hi,
nochmal danke :)
ich habe alle Schritte befolgt.
Hier sinf die Dateien:
JRT:
[CODE~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Lilli on 17.05.2014 at 13:16:43,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-911180625-3269783793-1203979783-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{04B54908-EC88-4F39-A83A-8FC1668C2337}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{0C56E6FB-D4B3-4366-8F5F-5345CAA14B63}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{0C810D89-9870-4A8A-8552-18CBF732F372}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{0EACD146-8697-4B8E-8461-7AB65476CF22}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{0F9C7BCE-5EBD-4D25-A6D5-10EF598D116A}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{15A41C0D-5A32-4141-A33B-1B7FDFF85FF3}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{174D9C3F-DEB1-44D2-98B7-28D2834423F4}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{19F7D6C0-1332-4E1D-AF1E-DBBF9EDD162D}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1B4C9989-15F5-4391-AB65-7EC93CE627D0}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1EDCBA88-3D5C-4EFC-8844-E41B75E79CD2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1F142ADE-DE90-47C5-A4DB-FA485FDBAB46}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1F6BE731-94E0-4CA0-8EBF-FA5A7B47AD68}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1F89FDC4-AA0B-4477-821B-0823627765BD}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{21084397-E3E8-444F-85AF-3500A9A11823}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{27BF8381-6E97-4084-B169-70C82C82EEBC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{28410C58-B822-4D85-AE0B-35AB955C2EF2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{2872C590-E17A-41A3-A11A-044B7ACF3627}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{292392BE-3CB7-46FE-9139-E5EC3FC69ABB}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{29FF83FE-B3E6-46ED-9CFF-87D2A7218537}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{2BE9EBC2-B778-44FA-AD78-4047133D6BEE}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{30ECA150-23A7-4E05-BB12-F14D642F25FF}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{318E78CC-742C-4B1C-843B-811C559740F6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3571CA3A-4A4A-4C04-8076-98500656C4A6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{38ED45FD-A4B9-4EB4-963E-BE7F1AAD0696}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3A595D8D-3F90-4773-B56D-AEC65BE141E2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3C32B959-CDAF-4BE4-BD33-DBE163E33DBD}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3D4EE77D-66AA-488C-BDA7-D172F2ADE901}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3D7382D0-FE9B-42FA-9BDA-7A037AE4CA7E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{44E03A49-04C7-4AEA-ACA3-1CB516DC9EEF}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{4D32D4D0-09F1-4222-B986-00CF80A8C66C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{4F245DEB-01DF-475C-8556-B6A7CCACF865}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{50DB5F72-0C79-4E53-8FD9-06567A4484B8}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{51AA31EF-C774-4364-A2C1-1A1D084F87EC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{53F21FE2-E888-4E9B-9397-3A4ED5AA8967}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{564D3780-7CFB-4E13-B98E-EAD7E60D1B02}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{59054F41-2EEB-43A8-96C4-A39A97807CB9}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{5A4E21D5-8816-4F22-B3FE-8C6D633037D4}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{5B6556B9-F671-45E3-AAE8-A6DD04588F9F}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{5E124A82-6407-4F3F-B07C-70BFD9162C55}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{60EE4F86-F924-4869-9BEF-3CCC31CEE202}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{65F03133-7D26-4F50-9E02-C62642AC2ACC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{65FB327C-7E6A-4251-9DB4-B45EFED92CC2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{66E2785D-E397-410F-A11E-AF303C39EF0B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{67E4842E-DC60-4572-AC6F-4226ED1A0DC6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{691C4F6E-D53E-4F50-B963-88B36B63CACF}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{698845F6-326E-4840-8936-F69041A5F271}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6DC9EE75-CA94-4712-9A03-CCEAB3E794A2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6E70E55A-F059-43A9-BDEA-60BF301FD897}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6EC4507D-CF2C-41DF-AF87-8F88444D343E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6F72E574-C6B4-4D5A-8EC1-D0109AF4652C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6FB24C19-89B6-46F3-94B9-2A1C94D5413A}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{70AC88A9-4053-4CC4-8F38-D1F0418E2134}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{7177E225-3305-42EA-8A14-125FFB24C910}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{71A5B54C-FD21-47AE-BD80-A494EBE473A0}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{73012AFA-4F09-45C5-96F9-F9579316261C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{751881EA-48F1-4B66-8C0F-2FFEE602F0F6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{763D412C-9788-4BB4-8E9F-E7D370DFE1EB}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{773DE21D-9AEB-4C9B-9F65-AD0A49BC829E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{7C704362-49EF-4AB9-BB64-F88D7CB9F50B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{7CFCA3C3-404A-411F-8FF3-053FE037AB8A}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{825CB49A-0D0B-4A47-9672-63875A5CFAAC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{847F8D5E-D65A-4320-B81C-7853444212A2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{86368793-0886-46AD-ADAF-BA3AB205ADB3}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{86F0B484-75E3-4995-B36B-60E8FDFF67C6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{8893D5DF-00F9-409D-A6D0-3EC955843660}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{8DD71A5A-D404-407A-A7BC-A9797BFA5E62}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