| |
| |||||||
Log-Analyse und Auswertung: Win 10: jede Menge PUPWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
13.02.2017, 19:36
| #1 | |||
 |  Win 10: jede Menge PUP Hallo zusammen, gestern wollte ich mir Software herunterladen und bin wohl auf einer falschen Seite gelandet und habe mir jede Menge Mist eingefangen. Dummerweise habe ich bisher versäumt, einen Virenscanner zu installieren. :Stirn: Frst.txt Zitat:
Zitat:
Hier das Log: Zitat:
Vielen Dank im Voraus für jede Hilfe... Viele Grüße Barbara |
|
13.02.2017, 19:44
| #2 |
| /// Malwareteam   | Win 10: jede Menge PUP Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 was hast du denn da bitte gemacht  Schritt 0 Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Hinweis: Falls bei der Deinstallation zu Beginn ein Fehler auftritt oder du den aufgerufenen Uninstaller nicht bedienen kannst, breche dieses Setup einfach ab und fahre mit der Entfernung durch Revo wie oben beschrieben fort. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Lade dir folgendes Programm herunter und installiere es:  Malwarebytes Anti-Malware
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
Bitte poste dein Ergebnis zwischen Code-Tags Wenn ein Log zu lange ist, teile ihn bitte auf mehrere Antworten.  Code-Tags?Drücke einfach die # in Antwortfenster und füge den Log dazwischen ein 
__________________ Geändert von burningice (13.02.2017 um 19:49 Uhr) |
|
13.02.2017, 20:54
| #3 | ||
| | Win 10: jede Menge PUP Hallo Rafael,
__________________vielen Dank für deine Hilfe. AdwCleaner AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 13/02/2017 um 20:38:32
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Barbara - BARBARA-PC
# Gestartet von : C:\Users\Barbara\Desktop\Virenscanner etc\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: SMUpd
[-] Dienst gelöscht: SMUpdd
[-] Dienst gelöscht: backlh
[-] Dienst gelöscht: NetUtils2016
[-] Dienst gelöscht: NetUtils2016srv
[-] Dienst gelöscht: Nettrans
[-] Dienst gelöscht: WinSAPSvc
[-] Dienst gelöscht: iThemes5
[-] Dienst gelöscht: Hayzumflex
[-] Dienst gelöscht: Zaamla
[-] Dienst gelöscht: WinSnare
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Program Files (x86)\WinSnare(4.1.0)
[-] Ordner gelöscht: C:\ProgramData\3e6b6889-0047-0
[-] Ordner gelöscht: C:\ProgramData\3e6b6889-6d45-1
[-] Ordner gelöscht: C:\ProgramData\3e6b6889-6e95-0
[-] Ordner gelöscht: C:\ProgramData\f09cf6fd-67a5-1
[-] Ordner gelöscht: C:\ProgramData\f09cf6fd-6885-0
[-] Ordner gelöscht: C:\Users\Barbara\AppData\Local\AppTrailers
[-] Ordner gelöscht: C:\Users\Barbara\AppData\Roaming\PC Clean Plus
[-] Ordner gelöscht: C:\Users\Barbara\AppData\Roaming\Event Monitor
[-] Ordner gelöscht: C:\Users\Barbara\AppData\Roaming\gplyra
[-] Ordner gelöscht: C:\Users\Barbara\AppData\Roaming\WinSAPSvc
[#] Ordner mit Neustart gelöscht: C:\Users\Barbara\AppData\Roaming\winsapsvc
[-] Ordner gelöscht: C:\Users\Barbara\AppData\Roaming\WinSnare
[-] Ordner gelöscht: C:\Program Files\Common Files\Noobzo
[-] Ordner gelöscht: C:\ProgramData\SearchModule
[-] Ordner gelöscht: C:\ProgramData\Logic Handler
[-] Ordner gelöscht: C:\ProgramData\Hayzumflexs
[-] Ordner gelöscht: C:\ProgramData\NetworkPacketManitor
[-] Ordner gelöscht: C:\ProgramData\Hayzumflex
[-] Ordner gelöscht: C:\ProgramData\Zaamla
[-] Ordner gelöscht: C:\ProgramData\Zaamlas
[-] Ordner gelöscht: C:\Program Files (x86)\pccleanplus
[-] Ordner gelöscht: C:\Program Files (x86)\MIO
[-] Ordner gelöscht: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\Tencent
[-] Ordner gelöscht: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\naweriweentcofise
[-] Ordner gelöscht: C:\WINDOWS\SysWoW64\sstmp
[#] Ordner mit Neustart gelöscht: C:\Users\Barbara\AppData\Roaming\WinSnare
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\MIO
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\booking.ico
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\aliexpress.ico
[-] Datei gelöscht: C:\WINDOWS\SysNative\bi3.exe
[#] Datei gelöscht: C:\WINDOWS\SysNative\NetUtils2016.dll
[#] Datei gelöscht: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys
[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\ProgramData\smp2.exe
[-] Datei gelöscht: C:\TOSTACK
[#] Datei gelöscht: C:\ProgramData\smp2.exe
[-] Datei gelöscht: C:\WINDOWS\SysWoW64\NetUtils2016.exe
[-] Datei gelöscht: C:\WINDOWS\rsrcs.dll
[-] Datei gelöscht: C:\Program Files (x86)\Common Files\SERVICES\ITHEMES.DLL
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\md.xml
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\Config.xml
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\noah.dat
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\Installer.dat
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\InstallationConfiguration.xml
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\Main.dat
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\agent.dat
[-] Datei gelöscht: C:\Program Files (x86)\Internet Explorer\iexplore.bat
[-] Datei gelöscht: C:\Program Files (x86)\Mozilla Firefox\firefox.bat
[-] Datei gelöscht: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\searchplugins\smod.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
[-] Verknüpfung desinfiziert: C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk
[-] Verknüpfung desinfiziert: C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search (2).lnk
[-] Verknüpfung desinfiziert: C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: EhXuia58iw
[-] Aufgabe gelöscht: RunAtStartup
[-] Aufgabe gelöscht: RunAtStartup
[-] Aufgabe gelöscht: IBUpd2
[-] Aufgabe gelöscht: SMW_P
[-] Aufgabe gelöscht: Milimili
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\jhdbca
[-] Schlüssel gelöscht: HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Software\Installer
[-] Schlüssel gelöscht: HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Software\One System Care
[-] Schlüssel gelöscht: HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Software\System Healer
[-] Schlüssel gelöscht: HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Software\PC
[-] Schlüssel gelöscht: HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Software\Event Monitor
[-] Schlüssel gelöscht: HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Software\MICROSOFT\wewewe
[-] Schlüssel gelöscht: HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Software\WinSnare
[-] Schlüssel gelöscht: HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Software\AppDataLow\Software\AppTrailers
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\jhdbca
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Installer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\One System Care
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\System Healer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PC
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Event Monitor
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\MICROSOFT\wewewe
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\WinSnare
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\AppTrailers
[-] Schlüssel gelöscht: HKLM\SOFTWARE\BrowserAir
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Jawego
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SearchModule
[-] Schlüssel gelöscht: HKLM\SOFTWARE\PC
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Event Monitor
[-] Schlüssel gelöscht: HKLM\SOFTWARE\youndooSoftware
[-] Schlüssel gelöscht: HKLM\SOFTWARE\OtherSearch
[-] Schlüssel gelöscht: HKLM\SOFTWARE\trotuxSoftware
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ScreenShot
[-] Schlüssel gelöscht: HKLM\SOFTWARE\jhdbca
[-] Schlüssel gelöscht: HKLM\SOFTWARE\mtHayzumflex
[-] Schlüssel gelöscht: HKLM\SOFTWARE\mtZaamla
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Installer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\One System Care
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\System Healer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PC
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Event Monitor
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\MICROSOFT\wewewe
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\WinSnare
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\AppTrailers
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\SearchModule
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\jhdbca
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\HDWallpaper
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\land.pckeeper.software
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pckeeper.software
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www-searching.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\land.pckeeper.software
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pckeeper.software
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www-searching.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\land.pckeeper.software
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pckeeper.software
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www-searching.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\land.pckeeper.software
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pckeeper.software
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www-searching.com
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [Wd]
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gplyra]
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [gplyra]
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [AppTrailers]
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [MyMemory]
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [BestCleaner]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Schlüssel gelöscht: HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1f
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0f
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1f
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0f
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Wert gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Zaamla.exe
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.newtab.url" - "hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=h2czbcnbl1au,e757b544-b7e3-4f69-a055-fbd9a7e08b83,"
[-] Firefox Einstellungen bereinigt: "browser.search.defaultenginename" - "youndoo"
[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.hp" - "hxxp://www.youndoo.com/?z=7eedf74bfaa17e21a2df247gdzabeq8t2c5zceeo2o&from=amz&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF263398Y&type=hp"
[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.sp" - "hxxp://www.youndoo.com/search/?from=amz&q={searchTerms}&type=sp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF263398Y&z=7eedf74bfaa17e21a2df247gdzabeq8t2c5zceeo2o"
[-] Firefox Einstellungen bereinigt: "browser.search.searchengine.url" - "hxxp://www.youndoo.com/search/?from=amz&q={searchTerms}&type=sp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF263398Y&z=7eedf74bfaa17e21a2df247gdzabeq8t2c5zceeo2o"
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" - "youndoo"
[-] Firefox Einstellungen bereinigt: "browser.startup.homepage" - "hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=h2czbcnbl1au,e757b544-b7e3-4f69-a055-fbd9a7e08b83,"
[-] Firefox Einstellungen bereinigt: "keyword.URL" - "hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=Unknown"
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [18716 Bytes] - [13/02/2017 20:38:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [18118 Bytes] - [13/02/2017 20:37:52]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [18864 Bytes] ##########
Malwarebytes Zitat:
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2017
durchgeführt von Barbara (Administrator) auf BARBARA-PC (13-02-2017 20:48:04)
Gestartet von C:\Users\Barbara\Desktop\Virenscanner etc
Geladene Profile: Barbara (Verfügbare Profile: Barbara)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Barbara\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\PDR238V39I\22XHB7149.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\XPQ0UG79CA\XPQ0UG79C.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-23] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [Spotify Web Helper] => C:\Users\Barbara\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-31] (Spotify Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [Spotify] => C:\Users\Barbara\AppData\Roaming\Spotify\Spotify.exe [7153264 2016-12-31] (Spotify Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [Steam] => c:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [ZJy9zt07Me] => C:\Program Files\PDR238V39I\22XHB7149.exe [370176 2017-02-13] ()
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [HGFI7viJwx] => C:\Program Files\XPQ0UG79CA\XPQ0UG79C.exe [370176 2017-02-13] ()
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
ShellExecuteHooks: Kein Name - {12BEB57E-ECD3-11E6-A98A-64006A5CFC23} - C:\Users\Barbara\AppData\Roaming\Zrshfcit\Griotain.dll -> Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{92a07177-073c-4d90-93ea-d374613fc39e}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: 8rnx3iua.default
FF ProfilePath: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default [2017-02-13]
FF Extension: (2020 3D Viewer for IKEA) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-12-16]
FF Extension: (Firefox Hotfix) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Ghostery) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\Extensions\firefox@ghostery.com.xpi [2017-02-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Datei ist nicht signiert]
R2 Dalidom; C:\Program Files (x86)\Plidaing\Konoghstuqtainmodule.dll [154624 2017-02-12] () [Datei ist nicht signiert]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-09-03] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-22] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-13] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-02-13] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-13] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-13] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-13] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 cvjjfjaa; \??\C:\WINDOWS\system32\drivers\cvjjfjaa.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-13 20:47 - 2017-02-13 20:47 - 00018791 _____ C:\Users\Barbara\Desktop\mbam.txt
2017-02-13 20:42 - 2017-02-13 20:45 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-13 20:42 - 2017-02-13 20:45 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-13 20:42 - 2017-02-13 20:45 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-13 20:42 - 2017-02-13 20:45 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-13 20:42 - 2017-02-13 20:42 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-13 20:42 - 2017-02-13 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-13 20:42 - 2017-02-13 20:42 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-13 20:42 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-13 20:41 - 2017-02-13 20:41 - 00019083 _____ C:\Users\Barbara\Desktop\AdwCleaner[C0].txt
2017-02-13 20:41 - 2017-02-13 20:41 - 00000000 ____D C:\Users\Barbara\Desktop\alt
2017-02-13 20:19 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\XPQ0UG79CA
2017-02-13 20:14 - 2017-02-13 20:38 - 00000000 ____D C:\AdwCleaner
2017-02-13 20:13 - 2017-02-13 20:13 - 00000000 ____D C:\Program Files (x86)\pfqv62f8
2017-02-13 19:59 - 2017-02-13 19:59 - 07097928 _____ (VS Revo Group ) C:\Users\Barbara\Desktop\revo202setup.exe
2017-02-13 19:59 - 2017-02-13 19:59 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-02-13 19:59 - 2017-02-13 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-02-13 19:59 - 2017-02-13 19:59 - 00000000 ____D C:\Program Files\VS Revo Group
2017-02-13 19:19 - 2017-02-13 19:19 - 00000000 ____D C:\Program Files\PDR238V39I
2017-02-13 19:08 - 2017-02-13 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-13 19:07 - 2017-02-13 20:48 - 00000000 ____D C:\FRST
2017-02-13 19:06 - 2017-02-13 20:48 - 00000000 ____D C:\Users\Barbara\Desktop\Virenscanner etc
2017-02-12 22:16 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\8K5F5GX6AI
2017-02-12 22:15 - 2017-02-13 20:03 - 00000000 ____D C:\Program Files (x86)\vpF0TnTYqt
2017-02-12 22:14 - 2017-02-13 20:39 - 00000000 ____D C:\Program Files (x86)\Druciy
2017-02-12 22:14 - 2017-02-13 20:05 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-12 22:14 - 2017-02-12 22:14 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-02-12 22:14 - 2017-02-12 22:14 - 00000000 ____D C:\Users\Barbara\AppData\Local\Reabation
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ___HD C:\ProgramData\108l42A89c7603
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\WR5TG73LV7
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\P3ZUK80JKY
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\IQ50062YNB
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files (x86)\BeCleaner
2017-02-12 22:13 - 2017-02-13 20:39 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Zrshfcit
2017-02-12 22:13 - 2017-02-12 22:13 - 00016812 _____ C:\WINDOWS\System32\Tasks\108l42A89c7603
2017-02-12 22:13 - 2017-02-12 22:13 - 00006098 _____ C:\WINDOWS\System32\Tasks\Atikationbogot System
2017-02-12 22:13 - 2017-02-12 22:13 - 00003782 _____ C:\WINDOWS\System32\Tasks\Pregehabering
2017-02-12 22:13 - 2017-02-12 22:13 - 00000000 ____D C:\Users\Barbara\AppData\Local\Qolther
2017-02-12 22:13 - 2017-02-12 22:13 - 00000000 ____D C:\Users\Barbara\AppData\Local\Ghuversp
2017-02-12 22:13 - 2017-02-12 22:13 - 00000000 ____D C:\Program Files (x86)\Thteckganoied
2017-02-12 22:13 - 2017-02-12 22:13 - 00000000 ____D C:\Program Files (x86)\Plidaing
2017-02-12 21:59 - 2017-02-12 22:08 - 70965739 _____ (eRightSoft ) C:\Users\Barbara\Downloads\SUPERsetup.exe
2017-02-11 17:30 - 2017-02-11 17:30 - 11617413 _____ C:\Users\Barbara\Downloads\ColorSplash (1).themepack
