\clfs.sys (Microsoft Corporation)
DRV - (ahcache) -- C:\Windows\System32\Drivers\ahcache.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (pdc) -- C:\Windows\System32\Drivers\pdc.sys (Microsoft Corporation)
DRV - (intelpep) -- C:\Windows\System32\Drivers\intelpep.sys (Microsoft Corporation)
DRV - (RtlWlans) -- C:\Windows\System32\Drivers\rtwlans.sys (Realtek Semiconductor Corporation )
DRV - (rtii2sac) -- C:\Windows\System32\Drivers\rtii2sac.sys (Realtek Semiconductor Corp.)
DRV - (GPIOClx0101) -- C:\Windows\System32\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV - (USBHUB3) -- C:\Windows\System32\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV - (spaceport) -- C:\Windows\System32\Drivers\spaceport.sys (Microsoft Corporation)
DRV - (NdisImPlatform) -- C:\Windows\System32\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV - (wpcfltr) -- C:\Windows\System32\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\Drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Wof) -- C:\Windows\System32\drivers\wof.sys (Microsoft Corporation)
DRV - (WFPLWFS) -- C:\Windows\System32\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV - (WdFilter) -- C:\Windows\System32\Drivers\WdFilter.sys (Microsoft Corporation)
DRV - (WdNisDrv) -- C:\Windows\System32\Drivers\WdNisDrv.sys (Microsoft Corporation)
DRV - (WdBoot) -- C:\Windows\System32\Drivers\WdBoot.sys (Microsoft Corporation)
DRV - (ov5648) -- C:\Windows\System32\Drivers\ov5648.sys (Intel Corporation)
DRV - (GoodixTouchDriver) -- C:\Windows\System32\Drivers\GoodixTouchDriver.sys (Windows (R) Win 7 DDK provider)
DRV - (iaiouart) -- C:\Windows\System32\Drivers\iaiouart.sys (Intel Corporation)
DRV - (TXEI) -- C:\Windows\System32\Drivers\TXEI.sys (Intel Corporation)
DRV - (PMIC) -- C:\Windows\System32\Drivers\PMIC.sys (Intel Corporation)
DRV - (iaioi2c) -- C:\Windows\System32\Drivers\iaioi2ce.sys (Intel Corporation)
DRV - (SensorFusion) -- C:\Windows\System32\Drivers\HIDFusion.sys (Intel Corporation)
DRV - (MBI) -- C:\Windows\System32\Drivers\MBI.sys (Intel Corporation)
DRV - (MAG_SensorDriver) -- C:\Windows\System32\Drivers\MAG_SensorDriver.sys ()
DRV - (ACC_SensorDriver) -- C:\Windows\System32\Drivers\ACC_SensorDriver.sys ()
DRV - (GYRO_SensorDriver) -- C:\Windows\System32\Drivers\GYRO_SensorDriver.sys ()
DRV - (camera) -- C:\Windows\System32\Drivers\camera.sys (Intel Corporation)
DRV - (IntelSST) -- C:\Windows\System32\Drivers\isstrtc.sys (Intel(R) Corporation)
DRV - (DptfManager) -- C:\Windows\System32\Drivers\DptfManager.sys (Intel Corporation)
DRV - (DptfDevProc) -- C:\Windows\System32\Drivers\DptfDevProc.sys (Intel Corporation)
DRV - (gc310) -- C:\Windows\System32\Drivers\gc310.sys (Intel Corporation)
DRV - (IntelBatteryManagement) -- C:\Windows\System32\Drivers\IntelBatteryManagement.sys ()
DRV - (DptfDevAmbient) -- C:\Windows\System32\Drivers\DptfDevAmbient.sys (Intel Corporation)
DRV - (DptfDevGen) -- C:\Windows\System32\Drivers\DptfDevGen.sys (Intel Corporation)
DRV - (GPIO) -- C:\Windows\System32\Drivers\iaiogpioe.sys (Intel Corporation)
DRV - (DptfDevDisplay) -- C:\Windows\System32\Drivers\DptfDevDisplay.sys (Intel Corporation)
DRV - (DptfDevDBPT) -- C:\Windows\System32\Drivers\DptfDevPower.sys (Intel Corporation)
DRV - (GpioVirtual) -- C:\Windows\System32\Drivers\iaiogpiovirtual.sys (Intel Corporation)
DRV - (RtkUart) -- C:\Windows\System32\Drivers\RtkUart.sys (Realtek Semiconductor Corporation)
DRV - (kxspb) -- C:\Windows\System32\Drivers\kxspb.sys (Kionix, Inc.)
DRV - (hm2056) -- C:\Windows\System32\Drivers\hm2056.sys (Intel Corporation)
DRV - (gc2235) -- C:\Windows\System32\Drivers\gc2235.sys (Intel Corporation)
DRV - (intaud_WaveExtensible) -- C:\Windows\System32\Drivers\intelaud.sys (Intel Corporation)
DRV - (iwdbus) -- C:\Windows\System32\Drivers\iwdbus.sys (Intel Corporation)
DRV - (SerCx2) -- C:\Windows\System32\Drivers\SerCx2.sys (Microsoft Corporation)
DRV - (BthLEEnum) -- C:\Windows\System32\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV - (VerifierExt) -- C:\Windows\System32\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV - (sdstor) -- C:\Windows\System32\Drivers\sdstor.sys (Microsoft Corporation)
DRV - (stornvme) -- C:\Windows\System32\Drivers\stornvme.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\Windows\System32\Drivers\BasicRender.sys (Microsoft Corporation)
DRV - (USBXHCI) -- C:\Windows\System32\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV - (UCX01000) -- C:\Windows\System32\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\Drivers\terminpt.sys (Microsoft Corporation)
DRV - (tap0901) -- C:\Windows\System32\Drivers\tap0901.sys (The OpenVPN Project)
DRV - (condrv) -- C:\Windows\System32\Drivers\condrv.sys (Microsoft Corporation)
DRV - (dam) -- C:\Windows\System32\Drivers\dam.sys (Microsoft Corporation)
DRV - (acpiex) -- C:\Windows\System32\Drivers\acpiex.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\Drivers\tpm.sys (Microsoft Corporation)
DRV - (mvumis) -- C:\Windows\System32\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV - (msgpiowin32) -- C:\Windows\System32\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV - (LSI_SAS3) -- C:\Windows\System32\Drivers\lsi_sas3.sys (LSI Corporation)
DRV - (LSI_SSS) -- C:\Windows\System32\Drivers\lsi_sss.sys (LSI Corporation)
DRV - (3ware) -- C:\Windows\System32\Drivers\3ware.sys (LSI)
DRV - (ADP80XX) -- C:\Windows\System32\Drivers\adp80xx.sys (PMC-Sierra)
DRV - (EhStorTcgDrv) -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV - (EhStorClass) -- C:\Windows\System32\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV - (VSTXRAID) -- C:\Windows\System32\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV - (storahci) -- C:\Windows\System32\Drivers\storahci.sys (Microsoft Corporation)
DRV - (SpbCx) -- C:\Windows\System32\Drivers\SpbCx.sys (Microsoft Corporation)
DRV - (SerCx) -- C:\Windows\System32\Drivers\SerCx.sys (Microsoft Corporation)
DRV - (UASPStor) -- C:\Windows\System32\Drivers\uaspstor.sys (Microsoft Corporation)
DRV - (cnghwassist) -- C:\Windows\System32\Drivers\cnghwassist.sys (Microsoft Corporation)
DRV - (UEFI) -- C:\Windows\System32\Drivers\uefi.sys (Microsoft Corporation)
DRV - (WpdUpFltr) -- C:\Windows\System32\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\Drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\Drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\Drivers\storvsc.sys (Microsoft Corporation)
DRV - (BasicDisplay) -- C:\Windows\System32\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV - (HyperVideo) -- C:\Windows\System32\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV - (mshidumdf) -- C:\Windows\System32\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV - (acpitime) -- C:\Windows\System32\Drivers\acpitime.sys (Microsoft Corporation)
DRV - (acpipagr) -- C:\Windows\System32\Drivers\acpipagr.sys (Microsoft Corporation)
DRV - (npsvctrig) -- C:\Windows\System32\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV - (BthAvrcpTg) -- C:\Windows\System32\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV - (kdnic) -- C:\Windows\System32\Drivers\kdnic.sys (Microsoft Corporation)
