FRST Addition Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by BiLo (administrator) on BILO-PC on 04-12-2014 12:39:16
Running from C:\Users\BiLo\Desktop
Loaded Profile: BiLo (Available profiles: BiLo)
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kingsoft Corporation) C:\Program Files (x86)\kingsoft\kingsoft antivirus\kxescore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\mediainformationaccess\updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\mediainformationaccess\updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\mediainformationaccess\updater.exe
() C:\Program Files\mediainformationaccess\updater.exe
() C:\Program Files\mediainformationaccess\updater.exe
() C:\Program Files\mediainformationaccess\updater.exe
() C:\Program Files\mediainformationaccess\updater.exe
() C:\Program Files\mediainformationaccess\updater.exe
() C:\Program Files\mediainformationaccess\updater.exe
() C:\Program Files\mediainformationaccess\updater.exe
() C:\Program Files\mediainformationaccess\updater.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\...\Run: [] => [X]
HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-02] (Microsoft Corporation)
BootExecute: autocheck autochk * sh4native Sh4Removalsdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE091E2810BF4CC01
HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll (腾讯公司)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO-x32: SignoIEHelper.SignoIEHelp -> {C5323D86-13B6-4B06-A27E-3D19E2954017} -> C:\Program Files (x86)\signotec\Dll\SignoIEHelper.dll (signotec GmbH, Ratingen)
BHO-x32: QQÏÂÔØÖúÊÖä¯ÀÀÆ÷¿Ø¼þ -> {C9C7334B-5657-41e1-8F79-F6AACECA05F4} -> C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\49\Browser\QQIEHelper01.dll (Tencent Technology (Shenzhen) Company Limited)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: AccountProtectBHO Class -> {DDD362CF-523B-4BC9-8FDC-58F93B6BC945} -> C:\Users\BiLo\AppData\Roaming\Tencent\QQ\QQAntiPhishing\AccountProtect.dll (Tencent)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
DPF: HKLM-x32 {03A89EFD-E023-7700-A22D-45F77558EB4C} https://cs7.netucate.net/campus/download/ilinci77.dll
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\BiLo\AppData\Roaming\Mozilla\Firefox\Profiles\08vv59hj.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kingsfot.com/npkws -> C:\Program Files (x86)\kingsoft\kingsoft antivirus\npkws.dll (Kingsoft Corporation)
FF Plugin-x32: @kingsoft.com/npkvip -> c:\program files (x86)\kingsoft\kingsoft antivirus\npkvip.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll (腾讯公司)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npactivex.dll (Tencent)
FF Plugin-x32: @qq.com/QQMiniDLPlugin -> C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\49\Browser\npXFMiniDLPlugin.dll (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @qq.com/QQPhotoDrawEx -> C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll ()
FF Plugin-x32: @qq.com/QzoneMusic -> C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll (Tencent)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.49\Bin\npSSOAxCtrlForPTLogin.dll (Tencent)
FF Plugin-x32: @tencent.com/npQQMailWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\npQQMailWebKit.dll (Tencent)
FF Plugin-x32: @tencent.com/nptxftnWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-2015670880-1155494743-3860310727-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\BiLo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2015670880-1155494743-3860310727-1001: ubisoft.com/uplaypc -> E:\Spiele\Die Siedler 7\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll No File
FF user.js: detected! => C:\Users\BiLo\AppData\Roaming\Mozilla\Firefox\Profiles\08vv59hj.default\user.js
FF SearchPlugin: C:\Users\BiLo\AppData\Roaming\Mozilla\Firefox\Profiles\08vv59hj.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\BiLo\AppData\Roaming\Mozilla\Firefox\Profiles\08vv59hj.default\searchplugins\google-maps.xml
FF Extension: Avira Browser Safety - C:\Users\BiLo\AppData\Roaming\Mozilla\Firefox\Profiles\08vv59hj.default\Extensions\abs@avira.com [2014-12-03]
FF Extension: Download videos and MP3s from YouTube - C:\Users\BiLo\AppData\Roaming\Mozilla\Firefox\Profiles\08vv59hj.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-19]
FF HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] - C:\Users\BiLo\AppData\Roaming\11002
FF Extension: Java String Helper - C:\Users\BiLo\AppData\Roaming\11002 [2012-03-20]
FF HKU\S-1-5-21-2015670880-1155494743-3860310727-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-19]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSearchKeyword: Default -> lolnexus.com
CHR DefaultSearchURL: Default -> hxxp://www.lolnexus.com/EUW/search?name={searchTerms}®ion=EUW
CHR DefaultSuggestURL: Default ->
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\plugin/content_blocker_npapi.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\plugin/npVKPlugin.dll No File
CHR Plugin: (QQ2011) - C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
CHR Plugin: (Tencent SSO Platform) - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.77\Bin\npSSOAxCtrlForPTLogin.dll No File
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (QQMusic) - C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll (Tencent)
CHR Plugin: (QQPCMgr Detector) - C:\Program Files (x86)\Tencent\QQPCMgr\7.2.8052.210\npQMExtensionsMozilla.dll No File
CHR Plugin: (npQQPhotoDrawEx) - C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll ()
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Unity Player) - C:\Users\BiLo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Kingsoft@Firefox ActiveX Comm) - c:\program files (x86)\kingsoft\kingsoft antivirus\npkvip.dll ()
CHR Plugin: (Kingsoft Internet Security) - c:\program files (x86)\kingsoft\kingsoft antivirus\npkws.dll (Kingsoft Corporation)
CHR Profile: C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16]
CHR Extension: (No History) - C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch [2014-06-19]
CHR Extension: (Google Wallet) - C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-04-13]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 kxescore; c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe [280024 2014-12-01] (Kingsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 updater; C:\Program Files\mediainformationaccess\updater.exe [679936 2014-12-03] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-21] (DT Soft Ltd)
R1 KDHacker; c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [185656 2014-09-05] (Kingsoft Corporation)
R2 kisknl; C:\Windows\system32\drivers\kisknl.sys [228152 2014-12-01] (Kingsoft Corporation)
R1 kisnetm; c:\program files (x86)\kingsoft\kingsoft antivirus\security\ksnetm\kisnetm64.sys [109880 2014-07-08] (Kingsoft Corporation)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2014-03-13] (Kingsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-07-01] (PixArt Imaging Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\8.8.10778.238\QMUdisk64.sys [X]
S0 wrnk; System32\drivers\ucaoo.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-04 12:42 - 2014-12-04 12:44 - 00042036 _____ () C:\Users\BiLo\Desktop\Ereignisse.txt
2014-12-04 12:36 - 2014-12-04 12:36 - 00000000 _____ () C:\Users\BiLo\Desktop\Neues Textdokument.txt