2017-02-11 17:29 - 2017-02-11 17:29 - 11617413 _____ C:\Users\Barbara\Downloads\ColorSplash.themepack
2017-02-11 17:29 - 2017-02-11 17:29 - 08635521 _____ C:\Users\Barbara\Downloads\DreamgardenChristinaManchenko.themepack
2017-02-10 16:16 - 2017-02-10 16:16 - 03287737 _____ C:\WINDOWS\fb8637bc1a4671a0ade9e7275e924c95.exe
2017-02-09 13:38 - 2017-02-12 20:33 - 00000000 ____D C:\WINDOWS\LastGood
2017-02-09 13:38 - 2017-02-09 13:38 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-09 13:38 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-09 13:38 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-09 13:38 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-09 13:38 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-09 13:38 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-09 13:38 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-03 17:19 - 2017-02-03 17:19 - 00515204 _____ C:\WINDOWS\Minidump\020317-6328-01.dmp
2017-02-03 17:12 - 2017-02-03 17:12 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2017-02-03 17:12 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-03 17:12 - 2017-02-03 17:12 - 00000000 ____D C:\Users\Barbara\AppData\Local\Chromium
2017-02-03 17:12 - 2017-01-20 19:39 - 00156608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-02-03 17:12 - 2017-01-20 19:39 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-02-03 17:12 - 2017-01-20 19:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-02-03 17:12 - 2017-01-20 14:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-01-26 18:15 - 2017-02-13 19:12 - 00001308 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-01-26 18:15 - 2017-01-26 18:17 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\elsterformular
2017-01-26 18:15 - 2017-01-26 18:17 - 00000000 ____D C:\ProgramData\elsterformular
2017-01-26 18:15 - 2017-01-26 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-01-26 18:15 - 2017-01-26 18:15 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-01-26 18:15 - 2017-01-26 18:15 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-01-26 18:13 - 2017-01-26 18:15 - 67816592 _____ (Landesfinanzdirektion Thüringen) C:\Users\Barbara\Downloads\ElsterFormularPrivat.exe
2017-01-25 13:39 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 13:39 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-13 20:46 - 2016-09-23 02:40 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-13 20:45 - 2016-09-23 02:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-13 20:45 - 2016-09-23 02:41 - 02372176 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-13 20:45 - 2016-07-16 23:51 - 00939196 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-13 20:45 - 2016-07-16 23:51 - 00226418 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-13 20:45 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-13 20:38 - 2016-11-25 17:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-13 20:38 - 2016-07-30 09:24 - 00000000 ____D C:\Users\Barbara\AppData\Local\CrashDumps
2017-02-13 20:36 - 2016-09-23 02:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-13 20:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-13 19:15 - 2016-11-26 12:11 - 00000000 ____D C:\Users\Barbara\AppData\LocalLow\Mozilla
2017-02-13 19:13 - 2017-01-13 18:18 - 00002108 _____ C:\Users\Barbara\Desktop\Finanzplan 2017.lnk
2017-02-13 19:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Performance
2017-02-13 19:12 - 2016-11-16 20:05 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-13 19:12 - 2016-09-23 02:43 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-13 19:12 - 2016-09-03 11:33 - 00001301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS3.lnk
2017-02-13 19:12 - 2016-09-03 11:33 - 00000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Stock Photos CS3.lnk
2017-02-13 19:12 - 2016-09-03 11:32 - 00001480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
2017-02-13 19:12 - 2016-09-03 11:32 - 00000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk
2017-02-13 19:12 - 2016-09-03 11:32 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS3.lnk
2017-02-13 19:12 - 2016-07-30 09:48 - 00001886 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-02-13 19:12 - 2016-07-30 08:18 - 00002429 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-13 19:12 - 2016-07-30 08:18 - 00001047 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-13 19:12 - 2016-07-16 12:43 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2017-02-13 19:12 - 2016-07-16 12:43 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2017-02-13 19:12 - 2016-07-16 12:42 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2017-02-12 22:24 - 2016-09-23 02:41 - 00000000 ____D C:\Users\Barbara
2017-02-12 22:15 - 2016-07-30 11:41 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\NVIDIA
2017-02-12 22:13 - 2016-07-30 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2
2017-02-12 22:13 - 2016-07-30 09:02 - 00002028 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2017-02-12 22:12 - 2016-07-30 09:48 - 00000000 ____D C:\Users\Barbara\AppData\Local\Spotify
2017-02-12 20:33 - 2016-07-30 09:47 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Spotify
2017-02-12 20:33 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-11 12:51 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-10 11:44 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-09 13:39 - 2016-09-23 02:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-09 13:39 - 2016-07-30 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-09 13:38 - 2016-09-23 02:40 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-09 13:38 - 2016-09-23 02:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-09 13:38 - 2016-07-30 09:20 - 00000000 ____D C:\Users\Barbara\AppData\Local\NVIDIA Corporation
2017-02-03 17:19 - 2016-11-13 21:39 - 1291434677 _____ C:\WINDOWS\MEMORY.DMP
2017-02-03 17:19 - 2016-11-13 21:39 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-03 17:19 - 2016-07-30 09:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-03 17:18 - 2016-07-30 10:12 - 00000000 ____D C:\ProgramData\Origin
2017-02-03 17:14 - 2016-07-30 09:57 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-03 17:13 - 2016-07-30 10:16 - 00000000 ____D C:\Users\Barbara\AppData\Local\Origin
2017-02-03 17:12 - 2016-10-13 07:34 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-07-30 09:19 - 00000000 ____D C:\Users\Barbara\AppData\Local\NVIDIA
2017-01-25 13:43 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-21 11:40 - 2016-07-30 08:18 - 00000000 ___RD C:\Users\Barbara\OneDrive
2017-01-20 19:39 - 2016-10-13 07:34 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-09-02 15:48 - 2016-10-11 12:28 - 0000337 _____ () C:\Users\Barbara\AppData\Roaming\2E7BF6-326E-4870-B5B1-B11758EC2B1D.ini
Einige Dateien in TEMP:
====================
2017-02-12 22:14 - 2017-02-12 22:14 - 1171283 _____ ( ) C:\Users\Barbara\AppData\Local\Temp\4E1F.tmp.exe
2017-02-12 22:13 - 2017-02-12 22:13 - 0115900 _____ () C:\Users\Barbara\AppData\Local\Temp\load.exe
2016-10-13 07:34 - 2016-09-30 05:25 - 0950328 _____ (NVIDIA Corporation) C:\Users\Barbara\AppData\Local\Temp\NvTelemetry.dll
2016-10-13 07:34 - 2016-09-30 05:25 - 0198200 _____ (NVIDIA Corporation) C:\Users\Barbara\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-10-13 07:34 - 2016-09-30 05:25 - 0242232 _____ (NVIDIA Corporation) C:\Users\Barbara\AppData\Local\Temp\NvTelemetryAPI64.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-09 13:37
==================== Ende von FRST.txt ============================
addition.txt Zitat:
Viele Grüße Barbara |
|
13.02.2017, 21:19
| #4 |
| /// Malwareteam | Win 10: jede Menge PUP Schritt: 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
emptytemp:
Task: {82DEE0EB-4548-49CE-881E-34A0D3C76D71} - \OneDrive Standalone Update Task v2 -> Keine Datei <==== ACHTUNG
Task: {8FEDA5A7-F6AE-459A-895E-3269F9B87DC5} - System32\Tasks\108l42A89c7603 => Rundll32.exe "C:\ProgramData\108l42A89c7603\108l42A89c7603.dll",lAcqxFh <==== ACHTUNG
Task: {BF709A57-E750-4DDD-B582-32B6C514637F} - \{7D0D0E47-797A-7F7A-7D11-7D797E041105} -> Keine Datei <==== ACHTUNG
Task: {E3BEDC84-1FC4-462C-B3DA-C04B65228E1C} - System32\Tasks\Pregehabering => msiexec /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=SamsungXSSDX840XEVOX250GB_S1DBNSBF263398Y&v=2017212 /q
Task: {ED9678EB-B078-4A94-A29D-89D8596AB858} - System32\Tasks\Atikationbogot System => C:\Program Files (x86)\Plidaing\drerzes.exe [2017-02-12] (Glarysoft Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [ZJy9zt07Me] => C:\Program Files\PDR238V39I\22XHB7149.exe [370176 2017-02-13] ()
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [HGFI7viJwx] => C:\Program Files\XPQ0UG79CA\XPQ0UG79C.exe [370176 2017-02-13] ()
ShellExecuteHooks: Kein Name - {12BEB57E-ECD3-11E6-A98A-64006A5CFC23} - C:\Users\Barbara\AppData\Roaming\Zrshfcit\Griotain.dll -> Keine Datei
R2 Dalidom; C:\Program Files (x86)\Plidaing\Konoghstuqtainmodule.dll [154624 2017-02-12] () [Datei ist nicht signiert]
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
S1 cvjjfjaa; \??\C:\WINDOWS\system32\drivers\cvjjfjaa.sys [X]
2017-02-13 20:19 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\XPQ0UG79CA
2017-02-13 20:13 - 2017-02-13 20:13 - 00000000 ____D C:\Program Files (x86)\pfqv62f8
2017-02-13 19:19 - 2017-02-13 19:19 - 00000000 ____D C:\Program Files\PDR238V39I
2017-02-12 22:16 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\8K5F5GX6AI
2017-02-12 22:15 - 2017-02-13 20:03 - 00000000 ____D C:\Program Files (x86)\vpF0TnTYqt
2017-02-12 22:14 - 2017-02-13 20:39 - 00000000 ____D C:\Program Files (x86)\Druciy
2017-02-12 22:14 - 2017-02-13 20:05 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-12 22:14 - 2017-02-12 22:14 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-02-12 22:14 - 2017-02-12 22:14 - 00000000 ____D C:\Users\Barbara\AppData\Local\Reabation
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ___HD C:\ProgramData\108l42A89c7603
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\WR5TG73LV7
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\P3ZUK80JKY
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files\IQ50062YNB
2017-02-12 22:13 - 2017-02-13 20:45 - 00000000 ____D C:\Program Files (x86)\BeCleaner
2017-02-12 22:13 - 2017-02-13 20:39 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Zrshfcit
2017-02-12 22:13 - 2017-02-12 22:13 - 00000000 ____D C:\Users\Barbara\AppData\Local\Qolther
2017-02-12 22:13 - 2017-02-12 22:13 - 00000000 ____D C:\Users\Barbara\AppData\Local\Ghuversp
2017-02-12 22:13 - 2017-02-12 22:13 - 00000000 ____D C:\Program Files (x86)\Thteckganoied
2017-02-12 22:13 - 2017-02-12 22:13 - 00000000 ____D C:\Program Files (x86)\Plidaing
2017-02-12 21:59 - 2017-02-12 22:08 - 70965739 _____ (eRightSoft ) C:\Users\Barbara\Downloads\SUPERsetup.exe
2017-02-10 16:16 - 2017-02-10 16:16 - 03287737 _____ C:\WINDOWS\fb8637bc1a4671a0ade9e7275e924c95.exe
2017-02-03 17:12 - 2017-02-03 17:12 - 00000000 ____D C:\Users\Barbara\AppData\Local\Chromium
Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Keine Datei)
Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Keine Datei)
Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\StartupApproved\Run: => "x5o3Yv2CQw.exe"
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\StartupApproved\Run: => "zC6b23GTAV.exe"
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\StartupApproved\Run: => "GWH9N93A6U"
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\StartupApproved\Run: => "JLAWFPN14I"
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\StartupApproved\Run: => "XN55R0BYZD"
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\StartupApproved\Run: => "LAMMPX75X6"
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\StartupApproved\Run: => "JG5BHCSAVC"
FirewallRules: [{9D55ECBB-5F7C-4C93-8581-D680E589C6CE}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{ADBDAF4A-07E9-49DB-9143-E96D557CF9D2}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{CB3BDEFE-0BF5-4061-94BB-7D2369AC1E55}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{DD54EA2F-A6AF-4273-947B-D0C663DE40BC}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{869331B2-5268-469F-A83F-7D7CBAC32BA4}] => C:\Windows\System32\rundll32.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt: 2 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste dein Ergebnis zwischen Code-Tags Wenn ein Log zu lange ist, teile ihn bitte auf mehrere Antworten. Code-Tags?Drücke einfach die # in Antwortfenster und füge den Log dazwischen ein
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
13.02.2017, 21:31
| #5 | ||
| | Win 10: jede Menge PUP fixlog.txt Zitat:
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2017
durchgeführt von Barbara (Administrator) auf BARBARA-PC (13-02-2017 21:28:38)
Gestartet von C:\Users\Barbara\Desktop\Virenscanner etc
Geladene Profile: Barbara (Verfügbare Profile: Barbara)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Barbara\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1701.10102.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-23] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [Spotify Web Helper] => C:\Users\Barbara\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-31] (Spotify Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [Spotify] => C:\Users\Barbara\AppData\Roaming\Spotify\Spotify.exe [7153264 2016-12-31] (Spotify Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [Steam] => c:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{92a07177-073c-4d90-93ea-d374613fc39e}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: 8rnx3iua.default
FF ProfilePath: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default [2017-02-13]
FF Extension: (2020 3D Viewer for IKEA) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-12-16]
FF Extension: (Firefox Hotfix) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Ghostery) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\Extensions\firefox@ghostery.com.xpi [2017-02-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Datei ist nicht signiert]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-09-03] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-22] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-13] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-02-13] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-13] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-13] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-13] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-13 21:25 - 2017-02-13 21:25 - 00000000 ____D C:\Users\Barbara\AppData\Local\Chromium
2017-02-13 20:47 - 2017-02-13 20:47 - 00018791 _____ C:\Users\Barbara\Desktop\mbam.txt
2017-02-13 20:42 - 2017-02-13 21:24 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-13 20:42 - 2017-02-13 21:24 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-13 20:42 - 2017-02-13 21:24 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-13 20:42 - 2017-02-13 21:24 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-13 20:42 - 2017-02-13 20:42 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-13 20:42 - 2017-02-13 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-13 20:42 - 2017-02-13 20:42 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-13 20:42 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-13 20:41 - 2017-02-13 21:22 - 00000000 ____D C:\Users\Barbara\Desktop\alt
2017-02-13 20:41 - 2017-02-13 20:41 - 00019083 _____ C:\Users\Barbara\Desktop\AdwCleaner[C0].txt
2017-02-13 20:14 - 2017-02-13 20:38 - 00000000 ____D C:\AdwCleaner
2017-02-13 19:59 - 2017-02-13 19:59 - 07097928 _____ (VS Revo Group ) C:\Users\Barbara\Desktop\revo202setup.exe
2017-02-13 19:59 - 2017-02-13 19:59 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-02-13 19:59 - 2017-02-13 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-02-13 19:59 - 2017-02-13 19:59 - 00000000 ____D C:\Program Files\VS Revo Group
2017-02-13 19:08 - 2017-02-13 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-13 19:07 - 2017-02-13 21:28 - 00000000 ____D C:\FRST
2017-02-13 19:06 - 2017-02-13 21:28 - 00000000 ____D C:\Users\Barbara\Desktop\Virenscanner etc
2017-02-11 17:30 - 2017-02-11 17:30 - 11617413 _____ C:\Users\Barbara\Downloads\ColorSplash (1).themepack
2017-02-11 17:29 - 2017-02-11 17:29 - 11617413 _____ C:\Users\Barbara\Downloads\ColorSplash.themepack
2017-02-11 17:29 - 2017-02-11 17:29 - 08635521 _____ C:\Users\Barbara\Downloads\DreamgardenChristinaManchenko.themepack
2017-02-09 13:38 - 2017-02-12 20:33 - 00000000 ____D C:\WINDOWS\LastGood
2017-02-09 13:38 - 2017-02-09 13:38 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-09 13:38 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-09 13:38 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-09 13:38 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-09 13:38 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-09 13:38 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-09 13:38 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-03 17:19 - 2017-02-03 17:19 - 00515204 _____ C:\WINDOWS\Minidump\020317-6328-01.dmp
2017-02-03 17:12 - 2017-02-03 17:12 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2017-02-03 17:12 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-03 17:12 - 2017-01-20 19:39 - 00156608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-02-03 17:12 - 2017-01-20 19:39 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-02-03 17:12 - 2017-01-20 19:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-02-03 17:12 - 2017-01-20 14:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-01-26 18:15 - 2017-02-13 19:12 - 00001308 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-01-26 18:15 - 2017-01-26 18:17 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\elsterformular
2017-01-26 18:15 - 2017-01-26 18:17 - 00000000 ____D C:\ProgramData\elsterformular