DRV - (BthMini) -- C:\Windows\System32\Drivers\BthMini.SYS (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\Drivers\vms3cap.sys (Microsoft Corporation)
DRV - (gencounter) -- C:\Windows\System32\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV - (bthhfhid) -- C:\Windows\System32\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV - (BthHFEnum) -- C:\Windows\System32\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (hyperkbd) -- C:\Windows\System32\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (hidi2c) -- C:\Windows\System32\Drivers\hidi2c.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\Drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\Drivers\dmvsc.sys (Microsoft Corporation)
DRV - (netvsc) -- C:\Windows\System32\Drivers\netvsc63.sys (Microsoft Corporation)
DRV - (NdisVirtualBus) -- C:\Windows\System32\Drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV - (MsLldp) -- C:\Windows\System32\Drivers\mslldp.sys (Microsoft Corporation)
DRV - (Ndu) -- C:\Windows\System32\Drivers\Ndu.sys (Microsoft Corporation)
DRV - (FxPPM) -- C:\Windows\System32\Drivers\fxppm.sys (Microsoft Corporation)
DRV - (bcmfn2) -- C:\Windows\System32\Drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV - (iaStorAV) -- C:\Windows\System32\Drivers\iaStorAV.sys (Intel Corporation)
DRV - (BCM43XX) -- C:\Windows\System32\Drivers\BCMWL63.SYS (Broadcom Corporation)
DRV - (RTL8168) -- C:\Windows\System32\Drivers\Rt630x86.sys (Realtek )
DRV - (SpyEmrgAccess) -- C:\Windows\System32\Drivers\spyemrg_access.sys (NETGATE Technologies s.r.o.)
DRV - (SpyEmrg) -- C:\Windows\System32\Drivers\spyemrg.sys (NETGATE Technologies s.r.o.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13-comm.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPNTDFJS
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13-comm.msn.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13-comm.msn.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-677420604-2726472551-1300724813-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com
IE - HKU\S-1-5-21-677420604-2726472551-1300724813-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-677420604-2726472551-1300724813-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-677420604-2726472551-1300724813-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=WCUG
IE - HKU\S-1-5-21-677420604-2726472551-1300724813-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
O1 HOSTS File: ([2013-08-21 23:13:55 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Intel Corporation)
O4 - HKLM..\Run: [RtkNGUI] C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-677420604-2726472551-1300724813-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-677420604-2726472551-1300724813-1001..\Run: [NetLimiter] C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe (Locktime Software)
O4 - HKU\S-1-5-21-677420604-2726472551-1300724813-1001..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe (NETGATE Technologies s.r.o.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BCC0B70-A488-466E-8777-2EBDA7D116A0}: DhcpNameServer = 84.54.140.4 84.54.140.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB7FA1E0-95F6-46D7-9BBF-C24D682DA927}: DhcpNameServer = 8.8.8.8
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-08-22 01:16:34 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015-06-27 17:18:52 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Identities
[2015-06-27 17:10:56 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Spy Emergency
[2015-06-27 17:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Emergency
[2015-06-27 17:10:48 | 000,020,056 | ---- | C] (NETGATE Technologies s.r.o.) -- C:\Windows\System32\drivers\spyemrg_access.sys
[2015-06-27 17:10:48 | 000,018,872 | ---- | C] (NETGATE Technologies s.r.o.) -- C:\Windows\System32\drivers\spyemrg_guard.sys
[2015-06-27 17:10:48 | 000,014,168 | ---- | C] (NETGATE Technologies s.r.o.) -- C:\Windows\System32\drivers\spyemrg.sys
[2015-06-27 17:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NETGATE
[2015-06-27 17:10:39 | 000,000,000 | ---D | C] -- C:\Program Files\NETGATE
[2015-06-27 15:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015-06-27 15:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015-06-27 15:55:24 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\GlarySoft
[2015-06-27 15:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2015-06-27 15:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2015-06-27 14:36:16 | 000,000,000 | ---D | C] -- C:\Users\shè\Desktop\TrojanWin32DelCommand & Win32BaiduIebar
[2015-06-27 13:51:39 | 000,000,000 | ---D | C] -- C:\Users\shè\Desktop\rundell.32.exe
[2015-06-27 12:02:26 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Locktime
[2015-06-27 12:02:07 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2015-06-27 12:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime
[2015-06-27 12:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
[2015-06-27 12:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\Locktime Software
[2015-06-27 11:59:50 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Locktime Software
[2015-06-27 11:59:25 | 007,120,232 | ---- | C] (Locktime Software) -- C:\Users\shè\Desktop\netlimiter-4.0.12.0.exe
[2015-06-26 23:03:19 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015-06-26 22:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2015-06-26 22:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield
[2015-06-26 22:45:37 | 000,039,624 | ---- | C] (AnchorFree Inc.) -- C:\Windows\System32\drivers\hssdrv6.sys
[2015-06-26 22:45:35 | 000,000,000 | ---D | C] -- C:\Program Files\Hotspot Shield
[2015-06-26 21:06:44 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Hotspot Shield
[2015-06-26 20:55:41 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\OpenOffice
[2015-06-26 16:33:00 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\PDF Writer
[2015-06-26 16:33:00 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\PDF Writer
[2015-06-26 16:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-PDF
[2015-06-26 16:23:04 | 000,103,424 | ---- | C] (Bullzip) -- C:\Windows\System32\bzDCT.dll
[2015-06-26 16:22:34 | 000,228,352 | ---- | C] (Bullzip) -- C:\Windows\System32\bzFlRdr.dll
[2015-06-26 16:19:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\7-PDF
[2015-06-26 16:15:42 | 001,064,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomctl.ocx
[2015-06-26 16:15:11 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.OCX
[2015-06-26 16:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Writer
[2015-06-26 16:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\7-PDF
[2015-06-26 11:48:24 | 000,000,000 | ---D | C] -- C:\Users\shè\Desktop\kanada
[2015-06-25 15:31:09 | 000,000,000 | ---D | C] -- C:\Users\shè\Desktop\inbox wm.engineer@mail
[2015-06-25 09:30:31 | 000,000,000 | ---D | C] -- C:\Users\shè\Desktop\hoso