2014-12-04 12:32 - 2014-12-04 12:39 - 00038983 _____ () C:\Users\BiLo\Desktop\Addition.txt
2014-12-04 12:32 - 2014-12-04 12:34 - 00000000 ____D () C:\Users\BiLo\Desktop\Neuer Ordner (4)
2014-12-04 12:31 - 2014-12-04 12:31 - 00042122 _____ () C:\Users\BiLo\Desktop\Malwarbyte.txt
2014-12-04 12:24 - 2014-12-04 12:43 - 00021228 _____ () C:\Users\BiLo\Desktop\FRST.txt
2014-12-04 12:24 - 2014-12-04 12:39 - 00000000 ____D () C:\FRST
2014-12-04 12:23 - 2014-12-04 12:23 - 02117632 _____ (Farbar) C:\Users\BiLo\Desktop\FRST64.exe
2014-12-03 21:28 - 2014-12-04 11:55 - 08704507 _____ () C:\Windows\SysWOW64\debug.log
2014-12-03 18:25 - 2014-12-04 12:26 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-03 18:24 - 2014-12-03 18:24 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-03 18:24 - 2014-12-03 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-03 18:24 - 2014-12-03 18:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 18:24 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-03 18:24 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-03 18:24 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-03 18:23 - 2014-12-03 18:23 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\BiLo\Downloads\mbam-setup-2.0.3.1025.exe
2014-12-03 18:19 - 2014-12-03 18:19 - 00602112 _____ (OldTimer Tools) C:\Users\BiLo\Downloads\OTL.exe
2014-12-03 13:19 - 2014-12-03 13:19 - 00002112 _____ () C:\Users\BiLo\Desktop\SpyBot - Search & Destroy - CHIP Downloader.lnk
2014-12-03 13:18 - 2014-12-03 13:18 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-12-03 13:18 - 2014-12-03 13:18 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-12-03 13:18 - 2014-12-03 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-12-03 13:18 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-12-03 13:17 - 2014-12-03 13:24 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-03 13:11 - 2014-12-03 13:11 - 01174352 _____ () C:\Users\BiLo\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-12-03 12:53 - 2014-12-03 12:52 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-12-03 12:51 - 2014-12-03 12:51 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Avira
2014-12-03 12:47 - 2014-10-23 14:02 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-12-03 12:47 - 2014-10-23 14:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-12-03 12:47 - 2014-10-23 14:01 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-12-03 12:44 - 2014-12-03 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-03 12:44 - 2014-12-03 12:47 - 00000000 ____D () C:\ProgramData\Avira
2014-12-03 12:44 - 2014-12-03 12:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-03 12:44 - 2014-12-03 12:44 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-03 12:43 - 2014-12-03 12:43 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\BiLo\Downloads\avira_de_av_5659826454__ws.exe
2014-12-03 12:43 - 2014-12-03 12:43 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-03 12:33 - 2014-12-03 12:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-03 12:01 - 2014-12-04 12:44 - 00000112 _____ () C:\ProgramData\dRUisk.dat
2014-12-03 11:56 - 2014-12-03 11:59 - 00000000 ____D () C:\Program Files\mediainformationaccess
2014-12-03 11:54 - 2014-12-03 11:54 - 00432688 _____ () C:\Windows\Minidump\120314-17737-01.dmp
2014-12-02 12:52 - 2014-12-02 12:52 - 00000000 ____D () C:\Windows\system32\SPReview
2014-12-02 12:51 - 2014-12-02 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-02 12:48 - 2014-12-02 12:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-02 12:48 - 2014-12-02 12:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-02 12:38 - 2014-12-02 12:38 - 00027155 _____ () C:\Users\BiLo\Downloads\hummer_training_control_map_by_time2kill_v4__pro.zip
2014-12-02 12:31 - 2014-09-15 01:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-01 20:28 - 2014-12-01 20:28 - 00002029 _____ () C:\Users\BiLo\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk
2014-12-01 20:28 - 2014-12-01 20:28 - 00002005 _____ () C:\Users\BiLo\Desktop\888poker.lnk
2014-12-01 20:28 - 2014-12-01 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker
2014-11-30 02:37 - 2014-11-30 02:37 - 00003424 ____N () C:\bootsqm.dat
2014-11-29 22:54 - 2014-11-29 22:54 - 00001980 _____ () C:\Users\BiLo\Desktop\PokerStars.eu.lnk
2014-11-29 22:54 - 2014-11-29 22:54 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-11-29 22:51 - 2014-11-29 22:52 - 108594192 _____ (PokerStars) C:\Users\BiLo\Downloads\PokerStarsInstallEU.exe
2014-11-27 17:29 - 2014-12-01 22:15 - 00000000 ____D () C:\Users\BiLo\AppData\Local\PokerStars.EU
2014-11-27 17:29 - 2014-11-29 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2014-11-27 17:27 - 2014-11-29 22:54 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-11-27 16:57 - 2014-12-01 20:29 - 00000000 ____D () C:\Users\BiLo\Documents\888poker
2014-11-27 16:57 - 2014-12-01 20:28 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\PacificPoker
2014-11-27 16:57 - 2014-11-27 16:57 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\888poker
2014-11-27 16:56 - 2014-12-01 20:28 - 00000000 ____D () C:\Program Files (x86)\PacificPoker
2014-11-27 15:23 - 2014-11-29 22:28 - 00000000 ____D () C:\Users\BiLo\Documents\StarCraft II
2014-11-25 18:28 - 2014-11-25 18:28 - 00000000 ____D () C:\Users\BiLo\AppData\Local\TuneUp Software
2014-11-25 18:27 - 2014-11-29 22:28 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-11-25 18:24 - 2014-11-25 18:24 - 28598072 _____ (TuneUp Software) C:\Users\BiLo\Downloads\TuneUpUtilities2014_34de-DE.exe
2014-11-25 17:08 - 2014-11-25 17:09 - 202853696 _____ () C:\Users\BiLo\Downloads\kav15.0.1.415de_6845.exe
2014-11-25 16:59 - 2014-11-25 17:00 - 01169232 _____ () C:\Users\BiLo\Downloads\Hotspot Shield VPN - CHIP-Installer.exe
2014-11-19 01:21 - 2014-11-19 01:21 - 00001243 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-11-19 01:19 - 2014-11-19 01:19 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2014-11-11 00:11 - 2014-11-11 00:12 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Curse Advertising
2014-11-11 00:09 - 2014-12-02 12:24 - 00000000 ____D () C:\Users\BiLo\AppData\Local\Deployment
2014-11-11 00:09 - 2014-11-11 00:09 - 00003116 _____ () C:\Windows\System32\Tasks\{CAD742E8-0262-4164-8779-7CE4BFAC32AE}
2014-11-11 00:09 - 2014-11-11 00:09 - 00000318 _____ () C:\Users\BiLo\Desktop\Curse Client.appref-ms
2014-11-11 00:09 - 2014-11-11 00:09 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-11-11 00:09 - 2014-11-11 00:09 - 00000000 ____D () C:\Users\BiLo\AppData\Local\Apps\2.0
2014-11-11 00:08 - 2014-11-11 00:08 - 00402696 _____ () C:\Users\BiLo\Downloads\setup(1).exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-04 12:32 - 2012-08-04 20:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-04 12:24 - 2014-09-16 20:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-04 12:22 - 2011-12-30 14:48 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Skype
2014-12-04 12:20 - 2014-08-13 19:35 - 00000000 ____D () C:\Users\BiLo\Documents\GenTool
2014-12-04 12:00 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-04 12:00 - 2009-07-14 05:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-04 11:57 - 2011-12-30 13:14 - 01768393 _____ () C:\Windows\WindowsUpdate.log
2014-12-04 11:51 - 2014-09-16 20:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-04 11:51 - 2012-08-04 23:38 - 00157822 _____ () C:\Windows\setupact.log