2017-01-26 18:15 - 2017-01-26 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-01-26 18:15 - 2017-01-26 18:15 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-01-26 18:15 - 2017-01-26 18:15 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-01-26 18:13 - 2017-01-26 18:15 - 67816592 _____ (Landesfinanzdirektion Thüringen) C:\Users\Barbara\Downloads\ElsterFormularPrivat.exe
2017-01-25 13:39 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 13:39 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-13 21:25 - 2016-09-23 02:40 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-13 21:24 - 2016-09-23 02:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-13 21:24 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-13 20:52 - 2016-09-23 02:41 - 02401366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-13 20:52 - 2016-07-16 23:51 - 00954884 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-13 20:52 - 2016-07-16 23:51 - 00230936 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-13 20:38 - 2016-11-25 17:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-13 20:38 - 2016-07-30 09:24 - 00000000 ____D C:\Users\Barbara\AppData\Local\CrashDumps
2017-02-13 20:36 - 2016-09-23 02:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-13 20:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-13 19:15 - 2016-11-26 12:11 - 00000000 ____D C:\Users\Barbara\AppData\LocalLow\Mozilla
2017-02-13 19:13 - 2017-01-13 18:18 - 00002108 _____ C:\Users\Barbara\Desktop\Finanzplan 2017.lnk
2017-02-13 19:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Performance
2017-02-13 19:12 - 2016-11-16 20:05 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-13 19:12 - 2016-09-23 02:43 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-13 19:12 - 2016-09-03 11:33 - 00001301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS3.lnk
2017-02-13 19:12 - 2016-09-03 11:33 - 00000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Stock Photos CS3.lnk
2017-02-13 19:12 - 2016-09-03 11:32 - 00001480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
2017-02-13 19:12 - 2016-09-03 11:32 - 00000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk
2017-02-13 19:12 - 2016-09-03 11:32 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS3.lnk
2017-02-13 19:12 - 2016-07-30 09:48 - 00001886 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-02-13 19:12 - 2016-07-30 08:18 - 00002429 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-13 19:12 - 2016-07-30 08:18 - 00001047 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-13 19:12 - 2016-07-16 12:43 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2017-02-13 19:12 - 2016-07-16 12:43 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2017-02-13 19:12 - 2016-07-16 12:42 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2017-02-12 22:24 - 2016-09-23 02:41 - 00000000 ____D C:\Users\Barbara
2017-02-12 22:15 - 2016-07-30 11:41 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\NVIDIA
2017-02-12 22:13 - 2016-07-30 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2
2017-02-12 22:13 - 2016-07-30 09:02 - 00002028 ____N C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk
2017-02-12 22:12 - 2016-07-30 09:48 - 00000000 ____D C:\Users\Barbara\AppData\Local\Spotify
2017-02-12 20:33 - 2016-07-30 09:47 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Spotify
2017-02-12 20:33 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-11 12:51 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-10 11:44 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-09 13:39 - 2016-09-23 02:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-09 13:39 - 2016-07-30 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-09 13:38 - 2016-09-23 02:40 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-09 13:38 - 2016-09-23 02:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-09 13:38 - 2016-07-30 09:20 - 00000000 ____D C:\Users\Barbara\AppData\Local\NVIDIA Corporation
2017-02-03 17:19 - 2016-11-13 21:39 - 1291434677 _____ C:\WINDOWS\MEMORY.DMP
2017-02-03 17:19 - 2016-11-13 21:39 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-03 17:19 - 2016-07-30 09:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-03 17:18 - 2016-07-30 10:12 - 00000000 ____D C:\ProgramData\Origin
2017-02-03 17:14 - 2016-07-30 09:57 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-03 17:13 - 2016-07-30 10:16 - 00000000 ____D C:\Users\Barbara\AppData\Local\Origin
2017-02-03 17:12 - 2016-10-13 07:34 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-07-30 09:19 - 00000000 ____D C:\Users\Barbara\AppData\Local\NVIDIA
2017-01-25 13:43 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-21 11:40 - 2016-07-30 08:18 - 00000000 ___RD C:\Users\Barbara\OneDrive
2017-01-20 19:39 - 2016-10-13 07:34 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-09-02 15:48 - 2016-10-11 12:28 - 0000337 _____ () C:\Users\Barbara\AppData\Roaming\2E7BF6-326E-4870-B5B1-B11758EC2B1D.ini
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-09 13:37
==================== Ende von FRST.txt ============================
addition.txt Zitat:
|
|
13.02.2017, 21:39
| #6 | |
| /// Malwareteam | Win 10: jede Menge PUPZitat:
innerhalb von 50s bereinigt, temporäre Dateien gelöscht und neugestartet? Du lieber Schwan  kannst bitte bisschen genauer schauen und nicht immer die Hälfte in einem Zitat und nur die andere Hälfte wie gewünscht in code-tags posten? Schritt: 1 Starte wieder Revo und deinstalliere damit wie vorhin diesmal folgendes Programm: WinSnare Schritt: 2 ESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern... (in deinem Fall Minuten  ) Schritt: 3 Downloade Dir HitmanPro  auf Deinen Desktop:HitmanPro-32 Bit Version HitmanPro-64 Bit Version
Schritt: 4 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ --> Win 10: jede Menge PUP |
|
13.02.2017, 22:50
| #7 |
| | Win 10: jede Menge PUP hihi, ja, der ist schon recht flott! ESET hat in etwa ne halbe Stunde gebraucht. Entschuldigung, da habe ich wohl nicht genau geschaut beim posten und hab code mit quote verwechselt...  ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=48630b108234a34b8ba50d8726966300
# end=init
# utc_time=2017-02-13 08:47:06
# local_time=2017-02-13 09:47:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32394
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=48630b108234a34b8ba50d8726966300
# end=updated
# utc_time=2017-02-13 08:51:54
# local_time=2017-02-13 09:51:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=48630b108234a34b8ba50d8726966300
# engine=32394
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-02-13 09:25:17
# local_time=2017-02-13 10:25:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 126586 18351733 0 0
# scanned=242302
# found=32
# cleaned=0
# scan_time=2001
sh=60348CB9F5E8441E9A5B124F6E5171AEFC740380 ft=1 fh=8c5584bc9127f60f vn="Variante von Win32/Adware.ELEX.CH Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back"
sh=46502222FCE1FABEE6B92122521D2C0BF3497A63 ft=1 fh=d00c70534a45d1d5 vn="Variante von MSIL/Toolbar.Linkury.BI eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe"
sh=EEE6A904175D4F85C6C2B09DEE04ABFD39EEBA89 ft=1 fh=7fe1730ae29aaf68 vn="Variante von Win32/Jawego.D eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe"
sh=20CEFED8DA05D9D6D971B9EEAAE67F55790AC366 ft=1 fh=ee32d64f49c5498f vn="Variante von Win32/SpeedBit.AS eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll"
sh=AF90A252E7924ED590164A5486B3FB4D3209DEF0 ft=1 fh=192dbf22ad44c155 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll"
sh=5E6CA58FFE8B5027466BE3C96DBB21745C35F908 ft=1 fh=20c6e147e1711cf5 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe"
sh=BA39F23D1789151AA6B794BA73D38D7F9A59B4F4 ft=1 fh=238a2416f5146f85 vn="Variante von Win32/SBWatchman.K eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe"
sh=BCA6032EDE2E261731EA8A10D1D8797AA67263E4 ft=1 fh=ae11d5a639cf3bc4 vn="Variante von Win64/SpeedBit.D eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys"
sh=154D7EDC72BEE05A1335E9D11809F0292AF7BE47 ft=1 fh=207b6dbdac268b55 vn="MSIL/TrojanDownloader.Agent.CIY Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe"
sh=A588C029B36A62420BCC057DF4DA168BABA00AAC ft=1 fh=056ea767edfc5268 vn="Win64/Toolbar.Linkury.P eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll"
sh=AAE1183B1ECF9FD6532B140A10A3AF6A527CD11C ft=1 fh=6af2460041c267c8 vn="MSIL/Toolbar.Linkury.BP eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe"
sh=3613678877D994AF8F30656BC6C69AD0ADA52522 ft=1 fh=d2fcb80105f0a5e1 vn="Variante von Win32/Kryptik.FNEK Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe"
sh=2A1F40DA5206C051B3A7F86950BB44E5C82EF367 ft=1 fh=3f89f06960e66555 vn="Win32/Toolbar.Linkury.BA eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll"
sh=154D7EDC72BEE05A1335E9D11809F0292AF7BE47 ft=1 fh=207b6dbdac268b55 vn="MSIL/TrojanDownloader.Agent.CIY Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe"
sh=AAE1183B1ECF9FD6532B140A10A3AF6A527CD11C ft=1 fh=6af2460041c267c8 vn="MSIL/Toolbar.Linkury.BP eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe"
sh=A588C029B36A62420BCC057DF4DA168BABA00AAC ft=1 fh=056ea767edfc5268 vn="Win64/Toolbar.Linkury.P eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll"
sh=2A1F40DA5206C051B3A7F86950BB44E5C82EF367 ft=1 fh=3f89f06960e66555 vn="Win32/Toolbar.Linkury.BA eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll"
sh=3613678877D994AF8F30656BC6C69AD0ADA52522 ft=1 fh=d2fcb80105f0a5e1 vn="Variante von Win32/Kryptik.FNEK Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe"
sh=5E7BAC2E0DB69E88CECE5AEA71030A2454ABCF38 ft=1 fh=5a6e03de6d378d2b vn="Variante von MSIL/Toolbar.Linkury.BB eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe"
sh=7B44C50B877C9207CBC1AA884AA17901CAEE4FA5 ft=1 fh=642b7a3bffc6caf9 vn="Variante von MSIL/Adware.CsdiMonetize.J Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files\PDR238V39I\22XHB7149.exe"
sh=7B44C50B877C9207CBC1AA884AA17901CAEE4FA5 ft=1 fh=642b7a3bffc6caf9 vn="Variante von MSIL/Adware.CsdiMonetize.J Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files\XPQ0UG79CA\XPQ0UG79C.exe"
sh=7BF3DDDAB0180AF831534ED2EF434ADB899B55B9 ft=1 fh=9776102d408049fe vn="Variante von Win32/SpeedBit.AX eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\2OT58FTF\BrowserAir48Inst[1].exe"
sh=E38BA4705D93E896C869FC62F2637D62C3DEA773 ft=1 fh=21a31174bfa49a0a vn="Variante von Win32/Kryptik.FICH Trojaner" ac=I fn="C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\2OT58FTF\sam_IC[1]"
sh=9120DFB26488C50774ACB54990B2B379DBCB9A3C ft=1 fh=fb73d0392533a00f vn="Variante von Win32/Adware.ConvertAd.AJI Anwendung" ac=I fn="C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\3T5QDGKZ\36noTpqwF[1].exe"
sh=9F650F399F426203134E0ED53BF37F438E8230BD ft=1 fh=2ea14636b02cec86 vn="Variante von MSIL/Adware.Imali.E Anwendung" ac=I fn="C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\3T5QDGKZ\FinalInstaller_dotnet4[1].exe"
sh=5B56E5F874721C0A69FCE6DE237ED70BD1806CE8 ft=1 fh=1850820a77ecae40 vn="Variante von Win32/Adware.ConvertAd.AJQ.gen Anwendung" ac=I fn="C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\3T5QDGKZ\KaSkllEk[1].exe"
sh=682400B0154383871744D3D1A89EAAAB3E18F575 ft=1 fh=c9b8f8986d94e3d1 vn="Variante von Win32/Adware.ConvertAd.AJW Anwendung" ac=I fn="C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\8RFODISJ\1uIKINIHc[1].exe"
sh=2C9680DD339D3D7B0D87084C76941B03A06F64B9 ft=1 fh=6a31d972f30dd2a9 vn="Variante von Win32/Adware.ConvertAd.AJQ.gen Anwendung" ac=I fn="C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\L91K04I9\qaSNDzr[1]"
sh=2C9680DD339D3D7B0D87084C76941B03A06F64B9 ft=1 fh=6a31d972f30dd2a9 vn="Variante von Win32/Adware.ConvertAd.AJQ.gen Anwendung" ac=I fn="C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\L91K04I9\RCSv0xmq[1]"
sh=03ED3A68A1E49756A705E1DC3DF55E4F0748DC57 ft=1 fh=abf15076b9a5f28f vn="Variante von Win32/Kryptik.FOES Trojaner" ac=I fn="C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\L91K04I9\sci0[1]"
sh=B82838CD05E1C3BA84D3B329744104FA2C26C2C9 ft=1 fh=0024593e6c5acc75 vn="Variante von Win32/DownloadGuide.D eventuell unerwünschte Anwendung" ac=I fn="D:\Downloads\ccsetup510_CB-DL-Manager.exe"
sh=E574438F76DE020B30E25D6EADF4D2F6692E477B ft=0 fh=0000000000000000 vn="BAT/StartPage.NHU Trojaner" ac=I fn="D:\Program Files (x86)\The Witcher 2\Launcher.bat"
das hitman log ist riesig, muss ich separat posten... kleinen Moment hitman teil 1 Code:
ATTFilter HitmanPro 3.7.15.281
www.hitmanpro.com
Computer name . . . . : BARBARA-PC
Windows . . . . . . . : 10.0.0.14393.X64/8
User name . . . . . . : Barbara-PC\Barbara
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2017-02-13 22:30:48
Scan mode . . . . . . : Normal
Scan duration . . . . : 4m 32s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 34
Traces . . . . . . . : 37
Objects scanned . . . : 1.632.920
Files scanned . . . . : 38.566
Remnants scanned . . : 389.324 files / 1.205.030 keys
Malware _____________________________________________________________________
C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
Size . . . . . . . : 43.520 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:15)
Entropy . . . . . : 5.5
SHA-256 . . . . . : 45BEB593E85D817817C303534BB870F6D7A300CB727A9117FCD4FCB75C9C3159
Product . . . . . : Network Packet Monitor
LanguageID . . . . : 0
> Kaspersky . . . . : not-a-virus:WebToolbar.Win32.Linkury.aqy
Fuzzy . . . . . . : 108.0
Forensic Cluster
-2.1s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-2.1s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.8s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.8s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.8s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.8s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.8s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.8s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.8s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-1.7s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-1.6s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-1.6s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-1.6s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-1.6s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.6s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.6s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.5s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.4s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-1.1s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-0.9s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-0.9s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-0.9s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-0.9s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-0.9s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-0.9s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-0.9s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-0.9s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-0.9s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-0.8s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.6s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.5s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.5s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.4s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.4s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
-0.3s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
-0.2s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
-0.2s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
-0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
-0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
-0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
-0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
-0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
-0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
-0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
-0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
-0.1s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
-0.1s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
-0.1s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
-0.1s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
-0.0s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
-0.0s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
0.0s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
0.0s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.1s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
0.3s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
0.3s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
0.3s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
0.3s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
0.3s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
0.4s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.4s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.4s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.4s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.4s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.4s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.5s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.5s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.5s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.6s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.6s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.6s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.6s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.6s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.6s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
0.7s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
0.7s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
0.7s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
0.7s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