[2015-06-24 23:01:59 | 000,000,000 | --SD | C] -- C:\Windows\System32\CompatTel
[2015-06-24 23:01:59 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2015-06-24 23:01:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\appraiser
[2015-06-24 17:22:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2015-06-24 17:05:06 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2015-06-24 12:39:40 | 000,000,000 | ---D | C] -- C:\Users\shè\Desktop\inbox michawoche
[2015-06-24 03:46:00 | 001,943,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2015-06-24 03:45:50 | 000,219,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdFilter.sys
[2015-06-24 03:45:50 | 000,084,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdNisDrv.sys
[2015-06-24 03:45:50 | 000,029,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdBoot.sys
[2015-06-24 03:45:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winshfhc.dll
[2015-06-24 03:45:23 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2015-06-24 03:45:23 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2015-06-24 03:45:22 | 000,901,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2015-06-24 03:45:22 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2015-06-24 03:45:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2015-06-24 03:45:22 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2015-06-24 03:45:21 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2015-06-24 03:45:19 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2015-06-24 03:44:30 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2015-06-24 03:44:28 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2015-06-24 03:44:28 | 000,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2015-06-24 03:44:13 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winbici.dll
[2015-06-24 03:44:01 | 000,790,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MrmCoreR.dll
[2015-06-24 03:43:24 | 000,131,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dumpsd.sys
[2015-06-24 03:19:44 | 001,560,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015-06-24 03:19:35 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2015-06-24 03:19:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ahcache.sys
[2015-06-24 03:19:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2015-06-24 03:19:13 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ubpm.dll
[2015-06-24 03:14:03 | 003,532,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015-06-24 03:14:01 | 005,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015-06-24 03:14:00 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll
[2015-06-24 03:14:00 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tracerpt.exe
[2015-06-24 03:14:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\microsoft-windows-system-events.dll
[2015-06-24 03:14:00 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2015-06-24 03:14:00 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\typeperf.exe
[2015-06-24 03:14:00 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2015-06-24 03:14:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskperf.exe
[2015-06-24 03:13:58 | 000,424,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
[2015-06-24 03:13:58 | 000,370,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2015-06-24 03:13:58 | 000,344,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll
[2015-06-24 03:13:58 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEndpointBuilder.dll
[2015-06-24 03:13:57 | 000,485,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2015-06-24 03:13:57 | 000,448,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2015-06-24 03:13:57 | 000,413,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2015-06-24 03:13:57 | 000,372,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2015-06-24 03:13:57 | 000,213,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2015-06-24 03:13:57 | 000,136,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wermgr.exe
[2015-06-24 03:13:57 | 000,108,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDump.dll
[2015-06-24 03:13:57 | 000,033,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2015-06-24 03:13:57 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werdiagcontroller.dll
[2015-06-24 03:05:37 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SettingsHandlers.dll
[2015-06-24 03:05:35 | 011,820,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\twinui.dll
[2015-06-24 03:05:33 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFMediaEngine.dll
[2015-06-24 03:05:33 | 000,670,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4srcsnk.dll
[2015-06-24 03:05:32 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2015-06-24 03:05:32 | 000,333,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2015-06-24 03:05:31 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2015-06-24 03:05:31 | 000,286,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2015-06-24 03:05:30 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll
[2015-06-24 02:59:23 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapisrv.dll
[2015-06-24 02:59:23 | 000,088,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptsslp.dll
[2015-06-24 02:59:19 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2015-06-24 02:58:56 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015-06-24 02:58:56 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015-06-24 02:58:53 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2015-06-24 02:58:53 | 000,301,056 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2015-06-24 02:58:53 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2015-06-24 02:58:53 | 000,035,840 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2015-06-24 02:58:53 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2015-06-24 02:58:49 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2015-06-24 02:58:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jnwmon.dll
[2015-06-24 02:58:40 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015-06-24 02:58:40 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2015-06-24 02:58:39 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015-06-24 02:58:38 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015-06-24 02:58:36 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2015-06-24 02:58:29 | 000,685,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2015-06-24 02:58:28 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2015-06-24 02:58:28 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015-06-24 02:58:28 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2015-06-24 02:58:26 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015-06-24 02:58:25 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2015-06-24 02:58:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2015-06-24 02:58:23 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2015-06-24 02:58:22 | 004,305,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015-06-24 02:58:20 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2015-06-24 02:58:20 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2015-06-24 02:58:19 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015-06-24 02:58:18 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015-06-24 02:58:18 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2015-06-24 02:58:18 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2015-06-24 02:58:18 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015-06-24 02:58:18 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2015-06-24 02:58:18 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hlink.dll
