Google und facebook nicht verbunden, weil angeblich nicht vertrauenswürdig

ekirlueksuk · 26.04.2014, 12:02

Seit einigen Wochen blenden sich in firefox immer unerwünschte Werbungen ein, webs searches erscheint als firefox-Fenster u.ä. Seit heute ist es noch schlimmer: Wenn ich google oder facebook eingebe, dann lassen sie sich nicht verbinden, dazu die Warnung:

Sie haben Firefox angewiesen, eine gesicherte Verbindung zu www.google.com aufzubauen, es kann aber nicht überprüft werden, ob die Verbindung sicher ist.

Wenn Sie normalerweise eine gesicherte Verbindung aufbauen, weist sich die Website mit einer vertrauenswürdigen Identifikation aus, um zu garantieren, dass Sie die richtige Website besuchen. Die Identifikation dieser Website dagegen kann nicht bestätigt werden.
Was sollte ich tun?

Falls Sie für gewöhnlich keine Probleme mit dieser Website haben, könnte dieser Fehler bedeuten, dass jemand die Website fälscht. Sie sollten in dem Fall nicht fortfahren.

Ich habe nach Ihren Anweisungen Schritt 1 und 2 gemacht, aber bei Schritt 3 erschien immer wieder derselbe Satz, dass GMER nicht downzuladen ist und blockierte die ganze Trojaner-Board Seite. Deshalb kann ich den dazugehörigen logfile nicht posten.
Jetzt hoffe ich, dass ich die logfiles von schritt 1 und 2 posten kann.

Code:

ATTFilter

ï»¿Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-04-2014 01
Ran by ulrike at 2014-04-26 10:59:58
Running from C:\Users\ulrike\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acer Arcade Live Main Page (HKLM\...\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}) (Version: 1.1.1331 - Acer Inc.)
Acer DV Magician (HKLM\...\{F6EFFB76-4A07-11DA-9D78-000129760D75}) (Version: 1.5.0920 - Acer Inc.)
Acer DVDivine (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.2.1109 - Acer Inc.)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 2.8.4360 - Egis Inc.)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.5.4301 - Acer Inc.)
Acer ePerformance Management (HKLM\...\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}) (Version: 2.5.4002 - Acer Inc.)
Acer eSettings Management (HKLM\...\{CE65A9A0-9686-45C6-9098-3C9543A412F0}) (Version: 2.5.4302 - Acer Inc.)
Acer GameZone Console DTV 2.0.1.1 (HKLM\...\Acer GameZone Console_is1) (Version:  - Oberon Media, Inc.)
Acer HomeMedia (HKLM\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 1.4.1331 - Acer Inc.)
Acer HomeMedia Connect (HKLM\...\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}) (Version: 1.4.4931 - Acer Inc.)
Acer HomeMedia Trial Creator (HKLM\...\{B580C409-E16F-44FF-904D-3AE94E113BE0}) (Version: 1.4.1331 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 4.01.0422 - Acer Incorporated)
Acer SlideShow DVD (HKLM\...\{41581EF5-45A7-11DA-9D78-000129760D75}) (Version: 1.5.1109 - Acer Inc.)
Acer VideoMagician (HKLM\...\{F79A208D-D929-11D9-9D77-000129760D75}) (Version: 1.4.1017 - Acer Inc.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
addplushd (HKLM\...\addplushd) (Version: 1.34.3.6 - hdideo)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Agatha Christie Death on the Nile (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}) (Version:  - Oberon Media)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}) (Version: 3.0.641.0 - ATI Technologies, Inc.)
AV Input Selection (HKLM\...\{DEB38E1A-F4E5-4DF0-96F4-4050567A9D09}) (Version: 1.02.0037 - YUAN)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version:  - )
AVM FRITZ!DSL (HKLM\...\FRITZ!DSL) (Version:  - )
Backspin Billiards (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}) (Version:  - Oberon Media)
Big Kahuna Reef (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}) (Version:  - Oberon Media)
Bricks of Egypt (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}) (Version:  - Oberon Media)
Brother MFL-Pro Suite DCP-7040 (HKLM\...\{46E1B1F2-A279-4356-9B17-029F9CC72EAE}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
BrowserSafeguard with RocketTab (HKLM\...\BrowserSafeguard) (Version:  - BrowserSafeguard with RocketTab) <==== ATTENTION
Cake Mania (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Catalyst Control Center Localization Chinese Standard (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2007.0629.2229.38354 - ATI) Hidden
CCC Help Chinese Standard (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Czech (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Danish (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Dutch (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help English (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Finnish (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help French (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help German (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Greek (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Hungarian (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Italian (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Japanese (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Korean (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Norwegian (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Polish (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Portuguese (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Russian (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Spanish (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Swedish (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Thai (Version: 2007.0629.2228.38354 - ATI) Hidden
CCC Help Turkish (Version: 2007.0629.2228.38354 - ATI) Hidden
Chicken Invaders 3 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version:  - Oberon Media)
Chuzzle (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}) (Version:  - Oberon Media)
Cisco EAP-FAST Module (HKLM\...\{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}) (Version: 2.2.10 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{99A4344A-C723-4661-A507-D9D939480358}) (Version: 1.0.16 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{CD344FA5-6657-47CD-940F-8727EED35595}) (Version: 1.1.3 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Diner Dash Flo on the Go (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}) (Version:  - Oberon Media)
DMUninstaller (HKLM\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Download Protect (HKCU\...\{132401a7-2006-4342-b43c-ccf5f02c2b01}) (Version:  - Download Protect)
Driver Detective (HKLM\...\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}) (Version: 8.0.1 - PC Drivers HeadQuarters)
ElsterFormular-Upgrade (HKLM\...\ElsterFormular 11.4.1.4323) (Version: 14.4.12044 - Landesfinanzdirektion ThÃ¼ringen)
EtikettenAssistent 4.0 (HKLM\...\{217B8A26-B479-4361-8771-57E323D6F991}) (Version: 1.0.0 - HERMA)
Eumex RNDIS Driver V1.00 (HKLM\...\{99CBA603-937D-4058-806F-7A9AF711A1AA}) (Version: 1.00.0000 - T-Home)
Express Rip (HKLM\...\ExpressRip) (Version:  - NCH Swift Sound)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
funkwerk Eumex 401 WIN-Tools V1.00 (HKLM\...\InstallShield_{F1C6C824-FF4F-4CD6-9B25-E40F750FC2E8}) (Version: 1.00.0000 - Funkwerk Enterprise Communications GmbH)
funkwerk Eumex 401 WIN-Tools V1.00 (Version: 1.00.0000 - Funkwerk Enterprise Communications GmbH) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
hp deskjet 960c series (nur entfernen) (HKLM\...\hp deskjet 960c series) (Version:  - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.27 - Irfan Skiljan)
ITECIR Driver (HKLM\...\{FCED9B62-34FF-4C15-8A23-F65221F7874D}) (Version: 1.00.000 - ITE)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 16 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216016F0}) (Version: 6.0.160 - Sun Microsystems, Inc.)
Java(TM) 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.370 - Oracle)
Jewel Quest Solitaire (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}) (Version:  - Oberon Media)
Kick N Rush (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}) (Version:  - Oberon Media)
LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Mahjong Escape Ancient China (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Mahjongg Artifacts (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}) (Version:  - Oberon Media)
McAfee Internet Security Suite (HKLM\...\MSC) (Version: 12.8.944 - McAfee, Inc.)
McAfee Virtual Technician (HKLM\...\McAfee Virtual Technician) (Version: 7.5.0.3026 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files - Huntsville (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}) (Version:  - Oberon Media)
Mystery Solitaire - Secret Island (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}) (Version:  - Oberon Media)
NTI CD & DVD-Maker (HKLM\...\InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}) (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Protegere (HKLM\...\Protegere) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
ResultsAlpha (HKLM\...\ResultsAlpha) (Version: 2014.03.18.233345 - ResultsAlpha)
ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skypeâ„¢ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Turbo Pizza (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}) (Version:  - Oberon Media)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.WORD_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.WORD_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.WORD_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update fÃ¼r Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update fÃ¼r Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update fÃ¼r Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Upgrade Kit (HKLM\...\{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}) (Version: 1.00.4001 - Acer Inc.)
VO Package (HKLM\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - ITE Tech.Inc. (itecir) HIDClass  (06/20/2007 5.0.0004.2) (HKLM\...\2EFF310ED3BF3BFB24E6CC25AEB5491813E56803) (Version: 06/20/2007 5.0.0004.2 - ITE Tech.Inc.)
Zuma Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}) (Version:  - Oberon Media)