0.8s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
0.8s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
0.8s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
0.9s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
0.9s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
0.9s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
0.9s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
1.0s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
1.0s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
1.0s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
1.0s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
1.1s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.1s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.1s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.1s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.2s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
1.2s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
1.2s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
1.2s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
1.2s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
1.3s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.5s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
2.8s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
2.8s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.5s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.5s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
6.0s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
6.7s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.1s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.6s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
7.8s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
11.7s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
Size . . . . . . . : 157.632 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:14)
Entropy . . . . . : 6.3
SHA-256 . . . . . : 159D00F0D8C7A16736C608DE22E83364A9B15B197874116829293F4D67934890
Product . . . . . : ISX Download DLL
Publisher . . . . : Bjørnar Henden
Description . . . : Download DLL
Version . . . . . : 5.1.5.0
RSA Key Size . . . : 2048
LanguageID . . . . : 0
Authenticode . . . : Valid
> Bitdefender . . . : Adware.GenericKD.4255115
Fuzzy . . . . . . : 98.0
Forensic Cluster
-1.4s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-1.3s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.0s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.0s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.0s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.0s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.0s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.0s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.0s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-0.9s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-0.8s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-0.8s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-0.8s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-0.8s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-0.8s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-0.8s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-0.7s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-0.7s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-0.4s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-0.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-0.2s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-0.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-0.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-0.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-0.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-0.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-0.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-0.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-0.1s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
0.0s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
0.2s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
0.3s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
0.3s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
0.4s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
0.4s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
0.5s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
0.6s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
0.6s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
0.6s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
0.6s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
0.6s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
0.6s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
0.7s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
0.7s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
0.7s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
0.7s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
0.7s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
0.7s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
0.7s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
0.7s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
0.7s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
0.7s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
0.7s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
0.8s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
0.8s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
0.8s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
0.8s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.9s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
1.0s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
1.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
1.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
1.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
1.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
1.1s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
1.1s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
1.1s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
1.1s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
1.2s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
1.2s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
1.2s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
1.2s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
1.2s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
1.2s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
1.3s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
1.3s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
1.3s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
1.4s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
1.4s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
1.4s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
1.4s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
1.4s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
1.4s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
1.4s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
1.5s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
1.5s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
1.5s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
1.6s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
1.6s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
1.6s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
1.7s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
1.7s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
1.7s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
1.7s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
1.7s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
1.8s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
1.8s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
1.8s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
1.8s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.9s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.9s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.9s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.9s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
2.0s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
2.0s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
2.0s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
2.0s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
2.0s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
2.3s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
2.4s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
2.5s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
2.5s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
2.5s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
2.8s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
5.1s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
5.1s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
5.1s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
5.5s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
6.1s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
6.1s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
6.1s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
6.1s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
6.3s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
6.3s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
6.4s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
6.5s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
6.5s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
6.6s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
6.7s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
6.7s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
6.8s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
7.5s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.9s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
8.4s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
8.6s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
12.5s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
Size . . . . . . . : 266.752 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:15)
Entropy . . . . . : 6.5
SHA-256 . . . . . : DA6B9B43AC78E6A085791CD71125521257B421855D6B17205297D1ACC7637A0C
Product . . . . . : W
Publisher . . . . : .
Description . . . : agent
Version . . . . . : 2.6.8.5785
Copyright . . . . : Copyright (C) 2015
LanguageID . . . . : 1033
> Bitdefender . . . : Gen:Variant.Razy.103352
Fuzzy . . . . . . : 103.0
Forensic Cluster
-1.8s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-1.8s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-1.4s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-1.3s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-1.3s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-1.3s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-1.3s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.3s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.3s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.2s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.1s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-0.6s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.2s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.2s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.1s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.1s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
0.1s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
0.1s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
1.0s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
1.0s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
1.0s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
1.0s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
1.1s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
1.1s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
1.1s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
1.2s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
1.2s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
1.2s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
1.2s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
1.3s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
1.3s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
1.3s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
1.3s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
1.4s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.4s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.4s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.4s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.5s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
1.5s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
1.5s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
1.5s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
1.5s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
1.6s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.8s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
2.1s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
2.1s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
2.3s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
2.3s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
6.0s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
6.0s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
6.1s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
6.3s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
7.0s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.4s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.9s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
8.1s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
12.0s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
|
|
13.02.2017, 22:51
| #8 |
| | Win 10: jede Menge PUP hitman teil 2 Code:
ATTFilter C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
Size . . . . . . . : 320.512 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:15)
Entropy . . . . . : 6.6
SHA-256 . . . . . : F44CE613F48EE1C918E32721D17280FDCA7721BBFC725CF19CFCC43EB81A929F
> Bitdefender . . . : Gen:Variant.Razy.124673
Fuzzy . . . . . . : 108.0
Forensic Cluster
-1.9s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-1.8s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-1.4s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-1.3s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-1.3s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-1.3s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-1.3s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.3s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.3s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.2s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.2s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-0.7s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-0.6s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.2s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.2s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.1s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.1s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
0.1s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
0.1s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
0.9s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
1.0s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
1.0s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
1.0s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
1.1s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
1.1s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
1.1s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
1.2s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
1.2s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
1.2s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
1.2s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
1.2s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
1.3s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
1.3s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
1.3s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
1.3s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.4s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.4s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.4s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.4s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
1.5s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
1.5s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
1.5s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
1.5s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
1.6s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.8s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
2.1s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
2.1s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
2.1s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
2.3s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
2.3s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
6.0s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
6.0s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
6.1s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
6.3s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
7.0s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.4s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.9s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
8.1s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
12.0s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
Size . . . . . . . : 3.110.400 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:15)
Entropy . . . . . : 6.2
SHA-256 . . . . . : 299A261F8F80A724845E489C67480EE006CA7859506C669CFB086010626C0462
Product . . . . . : W
Publisher . . . . : Search Module Ltd.