[2015-06-24 02:58:18 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2015-06-24 02:58:18 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2015-06-24 02:58:18 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015-06-24 02:58:18 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2015-06-24 02:58:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2015-06-24 02:58:17 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015-06-24 02:58:17 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2015-06-24 02:58:17 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2015-06-24 02:58:17 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2015-06-24 02:58:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015-06-24 02:57:58 | 000,875,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr120_clr0400.dll
[2015-06-24 02:57:45 | 002,975,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2015-06-24 02:57:45 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2015-06-24 02:57:44 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rfxvmt.dll
[2015-06-24 02:57:44 | 000,022,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2015-06-24 02:57:39 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2015-06-24 02:57:39 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvcfg.exe
[2015-06-24 02:57:28 | 001,653,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2015-06-24 02:57:28 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2015-06-24 02:57:27 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUSettingsProvider.dll
[2015-06-24 02:57:27 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2015-06-24 02:57:27 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2015-06-24 02:57:27 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2015-06-24 02:57:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2015-06-24 02:57:27 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2015-06-24 02:57:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaext.dll
[2015-06-24 02:57:23 | 000,076,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pdc.sys
[2015-06-24 02:57:23 | 000,036,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\intelpep.sys
[2015-06-24 02:57:22 | 000,047,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2015-06-24 02:41:25 | 000,279,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\clfs.sys
[2015-06-24 02:41:25 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clfsw32.dll
[2015-06-24 00:26:32 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\Avg
[2015-06-23 11:41:09 | 000,031,848 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\ssmdrv.sys
[2015-06-23 06:34:29 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\AVG2015
[2015-06-23 06:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2015-06-23 06:33:19 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\TuneUp Software
[2015-06-23 06:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2015-06-23 06:29:41 | 000,000,000 | -H-D | C] -- C:\$AVG
[2015-06-23 06:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2015
[2015-06-23 06:28:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2015-06-23 06:27:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2015-06-23 06:27:55 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\MFAData
[2015-06-23 06:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2015-06-23 06:27:55 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\Avg2015
[2015-06-23 05:51:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\log
[2015-06-23 05:20:42 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\Diagnostics
[2015-06-23 04:58:56 | 000,000,000 | --SD | C] -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
[2015-06-23 04:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice 4
[2015-06-23 04:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2015-06-23 04:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2015-06-23 04:57:23 | 000,000,000 | ---D | C] -- C:\Users\shè\Desktop\OpenOffice 4.1.1 (de) Installation Files
[2015-06-23 04:48:16 | 000,000,000 | ---D | C] -- C:\Users\shè\Documents\Simply Super Software
[2015-06-23 04:48:16 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Simply Super Software
[2015-06-23 04:48:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2015-06-23 04:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2015-06-23 04:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2015-06-23 04:47:36 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\Programs
[2015-06-23 01:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2015-06-23 01:22:40 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2015-06-23 01:14:45 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Hewlett-Packard
[2015-06-23 01:14:27 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\hpqlog
[2015-06-23 01:14:21 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\Hewlett-Packard
[2015-06-23 01:07:56 | 000,200,976 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2015-06-23 01:05:58 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Macromedia
[2015-06-23 01:05:52 | 000,000,000 | -HSD | C] -- C:\Users\shè\AppData\Local\EmieUserList
[2015-06-23 01:05:52 | 000,000,000 | -HSD | C] -- C:\Users\shè\AppData\Local\EmieSiteList
[2015-06-22 15:24:30 | 000,000,000 | R--D | C] -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2015-06-22 15:24:30 | 000,000,000 | R--D | C] -- C:\Users\shè\Searches
[2015-06-22 15:24:30 | 000,000,000 | R--D | C] -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2015-06-22 15:24:29 | 000,000,000 | R--D | C] -- C:\Users\shè\Contacts
[2015-06-22 15:24:29 | 000,000,000 | -H-D | C] -- C:\Users\shè\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015-06-22 15:24:27 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\VirtualStore
[2015-06-22 15:24:26 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Adobe
[2015-06-22 15:24:23 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\Packages
[2015-06-22 15:24:22 | 000,000,000 | -HSD | C] -- C:\Users\shè\IntelGraphicsProfiles
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\AppData\Local\Temporary Internet Files
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\Templates
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\Start Menu
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\SendTo
