Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Bitte um Hilfe Win10 (https://www.trojaner-board.de/178731-bitte-um-hilfe-win10.html)

Alexander.S. 15.05.2016 10:10
Bitte um Hilfe Win10
 
Hallo,
habe mir wieder einmal allerhand zeugs eingefangen und brings nicht mehr komplett weg.
EDGE Browser schliesst gleich nach dem start wieder.
Mozilla Browser leitet mich teilw. auf falsche Seiten
Wer kann und will mmir helfen?

cosinus 15.05.2016 15:23
Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Alexander.S. 16.05.2016 11:56
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:14-05-2016
durchgeführt von alexa (2016-05-16 12:45:59)
Gestartet von C:\Users\alexa\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-06 02:54:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3171644139-384468425-47721600-500 - Administrator - Disabled)
alexa (S-1-5-21-3171644139-384468425-47721600-1001 - Administrator - Enabled) => C:\Users\alexa
DefaultAccount (S-1-5-21-3171644139-384468425-47721600-503 - Limited - Disabled)
Gast (S-1-5-21-3171644139-384468425-47721600-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{E2078C11-E9EC-BD96-037C-A3423082F2BF}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.26.1436 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.28.1478 - Bitdefender)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4815.1002 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Moveslink2 (HKU\S-1-5-21-3171644139-384468425-47721600-1001\...\09caaf8ee8bfbd57) (Version: 1.3.29.5957 - Suunto)
Mozilla Firefox 46.0.1 (x64 de) (HKLM\...\Mozilla Firefox 46.0.1 (x64 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.13.0 - Synaptics Incorporated)
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
yessearches - Uninstall (HKLM-x32\...\{D749ECB9-8447-4D90-B64F-1DCE24B8BF73}) (Version:  - ) <==== ACHTUNG

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3171644139-384468425-47721600-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\alexa\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B8DA02C-CBEA-4861-A4E5-542E42AC545B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {37CA30EB-B099-430C-9563-D13CA7DB6C26} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {3C662113-6965-4C4F-8F55-E5CBC3AC270C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {6545EA7C-EA5B-47C4-979E-930FA263624C} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-03-30] (Bitdefender)
Task: {7733EE8F-AA81-43CC-B409-3E4B192C3299} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)
Task: {8B4D7E38-2FAC-412C-9F46-C6C1D58EFDEE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-27] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-05-15 08:17 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-05-15 08:17 - 2016-05-09 11:29 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
2016-05-15 08:17 - 2016-05-09 11:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
2016-05-15 08:17 - 2016-05-09 11:29 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
2016-05-15 08:17 - 2016-05-09 11:29 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
2015-09-02 14:43 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-13 19:18 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 19:18 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-29 10:55 - 2016-04-29 10:55 - 00959176 _____ () C:\Users\alexa\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64\ClientTelemetry.dll
2015-12-18 07:57 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 16:29 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 16:29 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 16:29 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 16:29 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 16:30 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-01 13:32 - 2015-08-01 13:32 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-04-29 10:55 - 2016-04-29 10:55 - 00679624 _____ () C:\Users\alexa\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\ClientTelemetry.dll
2016-02-23 16:53 - 2016-02-23 16:53 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2016-02-23 16:51 - 2016-02-23 16:51 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\alexa\Downloads\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\alexa\Downloads\JRT.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3171644139-384468425-47721600-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{B9BB2B11-5902-4E45-8371-D5C6737ECFF5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7D80A885-C9C6-4452-8B1D-0759531F98DC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

27-04-2016 17:32:17 Windows Update
30-04-2016 19:37:25 Windows Update
05-05-2016 15:33:57 Windows Update
09-05-2016 14:27:42 Windows Update
13-05-2016 07:26:12 Windows Update
15-05-2016 10:11:18 JRT Pre-Junkware Removal
15-05-2016 10:16:05 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/16/2016 12:40:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.10586.306, Zeitstempel: 0x571af85f
Name des fehlerhaften Moduls: eModel.dll, Version: 11.0.10586.306, Zeitstempel: 0x571af463
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000129b5f
ID des fehlerhaften Prozesses: 0x1310
Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdge.exe0
Pfad der fehlerhaften Anwendung: MicrosoftEdge.exe1
Pfad des fehlerhaften Moduls: MicrosoftEdge.exe2
Berichtskennung: MicrosoftEdge.exe3
Vollständiger Name des fehlerhaften Pakets: MicrosoftEdge.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge.exe5

Error: (05/16/2016 12:37:36 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6264) Datenbank "C:\Users\alexa\AppData\Local\Comms\UnistoreDB\store.vol": Index 0000001b von Tabelle "Message" ist beschädigt (0).

Error: (05/16/2016 12:34:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.10586.306, Zeitstempel: 0x571af85f
Name des fehlerhaften Moduls: eModel.dll, Version: 11.0.10586.306, Zeitstempel: 0x571af463
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000129b5f
ID des fehlerhaften Prozesses: 0x320
Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdge.exe0
Pfad der fehlerhaften Anwendung: MicrosoftEdge.exe1
Pfad des fehlerhaften Moduls: MicrosoftEdge.exe2
Berichtskennung: MicrosoftEdge.exe3
Vollständiger Name des fehlerhaften Pakets: MicrosoftEdge.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge.exe5

Error: (05/15/2016 06:22:55 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6868) Datenbank "C:\Users\alexa\AppData\Local\Comms\UnistoreDB\store.vol": Index 0000001b von Tabelle "Message" ist beschädigt (0).