2014-12-04 11:51 - 2012-08-04 23:37 - 01481284 _____ () C:\Windows\PFRO.log
2014-12-04 11:51 - 2011-12-30 14:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-04 11:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-03 22:45 - 2009-07-14 18:58 - 00696832 _____ () C:\Windows\system32\perfh007.dat
2014-12-03 22:45 - 2009-07-14 18:58 - 00148128 _____ () C:\Windows\system32\perfc007.dat
2014-12-03 22:45 - 2009-07-14 06:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-03 22:38 - 2012-01-09 21:44 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\vlc
2014-12-03 22:38 - 2012-01-05 21:08 - 00000000 ____D () C:\Users\BiLo\AppData\Local\QuickPar
2014-12-03 19:25 - 2011-12-30 13:10 - 00000000 ____D () C:\Windows\Panther
2014-12-03 19:24 - 2014-05-15 16:53 - 00000000 ____D () C:\Program Files (x86)\Rr Savings
2014-12-03 19:24 - 2012-09-15 12:00 - 00000000 ____D () C:\temp
2014-12-03 18:24 - 2013-10-13 18:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-03 18:04 - 2014-06-19 23:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-03 15:20 - 2013-09-28 15:20 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-03 13:24 - 2014-05-15 16:51 - 00000000 ____D () C:\Program Files\002
2014-12-03 12:03 - 2013-12-10 21:34 - 00000000 ____D () C:\Users\BiLo\AppData\Local\Battle.net
2014-12-03 11:54 - 2013-05-03 20:28 - 00000000 ____D () C:\Windows\Minidump
2014-12-02 20:36 - 2009-07-14 05:45 - 00295680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-02 14:37 - 2012-02-26 14:34 - 00000000 ___RD () C:\Users\BiLo\Dropbox
2014-12-02 12:48 - 2014-05-24 20:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-02 12:28 - 2012-04-03 10:25 - 00000000 ____D () C:\Windows\pss
2014-12-02 12:24 - 2012-02-26 14:31 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Dropbox
2014-12-01 20:33 - 2012-08-04 20:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-01 20:33 - 2012-08-04 20:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-01 20:33 - 2012-01-02 00:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-01 19:54 - 2012-08-04 19:59 - 00228152 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisknl_del.sys
2014-12-01 19:54 - 2012-08-04 19:59 - 00228152 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kisknl.sys
2014-11-30 13:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-30 12:59 - 2013-02-15 21:22 - 00000000 ____D () C:\Users\BiLo\AppData\Local\LogMeIn Hamachi
2014-11-30 12:51 - 2014-09-16 20:07 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-30 02:38 - 2011-12-30 13:34 - 00000000 ____D () C:\Users\BiLo
2014-11-29 22:28 - 2014-09-16 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-29 22:28 - 2014-05-15 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2014-11-29 22:28 - 2014-04-09 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-11-29 22:28 - 2013-12-10 21:34 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Battle.net
2014-11-29 22:28 - 2013-11-29 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-11-29 22:28 - 2013-10-18 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-11-29 22:28 - 2013-10-06 22:18 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-11-29 22:28 - 2012-07-20 21:23 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WINEAS
2014-11-29 22:28 - 2012-07-04 08:53 - 00000000 __SHD () C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2014-11-29 22:28 - 2012-05-09 21:37 - 00000000 ____D () C:\Users\BiLo\Documents\Command and Conquer Generals Zero Hour Data
2014-11-29 22:28 - 2012-02-26 14:32 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-29 22:28 - 2012-02-22 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports
2014-11-29 22:28 - 2012-01-02 00:50 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-11-29 22:28 - 2012-01-02 00:48 - 00000000 ____D () C:\Windows\system32\Macromed
2014-11-29 22:28 - 2011-03-27 22:25 - 00000000 ____D () C:\NVIDIA
2014-11-29 22:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-29 22:24 - 2012-05-11 20:34 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-11-29 22:24 - 2012-01-05 09:28 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-11-29 22:24 - 2012-01-05 09:23 - 00000000 ____D () C:\ProgramData\Apple
2014-11-26 17:06 - 2012-12-14 12:22 - 00000000 ____D () C:\Users\BiLo\AppData\Local\Downloaded Installations
2014-11-26 17:06 - 2012-01-05 09:28 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-11-25 18:24 - 2012-07-04 08:53 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-11-25 18:23 - 2014-09-07 14:39 - 00000000 ____D () C:\ProgramData\UnifaGivhe
2014-11-25 17:22 - 2013-10-13 14:52 - 00262144 _____ () C:\Windows\system32\config\elam
2014-11-19 01:21 - 2012-08-17 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-11-19 01:21 - 2012-08-17 12:41 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-11-19 01:20 - 2012-08-17 12:40 - 00000000 ____D () C:\Users\BiLo\AppData\Roaming\DVDVideoSoft
2014-11-16 02:18 - 2014-09-16 20:06 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 02:18 - 2014-09-16 20:06 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-14 18:06 - 2012-02-26 14:34 - 00001013 _____ () C:\Users\BiLo\Desktop\Dropbox.lnk
2014-11-11 00:25 - 2012-08-04 19:59 - 00031592 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\kavbootc.sys
2014-11-06 14:24 - 2014-09-04 19:43 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
Files to move or delete:
====================
C:\ProgramData\dRUisk.dat
Some content of TEMP:
====================
C:\Users\BiLo\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed Code:
Exportierte Ereignisse:
04.12.2014 11:59 [Updater] Update erfolgreich durchgeführt
Update von Avira Free Antivirus auf Computer BILO-PC (192.168.178.54)
erfolgreich durchgeführt.
Folgende Dateien wurden von "hxxp://88.221.92.80/update" aktualisiert:
aevdf.dat 8.11.192.144
xbv00044.vdf 8.11.192.86
xbv00045.vdf 8.11.192.110
xbv00046.vdf 8.11.192.134
xbv00047.vdf 8.11.192.138
xbv00048.vdf 8.11.192.140
xbv00049.vdf 8.11.192.144
local000.vdf
04.12.2014 11:56 [Planer] Auftrag gestartet
Auftrag "Automatisches Update"
wurde erfolgreich gestartet.
04.12.2014 11:52 [Echtzeit-Scanner] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version:
VDF Version:
04.12.2014 11:52 [Hilfsdienst] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version: 8.3.26.28
VDF Version: 8.11.192.58
04.12.2014 11:51 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 14.0.7.310
03.12.2014 22:55 [Echtzeit-Scanner] Dienst gestoppt
Der Dienst wurde gestoppt.
03.12.2014 22:55 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
03.12.2014 21:26 [Echtzeit-Scanner] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version:
VDF Version:
03.12.2014 21:26 [Hilfsdienst] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version: 8.3.26.28
VDF Version: 8.11.192.58
03.12.2014 21:24 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 14.0.7.310
03.12.2014 21:20 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 14.0.7.310
03.12.2014 21:14 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 14.0.7.310
03.12.2014 21:12 [Echtzeit-Scanner] Dienst gestoppt
Der Dienst wurde gestoppt.
03.12.2014 21:12 [Planer] Dienst gestoppt
Der Dienst wurde gestoppt.
03.12.2014 21:04 [System-Scanner] Suche
Suchlauf beendet [Der Suchlauf wurde abgebrochen!].