{8F021E3D-8E2B-43D2-A5D0-BC8FC707081C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{905C9616-238B-4B13-92DC-E35FA84D522A}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{90B13D3E-E6AE-4C16-8A8A-11DDBAA8AD5F}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{91E25DC5-9E86-4D35-9E71-8C18C63591DD}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9277FA21-F06A-4170-B5A6-0B114EDFDDCC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9379DC5A-0217-45EA-A1FE-C9D083B69E6E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{93D00A86-A482-4BB7-B819-4EF35626AE86}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9803B821-7443-4C47-8385-A72B0862CEC9}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9AEE4948-11A6-4D00-993D-A802DD532919}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9BF07C39-A5D7-40C5-9651-1ECD3454B388}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9C22FA4F-7D52-463F-B7A3-4D9D85E359F1}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9CA8E1CE-8CEC-4943-B8EF-4F975A33DC08}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9EB4FD12-2A99-433E-86FF-FE58CB7A87A0}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A019439D-6FEB-4966-8152-FC1D0E3B48DC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A24940DF-65D0-4DE9-96E9-44E3179BD151}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A4C0058D-230F-4DC2-BA82-472412573F71}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A6CB6B13-2FC4-40F3-9A9D-A53593AD9557}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A6DCCC5C-E8C7-4777-8C06-373677F6111E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A7E8B1B5-61FB-4AE2-90AE-3F2EDFB3011F}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A89B7E57-CE30-4B13-BC65-95C6BC69E864}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A9A551D3-2BCA-493E-A6E3-5946CE87F543}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{AA24F787-EE4D-440F-8FA3-3A8C7B515127}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{B12F622D-D53E-4212-9AF4-D6FE55B81398}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{B74F2FEA-9028-40B6-A3EB-AEC51AFBDE8B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{BB94360A-DD3A-4231-AD41-48141AC00E70}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{BFDA0B0B-45F4-49FC-AB6E-655125EBDC43}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C08AC6B1-FB25-4896-976F-D33DB11ABF88}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C10B678E-31B7-4C93-A9E2-BC97A9B80660}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C282E876-F42F-4EF0-B66E-4BFD3A6E358E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C44BB77C-A229-4C2B-91F8-04099291EAFC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C62FD3B8-05F1-46F5-9094-9CC19C61DC00}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C7890C36-6127-40FC-A3C0-FEDDF052C1D8}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C913ACF1-767F-4FAD-B51E-B85F0CAA6F46}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C917B558-1EEE-4E93-8E2E-596E60CAC7A1}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C93116D4-194C-4389-9E9F-73888927F254}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{CE69E7E7-CAB1-4616-A619-11CCC3310D69}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{CFB73C0A-29D9-46E2-8C0F-4AE7A44BD18D}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{D2562926-8CCB-4118-B7DE-4A1CBA4A24AC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{D47B4054-ECD4-4155-937B-C6DA22CA32EA}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{D5D65BB9-8375-4863-9308-08A02DA33915}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{D8F4ED58-2917-4592-954A-1F21EA794462}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{DB63269E-9EEF-497E-B1F6-266B60FB39C2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{DD8BE8F0-4628-4EEF-A54F-E15DD7D06564}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{DEAE35E3-ADDC-4BCF-AFF0-64F4FD6D9161}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E0092BE8-134A-4552-B174-2353A6403FB3}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E1BDD095-0337-4F2A-8977-8D5AE6936E62}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E2B64A7F-3A48-4B18-81C3-4605AD665090}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E67AD5F1-9732-4400-8A59-8B12D3A950BF}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E8D3EDDD-1022-4875-A047-C520A80CF75C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{EE71421B-AC6E-4E93-93D3-333930E686B0}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{EFFBB71D-C8F7-4587-AA1F-7E88EFEEA47D}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F04A7C1D-99A0-419A-8B67-FB81F9B11B1B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F21C8015-629D-4886-AA2B-4565ECBEB684}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F2B9F81D-92CA-417B-B716-10D85B225843}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F2BC9799-8574-48AC-B771-A92D307AB636}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F4445738-BC6C-4EB8-8A19-72C1AADD67BE}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F4DE842E-E191-4645-9740-09809FBBC25B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F7F0C951-292A-4771-BAD7-DE8B9DB293CA}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{FE3AE9A1-B18D-46ED-90AE-ED7177DF81A7}
~~~ FireFox
Emptied folder: C:\Users\Lilli\AppData\Roaming\mozilla\firefox\profiles\t3peefvj.default\minidumps [31 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Lilli\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.05.2014 at 13:29:51,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
][/CODE]
FRST:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Lilli (administrator) on LILLIS_LAPTOP on 17-05-2014 13:30:32
Running from C:\Users\Lilli\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\DigitalLifeboat\DLB Loader\DLBLoader.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-11-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-11-14] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [947360 2011-07-05] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [797344 2011-07-05] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-22] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [500736 2011-05-02] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKU\S-1-5-21-911180625-3269783793-1203979783-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2011-09-04] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DLB Loader.lnk