Error: (05/15/2016 06:20:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.10586.306, Zeitstempel: 0x571af85f
Name des fehlerhaften Moduls: eModel.dll, Version: 11.0.10586.306, Zeitstempel: 0x571af463
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000129b5f
ID des fehlerhaften Prozesses: 0x11bc
Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdge.exe0
Pfad der fehlerhaften Anwendung: MicrosoftEdge.exe1
Pfad des fehlerhaften Moduls: MicrosoftEdge.exe2
Berichtskennung: MicrosoftEdge.exe3
Vollständiger Name des fehlerhaften Pakets: MicrosoftEdge.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge.exe5

Error: (05/15/2016 12:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.10586.306, Zeitstempel: 0x571af85f
Name des fehlerhaften Moduls: eModel.dll, Version: 11.0.10586.306, Zeitstempel: 0x571af463
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000129b5f
ID des fehlerhaften Prozesses: 0x78
Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdge.exe0
Pfad der fehlerhaften Anwendung: MicrosoftEdge.exe1
Pfad des fehlerhaften Moduls: MicrosoftEdge.exe2
Berichtskennung: MicrosoftEdge.exe3
Vollständiger Name des fehlerhaften Pakets: MicrosoftEdge.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge.exe5

Error: (05/15/2016 11:30:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.10586.306, Zeitstempel: 0x571af85f
Name des fehlerhaften Moduls: eModel.dll, Version: 11.0.10586.306, Zeitstempel: 0x571af463
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000129b5f
ID des fehlerhaften Prozesses: 0x1914
Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdge.exe0
Pfad der fehlerhaften Anwendung: MicrosoftEdge.exe1
Pfad des fehlerhaften Moduls: MicrosoftEdge.exe2
Berichtskennung: MicrosoftEdge.exe3
Vollständiger Name des fehlerhaften Pakets: MicrosoftEdge.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge.exe5

Error: (05/15/2016 11:14:03 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (6232) Datenbank "C:\Users\alexa\AppData\Local\Comms\UnistoreDB\store.vol": Index 0000001b von Tabelle "Message" ist beschädigt (0).

Error: (05/15/2016 11:10:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.10586.306, Zeitstempel: 0x571af85f
Name des fehlerhaften Moduls: eModel.dll, Version: 11.0.10586.306, Zeitstempel: 0x571af463
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000129b5f
ID des fehlerhaften Prozesses: 0x894
Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdge.exe0
Pfad der fehlerhaften Anwendung: MicrosoftEdge.exe1
Pfad des fehlerhaften Moduls: MicrosoftEdge.exe2
Berichtskennung: MicrosoftEdge.exe3
Vollständiger Name des fehlerhaften Pakets: MicrosoftEdge.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge.exe5

Error: (05/15/2016 10:50:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.10586.306, Zeitstempel: 0x571af85f
Name des fehlerhaften Moduls: eModel.dll, Version: 11.0.10586.306, Zeitstempel: 0x571af463
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000129b5f
ID des fehlerhaften Prozesses: 0x1914
Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdge.exe0
Pfad der fehlerhaften Anwendung: MicrosoftEdge.exe1
Pfad des fehlerhaften Moduls: MicrosoftEdge.exe2
Berichtskennung: MicrosoftEdge.exe3
Vollständiger Name des fehlerhaften Pakets: MicrosoftEdge.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge.exe5


Systemfehler:
=============
Error: (05/16/2016 12:42:25 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/16/2016 12:35:30 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (05/15/2016 06:31:01 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (05/15/2016 06:30:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3436b5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/15/2016 06:30:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3436b5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/15/2016 06:30:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3436b5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/15/2016 06:30:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3436b5" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/15/2016 06:30:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/15/2016 12:49:34 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (05/15/2016 12:49:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_207ee4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-05-15 09:22:07.309
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-15 07:36:45.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-05-15 07:31:19.553
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-05-15 07:31:19.504
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-05-15 07:31:19.370
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-05-15 07:29:16.464
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-05-15 07:21:33.645
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-05-15 07:21:33.599
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-05-15 07:21:33.552
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-05-15 07:21:33.505
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 3828.48 MB
Verfügbarer physikalischer RAM: 1913.83 MB
Summe virtueller Speicher: 4468.48 MB
Verfügbarer virtueller Speicher: 2480.73 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:464.8 GB) (Free:387.02 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E9BA1DB4)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=481 MB) - (Type=27)