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\Recent
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\PrintHood
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\NetHood
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\Documents\My Videos
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\Documents\My Pictures
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\Documents\My Music
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\My Documents
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\Local Settings
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\AppData\Local\History
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\Cookies
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\Application Data
[2015-06-22 15:24:19 | 000,000,000 | -HSD | C] -- C:\Users\shè\AppData\Local\Application Data
[2015-06-22 15:24:18 | 000,000,000 | --SD | C] -- C:\Users\shè\AppData\Roaming\Microsoft
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\Videos
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\Saved Games
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\Pictures
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\Music
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\Links
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\Favorites
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\Downloads
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\Documents
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\Desktop
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2015-06-22 15:24:18 | 000,000,000 | R--D | C] -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2015-06-22 15:24:18 | 000,000,000 | -H-D | C] -- C:\Users\shè\Documents\hp.system.package.metadata
[2015-06-22 15:24:18 | 000,000,000 | -H-D | C] -- C:\Users\shè\Documents\hp.applications.package.appdata
[2015-06-22 15:24:18 | 000,000,000 | -H-D | C] -- C:\Users\shè\AppData
[2015-06-22 15:24:18 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\Temp
[2015-06-22 15:24:18 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Local\Microsoft
[2015-06-22 15:24:18 | 000,000,000 | ---D | C] -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2015-06-22 15:24:14 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015-06-22 15:13:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2015-06-27 18:18:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-06-27 17:10:57 | 000,001,165 | ---- | M] () -- C:\Users\Public\Desktop\Spy Emergency.lnk
[2015-06-27 16:34:38 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3drm.dll
[2015-06-27 16:07:38 | 000,000,214 | ---- | M] () -- C:\Users\shè\Documents\cc_20150627_160732.reg
[2015-06-27 16:06:43 | 000,088,228 | ---- | M] () -- C:\Users\shè\Documents\cc_20150627_160548.reg
[2015-06-27 15:57:57 | 000,000,984 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015-06-27 15:55:45 | 000,788,686 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015-06-27 15:55:45 | 000,161,188 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015-06-27 15:50:58 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2015-06-27 15:50:55 | 000,001,043 | ---- | M] () -- C:\Users\shè\Desktop\Glary Utilities.lnk
[2015-06-27 15:48:38 | 798,101,504 | -HS- | M] () -- C:\hiberfil.sys
[2015-06-27 15:48:38 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2015-06-27 15:16:23 | 000,571,937 | ---- | M] () -- C:\Users\shè\Desktop\ceanboot.oxps
[2015-06-27 15:15:36 | 000,118,285 | ---- | M] () -- C:\Users\shè\Desktop\NAwww.spy-emergency.com - Trojan.Win32.pdf
[2015-06-27 15:11:32 | 001,019,028 | ---- | M] () -- C:\Users\shè\Desktop\GUT ABERmalwaretips.com.pdf
[2015-06-27 15:01:14 | 000,234,138 | ---- | M] () -- C:\Users\shè\Desktop\NAJA....dll-repair.com.pdf
[2015-06-27 14:54:37 | 000,274,168 | ---- | M] () -- C:\Users\shè\Desktop\registrycleaner.pdf
[2015-06-27 14:51:19 | 000,212,436 | ---- | M] () -- C:\Users\shè\Desktop\NAJA...www.dllfilefixer.com - verwenden-dll-tool-compobj-dll-prob.pdf
[2015-06-27 13:15:57 | 000,086,632 | ---- | M] () -- C:\Users\shè\Desktop\superuser.com - how-can-i-find-out-whats-.pdf
[2015-06-27 12:06:53 | 000,577,589 | ---- | M] () -- C:\Users\shè\Desktop\bandbreite regulieren.oxps
[2015-06-27 12:00:49 | 000,001,219 | ---- | M] () -- C:\Users\Public\Desktop\NetLimiter 4.lnk
[2015-06-27 11:59:26 | 007,120,232 | ---- | M] (Locktime Software) -- C:\Users\shè\Desktop\netlimiter-4.0.12.0.exe
[2015-06-26 23:05:32 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2015-06-26 12:43:14 | 000,977,145 | ---- | M] () -- C:\Users\shè\Desktop\how to use gmer.oxps
[2015-06-24 23:04:32 | 000,361,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015-06-24 14:37:12 | 001,121,202 | ---- | M] () -- C:\Users\shè\Desktop\CELEX_41997A0819(01)_DE_TXT.pdf
[2015-06-24 12:50:51 | 000,217,918 | ---- | M] () -- C:\Users\shè\Documents\dubliner uebereinkommen.oxps
[2015-06-24 08:39:03 | 000,420,135 | ---- | M] () -- C:\Users\shè\Documents\facebook engl2.oxps
[2015-06-24 08:38:01 | 000,000,000 | ---- | M] () -- C:\Users\shè\Documents\facebook englisch.oxps
[2015-06-24 08:36:39 | 000,355,818 | ---- | M] () -- C:\Users\shè\Documents\facebook 4.oxps
[2015-06-24 08:36:16 | 000,443,409 | ---- | M] () -- C:\Users\shè\Documents\facebook 3.oxps
[2015-06-24 08:35:47 | 000,354,723 | ---- | M] () -- C:\Users\shè\Documents\facebook 2.oxps
[2015-06-24 08:35:24 | 000,330,011 | ---- | M] () -- C:\Users\shè\Documents\facebook 1.oxps
[2015-06-24 00:28:14 | 000,000,974 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2015-06-23 05:33:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2015-06-23 04:58:58 | 000,001,162 | ---- | M] () -- C:\Users\shè\Desktop\OpenOffice 4.1.1.lnk
[2015-06-23 04:48:09 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2015-06-23 04:15:14 | 000,576,430 | ---- | M] () -- C:\Users\shè\Documents\fixing error 0cx0000022.oxps
[2015-06-23 01:18:29 | 000,001,443 | ---- | M] () -- C:\Users\shè\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015-06-23 01:07:33 | 000,000,036 | ---- | M] () -- C:\Users\shè\AppData\Local\housecall.guid.cache
[2015-06-22 15:24:25 | 000,000,184 | ---- | M] () -- C:\Windows\insFileSpec
[2015-06-22 15:24:22 | 000,000,144 | ---- | M] () -- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2015-06-19 20:02:45 | 000,792,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2015-06-19 20:02:45 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2015-06-27 17:10:57 | 000,001,165 | ---- | C] () -- C:\Users\Public\Desktop\Spy Emergency.lnk
[2015-06-27 16:07:36 | 000,000,214 | ---- | C] () -- C:\Users\shè\Documents\cc_20150627_160732.reg
[2015-06-27 16:05:56 | 000,088,228 | ---- | C] () -- C:\Users\shè\Documents\cc_20150627_160548.reg
[2015-06-27 15:57:57 | 000,000,984 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015-06-27 15:50:58 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2015-06-27 15:50:55 | 000,001,043 | ---- | C] () -- C:\Users\shè\Desktop\Glary Utilities.lnk
[2015-06-27 15:16:20 | 000,571,937 | ---- | C] () -- C:\Users\shè\Desktop\ceanboot.oxps