ShortcutTarget: DLB Loader.lnk -> C:\Windows\Installer\{CFA77064-3070-40BF-88E3-DCF7682D1B29}\_A310FB6049852E2435C75B.exe ()
Startup: C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
Startup: C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=APN10374&gct=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120505184210.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120505184210.dll No File
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\Extensions\adblockpopups@jessehakanen.net [2013-08-16]
FF Extension: Snap.Do - C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\Extensions\{1b5ca732-84d5-2d3b-62ad-6fddd9f40179} [2014-03-29]
FF Extension: BargainJoy - C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\Extensions\{74fa6b20-2ae6-4584-a4fd-4ac734f8d210} [2013-09-14]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-08-15]
FF Extension: Adblock Plus - C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-03]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchProvider: Web
CHR DefaultSearchURL: hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=1b5ca732-84d5-2d3b-62ad-6fddd9f40179&searchtype=ds&q={searchTerms}&installDate=11/12/2013
CHR DefaultNewTabURL:
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-11-02]
CHR Extension: (Google Wallet) - C:\Users\Lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-02-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-07-05] (Atheros)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [111776 2011-08-25] (Atheros Communication Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [260768 2011-11-30] (Sony Corporation)
R2 uCamMonitor; c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [894624 2011-09-01] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-15] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R2 risdsnpe; C:\Windows\System32\DRIVERS\risdsnxc64.sys [98816 2011-06-23] (REDC)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-17 13:30 - 2014-05-17 13:30 - 00000000 ____D () C:\Users\Lilli\Desktop\FRST-OlderVersion
2014-05-17 13:29 - 2014-05-17 13:29 - 00014429 _____ () C:\Users\Lilli\Desktop\JRT.txt
2014-05-17 13:16 - 2014-05-17 13:16 - 00000000 ____D () C:\Windows\ERUNT
2014-05-17 13:15 - 2014-05-17 13:16 - 01016261 _____ (Thisisu) C:\Users\Lilli\Desktop\JRT.exe
2014-05-17 13:11 - 2014-05-17 13:11 - 00000000 ___RD () C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-17 13:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-17 13:06 - 2014-05-17 13:09 - 00000000 ____D () C:\AdwCleaner
2014-05-17 13:05 - 2014-05-17 13:06 - 01325827 _____ () C:\Users\Lilli\Desktop\adwcleaner_3.208.exe
2014-05-17 13:01 - 2014-05-17 13:01 - 00001950 _____ () C:\Users\Lilli\Desktop\mbam.txt
2014-05-17 12:15 - 2014-05-17 13:13 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 12:14 - 2014-05-17 12:14 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 12:14 - 2014-05-17 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 12:14 - 2014-05-17 12:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 12:14 - 2014-05-17 12:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 12:14 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-17 12:14 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-17 12:14 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-17 12:11 - 2014-05-17 12:12 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lilli\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-16 03:12 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 03:12 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 03:12 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 03:12 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 03:12 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 03:12 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 22:16 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 22:16 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 22:16 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 22:16 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 22:14 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 22:14 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 22:14 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 22:14 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 22:14 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 22:14 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 22:14 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 22:14 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 22:14 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 22:14 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 22:14 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 22:14 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 22:14 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 22:14 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 22:14 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 22:14 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 22:14 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 22:14 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 22:14 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 22:14 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 22:14 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 22:14 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 22:14 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 22:14 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 22:14 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 22:14 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 22:14 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 22:14 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 22:14 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 22:14 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 20:15 - 2014-05-13 20:15 - 00024800 _____ () C:\Users\Lilli\Desktop\Combofix.txt
2014-05-13 20:10 - 2014-05-13 20:10 - 00024800 _____ () C:\ComboFix.txt
2014-05-13 19:55 - 2014-05-13 20:10 - 00000000 ____D () C:\Qoobox