Anzahl Dateien: 278246
Anzahl Verzeichnisse: 1547
Anzahl Malware: 0
Anzahl Warnungen: 0
03.12.2014 19:25 [Planer] Auftrag gestartet
Auftrag "Vollständige Systemprüfung"
wurde erfolgreich gestartet.
03.12.2014 18:57 [Updater] Update erfolgreich durchgeführt
Update von Avira Free Antivirus auf Computer BILO-PC (192.168.178.54)
erfolgreich durchgeführt.
Folgende Dateien wurden von "hxxp://77.67.96.248/update" aktualisiert:
aevdf.dat 8.11.192.58
xbv00042.vdf 8.11.190.56
xbv00043.vdf 8.11.192.58
local001.vdf
03.12.2014 18:51 [Planer] Auftrag gestartet
Auftrag "Automatisches Update"
wurde erfolgreich gestartet.
03.12.2014 18:05 [Echtzeit-Scanner] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version:
VDF Version:
03.12.2014 18:05 [Hilfsdienst] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version: 8.3.26.28
VDF Version: 8.11.190.32
03.12.2014 18:04 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 14.0.7.310
03.12.2014 18:01 [System-Scanner] Suche
Suchlauf beendet [Der Suchlauf wurde abgebrochen!].
Anzahl Dateien: 1898973
Anzahl Verzeichnisse: 41557
Anzahl Malware: 39
Anzahl Warnungen: 24
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\BiLo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\7e5d3dba-757001
95'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2012-4681.A2.Gen'
[exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7730a66c.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\BiLo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\9f7e333-19be844
f'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2012-4681.A2.Gen'
[exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5a68892e.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\BiLo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\4ca9867b-422a25
c5'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2012-0507' [exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0b7ce63e.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\BiLo\Downloads\microsoft-silverlight.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Graftor.151493.9' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '38ddf81b.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\BiLo\Downloads\generals zero hour map
hack__3515_i1331147066_il3114271.exe'
enthielt einen Virus oder unerwünschtes Programm 'Adware/Amonetize.kpa'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '47c9ca76.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\BiLo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\76a9fdc5-6f4d374
5'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2012-0507' [exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4356b2e4.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '158eee88.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei 'C:\AdwCleaner\Quarantine\C\ProgramData\Browser
Manager\2.5.911.18\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.crx.vir'
enthielt einen Virus oder unerwünschtes Programm 'TR/BProtector.Gen2' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1c8dea27.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\BiLo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\59634841-3f1d6cd
6'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2011-3544.A.113'
[exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50fc9785.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\BiLo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\77b40470-2d55b0
b8'
enthielt einen Virus oder unerwünschtes Programm 'TR/Agent.983.3' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '2f0b9ed5.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei
'C:\Users\BiLo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\32da63a7-4f5db0
04'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2010-0840.A.95'
[exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5eb0a74d.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei 'C:\Windows\SysWOW64\installd.exe'
enthielt einen Virus oder unerwünschtes Programm 'Adware/Amonetize.ges'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4921c00b.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei 'D:\Program Files\ÌÚѶÓÎÏ·\QQGame\Ermj\ermj.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Malob.FE.191' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '51a8efb0.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\BiLo\Downloads\microsoft-silverlight_setup.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen7'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7d59d524.qua'
verschoben!
03.12.2014 18:01 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\BiLo\Downloads\VideoConverterSetup.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen7'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1b6f9ae6.qua'
verschoben!
03.12.2014 13:46 [Planer] Auftrag gestartet
Auftrag "Vollständige Systemprüfung"
wurde erfolgreich gestartet.
03.12.2014 13:25 [System-Scanner] Suche
Suchlauf beendet [Der Suchlauf wurde abgebrochen!].
Anzahl Dateien: 0
Anzahl Verzeichnisse: 0
Anzahl Malware: 0
Anzahl Warnungen: 0
03.12.2014 13:24 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\BiLo\Desktop\Manager13.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7d27ae9e.qua'
verschoben!
03.12.2014 13:24 [System-Scanner] Suche
Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
Anzahl Dateien: 4910
Anzahl Verzeichnisse: 0
Anzahl Malware: 3
Anzahl Warnungen: 1
03.12.2014 13:24 [System-Scanner] Malware gefunden
Die Datei 'C:\Program Files\002\yewimmxqbs64.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/Adware.Gen' [adware].
Durchgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26003.
Die Datei konnte nicht gelöscht werden!
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Eine Instanz der ARK Library läuft bereits.
Der Registrierungseintrag
<HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\yewimmxqbs64\ImagePath>
wurde erfolgreich repariert.
Der Registrierungseintrag
<HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\yewimmxqbs64\ImagePath> wurde
erfolgreich repariert.
Der Registrierungseintrag
<HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\yewimmxqbs64\ImagePath> wurde
erfolgreich repariert.
03.12.2014 13:22 [Echtzeit-Scanner] Echtzeit-Scanner aktiviert
Echtzeit-Scanner wurde aktiviert.
03.12.2014 13:19 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\BiLo\Desktop\Manager13.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
03.12.2014 12:55 [Planer] Auftrag gestartet
Auftrag "Vollständige Systemprüfung"
wurde erfolgreich gestartet.
03.12.2014 12:54 [Updater] Update erfolgreich durchgeführt
Update von Avira Free Antivirus auf Computer BILO-PC (192.168.178.54)
erfolgreich durchgeführt.