==================== Ende von Addition.txt ============================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-05-2016
durchgeführt von alexa (Administrator) auf DESKTOP-KNDKEFJ (16-05-2016 12:45:22)
Gestartet von C:\Users\alexa\Downloads
Geladene Profile: alexa (Verfügbare Profile: alexa)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\timeout.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-08-01] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-08-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3935912 2015-08-01] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\RunOnce: [AdBlock] => "AdBlock.exe"
HKLM-x32\...\RunOnce: [systwin] => "systwin.exe"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0c4b520c-7258-4b41-af91-e73d5edaadcd}: [DhcpNameServer] 192.168.2.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-02] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\alexa\AppData\Roaming\Mozilla\Firefox\Profiles\dxd8bffk.default
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-02] (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2016-05-12] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-08-01] (Synaptics Incorporated)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-04-25] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-05-11] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 Rkcadpsrv; "C:\Program Files (x86)\Reikuchreawopy\Rkcadpsrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]
S2 Xejtesj; "C:\Users\alexa\AppData\Roaming\VafcoqFulxui\Buitik.exe" -cms [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-08-01] (Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1623536 2016-03-18] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [842152 2016-03-18] (BitDefender)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [127312 2016-02-22] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2015-12-16] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [298736 2016-03-03] (Bitdefender)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-08-01] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-08-01] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [511320 2016-02-22] (BitDefender S.R.L.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-16 12:45 - 2016-05-16 12:45 - 00010859 _____ C:\Users\alexa\Downloads\FRST.txt
2016-05-16 12:45 - 2016-05-16 12:45 - 00000000 ____D C:\FRST
2016-05-16 12:44 - 2016-05-16 12:44 - 02382336 _____ (Farbar) C:\Users\alexa\Downloads\FRST64.exe
2016-05-16 12:34 - 2016-05-16 12:34 - 00000000 ___HD C:\OneDriveTemp
2016-05-15 10:12 - 2016-05-15 10:17 - 00000547 _____ C:\Users\alexa\Desktop\JRT.txt
2016-05-15 10:10 - 2016-05-15 10:11 - 01610816 _____ (Malwarebytes) C:\Users\alexa\Downloads\JRT.exe
2016-05-15 08:43 - 2016-05-15 10:26 - 00002355 _____ C:\bdlog.txt
2016-05-15 08:23 - 2016-05-15 08:23 - 00000000 ____D C:\Users\alexa\AppData\Temp
2016-05-15 08:17 - 2016-05-15 08:17 - 00002266 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk
2016-05-15 08:17 - 2016-05-15 08:17 - 00000684 ____H C:\bdr-cf01
2016-05-15 08:17 - 2016-05-15 08:17 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-05-15 08:17 - 2016-05-15 08:17 - 00000385 _____ C:\Users\alexa\AppData\Roaminguser_gensett.xml
2016-05-15 08:17 - 2016-05-15 08:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-05-15 08:17 - 2016-05-15 08:17 - 00000000 ____D C:\ProgramData\BDLogging
2016-05-15 08:17 - 2016-03-18 06:58 - 00842152 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2016-05-15 08:17 - 2016-03-18 06:56 - 01623536 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2016-05-15 08:17 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2016-05-15 08:17 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2016-05-15 08:17 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-05-15 08:16 - 2016-05-15 08:22 - 00000000 ____D C:\Users\alexa\AppData\Roaming\Bitdefender
2016-05-15 08:16 - 2016-05-15 08:21 - 00000000 ____D C:\ProgramData\Bitdefender
2016-05-15 08:16 - 2016-05-15 08:17 - 00253404 ____H C:\bdr-ld01
2016-05-15 08:16 - 2016-05-15 08:17 - 00009216 ____H C:\bdr-ld01.mbr
2016-05-15 08:16 - 2016-05-15 08:16 - 00000000 ____D C:\Program Files\Bitdefender
2016-05-15 08:16 - 2016-03-03 01:36 - 00298736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-05-15 08:16 - 2016-02-22 15:13 - 00511320 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-05-15 08:16 - 2015-12-16 05:53 - 00182936 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2016-05-15 08:16 - 2015-12-15 21:35 - 49760229 ____H C:\bdr-im01.gz
2016-05-15 08:16 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01
2016-05-15 08:15 - 2016-05-15 08:15 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2016-05-15 08:14 - 2016-05-15 08:16 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-05-15 08:14 - 2016-05-15 08:14 - 00000000 ____D C:\Users\alexa\AppData\Roaming\QuickScan
2016-05-15 08:13 - 2016-05-16 12:34 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-05-15 08:13 - 2016-05-15 08:13 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-05-15 08:12 - 2016-05-15 08:13 - 10314904 _____ C:\Users\alexa\Downloads\bitdefender_tsecurity.exe
2016-05-15 07:47 - 2016-05-16 12:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-15 07:47 - 2016-05-15 08:04 - 00001167 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-15 07:47 - 2016-05-15 07:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-15 07:47 - 2016-05-15 07:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-15 07:47 - 2016-05-15 07:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-15 07:47 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-15 07:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-15 07:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-15 07:46 - 2016-05-15 07:46 - 22851472 _____ (Malwarebytes ) C:\Users\alexa\Downloads\mbam-setup-chipde.13595-2.2.1.1043.exe
2016-05-15 07:43 - 2016-05-15 08:12 - 00000000 ____D C:\Users\alexa\AppData\Local\Mozilla
2016-05-15 07:43 - 2016-05-15 08:04 - 00001049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-15 07:43 - 2016-05-15 08:04 - 00001037 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-15 07:43 - 2016-05-15 07:44 - 00000000 ____D C:\Users\alexa\AppData\Roaming\Mozilla
2016-05-15 07:43 - 2016-05-15 07:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-15 07:43 - 2016-05-15 07:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-15 07:42 - 2016-05-15 07:43 - 46412928 _____ C:\Users\alexa\Downloads\Firefox_Setup_46.0.1_x64.exe
2016-05-14 21:56 - 2016-05-14 21:56 - 00000000 ____D C:\Users\alexa\AppData\Roaming\MCorp
2016-05-14 21:50 - 2016-05-14 21:50 - 00000000 ____D C:\WINDOWS\system32\fek
2016-05-14 21:49 - 2016-05-12 19:19 - 00303218 _____ ( ) C:\WINDOWS\AdBlock.exe
2016-05-14 21:47 - 2016-05-15 07:36 - 00000000 ____D C:\AdwCleaner
2016-05-14 21:47 - 2016-05-14 21:47 - 03640384 _____ C:\Users\alexa\Downloads\adwcleaner_5.116.exe
2016-05-14 21:43 - 2016-05-14 21:43 - 00000000 ____D C:\Program Files (x86)\Kcuiedposge
2016-05-14 21:43 - 2016-05-14 21:43 - 00000000 ____D C:\Program Files (x86)\Chirase
2016-05-14 21:43 - 2016-05-14 21:43 - 00000000 ____D C:\extensions
2016-05-14 21:40 - 2016-05-14 21:40 - 00000000 ____D C:\Users\alexa\AppData\Roaming\Brotsoft
2016-05-14 21:40 - 2016-05-12 19:22 - 00305975 _____ ( ) C:\WINDOWS\systwin.exe
2016-05-14 21:32 - 2016-05-14 21:30 - 00001006 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-05-14 21:31 - 2016-05-14 21:43 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-05-14 21:30 - 2016-05-15 08:36 - 00000000 ____D C:\Users\alexa\AppData\Roaming\Zahjut
2016-05-14 21:30 - 2016-05-15 08:04 - 00000000 ____D C:\Program Files\Caster
2016-05-14 21:30 - 2016-05-15 08:02 - 00000000 ____D C:\Program Files (x86)\Tawesh
2016-05-14 21:30 - 2016-05-14 21:41 - 00000000 ____D C:\Program Files (x86)\Pruhishridaght
2016-05-14 21:30 - 2016-05-14 21:31 - 00000000 ____D C:\Program Files (x86)\Cluudomclwuse
2016-05-14 21:30 - 2016-05-14 21:30 - 00000000 ____D C:\Users\alexa\AppData\Local\Tempfolder
2016-05-14 21:30 - 2016-05-14 21:30 - 00000000 ____D C:\uninst
2016-05-13 11:30 - 2016-05-13 11:30 - 00262140 _____ C:\WINDOWS\Minidump\051316-12765-01.dmp
2016-05-11 16:30 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 16:30 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-11 16:30 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 16:30 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 16:30 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-11 16:30 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-11 16:30 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 16:30 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-11 16:30 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-11 16:30 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 16:30 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 16:30 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 16:30 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 16:30 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 16:30 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 16:30 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 16:30 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 16:30 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-11 16:30 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-11 16:30 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-11 16:30 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-11 16:30 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-11 16:30 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 16:30 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-11 16:30 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-11 16:29 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 16:29 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-11 16:29 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 16:29 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 16:29 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 16:29 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 16:29 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 16:29 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 16:29 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 16:29 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 16:29 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 16:29 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 16:29 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 16:29 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 16:29 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 16:29 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 16:29 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 16:29 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 16:29 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-11 16:29 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-11 16:29 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-11 16:29 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 16:29 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 16:29 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 16:29 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 16:29 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 16:29 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 16:29 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 16:29 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 16:29 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 16:29 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-11 16:29 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-11 16:29 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-11 16:29 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-11 16:29 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-11 16:29 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 16:29 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 16:29 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 16:29 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 16:29 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 16:29 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 16:29 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 16:29 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 16:29 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-11 16:29 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 16:29 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-11 16:29 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-11 16:29 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-11 16:29 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-11 16:29 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 16:29 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-11 16:29 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 16:29 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-11 16:29 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 16:29 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 16:29 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 16:29 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 16:29 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-11 16:29 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 16:29 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-11 16:29 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 16:29 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-11 16:29 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 16:29 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 16:29 