2014-05-13 19:55 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-13 19:55 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-13 19:55 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-13 19:55 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-13 19:55 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-13 19:55 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-13 19:55 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-13 19:55 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-13 19:54 - 2014-05-13 20:07 - 00000000 ____D () C:\Windows\erdnt
2014-05-13 19:53 - 2014-05-13 19:53 - 05200050 ____R (Swearware) C:\Users\Lilli\Desktop\ComboFix.exe
2014-05-13 19:25 - 2014-05-13 19:25 - 00001264 _____ () C:\Users\Lilli\Desktop\Revo Uninstaller.lnk
2014-05-13 19:25 - 2014-05-13 19:25 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-13 19:24 - 2014-05-13 19:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lilli\Desktop\revosetup95.exe
2014-05-12 22:23 - 2014-05-12 22:23 - 00007696 _____ () C:\Users\Lilli\Desktop\Gmer.txt
2014-05-12 21:56 - 2014-05-12 21:56 - 00380416 _____ () C:\Users\Lilli\Desktop\Gmer-19357.exe
2014-05-12 21:55 - 2014-05-12 21:58 - 00055733 _____ () C:\Users\Lilli\Desktop\Addition.txt
2014-05-12 21:54 - 2014-05-17 13:30 - 00019840 _____ () C:\Users\Lilli\Desktop\FRST.txt
2014-05-12 21:53 - 2014-05-17 13:30 - 02067456 _____ (Farbar) C:\Users\Lilli\Desktop\FRST64.exe
2014-05-12 21:53 - 2014-05-17 13:30 - 00000000 ____D () C:\FRST
2014-05-12 21:52 - 2014-05-12 21:52 - 00050477 _____ () C:\Users\Lilli\Desktop\Defogger.exe
2014-05-12 21:52 - 2014-05-12 21:52 - 00000472 _____ () C:\Users\Lilli\Desktop\defogger_disable.log
2014-05-12 21:52 - 2014-05-12 21:52 - 00000000 _____ () C:\Users\Lilli\defogger_reenable
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 20:57 - 2014-05-12 20:58 - 00282936 _____ () C:\Windows\Minidump\051214-44959-01.dmp
2014-05-12 20:55 - 2014-05-12 21:01 - 00001113 _____ () C:\Users\Lilli\Desktop\BUFFALO NAS Navigator2.lnk
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\Users\Lilli\Documents\NasNavi
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\Users\Lilli\AppData\Roaming\NASNaviator2
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BUFFALO
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\Program Files (x86)\BUFFALO
2014-05-11 19:21 - 2014-05-11 19:21 - 00290488 _____ () C:\Windows\Minidump\051114-35256-01.dmp
2014-05-06 20:55 - 2014-05-06 20:55 - 00000000 __SHD () C:\Users\Lilli\AppData\Local\EmieUserList
2014-05-06 20:55 - 2014-05-06 20:55 - 00000000 __SHD () C:\Users\Lilli\AppData\Local\EmieSiteList
2014-05-06 17:37 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 17:37 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-06 17:37 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-06 17:37 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-06 17:37 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-06 17:37 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-06 17:37 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-06 17:37 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-06 17:37 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-06 17:37 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-06 17:37 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-06 17:37 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 17:37 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-06 17:37 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-06 17:37 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-06 17:37 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-06 17:37 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-06 17:37 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 17:37 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-06 17:37 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-06 17:37 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-06 17:37 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-06 17:37 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-06 17:37 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-06 17:37 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-06 17:37 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-06 17:37 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-06 17:37 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-06 17:37 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-06 17:37 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-06 17:37 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-06 17:37 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-06 17:37 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-06 17:37 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-06 17:37 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-06 17:37 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-06 17:37 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-06 17:37 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-06 17:37 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-06 17:37 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-06 17:37 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-06 17:37 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-06 17:36 - 2014-05-16 03:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 17:36 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-06 17:36 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-26 21:03 - 2014-04-26 21:04 - 00000000 ____D () C:\Program Files (x86)\WM Converter
2014-04-26 21:03 - 2014-04-26 21:03 - 00001949 _____ () C:\Users\Lilli\Desktop\WM Converter.lnk
2014-04-26 21:03 - 2014-04-26 21:03 - 00000000 ____D () C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Converter
2014-04-24 13:14 - 2014-04-24 13:14 - 00283144 _____ () C:\Windows\Minidump\042414-28594-01.dmp
2014-04-21 16:38 - 2014-04-21 16:38 - 00286912 _____ () C:\Windows\Minidump\042114-16380-01.dmp
2014-04-17 22:21 - 2014-04-17 22:21 - 00287352 _____ () C:\Windows\Minidump\041714-53913-01.dmp
2014-04-17 10:48 - 2014-04-17 10:48 - 00290512 _____ () C:\Windows\Minidump\041714-39015-01.dmp
==================== One Month Modified Files and Folders =======