Folgende Dateien wurden von "hxxp://88.221.92.80/update" aktualisiert:
aecore.dll 8.3.3.0
aegen.dll 8.1.7.36
aeheur.dll 8.1.4.1418
aeoffice.dll 8.3.1.8
aepack.dll 8.4.0.56
aerdl.dll 8.2.1.16
aescript.dll 8.2.2.32
aeexp.dll 8.4.2.48
aeset.dat 8.3.26.28
aedroid.dll 8.4.2.248
aemobile.dll 8.1.1.0
avnetflt.sys 14.0.7.248
avlode.rdf 14.0.4.50
avreg.yml 14.0.4.2
aevdf.dat 8.11.190.32
xbv00011.vdf 8.11.184.50
xbv00012.vdf 8.11.190.32
xbv00042.vdf 8.11.190.32
xbv00043.vdf 8.11.190.32
xbv00044.vdf 8.11.190.32
xbv00045.vdf 8.11.190.32
xbv00046.vdf 8.11.190.32
xbv00047.vdf 8.11.190.32
xbv00048.vdf 8.11.190.32
xbv00049.vdf 8.11.190.32
xbv00050.vdf 8.11.190.32
xbv00051.vdf 8.11.190.32
xbv00052.vdf 8.11.190.32
xbv00053.vdf 8.11.190.32
xbv00054.vdf 8.11.190.32
xbv00055.vdf 8.11.190.32
xbv00056.vdf 8.11.190.32
xbv00057.vdf 8.11.190.32
xbv00058.vdf 8.11.190.32
xbv00059.vdf 8.11.190.32
xbv00060.vdf 8.11.190.32
xbv00061.vdf 8.11.190.32
xbv00062.vdf 8.11.190.32
xbv00063.vdf 8.11.190.32
xbv00064.vdf 8.11.190.32
xbv00065.vdf 8.11.190.32
xbv00066.vdf 8.11.190.32
xbv00067.vdf 8.11.190.32
xbv00068.vdf 8.11.190.32
xbv00069.vdf 8.11.190.32
xbv00070.vdf 8.11.190.32
xbv00071.vdf 8.11.190.32
xbv00072.vdf 8.11.190.32
xbv00073.vdf 8.11.190.32
xbv00074.vdf 8.11.190.32
xbv00075.vdf 8.11.190.32
xbv00076.vdf 8.11.190.32
xbv00077.vdf 8.11.190.32
xbv00078.vdf 8.11.190.32
xbv00079.vdf 8.11.190.32
xbv00080.vdf 8.11.190.32
xbv00081.vdf 8.11.190.32
xbv00082.vdf 8.11.190.32
xbv00083.vdf 8.11.190.32
xbv00084.vdf 8.11.190.32
xbv00085.vdf 8.11.190.32
xbv00086.vdf 8.11.190.32
xbv00087.vdf 8.11.190.32
xbv00088.vdf 8.11.190.32
xbv00089.vdf 8.11.190.32
xbv00090.vdf 8.11.190.32
xbv00091.vdf 8.11.190.32
xbv00092.vdf 8.11.190.32
xbv00093.vdf 8.11.190.32
xbv00094.vdf 8.11.190.32
xbv00095.vdf 8.11.190.32
xbv00096.vdf 8.11.190.32
xbv00097.vdf 8.11.190.32
xbv00098.vdf 8.11.190.32
xbv00099.vdf 8.11.190.32
xbv00100.vdf 8.11.190.32
xbv00101.vdf 8.11.190.32
xbv00102.vdf 8.11.190.32
xbv00103.vdf 8.11.190.32
xbv00104.vdf 8.11.190.32
xbv00105.vdf 8.11.190.32
xbv00106.vdf 8.11.190.32
xbv00107.vdf 8.11.190.32
xbv00108.vdf 8.11.190.32
xbv00109.vdf 8.11.190.32
xbv00110.vdf 8.11.190.32
xbv00111.vdf 8.11.190.32
xbv00112.vdf 8.11.190.32
xbv00113.vdf 8.11.190.32
xbv00114.vdf 8.11.190.32
xbv00115.vdf 8.11.190.32
xbv00116.vdf 8.11.190.32
xbv00117.vdf 8.11.190.32
xbv00118.vdf 8.11.190.32
xbv00119.vdf 8.11.190.32
xbv00120.vdf 8.11.190.32
xbv00121.vdf 8.11.190.32
xbv00122.vdf 8.11.190.32
xbv00123.vdf 8.11.190.32
xbv00124.vdf 8.11.190.32
xbv00125.vdf 8.11.190.32
xbv00126.vdf 8.11.190.32
xbv00127.vdf 8.11.190.32
xbv00128.vdf 8.11.190.32
xbv00129.vdf 8.11.190.32
xbv00130.vdf 8.11.190.32
xbv00131.vdf 8.11.190.32
xbv00132.vdf 8.11.190.32
xbv00133.vdf 8.11.190.32
xbv00134.vdf 8.11.190.32
xbv00135.vdf 8.11.190.32
xbv00136.vdf 8.11.190.32
xbv00137.vdf 8.11.190.32
xbv00138.vdf 8.11.190.32
xbv00139.vdf 8.11.190.32
xbv00140.vdf 8.11.190.32
xbv00141.vdf 8.11.190.32
xbv00142.vdf 8.11.190.32
xbv00143.vdf 8.11.190.32
xbv00144.vdf 8.11.190.32
xbv00145.vdf 8.11.190.32
xbv00146.vdf 8.11.190.32
xbv00147.vdf 8.11.190.32
xbv00148.vdf 8.11.190.32
xbv00149.vdf 8.11.190.32
xbv00150.vdf 8.11.190.32
xbv00151.vdf 8.11.190.32
xbv00152.vdf 8.11.190.32
xbv00153.vdf 8.11.190.32
xbv00154.vdf 8.11.190.32
xbv00155.vdf 8.11.190.32
xbv00156.vdf 8.11.190.32
xbv00157.vdf 8.11.190.32
xbv00158.vdf 8.11.190.32
xbv00159.vdf 8.11.190.32
xbv00160.vdf 8.11.190.32
xbv00161.vdf 8.11.190.32
xbv00162.vdf 8.11.190.32
xbv00163.vdf 8.11.190.32
xbv00164.vdf 8.11.190.32
xbv00165.vdf 8.11.190.32
xbv00166.vdf 8.11.190.32
xbv00167.vdf 8.11.190.32
xbv00168.vdf 8.11.190.32
xbv00169.vdf 8.11.190.32
xbv00170.vdf 8.11.190.32
xbv00171.vdf 8.11.190.32
xbv00172.vdf 8.11.190.32
xbv00173.vdf 8.11.190.32
xbv00174.vdf 8.11.190.32
xbv00175.vdf 8.11.190.32
xbv00176.vdf 8.11.190.32
xbv00177.vdf 8.11.190.32
xbv00178.vdf 8.11.190.32
xbv00179.vdf 8.11.190.32
xbv00180.vdf 8.11.190.32
xbv00181.vdf 8.11.190.32
xbv00182.vdf 8.11.190.32
xbv00183.vdf 8.11.190.32
xbv00184.vdf 8.11.190.32
xbv00185.vdf 8.11.190.32
xbv00186.vdf 8.11.190.32
xbv00187.vdf 8.11.190.32
xbv00188.vdf 8.11.190.32
xbv00189.vdf 8.11.190.32
xbv00190.vdf 8.11.190.32
xbv00191.vdf 8.11.190.32
xbv00192.vdf 8.11.190.32
xbv00193.vdf 8.11.190.32
xbv00194.vdf 8.11.190.32
xbv00195.vdf 8.11.190.32
xbv00196.vdf 8.11.190.32
xbv00197.vdf 8.11.190.32
xbv00198.vdf 8.11.190.32
xbv00199.vdf 8.11.190.32
xbv00200.vdf 8.11.190.32
xbv00201.vdf 8.11.190.32
xbv00202.vdf 8.11.190.32
xbv00203.vdf 8.11.190.32
xbv00204.vdf 8.11.190.32
xbv00205.vdf 8.11.190.32
xbv00206.vdf 8.11.190.32
xbv00207.vdf 8.11.190.32
xbv00208.vdf 8.11.190.32
xbv00209.vdf 8.11.190.32
xbv00210.vdf 8.11.190.32
xbv00211.vdf 8.11.190.32
xbv00212.vdf 8.11.190.32
xbv00213.vdf 8.11.190.32
xbv00214.vdf 8.11.190.32
xbv00215.vdf 8.11.190.32
xbv00216.vdf 8.11.190.32
xbv00217.vdf 8.11.190.32
xbv00218.vdf 8.11.190.32
xbv00219.vdf 8.11.190.32
xbv00220.vdf 8.11.190.32
xbv00221.vdf 8.11.190.32
xbv00222.vdf 8.11.190.32
xbv00223.vdf 8.11.190.32
xbv00224.vdf 8.11.190.32
xbv00225.vdf 8.11.190.32
xbv00226.vdf 8.11.190.32
xbv00227.vdf 8.11.190.32
xbv00228.vdf 8.11.190.32
xbv00229.vdf 8.11.190.32
xbv00230.vdf 8.11.190.32
xbv00231.vdf 8.11.190.32
xbv00232.vdf 8.11.190.32
xbv00233.vdf 8.11.190.32
xbv00234.vdf 8.11.190.32
xbv00235.vdf 8.11.190.32
xbv00236.vdf 8.11.190.32
xbv00237.vdf 8.11.190.32
xbv00238.vdf 8.11.190.32
xbv00239.vdf 8.11.190.32
xbv00240.vdf 8.11.190.32
xbv00241.vdf 8.11.190.32
xbv00242.vdf 8.11.190.32
xbv00243.vdf 8.11.190.32
xbv00244.vdf 8.11.190.32
xbv00245.vdf 8.11.190.32
xbv00246.vdf 8.11.190.32
xbv00247.vdf 8.11.190.32
xbv00248.vdf 8.11.190.32
xbv00249.vdf 8.11.190.32
xbv00250.vdf 8.11.190.32
xbv00251.vdf 8.11.190.32
xbv00252.vdf 8.11.190.32
xbv00253.vdf 8.11.190.32
xbv00254.vdf 8.11.190.32
xbv00255.vdf 8.11.190.32
local000.vdf
webcat0.dat
webcat1.dat
webcat2.dat
webcat3.dat
webcat4.dat
repair.rdf 1.0.2.30
03.12.2014 12:54 [Echtzeit-Scanner] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version:
VDF Version:
03.12.2014 12:54 [Hilfsdienst] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version: 8.3.26.28
VDF Version: 8.11.190.32
03.12.2014 12:53 [Echtzeit-Scanner] Dienst gestoppt
Der Dienst wurde gestoppt.