[2015-06-27 15:15:37 | 000,118,285 | ---- | C] () -- C:\Users\shè\Desktop\NAwww.spy-emergency.com - Trojan.Win32.pdf
[2015-06-27 15:11:34 | 001,019,028 | ---- | C] () -- C:\Users\shè\Desktop\GUT ABERmalwaretips.com.pdf
[2015-06-27 15:01:15 | 000,234,138 | ---- | C] () -- C:\Users\shè\Desktop\NAJA....dll-repair.com.pdf
[2015-06-27 14:54:37 | 000,274,168 | ---- | C] () -- C:\Users\shè\Desktop\registrycleaner.pdf
[2015-06-27 14:51:19 | 000,212,436 | ---- | C] () -- C:\Users\shè\Desktop\NAJA...www.dllfilefixer.com - verwenden-dll-tool-compobj-dll-prob.pdf
[2015-06-27 13:15:57 | 000,086,632 | ---- | C] () -- C:\Users\shè\Desktop\superuser.com - how-can-i-find-out-whats-.pdf
[2015-06-27 12:06:51 | 000,577,589 | ---- | C] () -- C:\Users\shè\Desktop\bandbreite regulieren.oxps
[2015-06-27 12:00:49 | 000,001,219 | ---- | C] () -- C:\Users\Public\Desktop\NetLimiter 4.lnk
[2015-06-26 22:46:36 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2015-06-26 16:18:43 | 000,476,160 | ---- | C] () -- C:\Windows\System32\TabStripCtlU.ocx
[2015-06-26 16:18:13 | 000,539,648 | ---- | C] () -- C:\Windows\System32\LblCtlsU.ocx
[2015-06-26 16:17:43 | 001,061,888 | ---- | C] () -- C:\Windows\System32\ExLvwU.ocx
[2015-06-26 16:17:12 | 000,805,376 | ---- | C] () -- C:\Windows\System32\EditCtlsU.ocx
[2015-06-26 16:16:42 | 001,103,872 | ---- | C] () -- C:\Windows\System32\CBLCtlsU.ocx
[2015-06-26 16:16:12 | 000,645,632 | ---- | C] () -- C:\Windows\System32\BtnCtlsU.ocx
[2015-06-26 12:43:12 | 000,977,145 | ---- | C] () -- C:\Users\shè\Desktop\how to use gmer.oxps
[2015-06-24 14:37:09 | 001,121,202 | ---- | C] () -- C:\Users\shè\Desktop\CELEX_41997A0819(01)_DE_TXT.pdf
[2015-06-24 12:50:49 | 000,217,918 | ---- | C] () -- C:\Users\shè\Documents\dubliner uebereinkommen.oxps
[2015-06-24 08:39:01 | 000,420,135 | ---- | C] () -- C:\Users\shè\Documents\facebook engl2.oxps
[2015-06-24 08:38:01 | 000,000,000 | ---- | C] () -- C:\Users\shè\Documents\facebook englisch.oxps
[2015-06-24 08:36:38 | 000,355,818 | ---- | C] () -- C:\Users\shè\Documents\facebook 4.oxps
[2015-06-24 08:36:14 | 000,443,409 | ---- | C] () -- C:\Users\shè\Documents\facebook 3.oxps
[2015-06-24 08:35:46 | 000,354,723 | ---- | C] () -- C:\Users\shè\Documents\facebook 2.oxps
[2015-06-24 08:35:21 | 000,330,011 | ---- | C] () -- C:\Users\shè\Documents\facebook 1.oxps
[2015-06-24 03:45:28 | 000,410,017 | ---- | C] () -- C:\Windows\System32\ApnDatabase.xml
[2015-06-24 02:58:17 | 000,016,303 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2015-06-23 06:33:19 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2015-06-23 05:33:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2015-06-23 04:58:58 | 000,001,162 | ---- | C] () -- C:\Users\shè\Desktop\OpenOffice 4.1.1.lnk
[2015-06-23 04:48:09 | 000,001,086 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2015-06-23 04:15:12 | 000,576,430 | ---- | C] () -- C:\Users\shè\Documents\fixing error 0cx0000022.oxps
[2015-06-23 01:18:29 | 000,001,443 | ---- | C] () -- C:\Users\shè\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015-06-23 01:07:33 | 000,000,036 | ---- | C] () -- C:\Users\shè\AppData\Local\housecall.guid.cache
[2015-06-22 15:24:26 | 000,001,449 | ---- | C] () -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015-06-22 15:24:24 | 000,000,184 | ---- | C] () -- C:\Windows\insFileSpec
[2015-06-22 15:24:22 | 000,000,144 | ---- | C] () -- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2015-06-22 15:24:18 | 000,000,369 | ---- | C] () -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
[2015-06-22 15:24:18 | 000,000,369 | ---- | C] () -- C:\Users\shè\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
[2015-06-22 15:24:18 | 000,000,352 | ---- | C] () -- C:\Users\shè\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2015-06-22 15:24:18 | 000,000,334 | ---- | C] () -- C:\Users\shè\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2015-06-22 15:22:36 | 798,101,504 | -HS- | C] () -- C:\hiberfil.sys
[2015-06-22 15:19:01 | 016,777,216 | -HS- | C] () -- C:\swapfile.sys
[2014-11-09 06:39:12 | 000,050,504 | ---- | C] () -- C:\Windows\System32\rtl8723b_mp_bt40_fw_asic_rom_patch.bin
[2014-11-09 06:39:12 | 000,000,080 | ---- | C] () -- C:\Windows\System32\rtl8723b_config.bin
[2014-11-09 06:28:05 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2014-11-09 06:28:05 | 000,036,864 | ---- | C] () -- C:\Windows\runSW.exe
[2014-09-23 06:38:26 | 000,050,745 | ---- | C] () -- C:\Windows\System32\srms.dat
[2014-09-02 12:10:08 | 000,020,480 | ---- | C] () -- C:\Windows\System32\drivers\MAG_SensorDriver.sys
[2014-09-02 12:10:08 | 000,019,968 | ---- | C] () -- C:\Windows\System32\drivers\ACC_SensorDriver.sys
[2014-09-02 12:10:08 | 000,018,944 | ---- | C] () -- C:\Windows\System32\drivers\GYRO_SensorDriver.sys
[2014-09-02 12:10:02 | 000,069,632 | ---- | C] ( ) -- C:\Windows\System32\igfxDHLibv2_0.dll
[2014-09-02 12:10:02 | 000,063,488 | ---- | C] () -- C:\Windows\System32\igfxCUIServicePS.dll
[2014-09-02 12:10:02 | 000,057,856 | ---- | C] ( ) -- C:\Windows\System32\igfxDHLib.dll
[2014-09-02 12:10:02 | 000,010,752 | ---- | C] ( ) -- C:\Windows\System32\igfxDILib.dll
[2014-09-02 12:10:02 | 000,010,240 | ---- | C] ( ) -- C:\Windows\System32\igfxEMLibv2_0.dll
[2014-09-02 12:10:02 | 000,010,240 | ---- | C] ( ) -- C:\Windows\System32\igfxEMLib.dll
[2014-09-02 12:10:02 | 000,010,240 | ---- | C] ( ) -- C:\Windows\System32\igfxDILibv2_0.dll
[2014-09-02 12:10:02 | 000,005,120 | ---- | C] ( ) -- C:\Windows\System32\igfxLHMLibv2_0.dll
[2014-09-02 12:10:02 | 000,005,120 | ---- | C] ( ) -- C:\Windows\System32\igfxLHMLib.dll
[2014-09-02 12:10:00 | 000,349,112 | ---- | C] () -- C:\Windows\System32\igdmd32.dll
[2014-09-02 12:10:00 | 000,183,808 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2014-09-02 12:10:00 | 000,142,848 | ---- | C] () -- C:\Windows\System32\igdail32.dll
[2014-09-02 12:09:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2014-09-02 12:09:58 | 000,000,895 | ---- | C] () -- C:\Windows\System32\Gfxv2_0.exe.config
[2014-09-02 12:09:58 | 000,000,895 | ---- | C] () -- C:\Windows\System32\DPTopologyAppv2_0.exe.config
[2014-09-02 12:09:58 | 000,000,889 | ---- | C] () -- C:\Windows\System32\Gfxv4_0.exe.config
[2014-09-02 12:09:58 | 000,000,889 | ---- | C] () -- C:\Windows\System32\DPTopologyApp.exe.config
[2014-09-02 12:09:56 | 009,849,700 | ---- | C] () -- C:\Windows\System32\drivers\isp_firmware.bin
[2014-09-02 12:09:56 | 000,526,484 | ---- | C] () -- C:\Windows\System32\drivers\realtek_fw_sst.bin
[2014-09-02 12:09:56 | 000,038,400 | ---- | C] () -- C:\Windows\System32\drivers\IntelBatteryManagement.sys
[2014-09-02 12:09:56 | 000,000,895 | ---- | C] () -- C:\Windows\System32\CustomModeAppv2_0.exe.config
[2014-09-02 12:09:56 | 000,000,889 | ---- | C] () -- C:\Windows\System32\CustomModeApp.exe.config
[2014-03-18 00:49:08 | 000,262,335 | ---- | C] () -- C:\Windows\System32\dfpinc.dat
[2014-03-18 00:48:53 | 000,103,936 | ---- | C] () -- C:\Windows\System32\OEMLicense.dll