2014-05-17 13:32 - 2014-05-12 21:54 - 00019840 _____ () C:\Users\Lilli\Desktop\FRST.txt
2014-05-17 13:30 - 2014-05-17 13:30 - 00000000 ____D () C:\Users\Lilli\Desktop\FRST-OlderVersion
2014-05-17 13:30 - 2014-05-12 21:53 - 02067456 _____ (Farbar) C:\Users\Lilli\Desktop\FRST64.exe
2014-05-17 13:30 - 2014-05-12 21:53 - 00000000 ____D () C:\FRST
2014-05-17 13:29 - 2014-05-17 13:29 - 00014429 _____ () C:\Users\Lilli\Desktop\JRT.txt
2014-05-17 13:21 - 2009-07-14 06:45 - 00020992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-17 13:21 - 2009-07-14 06:45 - 00020992 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-17 13:16 - 2014-05-17 13:16 - 00000000 ____D () C:\Windows\ERUNT
2014-05-17 13:16 - 2014-05-17 13:15 - 01016261 _____ (Thisisu) C:\Users\Lilli\Desktop\JRT.exe
2014-05-17 13:16 - 2012-05-05 19:19 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-05-17 13:16 - 2012-05-05 19:19 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-05-17 13:16 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-17 13:13 - 2014-05-17 12:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 13:11 - 2014-05-17 13:11 - 00000000 ___RD () C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-17 13:11 - 2013-11-02 23:57 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 13:10 - 2012-05-05 18:34 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-17 13:10 - 2010-11-21 05:47 - 00497890 _____ () C:\Windows\PFRO.log
2014-05-17 13:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 13:10 - 2009-07-14 06:51 - 00157849 _____ () C:\Windows\setupact.log
2014-05-17 13:09 - 2014-05-17 13:06 - 00000000 ____D () C:\AdwCleaner
2014-05-17 13:09 - 2012-05-05 18:27 - 02040637 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 13:06 - 2014-05-17 13:05 - 01325827 _____ () C:\Users\Lilli\Desktop\adwcleaner_3.208.exe
2014-05-17 13:03 - 2013-06-27 19:58 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-17 13:01 - 2014-05-17 13:01 - 00001950 _____ () C:\Users\Lilli\Desktop\mbam.txt
2014-05-17 12:56 - 2013-11-02 23:57 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 12:14 - 2014-05-17 12:14 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 12:14 - 2014-05-17 12:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 12:14 - 2014-05-17 12:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 12:14 - 2014-05-17 12:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 12:12 - 2014-05-17 12:11 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Lilli\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-17 12:10 - 2013-05-07 16:18 - 00000000 ____D () C:\Users\Lilli\Documents\Bluetooth Folder
2014-05-17 12:07 - 2012-12-24 20:48 - 00000000 ___RD () C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 12:07 - 2012-12-24 20:48 - 00000000 ___RD () C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 03:35 - 2014-05-06 17:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 03:19 - 2012-12-25 00:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 17:04 - 2013-06-27 19:58 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 17:04 - 2013-06-27 19:58 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 17:04 - 2012-05-05 19:10 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 20:20 - 2013-01-17 17:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-13 20:15 - 2014-05-13 20:15 - 00024800 _____ () C:\Users\Lilli\Desktop\Combofix.txt
2014-05-13 20:10 - 2014-05-13 20:10 - 00024800 _____ () C:\ComboFix.txt
2014-05-13 20:10 - 2014-05-13 19:55 - 00000000 ____D () C:\Qoobox
2014-05-13 20:07 - 2014-05-13 19:54 - 00000000 ____D () C:\Windows\erdnt
2014-05-13 20:07 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-13 19:53 - 2014-05-13 19:53 - 05200050 ____R (Swearware) C:\Users\Lilli\Desktop\ComboFix.exe
2014-05-13 19:25 - 2014-05-13 19:25 - 00001264 _____ () C:\Users\Lilli\Desktop\Revo Uninstaller.lnk
2014-05-13 19:25 - 2014-05-13 19:25 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-13 19:24 - 2014-05-13 19:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lilli\Desktop\revosetup95.exe
2014-05-12 22:23 - 2014-05-12 22:23 - 00007696 _____ () C:\Users\Lilli\Desktop\Gmer.txt
2014-05-12 21:58 - 2014-05-12 21:55 - 00055733 _____ () C:\Users\Lilli\Desktop\Addition.txt
2014-05-12 21:56 - 2014-05-12 21:56 - 00380416 _____ () C:\Users\Lilli\Desktop\Gmer-19357.exe
2014-05-12 21:52 - 2014-05-12 21:52 - 00050477 _____ () C:\Users\Lilli\Desktop\Defogger.exe
2014-05-12 21:52 - 2014-05-12 21:52 - 00000472 _____ () C:\Users\Lilli\Desktop\defogger_disable.log
2014-05-12 21:52 - 2014-05-12 21:52 - 00000000 _____ () C:\Users\Lilli\defogger_reenable
2014-05-12 21:52 - 2012-12-24 20:43 - 00000000 ____D () C:\Users\Lilli
2014-05-12 21:37 - 2014-05-12 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 21:07 - 2013-07-27 00:07 - 00000230 _____ () C:\Users\Lilli\AppData\Roaming\WB.CFG
2014-05-12 21:01 - 2014-05-12 20:55 - 00001113 _____ () C:\Users\Lilli\Desktop\BUFFALO NAS Navigator2.lnk
2014-05-12 20:58 - 2014-05-12 20:57 - 00282936 _____ () C:\Windows\Minidump\051214-44959-01.dmp
2014-05-12 20:57 - 2013-03-19 23:32 - 634222526 _____ () C:\Windows\MEMORY.DMP
2014-05-12 20:57 - 2013-03-19 23:32 - 00000000 ____D () C:\Windows\Minidump
2014-05-12 20:56 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\Users\Lilli\Documents\NasNavi
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\Users\Lilli\AppData\Roaming\NASNaviator2
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BUFFALO
2014-05-12 20:55 - 2014-05-12 20:55 - 00000000 ____D () C:\Program Files (x86)\BUFFALO
2014-05-11 19:21 - 2014-05-11 19:21 - 00290488 _____ () C:\Windows\Minidump\051114-35256-01.dmp
2014-05-09 17:38 - 2013-01-26 00:12 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 17:38 - 2013-01-26 00:12 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 08:14 - 2014-05-15 22:16 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 22:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 21:28 - 2014-02-22 20:48 - 00000000 ____D () C:\Users\Lilli\AppData\Local\Windows Live
2014-05-06 20:55 - 2014-05-06 20:55 - 00000000 __SHD () C:\Users\Lilli\AppData\Local\EmieUserList
2014-05-06 20:55 - 2014-05-06 20:55 - 00000000 __SHD () C:\Users\Lilli\AppData\Local\EmieSiteList
2014-05-06 20:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-06 16:48 - 2012-12-25 13:48 - 00000000 ____D () C:\Update