03.12.2014 12:51 [Planer] Auftrag gestartet
Auftrag "update_after_installation"
wurde erfolgreich gestartet.
03.12.2014 12:51 [Planer] Auftrag gestartet
Auftrag "AVImmediateUpdateJobEx"
wurde erfolgreich gestartet.
03.12.2014 12:51 [Planer] Auftrag gestartet
Auftrag "AVImmediateUpdateJobEx"
wurde erfolgreich gestartet.
03.12.2014 12:51 [Planer] Auftrag gestartet
Auftrag "AVImmediateUpdateJobEx"
wurde erfolgreich gestartet.
03.12.2014 12:51 [Planer] Auftrag gestartet
Auftrag "AVImmediateUpdateJobEx"
wurde erfolgreich gestartet.
03.12.2014 12:51 [Planer] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version 14.0.7.310
03.12.2014 12:51 [Echtzeit-Scanner] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version:
VDF Version:
03.12.2014 12:51 [Hilfsdienst] Dienst gestartet
Der Dienst wurde gestartet.
Dienst Version: 14.0.7.310
Engine Version: 8.3.24.38
VDF Version: 8.11.180.188 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 03.12.2014
Scan Time: 18:25:38
Logfile: Malwarbyte.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.12.03.08
Rootkit Database: v2014.12.02.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7
CPU: x64
File System: NTFS
User: BiLo
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 324322
Time Elapsed: 55 min, 34 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 33
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\APPID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4}, Quarantined, [d59fcf8f63199a9c40e656898979619f],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{1DD31B76-C57E-49BA-94BC-BF53F0C82CD4}, Quarantined, [d59fcf8f63199a9c40e656898979619f],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1DD31B76-C57E-49BA-94BC-BF53F0C82CD4}, Quarantined, [d59fcf8f63199a9c40e656898979619f],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, Quarantined, [581ccc92e8945dd9945b3890c04247b9],
PUP.Optional.AdPeak.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10AD2C61-0898-4348-8600-14A342F22AC3}, Quarantined, [581ccc92e8945dd9945b3890c04247b9],
PUP.Optional.AdPeak.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10AD2C61-0898-4348-8600-14A342F22AC3}, Quarantined, [581ccc92e8945dd9945b3890c04247b9],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027}, Quarantined, [40342539e3997db9ad770bd4ba4854ac],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\TYPELIB\{D02E3AB9-7796-40cb-BDFC-20D834FE1F75}, Quarantined, [40342539e3997db9ad770bd4ba4854ac],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\INTERFACE\{FCB380C4-D350-44BE-8791-50216F4747AC}, Quarantined, [40342539e3997db9ad770bd4ba4854ac],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FCB380C4-D350-44BE-8791-50216F4747AC}, Quarantined, [40342539e3997db9ad770bd4ba4854ac],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{D02E3AB9-7796-40cb-BDFC-20D834FE1F75}, Quarantined, [40342539e3997db9ad770bd4ba4854ac],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\ASBarBroker.BDBroker.1, Quarantined, [40342539e3997db9ad770bd4ba4854ac],
PUP.Optional.Funshion, HKLM\SOFTWARE\CLASSES\ASBarBroker.BDBroker, Quarantined, [40342539e3997db9ad770bd4ba4854ac],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ASBarBroker.BDBroker, Quarantined, [40342539e3997db9ad770bd4ba4854ac],
PUP.Optional.Funshion, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ASBarBroker.BDBroker.1, Quarantined, [40342539e3997db9ad770bd4ba4854ac],
Trojan.Banker, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{975670D0-7EFB-4fa8-90FA-3AE575B9FB77}, Quarantined, [d79da8b65824b97d40530bd08a78619f],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [fa7a4c1247353ff79400fdcd06fc46ba],
Trojan.Cinmus, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A7F05EE4-0426-454F-8013-C41E3596E9E9}, Quarantined, [9cd857074d2f2f07428b6c86fb071ee2],
Adware.BDSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E5D5D4A1-17F0-41D7-B1C6-0979F91E6F46}, Quarantined, [a4d01c4297e57db9512f27bb02001be5],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, Quarantined, [522264facdafeb4b5b94a0c024dfec14],
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\rrsavings, Quarantined, [f67ea4ba5329e056b8d97bf642c19769],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Quarantined, [84f01a449be104323b6e2c3b6e957090],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Quarantined, [a6cef866b3c934029a9922985aaa0ff1],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [fd77aeb0ed8f39fda54368e19f649868],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\RrSavings, Quarantined, [0470510dcfade5519003531e689b20e0],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, Quarantined, [0074025c3e3e32048104b79f3ac916ea],
PUP.Optional.PassShow.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PassShow, Quarantined, [3143bba3cab249ed31b956f5679c2ed2],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Rr Savings, Quarantined, [561ef5691864ab8b6134234eac57a957],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\rrsavings, Quarantined, [393b4e10a5d7cf675c382e439c67d32d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [95dfa2bc73097bbbbd678ef6fa09d030],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [a0d4510df6862115dd6ba7f38a7a44bc],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT, Quarantined, [185ced71d9a3d264521a275caf5431cf],
PUP.Optional.SnapDo.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, Quarantined, [77fdafafdf9dbe785fafaed6c2410ef2],
Registry Values: 5
PUP.Optional.FreeMakeConverter.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|fmconverter@gmail.com, C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\, Quarantined, [7ef60c527903e155b125024647bc2ad6]
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\BiLo\AppData\Roaming\Mozilla\Firefox\Profiles\08vv59hj.default\extensions\faststartff@gmail.com, Quarantined, [c9ab520c681469cdfc514079df25a759]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1N1M, Quarantined, [a0d4510df6862115dd6ba7f38a7a44bc]
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT|Install, 1, Quarantined, [185ced71d9a3d264521a275caf5431cf]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, SnapdoOCYB, Quarantined, [77fdafafdf9dbe785fafaed6c2410ef2]
Registry Data: 2
PUP.Optional.Snapdo, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=b39a96f0-04d5-429d-b1bc-6f02906a0b48&searchtype=ds&q={searchTerms}&installDate={installDate}, Good: (www.google.com), Bad: (hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=b39a96f0-04d5-429d-b1bc-6f02906a0b48&searchtype=ds&q={searchTerms}&installDate={installDate}),Replaced,[b2c21747a5d7f0466d5078e6ef168080]
PUP.Optional.Snapdo, HKU\S-1-5-21-2015670880-1155494743-3860310727-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=b39a96f0-04d5-429d-b1bc-6f02906a0b48&searchtype=ds&q={searchTerms}&installDate={installDate}, Good: (www.google.com), Bad: (hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=b39a96f0-04d5-429d-b1bc-6f02906a0b48&searchtype=ds&q={searchTerms}&installDate={installDate}),Replaced,[4a2a530b98e47cba407f85d929dcd927]
Folders: 25
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, Quarantined, [71031b436f0d8ea877ff411c17ec718f],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\index-dir, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\databases, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\GPUCache, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Local Storage, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\040C5D034F2147B8A1A3EFBCA8975AA4, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\0702E43377EF4C39A11655C93B0B5365, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\0D26091890DC4E71AF268DB8C8FFD51B, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\5A465C0BD5D94A7F9E5DD6FFA88D7FD6, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\9D5D9AD0B35941DABF2925943CCCABE2, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\BBA7E62D20A4480B896E336F9AE694C3, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.SearchGolTB.A, C:\Users\BiLo\AppData\Local\Temp\mt_ffx\searchgol, Quarantined, [056f9cc20a72a98dbb2fe62dea19817f],
PUP.Optional.SearchGolTB.A, C:\Users\BiLo\AppData\Local\Temp\mt_ffx\searchgol\searchgol, Quarantined, [056f9cc20a72a98dbb2fe62dea19817f],
PUP.Optional.SearchGolTB.A, C:\Users\BiLo\AppData\Local\Temp\mt_ffx\searchgol\searchgol\1.8.16.19, Quarantined, [056f9cc20a72a98dbb2fe62dea19817f],
PUP.Optional.Extutil.A, C:\Users\BiLo\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Quarantined, [2d47a4ba8eee42f4ca38909b976cde22],
PUP.Optional.Managera.A, C:\Users\BiLo\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Quarantined, [db9978e657252c0a0ff4b477986bed13],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Quarantined, [8ce8b7a77c006ccaac6643e8c24131cf],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, Quarantined, [8ce8b7a77c006ccaac6643e8c24131cf],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [8ce8b7a77c006ccaac6643e8c24131cf],