Description . . . : Search Module Update Service
Version . . . . . : 2.6.8.5785
Copyright . . . . : Copyright (C) 2014
LanguageID . . . . : 1033
> Kaspersky . . . . : not-a-virus:HEUR:Monitor.Win64.SSPro.gen
Fuzzy . . . . . . : 102.0
Forensic Cluster
-1.9s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-1.8s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-1.4s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-1.3s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-1.3s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-1.3s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-1.3s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.3s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.3s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.2s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.2s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-0.7s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-0.6s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.2s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.2s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.1s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.1s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
0.1s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
0.1s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
0.9s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
1.0s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
1.0s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
1.0s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
1.1s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
1.1s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
1.1s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
1.2s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
1.2s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
1.2s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
1.2s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
1.2s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
1.3s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
1.3s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
1.3s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
1.3s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.4s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.4s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.4s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.4s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
1.5s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
1.5s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
1.5s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
1.5s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
1.5s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.8s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
2.1s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
2.1s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
2.3s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
6.0s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
6.0s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
6.1s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
6.3s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
7.0s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.4s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.9s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
8.1s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
12.0s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
Size . . . . . . . : 383.488 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:15)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 6372ACB17EDB0408A739922599D27E7CD57F6197251F497E95B467B7F6C92CD8
> Bitdefender . . . : Gen:Variant.Zusy.221277
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.Generic
Fuzzy . . . . . . : 108.0
Forensic Cluster
-1.9s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-1.8s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.5s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-1.4s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-1.3s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-1.3s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-1.3s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-1.3s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.3s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.3s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.2s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.2s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-0.9s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-0.8s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-0.7s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-0.6s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-0.6s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-0.5s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.3s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.2s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.2s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.1s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.1s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
-0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
0.0s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
0.1s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
0.1s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
0.1s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
0.3s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.4s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
0.5s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
0.6s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
0.6s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.7s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.7s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.8s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.9s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
0.9s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
1.0s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
1.0s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
1.0s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
1.1s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
1.1s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
1.1s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
1.2s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
1.2s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
1.2s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
1.2s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
1.2s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
1.3s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
1.3s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
1.3s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
1.3s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.4s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.4s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.4s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.4s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
1.5s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
1.5s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
1.5s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
1.5s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
1.5s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.8s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
2.0s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
2.1s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
2.1s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
2.3s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.7s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.8s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
6.0s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
6.0s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
6.1s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
6.2s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
6.3s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
7.0s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.4s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.9s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
8.1s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
12.0s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
|
|
13.02.2017, 22:57
| #9 |
| | Win 10: jede Menge PUP hitman teil 3 Code:
ATTFilter C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
Size . . . . . . . : 153.600 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:16)
Entropy . . . . . : 7.1
SHA-256 . . . . . : F2D67E6C8C9CFD71B8B30D1C296E211AA5EDFFE9E029A1FECADEF8733C75EA80
Needs elevation . : Yes
Product . . . . . : Micro
Publisher . . . . : Takila
Description . . . : Monday Monday
Version . . . . . : 4.3.5.4
LanguageID . . . . : 0
> Bitdefender . . . : Trojan.GenericKD.4370272
Fuzzy . . . . . . : 106.0
Forensic Cluster
-2.5s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-2.5s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-2.2s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-2.2s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-2.2s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-2.2s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-2.2s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-2.2s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-2.2s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-2.1s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-2.0s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-2.0s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-2.0s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-2.0s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.9s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.9s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.9s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.8s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-1.6s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-1.5s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-1.3s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-1.3s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-1.3s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-1.3s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-1.3s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-1.3s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-1.3s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-1.3s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-1.3s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-1.2s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-1.0s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.9s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.9s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.9s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.9s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.9s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.9s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.8s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.8s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.8s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.8s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
-0.7s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
-0.6s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
-0.6s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
-0.5s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
-0.4s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
-0.4s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
-0.4s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
-0.4s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
-0.4s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
-0.4s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
-0.4s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
-0.4s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
-0.3s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
-0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
-0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
-0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
-0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
-0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
-0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
-0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
-0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
-0.1s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
-0.1s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
-0.1s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
-0.1s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
-0.0s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.0s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.0s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.1s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.1s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.1s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.1s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.1s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.1s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.2s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.2s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.2s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.2s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.2s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.2s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
0.3s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
0.3s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
0.3s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
0.3s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
0.4s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
0.4s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
0.5s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
0.5s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
0.5s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
0.5s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
0.5s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
0.6s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
0.6s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
0.6s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
0.6s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
0.7s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
0.7s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
0.7s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
0.7s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
0.8s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
0.8s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
0.8s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
0.8s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
0.9s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
0.9s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.1s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.2s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
1.3s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
1.3s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
1.4s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
1.4s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
1.5s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
1.5s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
1.5s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.2s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
2.3s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
2.4s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
2.4s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
2.8s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
4.9s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.0s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.1s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.1s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
5.5s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
5.5s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
6.3s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
6.7s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.2s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
7.4s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
11.3s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
Size . . . . . . . : 27.136 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:15)
Entropy . . . . . : 5.9
SHA-256 . . . . . : EA7702197F353023091C654CE9D54CE8DB169B874D9C948A0D34CD9BF1FD2397
> Bitdefender . . . : Gen:Variant.MSILPerseus.34918
> Kaspersky . . . . : Trojan-Downloader.MSIL.Agent.alqa
> HitmanPro . . . . : Troj/MSIL-HOX
Fuzzy . . . . . . : 108.0
Forensic Cluster
-2.2s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-2.2s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-1.8s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-1.7s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-1.7s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-1.7s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-1.7s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.6s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.6s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.6s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.5s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-1.0s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.5s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.5s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.5s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.5s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
-0.3s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
-0.3s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
-0.1s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
-0.1s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.4s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.4s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
0.6s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
0.6s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
0.6s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
0.6s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
0.7s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
0.7s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
0.7s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
0.8s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
0.8s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
0.8s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
0.8s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
0.9s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
0.9s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
0.9s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
0.9s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
1.0s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.0s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.0s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.0s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.1s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
1.1s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
1.1s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
1.1s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
1.2s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
1.2s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.4s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.5s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.5s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.5s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
6.6s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.0s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.5s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
7.7s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
11.6s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
Size . . . . . . . : 358.912 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:15)
Entropy . . . . . : 6.2
SHA-256 . . . . . : D6ECC08A8B80FA99A642234D66E69FB3A8266640CE0809AF5F14339AA79B9459
Version . . . . . : 1.0.0.27567
> Bitdefender . . . : Trojan.Generic.18009158
> Kaspersky . . . . : not-a-virus:AdWare.Win64.Agent.lkv
Fuzzy . . . . . . : 105.0
Forensic Cluster