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 16:29 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 16:29 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-11 16:29 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-11 16:29 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 16:29 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 16:29 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 16:29 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 16:29 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-11 16:29 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 16:29 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-11 16:29 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-11 16:29 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 16:29 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-11 16:29 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 16:29 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 16:29 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 16:29 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 16:29 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 16:29 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 16:29 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 16:29 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 16:29 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 16:29 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 16:29 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 16:29 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 16:29 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 16:29 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 16:29 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 16:29 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 16:29 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-11 16:29 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 16:29 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 16:29 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 16:29 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 16:29 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 16:29 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-11 16:29 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-11 16:29 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-11 16:29 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 16:29 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 16:29 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 16:29 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 16:29 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-11 16:29 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 16:29 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-11 16:29 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 16:29 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 16:29 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 16:29 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 16:29 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 16:29 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 16:29 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 16:29 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 16:29 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 16:29 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 16:29 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 16:29 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 16:29 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-11 16:29 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 16:29 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 16:29 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 16:29 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 16:29 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-11 16:29 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-11 16:29 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 16:29 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 16:29 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 16:29 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 16:29 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 16:29 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 16:29 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 16:29 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-11 16:29 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-11 16:29 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 16:29 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-11 16:29 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-11 16:29 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 16:29 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 16:29 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 16:29 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 16:29 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 16:29 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 16:29 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 16:29 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-11 16:29 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 16:29 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 16:29 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-11 16:29 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-11 16:29 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 16:29 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 16:29 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 16:29 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 16:29 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 16:29 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 16:29 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-11 16:29 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 16:29 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 16:29 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 16:29 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-11 16:29 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-11 16:29 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-11 16:29 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-11 16:29 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-11 16:29 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-11 16:29 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-11 16:29 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-11 16:29 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-11 16:29 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-11 16:29 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-11 16:29 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 16:29 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-11 16:29 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-11 16:29 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 16:29 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-11 16:29 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 16:29 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 16:29 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 16:29 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 16:29 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 16:29 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 16:29 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-11 16:29 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 16:29 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 16:29 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-11 16:29 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-11 16:29 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 16:29 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-11 16:29 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 16:29 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 16:29 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-11 16:29 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-11 16:29 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-11 16:29 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-11 16:29 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 16:29 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 16:29 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 16:29 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 16:29 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 16:29 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-11 16:29 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 16:29 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 16:29 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-08 08:26 - 2016-05-16 12:37 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{14FE7368-F659-47C0-8883-5E613DC13BF8}
2016-05-08 07:33 - 2016-05-08 07:33 - 00000000 ____D C:\Suunto
2016-05-01 18:12 - 2016-05-01 18:12 - 00262012 _____ C:\WINDOWS\Minidump\050116-43359-01.dmp
2016-04-25 00:35 - 2016-04-25 00:35 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-04-17 17:12 - 2016-05-15 08:04 - 00001220 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-04-17 17:12 - 2016-05-15 08:04 - 00001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-04-17 17:12 - 2016-04-17 17:12 - 00000000 ____D C:\Users\alexa\AppData\Roaming\Canneverbe Limited
2016-04-17 17:12 - 2016-04-17 17:12 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2016-04-17 17:12 - 2016-04-17 17:12 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-16 12:43 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-16 12:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-16 12:34 - 2015-08-04 12:55 - 00000000 ___RD C:\Users\alexa\OneDrive
2016-05-15 10:33 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-15 10:33 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-15 10:33 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-15 10:33 - 2015-08-04 20:58 - 01799230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-15 10:27 - 2015-12-06 04:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-15 08:17 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-15 08:04 - 2015-12-07 14:31 - 00002113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager Deinstallationsprogramm.lnk
2016-05-15 08:04 - 2015-12-07 14:31 - 00002093 _____ C:\Users\Public\Desktop\tiptoi® Manager.lnk
2016-05-15 08:04 - 2015-12-07 14:31 - 00002045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi.lnk
2016-05-15 08:04 - 2015-12-06 04:50 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-15 08:04 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-15 08:04 - 2015-08-04 12:55 - 00002379 _____ C:\Users\alexa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-15 07:37 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-15 07:30 - 2015-08-01 19:26 - 00000000 ___HD C:\$SysReset
2016-05-14 21:50 - 2015-12-06 04:46 - 00000000 ____D C:\Users\alexa
2016-05-14 21:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-05-14 21:31 - 2015-08-04 10:49 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-05-14 16:16 - 2015-12-07 14:31 - 00000000 ____D C:\ProgramData\RavensburgerTipToi3
2016-05-14 16:16 - 2015-12-07 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2016-05-14 16:16 - 2015-12-07 14:31 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2016-05-14 16:16 - 2015-12-07 14:30 - 00000000 ____D C:\Users\alexa\.oracle_jre_usage
2016-05-13 11:30 - 2016-02-13 09:48 - 00000000 ____D C:\WINDOWS\Minidump
2016-05-13 11:30 - 2015-08-10 08:25 - 554641220 _____ C:\WINDOWS\MEMORY.DMP
2016-05-13 10:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-12 18:57 - 2015-08-04 12:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-12 18:28 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-05-12 03:30 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 03:30 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-12 03:30 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-12 03:30 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-12 03:30 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 16:35 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 16:34 - 2015-08-12 08:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 16:31 - 2015-08-12 08:52 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-07 19:55 - 2015-12-06 09:14 - 00000000 ____D C:\Users\alexa\AppData\Local\Deployment
2016-05-05 15:40 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-05 15:40 - 2015-09-02 14:43 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-05 15:36 - 2015-08-04 12:53 - 00000000 ____D C:\Users\alexa\AppData\Local\Packages
2016-04-25 00:35 - 2015-10-19 14:10 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2016-04-22 09:57 - 2015-08-04 12:56 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-18 03:33 - 2015-12-06 04:44 - 00340320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-18 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-18 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-02-19 19:41 - 2016-02-19 19:41 - 0000017 _____ () C:\Users\alexa\AppData\Local\resmon.resmoncfg
2015-12-06 04:45 - 2015-12-06 04:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\alexa\AppData\Local\Temp\amisetup3696__19333_il2.exe
C:\Users\alexa\AppData\Local\Temp\amisetup3726__19334_il2.exe
C:\Users\alexa\AppData\Local\Temp\eMT8uZNxfX.exe
C:\Users\alexa\AppData\Local\Temp\i4jdel0.exe
C:\Users\alexa\AppData\Local\Temp\libeay32.dll
C:\Users\alexa\AppData\Local\Temp\msvcr120.dll
C:\Users\alexa\AppData\Local\Temp\nse244A.tmp.exe
C:\Users\alexa\AppData\Local\Temp\proxy_vole3596074262075648695.dll
C:\Users\alexa\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-11 16:31