2014-05-06 06:40 - 2014-05-16 03:12 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-16 03:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-16 03:12 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-16 03:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-16 03:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-16 03:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-26 21:04 - 2014-04-26 21:03 - 00000000 ____D () C:\Program Files (x86)\WM Converter
2014-04-26 21:03 - 2014-04-26 21:03 - 00001949 _____ () C:\Users\Lilli\Desktop\WM Converter.lnk
2014-04-26 21:03 - 2014-04-26 21:03 - 00000000 ____D () C:\Users\Lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Converter
2014-04-26 15:23 - 2013-11-02 23:58 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-24 13:14 - 2014-04-24 13:14 - 00283144 _____ () C:\Windows\Minidump\042414-28594-01.dmp
2014-04-24 12:29 - 2013-06-10 20:59 - 00000000 ____D () C:\Users\Lilli\Desktop\sprüche ;))
2014-04-21 16:38 - 2014-04-21 16:38 - 00286912 _____ () C:\Windows\Minidump\042114-16380-01.dmp
2014-04-18 09:44 - 2012-12-24 20:48 - 00000000 ____D () C:\Users\Lilli\AppData\Roaming\Atheros
2014-04-17 22:21 - 2014-04-17 22:21 - 00287352 _____ () C:\Windows\Minidump\041714-53913-01.dmp
2014-04-17 10:48 - 2014-04-17 10:48 - 00290512 _____ () C:\Windows\Minidump\041714-39015-01.dmp
Some content of TEMP:
====================
C:\Users\Lilli\AppData\Local\Temp\avgnt.exe
C:\Users\Lilli\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2014-05-15 22:14] - [2014-03-04 11:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-28 14:53
==================== End Of Log ============================
--- --- ---
--- --- ---
mbam:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 17.05.2014 12:15:14, SYSTEM, LILLIS_LAPTOP, Protection, Malware Protection, Starting,
Protection, 17.05.2014 12:15:14, SYSTEM, LILLIS_LAPTOP, Protection, Malware Protection, Started,
Protection, 17.05.2014 12:15:14, SYSTEM, LILLIS_LAPTOP, Protection, Malicious Website Protection, Starting,
Protection, 17.05.2014 12:15:15, SYSTEM, LILLIS_LAPTOP, Protection, Malicious Website Protection, Started,
Update, 17.05.2014 12:15:23, SYSTEM, LILLIS_LAPTOP, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 17.05.2014 12:15:50, SYSTEM, LILLIS_LAPTOP, Manual, Malware Database, 2014.3.4.9, 2014.5.17.5,
Protection, 17.05.2014 12:15:53, SYSTEM, LILLIS_LAPTOP, Protection, Refresh, Starting,
Protection, 17.05.2014 12:15:53, SYSTEM, LILLIS_LAPTOP, Protection, Malicious Website Protection, Stopping,
Protection, 17.05.2014 12:15:53, SYSTEM, LILLIS_LAPTOP, Protection, Malicious Website Protection, Stopped,
Protection, 17.05.2014 12:16:15, SYSTEM, LILLIS_LAPTOP, Protection, Refresh, Success,
Protection, 17.05.2014 12:16:15, SYSTEM, LILLIS_LAPTOP, Protection, Malicious Website Protection, Starting,
Protection, 17.05.2014 12:16:16, SYSTEM, LILLIS_LAPTOP, Protection, Malicious Website Protection, Started,
Protection, 17.05.2014 12:56:49, SYSTEM, LILLIS_LAPTOP, Protection, Malware Protection, Starting,
Protection, 17.05.2014 12:56:49, SYSTEM, LILLIS_LAPTOP, Protection, Malware Protection, Started,
Protection, 17.05.2014 12:56:49, SYSTEM, LILLIS_LAPTOP, Protection, Malicious Website Protection, Starting,
Detection, 17.05.2014 12:57:01, SYSTEM, LILLIS_LAPTOP, Protection, Malware Protection, File, PUP.Optional.SmartBar.A, C:\Users\Lilli\AppData\Local\Smartbar\Application\SnapDo.exe, Quarantine, [344554fe0675c96d6d9400710af854ac]
Protection, 17.05.2014 12:58:10, SYSTEM, LILLIS_LAPTOP, Protection, Malicious Website Protection, Started,
(end)
AdwCleaner:
Code:
# AdwCleaner v3.208 - Bericht erstellt am 17/05/2014 um 13:09:00
# Aktualisiert 11/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Lilli - LILLIS_LAPTOP
# Gestartet von : C:\Users\Lilli\Desktop\adwcleaner_3.208.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\Program Files (x86)\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\sweetpacks bundle uninstaller
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Users\Lilli\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Lilli\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Lilli\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Lilli\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Lilli\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Lilli\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Lilli\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Lilli\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Lilli\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Lilli\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Lilli\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Datei Gelöscht : C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\invalidprefs.js
Datei Gelöscht : C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [singalong@xenophesoft.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKCU\Software\e57dfd1b36eed40
Schlüssel Gelöscht : HKLM\SOFTWARE\e57dfd1b36eed40
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Conduit
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{48C7EA08-0178-45A4-B7D9-137AE61164E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~3\BitGuard\271832~1.68\{C16C1~1\loader.dll
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Lilli\AppData\Roaming\Mozilla\Firefox\Profiles\t3peefvj.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
Zeile gelöscht : user_pref("extensions.helperbar.BackPageActive", true);
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", true);
Zeile gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 23198954);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", true);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 1);
Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 12);
Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1399923542573");
Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);
Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "35947");
Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "adknowledgeyb");
Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\"www.only-apartments.es\\\",\\\"www.only-apartments.de\\\",\\\"www.only-apar[...]
Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "true");
Zeile gelöscht : user_pref("extensions.helperbar.installationid", "1b5ca732-84d5-2d3b-62ad-6fddd9f40179");
Zeile gelöscht : user_pref("extensions.helperbar.installdate", "11/12/2013");
Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1396085137");
Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1399983798486");
Zeile gelöscht : user_pref("extensions.helperbar.publisher", "adknowledgeyb");
-\\ Google Chrome v34.0.1847.131
[ Datei : C:\Users\Lilli\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=1b5ca732-84d5-2d3b-62ad-6fddd9f40179&searchtype=ds&q={searchTerms}&installDate=11/12/2013
Gelöscht [Startup_urls] : hxxp://feed.snapdo.com/?publisher=AdKnowledgeYB&dpid=AdKnowledgeYB&co=DE&userid=1b5ca732-84d5-2d3b-62ad-6fddd9f40179&searchtype=hp&installDate=11/12/2013
Gelöscht [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
*************************
AdwCleaner[R0].txt - [15458 octets] - [17/05/2014 13:07:41]
AdwCleaner[S0].txt - [13598 octets] - [17/05/2014 13:09:00]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13659 octets] ##########
LG,
Elisabeth
Hi,
hier ist die JRT-Datei nocheinmal richtig :
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Lilli on 17.05.2014 at 13:16:43,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-911180625-3269783793-1203979783-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{04B54908-EC88-4F39-A83A-8FC1668C2337}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{0C56E6FB-D4B3-4366-8F5F-5345CAA14B63}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{0C810D89-9870-4A8A-8552-18CBF732F372}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{0EACD146-8697-4B8E-8461-7AB65476CF22}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{0F9C7BCE-5EBD-4D25-A6D5-10EF598D116A}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{15A41C0D-5A32-4141-A33B-1B7FDFF85FF3}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{174D9C3F-DEB1-44D2-98B7-28D2834423F4}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{19F7D6C0-1332-4E1D-AF1E-DBBF9EDD162D}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1B4C9989-15F5-4391-AB65-7EC93CE627D0}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1EDCBA88-3D5C-4EFC-8844-E41B75E79CD2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1F142ADE-DE90-47C5-A4DB-FA485FDBAB46}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1F6BE731-94E0-4CA0-8EBF-FA5A7B47AD68}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{1F89FDC4-AA0B-4477-821B-0823627765BD}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{21084397-E3E8-444F-85AF-3500A9A11823}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{27BF8381-6E97-4084-B169-70C82C82EEBC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{28410C58-B822-4D85-AE0B-35AB955C2EF2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{2872C590-E17A-41A3-A11A-044B7ACF3627}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{292392BE-3CB7-46FE-9139-E5EC3FC69ABB}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{29FF83FE-B3E6-46ED-9CFF-87D2A7218537}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{2BE9EBC2-B778-44FA-AD78-4047133D6BEE}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{30ECA150-23A7-4E05-BB12-F14D642F25FF}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{318E78CC-742C-4B1C-843B-811C559740F6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3571CA3A-4A4A-4C04-8076-98500656C4A6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{38ED45FD-A4B9-4EB4-963E-BE7F1AAD0696}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3A595D8D-3F90-4773-B56D-AEC65BE141E2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3C32B959-CDAF-4BE4-BD33-DBE163E33DBD}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3D4EE77D-66AA-488C-BDA7-D172F2ADE901}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{3D7382D0-FE9B-42FA-9BDA-7A037AE4CA7E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{44E03A49-04C7-4AEA-ACA3-1CB516DC9EEF}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{4D32D4D0-09F1-4222-B986-00CF80A8C66C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{4F245DEB-01DF-475C-8556-B6A7CCACF865}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{50DB5F72-0C79-4E53-8FD9-06567A4484B8}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{51AA31EF-C774-4364-A2C1-1A1D084F87EC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{53F21FE2-E888-4E9B-9397-3A4ED5AA8967}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{564D3780-7CFB-4E13-B98E-EAD7E60D1B02}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{59054F41-2EEB-43A8-96C4-A39A97807CB9}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{5A4E21D5-8816-4F22-B3FE-8C6D633037D4}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{5B6556B9-F671-45E3-AAE8-A6DD04588F9F}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{5E124A82-6407-4F3F-B07C-70BFD9162C55}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{60EE4F86-F924-4869-9BEF-3CCC31CEE202}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{65F03133-7D26-4F50-9E02-C62642AC2ACC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{65FB327C-7E6A-4251-9DB4-B45EFED92CC2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{66E2785D-E397-410F-A11E-AF303C39EF0B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{67E4842E-DC60-4572-AC6F-4226ED1A0DC6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{691C4F6E-D53E-4F50-B963-88B36B63CACF}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{698845F6-326E-4840-8936-F69041A5F271}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6DC9EE75-CA94-4712-9A03-CCEAB3E794A2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6E70E55A-F059-43A9-BDEA-60BF301FD897}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6EC4507D-CF2C-41DF-AF87-8F88444D343E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6F72E574-C6B4-4D5A-8EC1-D0109AF4652C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{6FB24C19-89B6-46F3-94B9-2A1C94D5413A}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{70AC88A9-4053-4CC4-8F38-D1F0418E2134}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{7177E225-3305-42EA-8A14-125FFB24C910}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{71A5B54C-FD21-47AE-BD80-A494EBE473A0}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{73012AFA-4F09-45C5-96F9-F9579316261C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{751881EA-48F1-4B66-8C0F-2FFEE602F0F6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{763D412C-9788-4BB4-8E9F-E7D370DFE1EB}