[2014-03-18 00:48:51 | 000,002,255 | ---- | C] () -- C:\Windows\System32\WimBootCompress.ini
[2013-08-22 01:19:09 | 000,788,686 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2013-08-22 01:19:09 | 000,296,742 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2013-08-22 01:19:09 | 000,161,188 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2013-08-22 01:19:09 | 000,033,362 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2013-08-22 01:17:31 | 000,000,389 | ---- | C] () -- C:\Windows\System32\AutoWorkplace.exe.config
[2013-08-22 01:17:30 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2013-08-22 01:17:29 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2013-08-22 00:24:03 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013-08-22 00:22:45 | 000,361,880 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-08-21 20:33:54 | 000,073,216 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2013-08-21 20:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2013-08-21 16:57:03 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013-08-21 16:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2013-08-21 16:52:35 | 001,520,828 | ---- | C] () -- C:\Windows\System32\WpcNBModel.bin
[2013-08-21 16:52:35 | 000,526,068 | ---- | C] () -- C:\Windows\System32\staticurllist.bin
[2013-08-21 16:50:57 | 000,008,192 | ---- | C] () -- C:\Windows\System32\settings.dat
[2013-07-01 20:40:44 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll
========== ZeroAccess Check ==========
[2014-11-09 06:48:25 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015-02-12 10:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-21 19:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2013-08-21 19:42:12 | 000,390,144 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2015-06-24 00:28:13 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2015-06-24 00:28:13 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2015-06-23 06:34:29 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\AVG2015
[2015-06-27 15:55:24 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\GlarySoft
[2015-06-26 21:06:44 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\Hotspot Shield
[2015-06-27 12:02:26 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\Locktime
[2015-06-27 11:59:50 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\Locktime Software
[2015-06-26 20:55:41 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\OpenOffice
[2015-06-26 16:33:00 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\PDF Writer
[2015-06-23 04:48:16 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\Simply Super Software
[2015-06-27 17:18:29 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\Spy Emergency
[2015-06-23 06:33:19 | 000,000,000 | ---D | M] -- C:\Users\shè\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >
2.Teil:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 2015-06-27 6:58:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\shè\Downloads
An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17842)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd
951.41 Mb Total Physical Memory | 61.93 Mb Available Physical Memory | 6.51% Memory free
3.21 Gb Paging File | 0.70 Gb Available in Paging File | 21.77% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 23.14 Gb Total Space | 15.08 Gb Free Space | 65.16% Space Free | Partition Type: NTFS
Computer Name: XHÈ | User Name: shè | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079AB5FF-C595-48E8-8649-54351D3D692E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgmfapx.exe |
"{0886F145-51CF-4F8D-A6D5-BD6D4D3EF0C5}" = dir=out | name=onenote |
"{0E98616A-3A99-4277-BEA3-223AE9F18F81}" = dir=out | name=@{ad2f1837.gettingstartedwithwindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
"{13CC65DA-EDDC-4DDA-919E-999D11740B2A}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{1B8B5CFC-3673-426C-913F-2CDC5F706A53}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgdiagex.exe |
"{206C1A4E-4FAE-4963-8252-9C124B8BFC3C}" = dir=out | name=@{microsoft.bingsports_3.0.4.322_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{2841EC50-8960-4EA1-9A42-EB0ECD254B7A}" = dir=out | name=@{microsoft.bingtravel_3.0.4.322_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{2DF2E2B0-A588-4810-90EB-4C394CAB983F}" = dir=in | name=junipernetworks.junospulsevpn |
"{331D3F10-92E3-4211-9259-CAF9D02FCE86}" = dir=out | name=junipernetworks.junospulsevpn |
"{354B3410-E3DC-4862-B025-E742F51E2853}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgmfapx.exe |
"{3753DAF9-EC78-4100-8A5D-2BB0D34ABF40}" = dir=out | name=@{microsoft.bingfinance_3.0.4.323_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{438B4337-4590-4727-93E3-F67277595188}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.322_x86__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{489524BA-3BA1-4766-890B-88CDB35DC310}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{5707FD30-1853-486D-A325-6E937EBB4C83}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20856_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{66218FB7-C438-4CD0-922C-79B42368EFDB}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{70046FD2-2B71-4972-9FAD-6BD37CF68029}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{7AD4C18C-A052-4894-85B6-98911F6A51B3}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgemcx.exe |
"{80E83D99-D49D-46E5-984B-F9A02025D223}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20856_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{835E0E77-65D1-4FAA-AA5E-AC67565A94FB}" = dir=out | name=sonicwall.mobileconnect |
"{83894E1A-5030-41C1-A3B1-E9B277E85809}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgdiagex.exe |
"{88BE8280-918A-4BD7-8106-58CDC99D2A50}" = dir=out | name=windows_ie_ac_001 |
"{9A2FD01E-4A1C-4E1A-A2D6-96B1241256BA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9D56B1CD-8830-4677-86EA-AA532FEA2142}" = dir=out | name=@{microsoft.bingweather_3.0.4.322_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{A5FC0ADE-A1BE-4963-AB88-E7DD8884E7E5}" = dir=in | name=snapfish |
"{A7A81EAA-6712-46CF-9E8D-ED219FE7D019}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A9080F4C-BE69-49F6-87CD-FAE444526D27}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{AA2B0E53-FA9E-4A19-A5D3-12B75B1D3E0A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2015\avgnsx.exe |
"{AF4CD98F-A6B6-4B1C-8D65-661A94CE0BDE}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{BEF6B631-97DB-45D6-A55E-E0B68AA5F2DC}" = dir=out | name=snapfish |
"{C6182E4B-10FC-4083-A766-458080D68E73}" = dir=in | name=f5.vpn.client |
"{C741B669-8494-4CEB-8614-1C98FB8F413D}" = dir=in | name=onenote |
"{C8D37BCC-4511-47F9-9EFC-11BACD7884AB}" = dir=out | name=skype |
"{CE4ABD68-2ABE-47FF-B8BD-F883695BF548}" = dir=out | name=@{microsoft.bingnews_3.0.4.322_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{CF8A292C-750A-4719-832D-149932B51745}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgnsx.exe |