-2.2s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-2.2s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-1.8s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-1.7s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-1.7s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-1.7s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-1.7s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.7s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.7s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.6s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.5s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-1.0s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.6s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.6s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.5s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.5s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
-0.3s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
-0.3s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
0.6s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
0.6s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
0.6s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
0.6s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
0.7s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
0.7s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
0.7s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
0.8s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
0.8s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
0.8s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
0.8s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
0.9s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
0.9s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
0.9s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
0.9s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
1.0s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.0s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.0s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.0s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.1s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
1.1s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
1.1s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
1.1s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
1.1s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
1.2s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.4s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.5s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.5s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.5s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
6.6s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.0s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.5s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
7.7s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
11.6s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
|
|
13.02.2017, 22:58
| #10 |
| | Win 10: jede Menge PUP hitman teil 4 Code:
ATTFilter C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
Size . . . . . . . : 122.880 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:15)
Entropy . . . . . : 6.5
SHA-256 . . . . . : CE5D370F424E98BEE6A805E2336D197110946548452650F0D44851CE17829810
Version . . . . . : 2.0.0.11
Copyright . . . . : Copyright (C) 2015
> Bitdefender . . . : Gen:Variant.Graftor.304300
> Kaspersky . . . . : Trojan.Win32.Vilsel.cufb
> HitmanPro . . . . : Mal/Generic-S
Fuzzy . . . . . . : 103.0
Forensic Cluster
-2.3s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-2.2s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-1.8s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-1.7s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-1.7s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-1.7s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-1.7s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.7s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.7s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.6s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.5s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-1.0s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.6s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.6s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.5s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.5s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
-0.3s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
-0.3s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
0.6s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
0.6s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
0.6s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
0.6s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
0.7s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
0.7s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
0.7s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
0.8s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
0.8s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
0.8s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
0.8s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
0.8s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
0.9s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
0.9s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
0.9s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
1.0s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.0s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.0s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.0s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.1s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
1.1s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
1.1s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
1.1s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
1.1s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
1.2s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.4s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.5s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.5s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
4.6s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.5s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
6.6s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.0s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.5s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
7.7s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
11.6s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
Size . . . . . . . : 983.040 bytes
Age . . . . . . . : 0.1 days (2017-02-13 20:38:15)
Entropy . . . . . : 7.6
SHA-256 . . . . . : F271781A85B5EF989B5AEF6CAD4FB1D034ECAC38B00A527AA5170E2C2E5341B8
> Bitdefender . . . : Trojan.Agent.CCYW
> Kaspersky . . . . : Trojan-Dropper.Win32.Agent.sblf
Fuzzy . . . . . . : 116.0
Forensic Cluster
-2.3s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D19933300.log
-2.2s C:\ProgramData\NVIDIA\MessageBus_4656_0x24D18F34700.log
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\LICENSE.txt
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\openweb.bat
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\SnareWindowsInstallSupport.dll
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\stopweb.bat
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\s_32.ico
-1.9s C:\AdwCleaner\quarantine\files\wjokuiyohnznyixipmcxmtjugrnejtpo\WinSnare.dll
-1.8s C:\AdwCleaner\quarantine\files\mvmfgnrbrmdbsjisivmhfrvdpvtlbouw\
-1.7s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\
-1.7s C:\AdwCleaner\quarantine\files\fpfqjlppnsdxcoxxfuaeemqptrzrgvpn\BITB16.tmp
-1.7s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\
-1.7s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Micros_2d44ca29ef1bb45be9e81bd7c7de23bb1bff79c7_e127e73b_1c458c2c\Report.wer
-1.7s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\
-1.7s C:\AdwCleaner\quarantine\files\wlhkcwthzxcfadlnsnitwidocovyfcvy\BITB27.tmp
-1.6s C:\AdwCleaner\quarantine\files\lvghxrkdvjdmjauuvlqiouualgvwchnk\
-1.6s C:\AdwCleaner\quarantine\files\atsifbjehqqalokjotexydyeaawktlln\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\cookies-journal
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Web Data-journal
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\001180cbc33c583f_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\02cdb733b079655d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\08bc571418449ead_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\092f95ee9c1fc61c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ad89b7fc5facf78_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0e02ff08b4002e57_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed73590870cfbd2_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ed7399215f555d7_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0ef5b10d79d9f0cb_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\0fc3db66b9cbe75d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1b72c2d37a2af109_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1dff67c9badf383d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1e20774a42d716f3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\1f2ec90a78c46fdf_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2009bcf78a35d470_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\20ba89671f087fc1_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\234986793e71f265_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\26968e7a0c71776d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2819c5233c1f77b4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2ac381ccd53e2ce0_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\2b11e2e523e5d524_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3082972055161e5d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\3a977894dc0fcd39_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\442182c02ee0a243_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5125b9f58b582f46_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\593d0e1547012291_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\5ede7465ad814101_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66928cc3398bdbc9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\66e510668b4796e9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\6e2284174f43f7b0_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\711f9f610e35a8b6_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7150bac3e922a373_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7589f80f2ddeab29_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\775e37b82f99c13c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7acdc9382bf6b139_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7d8cebaadfd53fbf_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\7ecc93dfade6cf4e_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8326a92c0f293bc4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\83a226c1379f7a18_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\86850034110cf1c4_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8d9b27c428a8f6a3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\8f60e69a4afd6f60_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\95ff98c7e9c1b8a3_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a1f309cd5a3eb6fa_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2719229322771c8_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\a2e6c4ddc62e67a7_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b07d05bc07d9c08b_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3986aa6d1a5b1ca_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b3edef432256edd5_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\b48454e7eeb33014_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ba7c73f14dafe451_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bd48447363dfb226_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\be189d201694bf89_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\bfbe9938bbb38577_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c0676a458818319d_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c3329b5e71fb9773_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c487316b1c7eb401_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c8bff37e9d993e8c_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c94b3024dfacfceb_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\c9efb04ec241100a_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd31a5585d55d245_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cd87b6402756547b_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cda276472aafd1d9_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\cdd7d0e76bb75c18_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\ce8699f098de9a28_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d19a15ac54bfa3ba_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d652598e0bff0a74_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\d85bf4971be98d9f_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dc7c883ebdb4ce43_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\dd1fa8967c9eedf1_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\e1548e7879784820_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f4beaede20fc0699_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f552ab47376f113e_0
-1.3s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\f74a8c1655500d73_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fbef9ceaf336383d_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\fddd11ea475c5135_0
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Cache\index-dir\the-real-index
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\file__0.localstorage-journal
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage
-1.2s C:\AdwCleaner\quarantine\files\ezizrbrfsvrauqoombhivbqhmxdnjjpn\Local Storage\http_www.imdb.com_0.localstorage-journal
-1.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\
-1.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\backup6.bin
-1.1s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\German_pcp.dat
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-12-2017.log
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\log_02-13-2017.log
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\
-1.0s C:\AdwCleaner\quarantine\files\ufcrmjfpytssofudwydmepawwumekcnb\voice\de\voice.wav
-1.0s C:\ProgramData\NVIDIA\MessageBus_5528_0x667E90.log
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\em.exe
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\eng_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\French_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\German_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound0.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\ininotfound2.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\isxdl.dll
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\japan_em.ini
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-12-2017.log
-0.9s C:\AdwCleaner\quarantine\files\bvchxdwshbwgukxjtndfphyxlvstjgkr\log_02-13-2017.log
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra-uninst.exe
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\decredGeForce GTX 750 Tigw256l4tc4032.bin
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.conf
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\gplyra.exe
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\msvcr120.dll
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\start.cmd
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\aes_helper.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\blake256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\bmw256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\cubehash.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\darkcoin-mod.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\decred.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\echo.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\fugue.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\groestl256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\jh.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\keccak1600.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\luffa.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2re.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2rev2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\lyra2v2.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\neoscrypt.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shabal.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\shavite.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\simd.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\skein256.cl
-0.7s C:\AdwCleaner\quarantine\files\niatpqgnnaomrebtwfanlprjnurtpbhb\gplyra\kernel\vanilla.cl
-0.6s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\
-0.6s C:\AdwCleaner\quarantine\files\ooayadcdwhbjxeftcugzavjygjooooyj\WinSAP.dll
-0.5s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\
-0.5s C:\AdwCleaner\quarantine\files\qshahttdnawtfesajygismqkeplwuzov\WinSnare.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\sma.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci32.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smci64.dll
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi32.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smi64.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smu.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\SMUninstall.exe
-0.4s C:\AdwCleaner\quarantine\files\dbnpldzkbcknywexpmuzasbqpqchichu\GNUpdate\smw.sys
-0.3s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\
-0.3s C:\AdwCleaner\quarantine\files\dnvamrbyynolbnrjffyndvafsiefsaxe\smhe.js
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\Config.json
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\set.exe.config
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.dll
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.Linq.dll
-0.3s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\System.Data.SQLite.xml
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X64\SQLite.Interop.dll
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\
-0.2s C:\AdwCleaner\quarantine\files\xhszhayleqmgttjapzldenwegvoihxsi\X86\SQLite.Interop.dll
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.HP
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\ff.NT
-0.2s C:\AdwCleaner\quarantine\files\fbbjasygkorzdwzozqncjlevzgqwxrph\snp.sc
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Config.xml
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe
-0.1s C:\AdwCleaner\quarantine\files\awmafxjwktdmzodqxohucbnfvwxfmcbx\Nettrans.exe.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Cofstock.exe.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\conf.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Config.xml
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\DanDubdom.bin
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Dong-Home.dll
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Fincore.exe.config
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Freshing.dat
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Groovestrong.dat
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.d.dat
-0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hayzumflex.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Hotlight.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Jaystock.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\md.xml
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Ranzumstring.exe.config
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Singlestock.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\String-Tax.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\TrioDex.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\Triszap.dll
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\uninstall.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\White-Fan.dat
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\WhiteDox.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ZamIng.bin
0.0s C:\AdwCleaner\quarantine\files\minawnfwirmnfvkktxvpfljkezfbwjbc\ondemand\
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Bluedax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Cofstock.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\conf.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Config.xml
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Driphotity.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Duosolodax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Fasefax.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Hotjob.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\HotSansoft.dat
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ItTone.dll
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Lexitone.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\md.xml
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Singlesoft.dat
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Stockdax.dll