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{773DE21D-9AEB-4C9B-9F65-AD0A49BC829E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{7C704362-49EF-4AB9-BB64-F88D7CB9F50B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{7CFCA3C3-404A-411F-8FF3-053FE037AB8A}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{825CB49A-0D0B-4A47-9672-63875A5CFAAC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{847F8D5E-D65A-4320-B81C-7853444212A2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{86368793-0886-46AD-ADAF-BA3AB205ADB3}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{86F0B484-75E3-4995-B36B-60E8FDFF67C6}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{8893D5DF-00F9-409D-A6D0-3EC955843660}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{8DD71A5A-D404-407A-A7BC-A9797BFA5E62}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{8F021E3D-8E2B-43D2-A5D0-BC8FC707081C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{905C9616-238B-4B13-92DC-E35FA84D522A}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{90B13D3E-E6AE-4C16-8A8A-11DDBAA8AD5F}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{91E25DC5-9E86-4D35-9E71-8C18C63591DD}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9277FA21-F06A-4170-B5A6-0B114EDFDDCC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9379DC5A-0217-45EA-A1FE-C9D083B69E6E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{93D00A86-A482-4BB7-B819-4EF35626AE86}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9803B821-7443-4C47-8385-A72B0862CEC9}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9AEE4948-11A6-4D00-993D-A802DD532919}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9BF07C39-A5D7-40C5-9651-1ECD3454B388}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9C22FA4F-7D52-463F-B7A3-4D9D85E359F1}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9CA8E1CE-8CEC-4943-B8EF-4F975A33DC08}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{9EB4FD12-2A99-433E-86FF-FE58CB7A87A0}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A019439D-6FEB-4966-8152-FC1D0E3B48DC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A24940DF-65D0-4DE9-96E9-44E3179BD151}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A4C0058D-230F-4DC2-BA82-472412573F71}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A6CB6B13-2FC4-40F3-9A9D-A53593AD9557}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A6DCCC5C-E8C7-4777-8C06-373677F6111E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A7E8B1B5-61FB-4AE2-90AE-3F2EDFB3011F}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A89B7E57-CE30-4B13-BC65-95C6BC69E864}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{A9A551D3-2BCA-493E-A6E3-5946CE87F543}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{AA24F787-EE4D-440F-8FA3-3A8C7B515127}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{B12F622D-D53E-4212-9AF4-D6FE55B81398}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{B74F2FEA-9028-40B6-A3EB-AEC51AFBDE8B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{BB94360A-DD3A-4231-AD41-48141AC00E70}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{BFDA0B0B-45F4-49FC-AB6E-655125EBDC43}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C08AC6B1-FB25-4896-976F-D33DB11ABF88}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C10B678E-31B7-4C93-A9E2-BC97A9B80660}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C282E876-F42F-4EF0-B66E-4BFD3A6E358E}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C44BB77C-A229-4C2B-91F8-04099291EAFC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C62FD3B8-05F1-46F5-9094-9CC19C61DC00}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C7890C36-6127-40FC-A3C0-FEDDF052C1D8}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C913ACF1-767F-4FAD-B51E-B85F0CAA6F46}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C917B558-1EEE-4E93-8E2E-596E60CAC7A1}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{C93116D4-194C-4389-9E9F-73888927F254}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{CE69E7E7-CAB1-4616-A619-11CCC3310D69}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{CFB73C0A-29D9-46E2-8C0F-4AE7A44BD18D}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{D2562926-8CCB-4118-B7DE-4A1CBA4A24AC}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{D47B4054-ECD4-4155-937B-C6DA22CA32EA}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{D5D65BB9-8375-4863-9308-08A02DA33915}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{D8F4ED58-2917-4592-954A-1F21EA794462}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{DB63269E-9EEF-497E-B1F6-266B60FB39C2}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{DD8BE8F0-4628-4EEF-A54F-E15DD7D06564}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{DEAE35E3-ADDC-4BCF-AFF0-64F4FD6D9161}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E0092BE8-134A-4552-B174-2353A6403FB3}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E1BDD095-0337-4F2A-8977-8D5AE6936E62}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E2B64A7F-3A48-4B18-81C3-4605AD665090}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E67AD5F1-9732-4400-8A59-8B12D3A950BF}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{E8D3EDDD-1022-4875-A047-C520A80CF75C}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{EE71421B-AC6E-4E93-93D3-333930E686B0}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{EFFBB71D-C8F7-4587-AA1F-7E88EFEEA47D}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F04A7C1D-99A0-419A-8B67-FB81F9B11B1B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F21C8015-629D-4886-AA2B-4565ECBEB684}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F2B9F81D-92CA-417B-B716-10D85B225843}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F2BC9799-8574-48AC-B771-A92D307AB636}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F4445738-BC6C-4EB8-8A19-72C1AADD67BE}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F4DE842E-E191-4645-9740-09809FBBC25B}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{F7F0C951-292A-4771-BAD7-DE8B9DB293CA}
Successfully deleted: [Empty Folder] C:\Users\Lilli\appdata\local\{FE3AE9A1-B18D-46ED-90AE-ED7177DF81A7}
~~~ FireFox
Emptied folder: C:\Users\Lilli\AppData\Roaming\mozilla\firefox\profiles\t3peefvj.default\minidumps [31 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Lilli\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.05.2014 at 13:29:51,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
LG,
Elisabeth
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