PUP.Optional.GlobalUpdate.A, C:\Users\BiLo\AppData\Local\Temp\comh.456248, Quarantined, [294b2c32adcf90a648b80e1fb94ade22],
Files: 219
PUP.Optional.AdPeak.A, C:\Program Files (x86)\Rr Savings\RrSavings.dll, Quarantined, [581ccc92e8945dd9945b3890c04247b9],
PUP.Optional.PCFixSpeed.A, C:\Users\BiLo\AppData\Roaming\OpenCandy\0702E43377EF4C39A11655C93B0B5365\SearchGolTB.exe, Quarantined, [f67e1c42146857dfe85a1baf7b89b64a],
PUP.Optional.SearchProtect.A, C:\Users\BiLo\AppData\Roaming\OpenCandy\0D26091890DC4E71AF268DB8C8FFD51B\sp-downloader.exe, Quarantined, [88ec09551a6269cd32679409b8493bc5],
PUP.Optional.OpenCandy.A, C:\Users\BiLo\AppData\Roaming\OpenCandy\5A465C0BD5D94A7F9E5DD6FFA88D7FD6\LatestDLMgr.exe, Quarantined, [5b193a240b711224bbb27cace81938c8],
PUP.Optional.AdPeak.A, C:\temp\t.msi, Quarantined, [7ff54c120775de5884610c2638cd649c],
PUP.Optional.BundleInstaller.A, C:\Users\BiLo\Downloads\Setup (1).exe, Quarantined, [bbb9da84a5d71f177bdfb86c2bd58080],
PUP.Optional.BundleInstaller.A, C:\Users\BiLo\Downloads\Setup (2).exe, Quarantined, [89eb0559dca035010d4d93915da37f81],
PUP.Optional.Bundlore, C:\Users\BiLo\Downloads\setup (3).exe, Quarantined, [581c194516661a1c7cd4d3451fe623dd],
PUP.Optional.BundleInstaller.A, C:\Users\BiLo\Downloads\Java.exe, Quarantined, [ec88530b6c1055e142ec43f968998080],
PUP.Optional.OpenCandy, C:\Users\BiLo\Downloads\FreemakeVideoConverterSetup_4.0.0.9.exe, Quarantined, [1064b8a6403cc6702d8565c47d8452ae],
PUP.Optional.Spigot, C:\Users\BiLo\Downloads\YTD483Setup.exe, Quarantined, [8ee6f569e29ad85ed33efabd13ee15eb],
PUP.Optional.Bandoo, C:\Users\BiLo\Downloads\iLividSetup-r394-n-bc (1).exe, Quarantined, [2054eb73700c45f1ac0cbf66cd3436ca],
PUP.Optional.Bandoo, C:\Users\BiLo\Downloads\iLividSetup-r394-n-bc.exe, Quarantined, [79fb82dc45375dd97d3b68bd788941bf],
PUP.Optional.AdPeak.A, C:\Windows\Installer\267ded.msi, Quarantined, [84f029350b712610e40151e135d011ef],
PUP.Optional.SmartBar.A, C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage, Quarantined, [cca86af486f6221439d9083dcc3729d7],
PUP.Optional.SmartBar.A, C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage-journal, Quarantined, [284c5e00bfbde551b35f68dde1228b75],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, Quarantined, [71031b436f0d8ea877ff411c17ec718f],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, Quarantined, [71031b436f0d8ea877ff411c17ec718f],
PUP.Optional.LiveLyrics.A, C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage, Quarantined, [3440510d4e2e7db9e7849bcfcb38a35d],
PUP.Optional.LiveLyrics.A, C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage-journal, Quarantined, [007495c9bfbdf73f81eaa9c1e320d32d],
PUP.Optional.Trovi.A, C:\Users\BiLo\AppData\Roaming\Mozilla\Firefox\Profiles\08vv59hj.default\searchplugins\trovi-search.xml, Quarantined, [383c273746363ff7f4763b318b78c13f],
PUP.Optional.LiveLyrics.A, C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage, Quarantined, [e68ed18db6c686b0511b1656986b01ff],
PUP.Optional.LiveLyrics.A, C:\Users\BiLo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage-journal, Quarantined, [d99b045acfadab8b29432e3e28db867a],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\QuotaManager-journal, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\cookies, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\cookies-journal, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\QuotaManager, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\website.ico, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\0391508644c19a21_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\0eccbae11a6f5ecb_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\0f33e409dd0fc209_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\1041015f9233625e_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\10ba1a6dd717f76d_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\11e6110ae031549d_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\11f0fb0b13525c35_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\1891c3c199143c01_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\192a5edd7f4ae77a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\1aa0282fbbc6c50a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\1e3d6418f83d7f4f_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\209ca589b30e27b7_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\2389bacb72342bfe_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\239a90dfaf073813_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\659b5cfc7ccacedb_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\66dae7ea99dcbbd8_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\68868552a17a5984_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\6b8ccb2ff592fc29_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\6da5d3816808bf54_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\6e7ce84851014eac_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\6f7767bba8cebab3_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\75ec5f93c9bf6544_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\76c4b88915132c62_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\76e88df581d162b5_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\7790e844b0e98891_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\79198261be8cb252_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\7999e89c947ac08f_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\b289f232b5094c1c_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\b44ca478bf0353cb_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\b903affd77be6a11_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\baaad00a0230e1dd_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\bc224dc2f5365a88_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\bc347c170e05ff2f_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\c200eb68ce03bf0a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\c4b917d6c89772e6_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\c4ca34fbacccadb8_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\c54bf716db823006_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\c5d01da770880359_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\c7b80a13452fff3c_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\c8204462e6bd29c4_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\ca4db7f4e93c2dd2_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\ca8ae2f624c115e5_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\caeb5db39065b322_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d8569788d42812d8_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\dadd80d281d6eec9_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\db959369648d3451_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\dd05cf2d49253455_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\de858106cfc34604_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\ded9bf09be938bb0_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\e03f65034b6fcd49_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\e100c1b18b143ef8_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\e10a40d9d051ce22_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a0057a458f3dc559_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a129eef5058dde79_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a1d231c44b98e792_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a24338160301e511_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a27f6a71a3315605_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a293429572645627_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a33a6df31c300466_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a3d0400f409d65c9_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a49df59ac523a5b2_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a61068ce16a656c5_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a682a844981d4e40_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\a92ae4bf84941533_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\ad6a43c509b8b414_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\aecb82ebbbe91493_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\b009d14dab9621d7_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\32c15340f0117e9a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\3353c0a29260a0dd_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\346325161b82b112_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\358b1f8a07d41dc3_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\3679240fe3115f35_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\3736e4c0cf5a8c1e_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\38e0e004ba8628f7_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\45e3212b34078