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tonin.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Tris-Ex.bin
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\uninstall.dat
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Ventokix.dat
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Viafix.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Villa-Hold.exe.config
0.1s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.d.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.dat
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\Zaamla.exe
0.2s C:\AdwCleaner\quarantine\files\uypvwyfwiqlwzlgcaetamsiwrpsvzjbq\ondemand\
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.HP
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\ff.NT
0.2s C:\AdwCleaner\quarantine\files\yflfhzqpbpikflkejzzzmwhtzekagshh\snp.sc
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe
0.3s C:\AdwCleaner\quarantine\files\fbhcntlqzyoguexlgmesxwdbrjtmqwzd\uninstaller.exe.config
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\MIO.exe
0.3s C:\AdwCleaner\quarantine\files\ielbdbrbvweizniejjkegaonighxrfrb\loader\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\
0.4s C:\AdwCleaner\quarantine\files\nyudvkpyrukdybolltvxchflegktvram\QQLive\FailRecord.dat
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\prefs.js
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\profiles.ini
0.5s C:\AdwCleaner\quarantine\files\togtlznllkvxztobrgnmuzjlcxqmmboy\Profiles\8rnx3iua.default\search.json.mozlz4
0.5s C:\AdwCleaner\quarantine\files\vmyvkvouddwsanzcpfxrsjstzoesyukt\
0.6s C:\AdwCleaner\quarantine\files\tkciylhxjmjrsbkzilrsksghwrxdouwq.back
0.6s C:\AdwCleaner\quarantine\files\tzkoudrhqdrxzafwrmattbrwocwqewox.back
0.6s C:\AdwCleaner\quarantine\files\nshnbphtlfdcaukurihucucbktvgrfuo.back
0.7s C:\AdwCleaner\quarantine\files\lmegeqgwylgczmaugdncsoezrlfzdoow.back
0.7s C:\AdwCleaner\quarantine\files\jidemsxupjpciijhzmqsoapuszhucfag.back
0.7s C:\AdwCleaner\quarantine\files\hovlhcazljxzijuasrytdrtppuewtjam.back
0.8s C:\AdwCleaner\quarantine\files\haajwoohpxztstxrtlhafsitfachjfmo.back
0.8s C:\AdwCleaner\quarantine\files\apahvfitktjkzxvophzxcnioqbzksoqp.back
0.8s C:\AdwCleaner\quarantine\files\fcvkhhaoafpnxinpxgtocpatvxdtiqvt.back
0.8s C:\AdwCleaner\quarantine\files\evdtaqdoxakozjrppozslhkcjflrsund.back
0.8s C:\AdwCleaner\quarantine\files\lrqkzkhhahecbbcndzqmcwucjlkucmif.back
0.9s C:\AdwCleaner\quarantine\files\qekectrwctgkojzdhesvpgxwktxrjwbn.back
0.9s C:\AdwCleaner\quarantine\files\xdheuyqjkchvboalodcocshwqpwapmas.back
0.9s C:\AdwCleaner\quarantine\files\mkbhzixtozltywkkpgaztynbkuphdtdb.back
0.9s C:\AdwCleaner\quarantine\files\pvosypxagsihssgnjyfyxcwezatewwum.back
1.0s C:\AdwCleaner\quarantine\files\lqpsdbkmnkknxibvwwrsonrtakjijpzu.back
1.0s C:\AdwCleaner\quarantine\files\smzcjlbrmvtqhfjhyginjshoqyjufruc.back
1.0s C:\AdwCleaner\quarantine\files\damxwnvkbnzxtjfflsokifcgmotwrhpw.back
1.0s C:\AdwCleaner\quarantine\files\virksncfeyszdlxcyurmcuhplcofsgcf.back
1.1s C:\AdwCleaner\quarantine\files\glmtsyrtzckgrfjmnvaqymozloxekiil.back
1.1s C:\AdwCleaner\quarantine\files\rzdkuelrbnuivrifmnklgfxvzzfrvetc.back
1.1s C:\AdwCleaner\quarantine\files\uqtgfxjilungjdiyzwpzlmnwefohuhgy.back
1.1s C:\AdwCleaner\quarantine\files\idflognkmdzjcvmbaecywvfxzubejjvu.back
1.1s C:\AdwCleaner\quarantine\files\lqcgezgrlidhgtrhvxcomfelfgvdmvyt.back
1.4s C:\AdwCleaner\quarantine\registry\reg_puhxbxsquvaobuhyfxejnebggtrfpdeq.reg
1.5s C:\AdwCleaner\quarantine\registry\reg_tmimdswbkadtxhvqgdhuqpvbglcbmfdu.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_jdlnivjcusbkbrzcygoyhzspwyxlyggf.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_tfhkhetuluciyaeqriuqioeuyoypyxsy.reg
1.6s C:\AdwCleaner\quarantine\registry\reg_elkwfsgmzobfidhvzhqpengxndnbnqrs.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_okibrbkxfqdrpthgjuptyhhyzfabxmei.reg
1.7s C:\AdwCleaner\quarantine\registry\reg_wubsvososrzoldxnlntxwvkilyudnzeu.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_ldpgxoqehdbkeznqasdwthjtqljlfwbl.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_hoouldollkztgqhqkqlgbdtkjmjzbndm.reg
1.8s C:\AdwCleaner\quarantine\registry\reg_tkndfadidnoselgvemeyjwzivzkdbfsi.reg
1.9s C:\AdwCleaner\quarantine\registry\reg_dsvfxsmbfjqlgrtincrhckelkjmocsol.reg
2.5s C:\AdwCleaner\quarantine\registry\reg_seqodqpqwkrfpncsawgyzpxawzputenw.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_icpltxjlklnkocbqgtzcggknkvebnjvv.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_gmmujjdiivebrljiqcjqctecrzmlbyoe.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_marasmtdffiyjsmfqktvvuzjrivxsool.reg
2.8s C:\AdwCleaner\quarantine\registry\reg_cmqgxeamdfpuzwtxoepvczvloonypdwp.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_lyunspfrbhzgbwusmxmwbspblyhrulwy.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_lwqsugvxxjtyhoqpxtxtnpeygapjoxhm.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_pyvlcgypjrojemqatqyyrbrphjoxkdab.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_nhlqlirecitexubpkgzdofmsimewbpcz.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_xghjlxwlgaktwtkvamwqizmfzfhbckpp.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_zxsarcdkskpcuvedhjhhddlsqbgzdvzl.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_fxqtuaqoisrzsghbjocryzmwbqxxrjmj.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_ghlbbvjeqsokgnupaxajeyvokkfwkbnh.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_unkuocqomdygzgpxiizglrioehoicjtw.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_ecyvuvgkunhnpfrrpafwfcsnhgaoljbe.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_ekwhxwvhltpkcpkavxnduhlgzgslyema.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_eggguycnntdekswyvzoyybdcedlmfkjm.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_rcexoyuquzinpyavyncsanjofviavxjk.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_lpbfohsuttixwzckzjvtadqmofpumzjy.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_ydwyyidsknzaljhhqvwxrjwcxayioedb.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_pjqrynmploqoznlaxrdefubadvvlkzmm.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_daspbjyasdxdvwwwggsvvhrmzgxpnshh.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_cuetcglxejoqlxnssrmciebndydxhdrt.reg
4.2s C:\AdwCleaner\quarantine\registry\reg_xurnwhaxeqtdzlbnzpjbokafxnxsiqum.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_tkqingwmwszmeptvclzuroubstvcckhw.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_mcoutunprxdphivyuvmoatwdyuxhyzwb.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_tgfeavmdtxngkczofnkyzphiqdfwhsfl.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_mhdzapqmugdydwjjqicquolddejvwqup.reg
4.4s C:\AdwCleaner\quarantine\registry\reg_gzmkcboyfqzjhwapfhvqeofjaefhcttm.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_vazsqhuudufaewoypbfbikwgzqcgqfkc.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_lwugahqruqrqqjgikiohovxoculwwysx.reg
4.5s C:\AdwCleaner\quarantine\registry\reg_xeczysjuynsfncsdctquwwgkbnofarzi.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_iioxwxczjbugugmwqmnueuszmpfqonbi.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_vrtdutftxfxohlxvramxkkrsqrnaioij.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_yvmqqvbcuamwvndvtdhefjuqlupmqiha.reg
5.2s C:\AdwCleaner\quarantine\registry\reg_lwsnkfiuxbhfwjtitvqqzgtpowncmeix.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_fqcstvuljsuvdliaqoxcapwdameertol.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_ejsdpauzkeqyotivjhaivmsazspfnnay.reg
5.3s C:\AdwCleaner\quarantine\registry\reg_yrdzjxchjfseqziayavxdwxeptdtlkom.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_peqwhjahmytfugksxniwczmpsseymesr.reg
5.4s C:\AdwCleaner\quarantine\registry\reg_kiusmmvbvgzfcybhqmdrtdwqslscapcd.reg
5.5s C:\AdwCleaner\quarantine\registry\reg_dtrxafqawoycuacbklvwcnjucjtvfqrq.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_mpldfxlkqddfqxemmzqxdxycwdwdxush.reg
5.6s C:\AdwCleaner\quarantine\registry\reg_fiqaqrowoznmrtaduhmmjmdxvzunfivg.reg
5.7s C:\AdwCleaner\quarantine\registry\reg_mmnettjvbtwenjqfrqilocfnkutzspil.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_diurulmulfktzboavnxvdildottqhhjx.reg
5.8s C:\AdwCleaner\quarantine\registry\reg_xrqifbvohcnregydcpounrtfyrmjgmni.reg
5.9s C:\AdwCleaner\quarantine\registry\reg_sjcuxpukaattukjmzpshxzvediwsgupz.reg
6.6s C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf
7.0s C:\Windows\System32\winevt\Logs\Microsoft-Windows-Winsock-WS2HELP%4Operational.evtx
7.5s C:\Windows\Prefetch\NVDISPLAY.CONTAINER.EXE-98FFF787.pf
7.7s C:\Windows\Prefetch\NVTELEMETRYCONTAINER.EXE-80BD8541.pf
11.6s C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
|
|
14.02.2017, 16:51
| #11 |
| /// Malwareteam | Win 10: jede Menge PUP Schritt: 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Keine Datei)
Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Keine Datei)
Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)
D:\Downloads\ccsetup510_CB-DL-Manager.exe
D:\Program Files (x86)\The Witcher 2\Launcher.bat
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Wichtig: speichere diese Fixlist im UTF-8 Format ab, da sie unsichtbare Sonderzeichen enthält und sonst der Fix fehlschlagen würde. Schritt: 2 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
14.02.2017, 18:28
| #12 |
| | Win 10: jede Menge PUP fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-02-2017
durchgeführt von Barbara (14-02-2017 18:24:46) Run:2
Gestartet von C:\Users\Barbara\Desktop\Virenscanner etc
Geladene Profile: Barbara (Verfügbare Profile: Barbara)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Keine Datei)
Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Keine Datei)
Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)
D:\Downloads\ccsetup510_CB-DL-Manager.exe
D:\Program Files (x86)\The Witcher 2\Launcher.bat
emptytemp:
*****************
C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk => erfolgreich verschoben
C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk => erfolgreich verschoben
C:\Users\Barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk => erfolgreich verschoben
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk => erfolgreich verschoben
D:\Downloads\ccsetup510_CB-DL-Manager.exe => erfolgreich verschoben
D:\Program Files (x86)\The Witcher 2\Launcher.bat => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15271478 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 30122 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 818 B
NetworkService => 1280 B
Barbara => 229541526 B
RecycleBin => 0 B
EmptyTemp: => 233.5 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:24:54 ====
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-02-2017
durchgeführt von Barbara (Administrator) auf BARBARA-PC (14-02-2017 18:25:48)
Gestartet von C:\Users\Barbara\Desktop\Virenscanner etc
Geladene Profile: Barbara (Verfügbare Profile: Barbara)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Barbara\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-23] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [Spotify Web Helper] => C:\Users\Barbara\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-31] (Spotify Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [Spotify] => C:\Users\Barbara\AppData\Roaming\Spotify\Spotify.exe [7153264 2016-12-31] (Spotify Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [Steam] => c:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{92a07177-073c-4d90-93ea-d374613fc39e}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: 8rnx3iua.default
FF ProfilePath: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default [2017-02-13]
FF Extension: (2020 3D Viewer for IKEA) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-12-16]
FF Extension: (Firefox Hotfix) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Ghostery) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\8rnx3iua.default\Extensions\firefox@ghostery.com.xpi [2017-02-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Datei ist nicht signiert]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-09-03] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-22] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-13] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [110536 2017-02-14] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-14] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-14] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-14] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-13 22:30 - 2017-02-13 22:35 - 00000000 ____D C:\ProgramData\HitmanPro
2017-02-13 22:27 - 2017-02-13 22:27 - 00008446 _____ C:\Users\Barbara\Desktop\eset.txt
2017-02-13 21:25 - 2017-02-13 21:25 - 00000000 ____D C:\Users\Barbara\AppData\Local\Chromium
2017-02-13 20:47 - 2017-02-13 20:47 - 00018791 _____ C:\Users\Barbara\Desktop\mbam.txt
2017-02-13 20:42 - 2017-02-14 18:25 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-13 20:42 - 2017-02-14 18:25 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-13 20:42 - 2017-02-14 18:25 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-13 20:42 - 2017-02-14 18:25 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-13 20:42 - 2017-02-13 20:42 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-13 20:42 - 2017-02-13 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-13 20:42 - 2017-02-13 20:42 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-13 20:42 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-13 20:41 - 2017-02-14 18:23 - 00000000 ____D C:\Users\Barbara\Desktop\alt
2017-02-13 20:41 - 2017-02-13 20:41 - 00019083 _____ C:\Users\Barbara\Desktop\AdwCleaner[C0].txt
2017-02-13 20:14 - 2017-02-13 20:38 - 00000000 ____D C:\AdwCleaner
2017-02-13 19:59 - 2017-02-13 19:59 - 07097928 _____ (VS Revo Group ) C:\Users\Barbara\Desktop\revo202setup.exe
2017-02-13 19:59 - 2017-02-13 19:59 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-02-13 19:59 - 2017-02-13 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-02-13 19:59 - 2017-02-13 19:59 - 00000000 ____D C:\Program Files\VS Revo Group
2017-02-13 19:08 - 2017-02-13 20:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-13 19:07 - 2017-02-14 18:25 - 00000000 ____D C:\FRST
2017-02-13 19:06 - 2017-02-14 18:25 - 00000000 ____D C:\Users\Barbara\Desktop\Virenscanner etc
2017-02-11 17:30 - 2017-02-11 17:30 - 11617413 _____ C:\Users\Barbara\Downloads\ColorSplash (1).themepack
2017-02-11 17:29 - 2017-02-11 17:29 - 11617413 _____ C:\Users\Barbara\Downloads\ColorSplash.themepack
2017-02-11 17:29 - 2017-02-11 17:29 - 08635521 _____ C:\Users\Barbara\Downloads\DreamgardenChristinaManchenko.themepack
2017-02-09 13:38 - 2017-02-12 20:33 - 00000000 ____D C:\WINDOWS\LastGood
2017-02-09 13:38 - 2017-02-09 13:38 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-09 13:38 - 2017-01-04 15:24 - 00222648 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-09 13:38 - 2016-12-29 13:43 - 00133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-09 13:38 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-09 13:38 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-09 13:38 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-09 13:38 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-03 17:19 - 2017-02-03 17:19 - 00515204 _____ C:\WINDOWS\Minidump\020317-6328-01.dmp
2017-02-03 17:12 - 2017-02-03 17:12 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2017-02-03 17:12 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-03 17:12 - 2017-01-20 19:39 - 00156608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-02-03 17:12 - 2017-01-20 19:39 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-02-03 17:12 - 2017-01-20 19:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-02-03 17:12 - 2017-01-20 14:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-01-26 18:15 - 2017-02-13 19:12 - 00001308 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-01-26 18:15 - 2017-01-26 18:17 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\elsterformular
2017-01-26 18:15 - 2017-01-26 18:17 - 00000000 ____D C:\ProgramData\elsterformular
2017-01-26 18:15 - 2017-01-26 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-01-26 18:15 - 2017-01-26 18:15 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-01-26 18:15 - 2017-01-26 18:15 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-01-26 18:13 - 2017-01-26 18:15 - 67816592 _____ (Landesfinanzdirektion Thüringen) C:\Users\Barbara\Downloads\ElsterFormularPrivat.exe
2017-01-25 13:39 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 13:39 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-14 18:25 - 2016-09-23 02:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-14 18:25 - 2016-09-23 02:40 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-14 18:25 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-14 18:17 - 2016-09-23 02:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-13 21:31 - 2016-09-23 02:41 - 02430556 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-13 21:31 - 2016-07-16 23:51 - 00970572 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-13 21:31 - 2016-07-16 23:51 - 00235454 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-13 20:38 - 2016-11-25 17:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-13 20:38 - 2016-07-30 09:24 - 00000000 ____D C:\Users\Barbara\AppData\Local\CrashDumps
2017-02-13 20:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-13 19:15 - 2016-11-26 12:11 - 00000000 ____D C:\Users\Barbara\AppData\LocalLow\Mozilla
2017-02-13 19:13 - 2017-01-13 18:18 - 00002108 _____ C:\Users\Barbara\Desktop\Finanzplan 2017.lnk
2017-02-13 19:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Performance
2017-02-13 19:12 - 2016-11-16 20:05 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-13 19:12 - 2016-09-23 02:43 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-13 19:12 - 2016-09-03 11:33 - 00001301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS3.lnk
2017-02-13 19:12 - 2016-09-03 11:33 - 00000970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Stock Photos CS3.lnk
2017-02-13 19:12 - 2016-09-03 11:32 - 00001480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit 2.lnk
2017-02-13 19:12 - 2016-09-03 11:32 - 00000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS3.lnk
2017-02-13 19:12 - 2016-09-03 11:32 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS3.lnk
2017-02-13 19:12 - 2016-07-30 09:48 - 00001886 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-02-13 19:12 - 2016-07-30 08:18 - 00002429 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-13 19:12 - 2016-07-30 08:18 - 00001047 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-13 19:12 - 2016-07-16 12:43 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2017-02-13 19:12 - 2016-07-16 12:43 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2017-02-13 19:12 - 2016-07-16 12:42 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2017-02-12 22:24 - 2016-09-23 02:41 - 00000000 ____D C:\Users\Barbara
2017-02-12 22:15 - 2016-07-30 11:41 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\NVIDIA
2017-02-12 22:13 - 2016-07-30 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2
2017-02-12 22:12 - 2016-07-30 09:48 - 00000000 ____D C:\Users\Barbara\AppData\Local\Spotify
2017-02-12 20:33 - 2016-07-30 09:47 - 00000000 ____D C:\Users\Barbara\AppData\Roaming\Spotify
2017-02-12 20:33 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-11 12:51 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-10 11:44 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-09 13:39 - 2016-09-23 02:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-09 13:39 - 2016-07-30 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-09 13:38 - 2016-09-23 02:40 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-09 13:38 - 2016-09-23 02:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-09 13:38 - 2016-07-30 09:20 - 00000000 ____D C:\Users\Barbara\AppData\Local\NVIDIA Corporation
2017-02-03 17:19 - 2016-11-13 21:39 - 1291434677 _____ C:\WINDOWS\MEMORY.DMP
2017-02-03 17:19 - 2016-11-13 21:39 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-03 17:19 - 2016-07-30 09:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-03 17:18 - 2016-07-30 10:12 - 00000000 ____D C:\ProgramData\Origin
2017-02-03 17:14 - 2016-07-30 09:57 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-03 17:13 - 2016-07-30 10:16 - 00000000 ____D C:\Users\Barbara\AppData\Local\Origin
2017-02-03 17:12 - 2016-10-13 07:34 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-10-13 07:34 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-03 17:12 - 2016-07-30 09:19 - 00000000 ____D C:\Users\Barbara\AppData\Local\NVIDIA
2017-01-25 13:43 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-21 11:40 - 2016-07-30 08:18 - 00000000 ___RD C:\Users\Barbara\OneDrive