==================== Ende von FRST.txt ============================
Hallo, erstmal Danke dass Du mir wieder helfen willst.
Könnte ich das Notebook auch zurücksetzen ohne dass mir meine "Apps" verlohren gehen?

Code:
C:\Program Files (x86)\Max Driver Updater\uninstaller.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Max Driver Updater\uninstaller.exe.vir
C:\Program Files (x86)\QuickSearch\dxr3027.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\dxr3027.exe.vir
C:\Program Files (x86)\QuickSearch\freebl3.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\freebl3.dll.vir
C:\Program Files (x86)\QuickSearch\libnspr4.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\libnspr4.dll.vir
C:\Program Files (x86)\QuickSearch\libplc4.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\libplc4.dll.vir
C:\Program Files (x86)\QuickSearch\libplds4.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\libplds4.dll.vir
C:\Program Files (x86)\QuickSearch\nss3.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\nss3.dll.vir
C:\Program Files (x86)\QuickSearch\nssckbi.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\nssckbi.dll.vir
C:\Program Files (x86)\QuickSearch\nssdbm3.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\nssdbm3.dll.vir
C:\Program Files (x86)\QuickSearch\nssutil3.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\nssutil3.dll.vir
C:\Program Files (x86)\QuickSearch\s.xml->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\s.xml.vir
C:\Program Files (x86)\QuickSearch\slite.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\slite.exe.vir
C:\Program Files (x86)\QuickSearch\smime3.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\smime3.dll.vir
C:\Program Files (x86)\QuickSearch\softokn3.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\softokn3.dll.vir
C:\Program Files (x86)\QuickSearch\sqlite3.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\sqlite3.dll.vir
C:\Program Files (x86)\QuickSearch\ssl3.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\ssl3.dll.vir
C:\Program Files (x86)\QuickSearch\uninstall.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\uninstall.exe.vir
C:\Program Files (x86)\QuickSearch\ZDDLL.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\ZDDLL.dll.vir
C:\Program Files (x86)\QuickSearch\ZDDLL64.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\ZDDLL64.dll.vir
C:\Program Files (x86)\QuickSearch\ZDDLL64.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\ZDDLL64.exe.vir
C:\Program Files (x86)\QuickSearch\zdengine.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\zdengine.dll.vir
C:\Program Files (x86)\QuickSearch\zdengine.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\zdengine.exe.vir
C:\Program Files (x86)\QuickSearch\zdengine.tlb->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\zdengine.tlb.vir
C:\Program Files (x86)\QuickSearch\zdengine64.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\zdengine64.dll.vir
C:\Program Files (x86)\QuickSearch\zdenginecert.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\zdenginecert.dll.vir
C:\Program Files (x86)\QuickSearch\zdinstaller.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\zdinstaller.exe.vir
C:\Program Files (x86)\QuickSearch\zdwfp.sys->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\zdwfp.sys.vir
C:\Program Files (x86)\QuickSearch\zdwfp64.sys->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\zdwfp64.sys.vir
C:\Program Files (x86)\QuickSearch\ziengine.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\ziengine.exe.vir
C:\Program Files (x86)\QuickSearch\ziengine.ini->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\ziengine.ini.vir
C:\Program Files (x86)\QuickSearch\ziengine64.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\QuickSearch\ziengine64.exe.vir
C:\Program Files (x86)\SearchProtect\EULA.txt->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\EULA.txt.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\settings.html.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\style.css.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.css->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.css.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.html->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.html.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.js.vir
C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js.vir
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll.vir
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll.vir
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll.vir
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir
C:\Program Files (x86)\SearchProtect\Main\rep\cfi.bin->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\Main\rep\cfi.bin.vir
C:\Program Files (x86)\SearchProtect\Main\rep\edk.bin->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\Main\rep\edk.bin.vir
C:\Program Files (x86)\SearchProtect\Main\rep\pni.bin->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\Main\rep\pni.bin.vir
C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat.vir
C:\Program Files (x86)\SearchProtect\Main\rep\trn.bin->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\Main\rep\trn.bin.vir
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir
C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll.vir
C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir
C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.pun->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.pun.vir
C:\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\hnsn5C39.tmp->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\hnsn5C39.tmp.vir
C:\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\jnst46E9.tmp->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\jnst46E9.tmp.vir