829_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\46ed3a4430cde43a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\4777820e2f4ff78a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\47cff2ba15008159_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\48602aaf0de52c18_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\4969095fb6cc2208_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\4b31449684928a10_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\e1e806fb78245513_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\7b4e32d5a96e1de8_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\7c000d76bf1f0157_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\7c55d307fe43e78a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\7d8baeb5fa0fb7aa_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\7fc3efd97363b9d1_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\84dfd86f57110d6e_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\86cd43f2d0bae84b_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\8a2abd4eed83e9d6_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\8a89305e64fa0dc3_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\8b26da64eb9f82de_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\cc1ccafa24e33b87_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\cc3ef367bd642e8a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\ce8c46a231163cc8_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\cf2dacb2ef4a2549_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\cfef3b34cc1f66b9_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d0589bdc5c45ae41_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d14ca16812c9d3fd_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d1dfc9baf114f551_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d3a28080e4dea391_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d470a03b87f18464_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d5032bd60a53fcde_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d5c9d2590e7af9ea_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d637438e2a06492b_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d681aebf460cb29b_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\d853bbd0688c803d_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\4d20553ff9d3edf4_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\4daf3cbc2c7e199f_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\4db07c6a773edb3f_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\4fc8ebc30a2a5f62_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\50b6f6dedd814b4a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\531ad77db1fe86a4_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\5396f746cdc60618_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\56d8c1ba67f4bc12_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\58356a09f280edf5_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\589ee6c1bbbdb758_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\59b8977b859685e3_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\59e45516295f8e4c_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\5b7417275fbe29e4_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\5e25a1f3929f7e99_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\5ed1cb2ed3d4503d_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\62e27f935b9bf95b_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\6310b9b27313c4b3_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\63d4dfeb795e6004_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\239da1c9375f3222_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\259c6aa627803dae_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\25aba580c575808f_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\25c1ed2fe28df335_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\264b294c7ddba978_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\27e9e90e0dadb275_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\28b0dc98176c4830_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\2984cb4670d75438_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\2a2edbda263790c6_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\2ad8a646a82ac751_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\2ae4c6c7a9b3ec27_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\2b983046aa68280a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\2c04bbf443eae70c_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\2de558d6e537e61a_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\2f607f41aafa33fe_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\315a39b606bc4359_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\327e2f346370c855_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\8f0b0ac7676862f1_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\91a501b48ee2cb0b_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\954b9c606802895e_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\96a4a3fc8559cc07_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\96aed09277c30d8d_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\97dd353c55aff7f8_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\980660044736b96e_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\991f99ca63e7f220_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\9afb5765bdd6ea37_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\9bbb19db0be626a7_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\9bc7f4ee83c20677_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\9d66c6f9938a5160_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\9f9647c4aef2deb8_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\e4e348cd9411aae4_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\e8e2ce151826761e_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\e93f9019765cdcb6_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\ebfd932e35eb1606_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\f223eb2ed0c26c31_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\f36136a75620219e_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\f58f2d29be04132c_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\index, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Cache\index-dir\the-real-index, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\databases\Databases.db, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\databases\Databases.db-journal, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\GPUCache\data_0, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\GPUCache\data_1, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\GPUCache\data_2, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\GPUCache\data_3, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\GPUCache\index, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\000005.bak, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\000005.ldb, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\000006.log, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\CURRENT, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\LOCK, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\LOG, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\LOG.old, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\MANIFEST-000004, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Local Storage\file__0.localstorage, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.Gameo.A, C:\Users\BiLo\AppData\Local\Gameo\Local Storage\file__0.localstorage-journal, Quarantined, [007466f8760625114d7ea90c49bbfa06],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\040C5D034F2147B8A1A3EFBCA8975AA4\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\5A465C0BD5D94A7F9E5DD6FFA88D7FD6\3209.ico, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\5A465C0BD5D94A7F9E5DD6FFA88D7FD6\speedupmypcDE.exe, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\5A465C0BD5D94A7F9E5DD6FFA88D7FD6\speedupmypcDE_p2v0.exe, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\9D5D9AD0B35941DABF2925943CCCABE2\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\BBA7E62D20A4480B896E336F9AE694C3\3709.ico, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\BBA7E62D20A4480B896E336F9AE694C3\Installer.exe, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.OpenCandy, C:\Users\BiLo\AppData\Roaming\OpenCandy\BBA7E62D20A4480B896E336F9AE694C3\OCBrowserHelper_1.0.6.124.exe, Quarantined, [0272db83d0ac0f271325a271f0138a76],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-08-30[15-39-47-865].log, Quarantined, [8ce8b7a77c006ccaac6643e8c24131cf],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Quarantined, [8ce8b7a77c006ccaac6643e8c24131cf],
Physical Sectors: 0
(No malicious items detected)
(end)
ISt mein PC noch zu retten? :D
PS: Avira habe ich nicht komplett durchlaufen lassen |