2017-01-20 19:39 - 2016-10-13 07:34 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-01-20 19:39 - 2016-10-13 07:34 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-09-02 15:48 - 2016-10-11 12:28 - 0000337 _____ () C:\Users\Barbara\AppData\Roaming\2E7BF6-326E-4870-B5B1-B11758EC2B1D.ini
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-09 13:37
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-02-2017
durchgeführt von Barbara (14-02-2017 18:26:11)
Gestartet von C:\Users\Barbara\Desktop\Virenscanner etc
Windows 10 Pro Version 1607 (X64) (2016-09-23 01:45:25)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1500252791-3377746768-789393517-500 - Administrator - Disabled)
Barbara (S-1-5-21-1500252791-3377746768-789393517-1000 - Administrator - Enabled) => C:\Users\Barbara
DefaultAccount (S-1-5-21-1500252791-3377746768-789393517-503 - Limited - Disabled)
Gast (S-1-5-21-1500252791-3377746768-789393517-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1500252791-3377746768-789393517-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_c015d5ef39552390a753ee735d16041) (Version: 13.0 - Adobe Systems Incorporated)
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
ARCHline 2015 15.0.1.239 (HKLM\...\{526F8F65-6A69-4683-AA88-42BB3321C625}_is1) (Version: - IT-Concept Software GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.0.2.18.20170123 - Landesfinanzdirektion Thüringen)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Fliqlo Bildschirmschoner (HKLM-x32\...\Fliqlo) (Version: - )
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
LibreOffice 5.0.6.3 (HKLM-x32\...\{900D9036-4EDA-45EC-A095-E8AFB25D807A}) (Version: 5.0.6.3 - The Document Foundation)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
MFCDLL Shared Library - Retail Version (x32 Version: 6.0.8665.0 - Unknown) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Sentinel System Driver Installer 7.5.7 (HKLM-x32\...\{B281C7D1-C088-40E0-86EA-B2D9D7E0810A}) (Version: 7.5.7 - SafeNet, Inc.)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
SketchUp 2016 (HKLM\...\{6ECFED2E-6329-484A-9B08-14ED7F2D65BE}) (Version: 16.1.1449 - Trimble Navigation Limited)
Spotify (HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\Spotify) (Version: 1.0.45.186.g3b5036d6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
VC User ATL71 RTL X86 --- (x32 Version: 1.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07D50CCA-2188-43A1-897B-EF2C5815E13F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {08BC7C06-525E-43F2-B72E-DDCD9E7C4DD6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {1A3181DF-833E-436D-A30C-248F034B8623} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {1EA42CBF-EADD-4B00-81ED-2C40E4238B7C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {3024B4B3-FD37-477F-BA7A-04E9D557A0DF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {358E9F01-B54F-4F1A-A590-566825F4CCF6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3782FA31-E821-4B7B-9FD3-1FC42377DBD5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3A539CDD-D9FE-4485-BB5E-F119374C2E2B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {3B7398CA-6B98-47E4-BFFB-FB8AEB3C62F8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {535076EF-9CD5-46BA-A7C8-10EEDDA703A2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {595ED7A0-ED76-4B70-9B39-AA80B04DC0D1} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {60FA74FF-6279-4ECD-9EA9-5DE73A58257E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {71C58D38-8A13-46DD-8D3E-D7EDF04F9F41} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {74E7882B-EC43-4B32-87E6-E11EFB4D4BAA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {82C50AED-8035-414F-9332-DE47AED14F1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {8621A79A-23F3-402E-B829-1B3C08FC23C6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {917F73AC-B595-428F-9D7E-804DD4CA0B19} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {931E12E2-BA73-4859-AF12-777A31166AB5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {981171F7-EB47-47C7-9E26-7F1DE33B4C5E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {9AF8C6A8-27BD-459C-A0B6-149FCF640506} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation)
Task: {A23D98E2-25C7-4A4E-A93A-5277AAE5D6BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {A9DC2516-E3BE-4B34-AE6A-49DECD192D48} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {ABD44F90-CD20-4C95-AA96-464B6AEE71FE} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {AED5C637-95A0-4DD0-ADC7-A4808E2FACE9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {B3737810-7B5B-49FA-ABF7-D2566CB7161D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B73E6B94-97F6-4185-B265-5AF584ADD7C2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {B8A37631-3077-4955-BA7D-5E165F4C4DB5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C0F5AE71-6716-4F6C-ADC4-059DF01B35BA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {C1B4B136-C33D-4401-AED3-81D2C9151669} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {CF59DDC9-64FA-4592-BA4C-996DE144E956} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {D15D9A6F-7B7C-46FF-B72E-989CE158ACF1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D20E72EA-E1B2-4FCA-90F2-94F73460A59C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {EF1F752D-CA59-470C-BB1B-D66C885E54E5} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-16 16:18 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-23 02:40 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-23 02:40 - 2013-07-04 02:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-10-13 07:34 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-13 07:34 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-13 20:42 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-02-13 20:42 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-02-13 20:42 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2016-12-16 16:18 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-23 03:38 - 2016-09-23 03:38 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 21:04 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 20:59 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 20:59 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 20:59 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 20:59 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-10 20:59 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 20:59 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-10 20:59 - 2016-12-21 07:47 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-08-26 19:25 - 2016-08-26 19:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-09-23 02:40 - 2017-02-14 18:25 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-09-23 02:40 - 2013-07-04 02:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-10-22 12:18 - 2016-10-22 12:18 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-10-13 07:34 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-13 07:34 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-13 07:34 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-13 07:34 - 2017-01-20 19:38 - 64245184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-10-13 07:34 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-13 07:34 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-13 07:34 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-13 07:34 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-13 07:34 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-13 07:34 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-13 07:34 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-02-03 17:12 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2017-02-12 22:14 - 00000833 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1500252791-3377746768-789393517-1000\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [UDP Query User{89490B79-F7C4-449C-AEA9-7C67ECB9FB5B}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{4A234969-EDBC-4530-B847-6329B46AA77A}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{F111BCF2-9CBB-4742-9CFC-D23879181430}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{3DC38285-63C7-451A-AE42-5DB7E25FE3FB}D:\program files (x86)\the witcher 2\bin\witcher2.exe] => D:\program files (x86)\the witcher 2\bin\witcher2.exe
FirewallRules: [{C681929D-CAC5-43C1-8926-0E72B114FE4B}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{51B20E6F-4269-4C1F-BCCF-4AE409514E34}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1EFF0FAC-0E9E-4E91-809B-2BBDDEF8994B}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{51F45EC0-BB2A-4881-81A4-39592A9F1F50}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{592ABD94-223B-4029-ADAD-C4B4FCB9D173}C:\users\barbara\appdata\roaming\spotify\spotify.exe] => C:\users\barbara\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E1123DD8-DF30-4BAF-95D0-0CD324E434C5}C:\users\barbara\appdata\roaming\spotify\spotify.exe] => C:\users\barbara\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E755C63D-D036-4730-806E-F025F68F5F83}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EA936888-D98A-4A6D-8DD0-3AD3C9E0A3BE}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B23562F6-99F7-40EB-85CA-F7BC0A871F26}C:\users\barbara\appdata\roaming\spotify\spotify.exe] => C:\users\barbara\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B9E938BA-EF39-4E7E-85AB-3E80B71AFF38}C:\users\barbara\appdata\roaming\spotify\spotify.exe] => C:\users\barbara\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DC1A5F54-BD72-48BE-9E47-2743168046A0}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{552C0333-744D-467D-9BBA-8B77D85239E4}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D8E7A1C6-22AF-42A9-8E8C-58F55E9CE22C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E0D9EE58-C0E4-48F0-BDC9-947A2AB5CA23}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4ED0602B-CF04-4814-BAC6-89B59E81BAAC}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\ARCHline 2015\\ARCHlineXP2015.exe] => C:\Program Files\ARCHline 2015\ARCHlineXP2015.exe:*:Enabled:ARCHline.XP 2015
DomainProfile\AuthorizedApplications: [C:\Program Files\ARCHline 2015\\ARCHlineXP2015.bin] => C:\Program Files\ARCHline 2015\ARCHlineXP2015.bin:*:Enabled:ARCHline.XP 2015
StandardProfile\AuthorizedApplications: [C:\Program Files\ARCHline 2015\\ARCHlineXP2015.exe] => C:\Program Files\ARCHline 2015\ARCHlineXP2015.exe:*:Enabled:ARCHline.XP 2015
StandardProfile\AuthorizedApplications: [C:\Program Files\ARCHline 2015\\ARCHlineXP2015.bin] => C:\Program Files\ARCHline 2015\ARCHlineXP2015.bin:*:Enabled:ARCHline.XP 2015
==================== Wiederherstellungspunkte =========================
25-01-2017 13:43:30 Windows Update
03-02-2017 17:33:02 Geplanter Prüfpunkt
09-02-2017 13:37:47 Windows Update
13-02-2017 20:00:44 Revo Uninstaller's restore point - AppTrailers - AppTrailers for Desktop
13-02-2017 20:01:09 Revo Uninstaller's restore point - AppTrailers - AppTrailers for Desktop
13-02-2017 20:01:36 Revo Uninstaller's restore point - BeCleaner version 1.0
13-02-2017 20:01:57 Revo Uninstaller's restore point - HDWallPaper 1.0
13-02-2017 20:02:41 Revo Uninstaller's restore point - MyMemory
13-02-2017 20:03:19 Revo Uninstaller's restore point - MyMemory
13-02-2017 20:03:37 Revo Uninstaller's restore point - OtherSearch
13-02-2017 20:03:56 Revo Uninstaller's restore point - pccleanplus
13-02-2017 20:04:22 Revo Uninstaller's restore point - Search module
13-02-2017 20:04:57 Revo Uninstaller's restore point - Social2Search
13-02-2017 20:05:16 Revo Uninstaller's restore point - Social2Search
13-02-2017 20:06:10 Revo Uninstaller's restore point - youndoo - Uninstall
13-02-2017 20:06:27 Revo Uninstaller's restore point - trotux - Uninstall
13-02-2017 20:08:26 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.2.1.1043
13-02-2017 20:09:06 Revo Uninstaller's restore point - youndoo - Uninstall
13-02-2017 20:09:29 Revo Uninstaller's restore point - BrowserAir
13-02-2017 20:11:04 Revo Uninstaller's restore point - Search module
13-02-2017 20:11:46 Revo Uninstaller's restore point - MyMemory
13-02-2017 21:45:20 Revo Uninstaller's restore point - WinSnare
13-02-2017 21:45:34 Removed WinSnare
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/13/2017 10:27:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/13/2017 10:27:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/13/2017 10:27:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/13/2017 09:47:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/13/2017 09:47:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/13/2017 09:47:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\barbara\appdata\local\microsoft\windows\inetcache\ie\8rfodisj\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/13/2017 09:46:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\8RFODISJ\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/13/2017 09:46:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Barbara\AppData\Local\Microsoft\Windows\INetCache\IE\8RFODISJ\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (02/13/2017 09:45:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/13/2017 09:45:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (02/14/2017 06:25:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/14/2017 06:25:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (02/13/2017 09:51:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/13/2017 09:51:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Barbara\AppData\Local\Temp\ehdrv.sys
Error: (02/13/2017 09:51:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/13/2017 09:51:46 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Barbara\AppData\Local\Temp\ehdrv.sys
Error: (02/13/2017 09:51:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/13/2017 09:51:46 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Barbara\AppData\Local\Temp\ehdrv.sys
Error: (02/13/2017 09:49:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/13/2017 09:49:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Barbara\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2017-02-13 20:42:44.656
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-13 20:42:44.656
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-13 20:40:18.579
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-02-13 19:15:20.412
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-02-13 19:15:17.050
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-02-13 19:15:11.930
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-02-12 22:25:39.778
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 16:37:00.860
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 16:30:05.983
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-02-05 16:29:50.519
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 16328.44 MB
Verfügbarer physikalischer RAM: 14562.32 MB
Summe virtueller Speicher: 32712.44 MB
Verfügbarer virtueller Speicher: 31022.73 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.35 GB) (Free:163.04 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1862.89 GB) (Free:1789.88 GB) NTFS
Drive e: (Disc2) (CDROM) (Total:7.88 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 6CF6904B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
14.02.2017, 18:33
| #13 |
| /// Malwareteam | Win 10: jede Menge PUP na das schaut ja mal wieder aus wie a PC. Java Du hast eine veraltete Version von Java installiert. Bitte aktualisiere sie oder entferne Java gleich komplett von deinem PC. In nur sehr seltenen Fällen benötigt man das Programm wirklich auf dem Rechner - deshalb meine Empfehlung: Behalte Java nur auf deinem Computer wenn du es wirklich benötigst, dann halte es jedoch stets aktuell. Die Logs von deinem Rechner sehen jetzt für mich sauber aus: Herzlichen Glückwunsch - du bist Clean  Zum Schluss müssen wir noch etwas aufräumen und ich gebe dir ein paar Hinweise mit auf den Weg: Wichtig: Entfernen der verwendeten Tools Die Reihenfolge ist hier entscheidend.
Malwarebytes Anti-Malware (gratis Version) und  ESET kannst du als Ergänzung zu deiner bestehenden Antivirus-Lösung auf dem Computer belassen und deinen Computer damit regelmäßig scannen. Persönliche Empfehlungen Das wichtigste zu erst:
Schutz vor unerwünschter Software Adware ist zu einer Art permanenten Bedrohung geworden, weil immer mehr Programme versuchen, einem beim Installieren noch was anderes unterzujubeln - und wie schnell hat man da ein Häkchen übersehen? Darum: pass auf, wenn du dir Software aus dem Internet herunterlädst! Viele Portale im Internet wie Chip, Softonic und Sourceforge versuchen häufig, dir Adware oder sonstige Downloader mit unerwünschten Programmen unterzujubeln. Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal, wie von FilePony.de. Lese dir dazu auch folgenden Artikel durch: CHIP-Installer - was ist das? - Anleitungen Selbst wenn du ein Programm von einer seriösen Quelle heruntergeladen hast, ist das keine Garantie, dass dein Programm nicht doch versucht, unerwünschte Änderungen an deinem Computer vorzunehmen. So versuchen immer mehr Programme, durch modifizierte Installationsroutinen unerwünschte Programme mit auf deinen PC zu schleusen. Das klappt leider auch häufig, weil viele Anwender nicht lesen, was auf dem Bildschirm steht und stattdessen schnell durchklicken. Deshalb: Wenn du ein Programm installierst, wähle immer die benutzerdefinierte Installation und schaue, was du da gerade eigentlich alles mit einem Klick auf "Ok" oder "Weiter" abnickst - entferne entsprechend die Haken bei Dingen, die du nicht möchtest. Wer lesen kann, ist klar im Vorteil! Tipps, um dein System sicherer zu machen Halte immer deine Plug-ins und Software, insbesondere deinen Browser aktuell. Deinstalliere wenn möglich Java und den Adobe Flashplayer von deinem Computer. Neuerdings benötigt man sie fast nie mehr und stellen darum nur mehr eine unnötige Sicherheitslücke auf deinem Computer dar. Wenn du sie doch unbedingt benötigst, halte sie aber unbedingt aktuell. Passwörter Ändere regelmäßig deine Passwörter! Zudem musst du sichere Passwörter benutzen, das bedeutet: mindestens 8 Zeichen, Groß- und Kleinbuchstaben und Sonderzeichen. Ganz wichtig: benutze pro Account ein anderes Passwort! Tipp: Benutze einen Spruch, den du dir leicht merken kannst, als Hilfe für ein Passwort! Zum Beispiel: Der Himmel ist blau und wenn es regnet?-grau ==> DHibuwer?-grau Unterstütze uns und empfiehl uns weiter Du kennst Freunde und Bekannte, die Probleme mit ihrem Computer haben? Schick sie doch zu uns auf das Trojaner Board, wir helfen gerne Wenn du uns mit einer Spende unterstützen möchtest, freuen wir uns sehr und dies kannst du hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html Herzlichen Dank dafür  Wir machen diese Tätigkeit hier freiwillig, darum freue ich mich besonders über ein kurzes Danke, wenn du mit mir zufrieden warest oder sonst über Verbesserungsvorschläge - das kannst du gerne hier machen Besuche und like unsere Facebook-Seite!  Danke für deine Mitarbeit und alles Gute! Bitte gib mir Bescheid, wenn du das alles gelesen hast und du keine weiteren Fragen mehr hast.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
14.02.2017, 18:56
| #14 |
| | Win 10: jede Menge PUP erst mal vielen, vielen Dank für deine Hilfe! hab schon befürchtet, ich muss alles platt machen.... ich befürchte aber, dass es noch nicht ganz vorbei ist. wenn ich mit dem edge online gehe, ploppen immer noch meldungen von Malwarebytes auf, dass schädliche Websites blockiert wurden. hier einer der warn-berichte: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Datum des Schutzereignisses: 14.02.17
Uhrzeit des Schutzereignisses: 18:51
Protokolldatei:
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1261
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: System
-Einzelheiten zu blockierten Websites-
Bösartige Website: 1
, , Blockiert, [-1], [-1],0.0.0
-Website-Daten-
Domäne: g-ek.com
IP-Adresse: 5.196.212.17
Port: [51929]
Typ: Ausgehend
Datei: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(end)
|
|
14.02.2017, 19:32
| #15 |
| /// Malwareteam | Win 10: jede Menge PUP naja, du kannst mal probieren Edge zurückzusetzen: Edge Browser zurücksetzen - so geht's Ansonsten handelt es sich einfach um Werbung, Malwarebytes ist in dieser Hinsicht relativ nervig. Jedenfalls nichts ungewöhnliches.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu Win 10: jede Menge PUP |
| apptrailers, askbar, bonjour, computer, cpu, cs3, defender, desktop, explorer, flash player, homepage, iexplore.exe, monitor, mozilla, neustart, node.js, prozesse, registry, rundll, scan, services.exe, software, starten, system, systemprozess, temp, usb, windows |
dann auf 
und dann auf 
. 
und 
und speichere die Logdatei auf Deinem Desktop.
Defender zu benutzen. Solltest du noch Windows 7 verwenden, verwende als kostenlose Lösung die 
Microsoft Security Essentials. 
Hybrid-Darstellung