"{D52CB194-0A00-4CA5-B044-58D3EF3499DF}" = dir=in | name=@{ad2f1837.gettingstartedwithwindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
"{D9C1058A-681E-4988-BF71-38CAA6162D0B}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.322_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{DD9777DC-C9DE-40C0-A56F-6B99C7D91762}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E20BB53A-3BDC-460D-BAEE-FFDC117AB485}" = dir=in | name=sonicwall.mobileconnect |
"{E4BE5589-3348-48BE-898B-BB8C738CDC3E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2015\avgemcx.exe |
"{E6A4BE21-4183-455E-8C07-84C78011B261}" = dir=out | name=checkpoint.vpn |
"{EA997832-A7CA-479A-AE75-0321D4FFAEF9}" = dir=out | name=@{microsoft.zunevideo_2.6.441.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F562F4E9-D490-4DBD-89C9-5801ED8DDBF9}" = dir=out | name=hp registration |
"{F9F59BE0-6080-4ADC-9204-F6C79F251088}" = dir=out | name=hp connected music |
"{FA35BA80-EA4B-48FD-9FEF-74E9E0B3FEC7}" = dir=in | name=checkpoint.vpn |
"{FDC2F9AF-7E59-486F-8A73-F748888C6B3F}" = dir=in | name=skype |
"{FE5EA256-AD54-4FD8-B211-1263089653FF}" = dir=out | name=f5.vpn.client |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}" = Cisco PEAP Module
"{176E2755-0A17-42C6-88E2-192AB2131278}" = Intel(R) Trusted Execution Engine
"{192979A0-37F4-4703-B1BB-62052142CE44}" = REALTEK Bluetooth
"{330A4B75-13DC-4643-84D7-B25820508E25}" = AVG 2015
"{33AABC60-A52F-41FF-B2B9-17321240CD5}" = REALTEK Wireless LAN Driver
"{4BE64DB8-771F-42D0-B120-EFB738C40215}" = kxaccel-1.0.13.20-win8-x86
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6D5305DC-8124-47AA-8EB8-D00C51048A93}" = Intel(R) Trusted Execution Engine Driver
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{89A448AA-3301-46AA-AFC3-34F2D7C670E8}" = Realtek I2S Audio
"{8AD64734-8040-4A69-BABB-0DB3FD6FB8C3}" = NetLimiter 4
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A875E145-5434-48D4-A53A-6ABBF7235FFD}" = AVG 2015
"{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}" = OpenOffice 4.1.1
"{AF312B06-5C5C-468E-89B3-BE6DE2645722}" = Cisco LEAP Module
"{B7EC5C10-E557-4A2B-A4EB-494F166A87E1}" = HP Documentation
"{B99DC3D1-C45C-4C33-A1AA-086F1EF51C46}" = Intel(R) Trusted Execution Engine
"{DD43EA67-DAF3-4879-BFF7-E534675BDEA5}" = HP PC Hardware Diagnostics UEFI
"{EACD3CC2-8923-45B4-9ED3-818D983C5CAE}" = HP Registration Service
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"7-PDF Printer_is1" = 7-PDF Printer 10.11.0.2342
"9B850DEC9F528A80EF96519B4987C5F90EF303B8" = Windows Driver Package - Kionix, Inc. (kxspb) Sensor I/O devices (06/26/2014 1.2.6.3)
"A29252E022AC11B53F70404D9A02C2B623F7A4BB" = Windows Driver Package - Kionix, Inc. (WUDFRd) Sensor (06/26/2014 1.0.13.20)
"AVG" = AVG 2015
"CCleaner" = CCleaner
"Glary Utilities_is1" = Glary Utilities 2.56.0.1822
"HotspotShield" = Hotspot Shield 4.15.3
"InstallShield_{192979A0-37F4-4703-B1BB-62052142CE44}" = REALTEK Bluetooth
"NetLimiter 4 4.0.12.0" = NetLimiter 4
"Spy Emergency_is1" = Spy Emergency
"Trojan Remover_is1" = Trojan Remover 6.9.2.2938
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2015-06-25 8:18:53 PM | Computer Name = xhè | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 26235
Error - 2015-06-25 8:18:53 PM | Computer Name = xhè | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 26235
Error - 2015-06-25 8:18:56 PM | Computer Name = xhè | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2015-06-25 8:25:22 PM | Computer Name = xhè | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 29016
Error - 2015-06-25 8:25:22 PM | Computer Name = xhè | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 29016
Error - 2015-06-25 11:53:15 PM | Computer Name = xhè | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 2015-06-25 11:53:15 PM | Computer Name = xhè | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14812
Error - 2015-06-25 11:53:15 PM | Computer Name = xhè | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14812
Error - 2015-06-26 5:58:39 PM | Computer Name = xhè | Source = Desktop Window Manager | ID = 9020
Description = The Desktop Window Manager has encountered a fatal error (0x8898008d)
Error - 2015-06-27 8:05:40 PM | Computer Name = xhè | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 11.0.9600.17840 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1a3c Start
Time: 01d0b1335e4a41d3 Termination Time: 93 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id: 65fbbc73-1d29-11e5-972f-adb04b6ef5e4 Faulting package
full name: Faulting package-relative application ID:
[ System Events ]
Error - 2015-06-27 8:04:54 PM | Computer Name = xhè | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 10. The Windows SChannel error state is 10.
Error - 2015-06-27 8:04:54 PM | Computer Name = xhè | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 10. The Windows SChannel error state is 10.
Error - 2015-06-27 8:15:05 PM | Computer Name = xhè | Source = Service Control Manager | ID = 7000
Description = The Spy Emergency Health Check service failed to start due to the
following error: %%3
Error - 2015-06-27 8:19:21 PM | Computer Name = xhè | Source = DCOM | ID = 10010
Description =
Error - 2015-06-27 9:46:53 PM | Computer Name = xhè | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 10. The Windows SChannel error state is 10.
Error - 2015-06-27 9:46:54 PM | Computer Name = xhè | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 10. The Windows SChannel error state is 10.
Error - 2015-06-27 9:47:01 PM | Computer Name = xhè | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 10. The Windows SChannel error state is 10.
Error - 2015-06-27 9:47:02 PM | Computer Name = xhè | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 10. The Windows SChannel error state is 10.
Error - 2015-06-27 9:47:19 PM | Computer Name = xhè | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 10. The Windows SChannel error state is 10.
Error - 2015-06-27 9:47:20 PM | Computer Name = xhè | Source = Schannel | ID = 36888
Description = A fatal alert was generated and sent to the remote endpoint. This
may result in termination of the connection. The TLS protocol defined fatal error
code is 10. The Windows SChannel error state is 10.
< End of report >
Ich stehe bereits seit Jahren unter der Gewalt von diesen Cyber Kriminellen und benötige dringend Schutz. Bitte kann mir jemand mit Rat und Tat zur Seite stehen? Mir geht es nicht um ein paar Dateien (Musik, etc.) die verloren gehen könnten, sondern (ich möchte jetzt nicht kitschig klingen, aber ich würde lügen, wenn ich was anderes sagen würde) um mein Leben. Vielen Dank im Vorraus. |
| Themen zu win8.1 tablet mit unbekanntem wiederkehrenden Trojaner infiziert |
| autorun, avg, avira, bho, bonjour, desktop, dringend, error, failed, fatal error, firefox, format, hotspot, iexplore.exe, install.exe, installation, logfile, musik, problem, proxy, realtek, registry, rundll, scan, security, software, super, trojaner, werkseinstellungen, windows |
Baum-Darstellung