C:\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\knsp306D.tmpfs->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\knsp306D.tmpfs.vir
C:\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\rnsn44A3.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\rnsn44A3.exe.vir
C:\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\Uninstall.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\Uninstall.exe.vir
C:\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\vnss1E78.tmp->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\17ECCBFF-1463254336-C64D-BBBC-C80AA99547A7\vnss1E78.tmp.vir
C:\Program Files (x86)\SunnyDay21\predm.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SunnyDay21\predm.exe.vir
C:\Program Files (x86)\SunnyDay21\SunnyDay.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SunnyDay21\SunnyDay.exe.vir
C:\Program Files (x86)\SunnyDay21\unins000.dat->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SunnyDay21\unins000.dat.vir
C:\Program Files (x86)\SunnyDay21\unins000.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SunnyDay21\unins000.exe.vir
C:\Program Files (x86)\Reikuchreawopy\Rkcadpsrv.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Reikuchreawopy\Rkcadpsrv.exe.vir
C:\Program Files (x86)\Reikuchreawopy\Rkcadptsk.exe->C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Reikuchreawopy\Rkcadptsk.exe.vir
C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\zdengine\zdengine.ini->C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\zdengine\zdengine.ini.vir
C:\Users\alexa\AppData\Local\SearchProtect\UI\rep\UIRepository.dat->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\SearchProtect\UI\rep\UIRepository.dat.vir
C:\Users\alexa\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat.vir
C:\Users\alexa\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat.vir
C:\Users\alexa\AppData\Local\SunnyDay21\usun.exe->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\SunnyDay21\usun.exe.vir
C:\Users\alexa\AppData\Local\SunnyDay21\SunnyDay21\1.20\cnf.cyl->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\SunnyDay21\SunnyDay21\1.20\cnf.cyl.vir
C:\Users\alexa\AppData\Local\SunnyDay21\SunnyDay21\1.20\eorezo.cyl->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\SunnyDay21\SunnyDay21\1.20\eorezo.cyl.vir
C:\Users\alexa\AppData\Local\csdi_monetize_220160512\csdi_monetize_220160512\1.10\cnf.cyl->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\csdi_monetize_220160512\csdi_monetize_220160512\1.10\cnf.cyl.vir
C:\Users\alexa\AppData\Local\csdi_monetize_220160512\csdi_monetize_220160512\1.10\eorezo.cyl->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\csdi_monetize_220160512\csdi_monetize_220160512\1.10\eorezo.cyl.vir
C:\Users\alexa\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5\config.js->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5\config.js.vir
C:\Users\alexa\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5\tree.js->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5\tree.js.vir
C:\Users\alexa\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5\wlist.js->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5\wlist.js.vir
C:\END->C:\AdwCleaner\FileQuarantine\C\END.vir
C:\WINDOWS\SysWOW64\zdengineOff.ini->C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysWOW64\zdengineOff.ini.vir
C:\WINDOWS\SysWOW64\zdengine.dll->C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysWOW64\zdengine.dll.vir
C:\Users\alexa\AppData\Local\Temp\zdengine.log->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\Temp\zdengine.log.vir
C:\Users\alexa\AppData\Local\Temp\ziengine.ini.log->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\Temp\ziengine.ini.log.vir
C:\WINDOWS\SysNative\zdengineOff.ini->C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysNative\zdengineOff.ini.vir
C:\WINDOWS\SysNative\zdengine64.dll->C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysNative\zdengine64.dll.vir
C:\WINDOWS\SysNative\drivers\cherimoya.sys->C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysNative\drivers\cherimoya.sys.vir
C:\WINDOWS\SysNative\drivers\bsdpr64.sys->C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysNative\drivers\bsdpr64.sys.vir
C:\WINDOWS\SysNative\drivers\bsdpf64.sys->C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysNative\drivers\bsdpf64.sys.vir
C:\Users\alexa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC\MPC Cleaner.lnk->C:\AdwCleaner\FileQuarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC\MPC Cleaner.lnk.vir
C:\Users\alexa\AppData\Local\csdi_monetize_220160512\csdi_monetize_220160512\1.10\cnf.cyl->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\csdi_monetize_220160512\csdi_monetize_220160512\1.10\cnf.cyl.vir
C:\Users\alexa\AppData\Local\csdi_monetize_220160512\csdi_monetize_220160512\1.10\eorezo.cyl->C:\AdwCleaner\FileQuarantine\C\Users\alexa\AppData\Local\csdi_monetize_220160512\csdi_monetize_220160512\1.10\eorezo.cyl.vir
C:\Users\Public\Desktop\MPC Cleaner.lnk->C:\AdwCleaner\FileQuarantine\C\Users\Public\Desktop\MPC Cleaner.lnk.vir
C:\WINDOWS\System32\dnsapi.dll->C:\AdwCleaner\FileQuarantine\C\WINDOWS\System32\dnsapi.dll.vir
C:\WINDOWS\SysWOW64\dnsapi.dll->C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysWOW64\dnsapi.dll.vir
Code:
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine->C:\AdwCleaner\RegistryQuarantine\reg_dytggneypy.reg
HKLM\SOFTWARE\CLASSES\APPID\zdengine.EXE->C:\AdwCleaner\RegistryQuarantine\reg_oxbvqpnlci.reg
HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}->C:\AdwCleaner\RegistryQuarantine\reg_kwcvaozcjt.reg
HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}->C:\AdwCleaner\RegistryQuarantine\reg_mtpojsnacn.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataContainer->C:\AdwCleaner\RegistryQuarantine\reg_enkgcbmcsx.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataContainer.1->C:\AdwCleaner\RegistryQuarantine\reg_ixdjnvwskf.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataController->C:\AdwCleaner\RegistryQuarantine\reg_eopdkmueiu.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataController.1->C:\AdwCleaner\RegistryQuarantine\reg_ebgngzzkxw.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataTable->C:\AdwCleaner\RegistryQuarantine\reg_hduucegaxf.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataTable.1->C:\AdwCleaner\RegistryQuarantine\reg_qluiiqrtkw.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataTableFields->C:\AdwCleaner\RegistryQuarantine\reg_ebcmsqklwn.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataTableFields.1->C:\AdwCleaner\RegistryQuarantine\reg_fuewqqcfuk.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataTableHolder->C:\AdwCleaner\RegistryQuarantine\reg_rtzsvzawvk.reg
HKLM\SOFTWARE\Classes\zdengineLib.DataTableHolder.1->C:\AdwCleaner\RegistryQuarantine\reg_moacxlaphf.reg
HKLM\SOFTWARE\Classes\zdengineLib.LSPLogic->C:\AdwCleaner\RegistryQuarantine\reg_wnkzzdtyry.reg
HKLM\SOFTWARE\Classes\zdengineLib.LSPLogic.1->C:\AdwCleaner\RegistryQuarantine\reg_idxmtfofmu.reg
HKLM\SOFTWARE\Classes\zdengineLib.ReadOnlyManager->C:\AdwCleaner\RegistryQuarantine\reg_boaqfrebek.reg
HKLM\SOFTWARE\Classes\zdengineLib.ReadOnlyManager.1->C:\AdwCleaner\RegistryQuarantine\reg_lbvsgkkbfi.reg
HKLM\SOFTWARE\Classes\zdengineLib.WFPController->C:\AdwCleaner\RegistryQuarantine\reg_nxmwjdaapg.reg
HKLM\SOFTWARE\Classes\zdengineLib.WFPController.1->C:\AdwCleaner\RegistryQuarantine\reg_rjiqpxrqgu.reg
HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}->C:\AdwCleaner\RegistryQuarantine\reg_dqleihhpyf.reg
HKLM\SOFTWARE\Classes\AppID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}->C:\AdwCleaner\RegistryQuarantine\reg_fyjwslrbyf.reg
HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}->C:\AdwCleaner\RegistryQuarantine\reg_lvvwuepsks.reg
HKLM\SOFTWARE\Classes\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}->C:\AdwCleaner\RegistryQuarantine\reg_ebenskdyaz.reg
HKLM\SOFTWARE\Classes\CLSID\{176F706B-5175-479C-A3DF-32420F6FB01A}->C:\AdwCleaner\RegistryQuarantine\reg_zakdphmzor.reg
HKLM\SOFTWARE\Classes\CLSID\{38BE2BE8-EB8E-41D1-9D94-3B1697094D47}->C:\AdwCleaner\RegistryQuarantine\reg_mankmkjnqc.reg
HKLM\SOFTWARE\Classes\CLSID\{53C267B2-B01D-410F-A4DD-A32962EE55F4}->C:\AdwCleaner\RegistryQuarantine\reg_xdvamcwkzk.reg
HKLM\SOFTWARE\Classes\CLSID\{8804A543-42D3-4D71-9685-B0243D5526F3}->C:\AdwCleaner\RegistryQuarantine\reg_vbitsvtcvv.reg
HKLM\SOFTWARE\Classes\CLSID\{A0F322D5-6A13-4CAB-84CF-FABB5690618E}->C:\AdwCleaner\RegistryQuarantine\reg_usbizpaffh.reg
HKLM\SOFTWARE\Classes\CLSID\{AC3E336C-B524-47F0-9AA2-5F67AA056086}->C:\AdwCleaner\RegistryQuarantine\reg_fjrkkqzbec.reg
HKLM\SOFTWARE\Classes\CLSID\{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}->C:\AdwCleaner\RegistryQuarantine\reg_gstvvoqngj.reg
HKLM\SOFTWARE\Classes\CLSID\{F577A1BA-D82D-4BB2-8430-B767285D081D}->C:\AdwCleaner\RegistryQuarantine\reg_tnweeiacdc.reg
HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}->C:\AdwCleaner\RegistryQuarantine\reg_obcfxakaim.reg
HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}->C:\AdwCleaner\RegistryQuarantine\reg_qlrnesewkr.reg
HKLM\SOFTWARE\Classes\Interface\{0FF03983-EAA6-4628-8E7C-387B2D4F8EF2}->C:\AdwCleaner\RegistryQuarantine\reg_bdwsdxvmbe.reg
HKLM\SOFTWARE\Classes\Interface\{3A71C84A-1CC4-4201-B037-C81CE118D66F}->C:\AdwCleaner\RegistryQuarantine\reg_cjfacyzqqk.reg
HKLM\SOFTWARE\Classes\Interface\{432599E9-40CF-41E3-951A-E1E81B7B1D29}->C:\AdwCleaner\RegistryQuarantine\reg_jncrkmogcq.reg
HKLM\SOFTWARE\Classes\Interface\{7D215707-3E74-4E0E-A078-2C95E1CDE233}->C:\AdwCleaner\RegistryQuarantine\reg_kdcovdphrc.reg
HKLM\SOFTWARE\Classes\Interface\{9295785F-8C01-4ED3-9322-8BE5C17CA141}->C:\AdwCleaner\RegistryQuarantine\reg_wxnlqyvkaw.reg
HKLM\SOFTWARE\Classes\Interface\{B98E44C8-7BB7-4A4A-B8D2-60874CA109B2}->C:\AdwCleaner\RegistryQuarantine\reg_jaoyrgopsv.reg
HKLM\SOFTWARE\Classes\Interface\{C656BCEB-6B19-4992-9975-D53CEA283356}->C:\AdwCleaner\RegistryQuarantine\reg_hufxiwlnkl.reg
HKLM\SOFTWARE\Classes\Interface\{D5AC4B9C-8EE4-48AD-A77E-1560AD886A0B}->C:\AdwCleaner\RegistryQuarantine\reg_radbzggdrx.reg
HKLM\SOFTWARE\Classes\Interface\{D6914FD3-FD8E-45AD-8993-901E7B2759FD}->C:\AdwCleaner\RegistryQuarantine\reg_vsakeognql.reg
HKLM\SOFTWARE\Classes\Interface\{E0106905-0EDD-4F56-BDB5-890A1F6E8F47}->C:\AdwCleaner\RegistryQuarantine\reg_thduwwzvzr.reg
HKLM\SOFTWARE\Classes\Interface\{E26E880F-176C-4007-B2A7-B8F27621EC51}->C:\AdwCleaner\RegistryQuarantine\reg_xmsoiqnudi.reg
HKLM\SOFTWARE\Classes\Interface\{E776B534-9402-4049-87C3-089EC0F54BAF}->C:\AdwCleaner\RegistryQuarantine\reg_kdgwsxuaqw.reg
HKLM\SOFTWARE\Classes\Interface\{FCFBBE24-2ADA-4D6E-A381-DEC6E3EAEE21}->C:\AdwCleaner\RegistryQuarantine\reg_dtovxpjjgf.reg
HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}->C:\AdwCleaner\RegistryQuarantine\reg_jghzjurouj.reg
HKLM\SOFTWARE\Classes\TypeLib\{63492C58-6CD7-4FF7-8495-06A6869643EE}->C:\AdwCleaner\RegistryQuarantine\reg_hfqdjprrsb.reg
HKCU\Software\Microsoft\Tinstalls->C:\AdwCleaner\RegistryQuarantine\reg_rkcpblxzas.reg
HKCU\Software\SearchProtect->C:\AdwCleaner\RegistryQuarantine\reg_atlqkxruoj.reg
HKCU\Software\Wizzlabs->C:\AdwCleaner\RegistryQuarantine\reg_kxhcgponfj.reg
HKCU\Software\MICROSOFT\IDSC->C:\AdwCleaner\RegistryQuarantine\reg_pxsbfdwakl.reg
HKCU\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}->C:\AdwCleaner\RegistryQuarantine\reg_qsxitecrym.reg
HKLM\SOFTWARE\MPC->C:\AdwCleaner\RegistryQuarantine\reg_mncefmurov.reg
HKLM\SOFTWARE\QuickSearch->C:\AdwCleaner\RegistryQuarantine\reg_wwgpnjwlsn.reg
HKLM\SOFTWARE\SearchProtect->C:\AdwCleaner\RegistryQuarantine\reg_pvegvhbnjp.reg
HKLM\SOFTWARE\SPPDCOM->C:\AdwCleaner\RegistryQuarantine\reg_xqjhhqzvjt.reg
HKLM\SOFTWARE\SUNNYDAY->C:\AdwCleaner\RegistryQuarantine\reg_zygzkjvlgm.reg
HKLM\SOFTWARE\SrpnFiles->C:\AdwCleaner\RegistryQuarantine\reg_lldwffqirh.reg
HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}->C:\AdwCleaner\RegistryQuarantine\reg_ejbhvyubku.reg
HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}->C:\AdwCleaner\RegistryQuarantine\reg_clcuoadvwq.reg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickSearch->C:\AdwCleaner\RegistryQuarantine\reg_ctrhfyjmtw.reg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect->C:\AdwCleaner\RegistryQuarantine\reg_dwhgalrdrk.reg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SunnyDay21_is1->C:\AdwCleaner\RegistryQuarantine\reg_kftywnlajw.reg
HKLM64\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}->C:\AdwCleaner\RegistryQuarantine\reg_pcciaqlmla.reg
HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}->C:\AdwCleaner\RegistryQuarantine\reg_oflkmobexj.reg
HKCU\Software\Microsoft\Internet Explorer\Main|Start Page->C:\AdwCleaner\RegistryQuarantine\reg_uvavhphzug.reg
HKU\S-1-5-21-3171644139-384468425-47721600-1001\Software\Microsoft\Internet Explorer\Main|Start Page->C:\AdwCleaner\RegistryQuarantine\reg_kjvakvtlcw.reg
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6560F6DC-6A8C-4AF7-BC36-9189825148B8}->C:\AdwCleaner\RegistryQuarantine\reg_kdiuabndvf.reg
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}->C:\AdwCleaner\RegistryQuarantine\reg_ixrlzvgjjt.reg
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs->C:\AdwCleaner\RegistryQuarantine\reg_faktvhtpbm.reg
HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs->C:\AdwCleaner\RegistryQuarantine\reg_lyknulufhh.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0c4b520c-7258-4b41-af91-e73d5edaadcd}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_paulyswuvs.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{17377cc6-ba5f-49b2-812c-c49e953989a6}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_rzcfnywuhz.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{41fe8deb-cafe-4ab7-8750-e99d28d1b97d}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_vywcnkpoia.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{44822fd4-9bc3-11e5-b07d-806e6f6e6963}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_hgyztuagif.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{68dedf0f-b32a-43f3-aace-e4dd9874c79a}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_ykrwdafgct.reg
HKCU\Software\Microsoft\Internet Explorer\DOMStorage\nps.pastaleads.com->C:\AdwCleaner\RegistryQuarantine\reg_tbajqjabaa.reg
HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.com->C:\AdwCleaner\RegistryQuarantine\reg_hrbppnkfzc.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akamaihd.net->C:\AdwCleaner\RegistryQuarantine\reg_qhrpjaczhc.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bestpriceninja.com->C:\AdwCleaner\RegistryQuarantine\reg_mysghfvtdy.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\de.softonic.com->C:\AdwCleaner\RegistryQuarantine\reg_rhtqfqotmj.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hdapp1008-a.akamaihd.net->C:\AdwCleaner\RegistryQuarantine\reg_wdoxpbuaon.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nps.pastaleads.com->C:\AdwCleaner\RegistryQuarantine\reg_ilbjactdbh.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pastaleads.com->C:\AdwCleaner\RegistryQuarantine\reg_dtcfbuonhz.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.bestpriceninja.com->C:\AdwCleaner\RegistryQuarantine\reg_clsmlpujwl.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com->C:\AdwCleaner\RegistryQuarantine\reg_xyqceseyux.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akamaihd.net->C:\AdwCleaner\RegistryQuarantine\reg_jktkqvbwkw.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bestpriceninja.com->C:\AdwCleaner\RegistryQuarantine\reg_rqgjvoibzl.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\de.softonic.com->C:\AdwCleaner\RegistryQuarantine\reg_mdlrjplgog.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hdapp1008-a.akamaihd.net->C:\AdwCleaner\RegistryQuarantine\reg_taijxnalld.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nps.pastaleads.com->C:\AdwCleaner\RegistryQuarantine\reg_sxlbztpqqz.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pastaleads.com->C:\AdwCleaner\RegistryQuarantine\reg_qkvzvpyqzl.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com->C:\AdwCleaner\RegistryQuarantine\reg_mkcafvaicv.reg
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com->C:\AdwCleaner\RegistryQuarantine\reg_aydedhooij.reg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|sun21->C:\AdwCleaner\RegistryQuarantine\reg_lgedfpavav.reg
HKCU\Software\Wizzlabs->C:\AdwCleaner\RegistryQuarantine\reg_pgvonytsoy.reg
HKLM\SOFTWARE\MPC->C:\AdwCleaner\RegistryQuarantine\reg_rjjrhzhbyb.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0c4b520c-7258-4b41-af91-e73d5edaadcd}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_kmvfmpgvlj.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{17377cc6-ba5f-49b2-812c-c49e953989a6}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_kalemvinqf.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{41fe8deb-cafe-4ab7-8750-e99d28d1b97d}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_hwyiamquuc.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{44822fd4-9bc3-11e5-b07d-806e6f6e6963}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_vyaoryhyid.reg
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{68dedf0f-b32a-43f3-aace-e4dd9874c79a}|NameServer->C:\AdwCleaner\RegistryQuarantine\reg_cbhzapqsrs.reg
Der Bitdefender hat viel gefunden und gelöscht leider finde ich da kein log

cosinus 17.05.2016 10:07
Bitte schau im Programm richtig nach. Jeder Virenscanner hat ein Log.


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:13 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131