==================== Restore Points  =========================

09-04-2014 22:37:44 Nokia Connectivity Cable Driver wird entfernt
09-04-2014 23:05:47 Palm Desktop wird entfernt
12-04-2014 21:30:14 McAfee  Vulnerability Scanner
12-04-2014 21:39:40 Windows Update
13-04-2014 17:00:27 Windows-Sicherung
21-04-2014 19:07:52 Windows-Sicherung
25-04-2014 20:32:49 McAfee  Vulnerability Scanner
25-04-2014 21:17:36 PC Connectivity Solution wird entfernt
25-04-2014 22:08:50 RegClean Pro Sa, Apr 26, 14  00:08
25-04-2014 23:06:21 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00BB7B9E-54AF-42EB-B9E2-DC9BBDDF0164} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-04-25] () <==== ATTENTION
Task: {0CD5F161-3987-45B5-ADF1-98174775A6C9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2034902095-3904954408-3625675904-1003
Task: {12EF78E9-CEBA-45BA-BC65-D65350F7336A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-22] (Google Inc.)
Task: {18D50810-9BAE-4049-8FD1-CDF3F58D110F} - System32\Tasks\addplushd-firefoxinstaller => C:\Program Files\addplushd\addplushd-firefoxinstaller.exe [2014-03-20] (hdideo)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {32EFE854-A614-494D-9BEB-69EF68A14A40} - System32\Tasks\addplushd-chromeinstaller => C:\Program Files\addplushd\addplushd-chromeinstaller.exe [2014-03-20] (hdideo)
Task: {3AA8CA85-79C4-432F-AE14-82EBFD145D63} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2034902095-3904954408-3625675904-1000
Task: {545B1211-0CF5-4E6C-82C0-D386B0512924} - System32\Tasks\addplushd-codedownloader => C:\Program Files\addplushd\addplushd-codedownloader.exe
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {6129F90F-125C-4A9B-B0E0-58FD9919775C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2009-07-14] (Microsoft Corporation)
Task: {621AF666-6838-485E-A94A-25DA7AFF5D54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-22] (Google Inc.)
Task: {6C55B0F0-2E30-4DF8-AE89-C2F2AAFB7BDC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {893AC471-6013-4BB8-86DD-C49DE59E2078} - System32\Tasks\{723497E8-667E-4052-9EBB-40178E45A6F5} => C:\Program Files\Flash Player Pro\Flash Player Pro.exe
Task: {BAFC6691-ACC5-49C8-A5DE-57BE26278D1C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2034902095-3904954408-3625675904-1000Core => C:\Users\ulrike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-24] (Facebook Inc.)
Task: {C2ED6B15-AC84-4930-812B-9C8CA950D92C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-25] (Adobe Systems Incorporated)
Task: {D4F2F7C7-F9D0-4DF6-A8A1-C8DC4EE4C776} - System32\Tasks\SpeedUpMyPC => C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe <==== ATTENTION
Task: {D70C1BA1-DFAC-4F44-A489-A0604B7E4795} - System32\Tasks\{043A8411-1B14-4721-97DD-BC6734764B69} => C:\Program Files\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {D9A9B704-5C54-4A06-A721-F6DC6E542EEC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2034902095-3904954408-3625675904-1000UA => C:\Users\ulrike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-24] (Facebook Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: C:\Windows\Tasks\addplushd-chromeinstaller.job => C:\Program Files\addplushd\addplushd-chromeinstaller.exe
Task: C:\Windows\Tasks\addplushd-codedownloader.job => C:\Program Files\addplushd\addplushd-codedownloader.exe
Task: C:\Windows\Tasks\addplushd-firefoxinstaller.job => C:\Program Files\addplushd\addplushd-firefoxinstaller.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2034902095-3904954408-3625675904-1000Core.job => C:\Users\ulrike\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2034902095-3904954408-3625675904-1000UA.job => C:\Users\ulrike\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedUpMyPC.job => C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2007-04-11 08:55 - 2008-01-25 18:49 - 00098304 _____ () C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLSchRecordMonitor.dll
2007-04-11 08:55 - 2008-01-25 18:49 - 00260096 _____ () C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\sqlite3.dll
2007-04-11 09:25 - 2007-10-17 10:38 - 00028672 _____ () C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
2007-04-11 09:25 - 2007-10-17 09:55 - 00016384 _____ () C:\Acer\Empowering Technology\ePerformance\MemCheck.Interface.dll
2007-04-11 09:25 - 2007-10-17 10:37 - 00040960 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll
2014-03-20 00:03 - 2014-03-20 00:03 - 01005056 _____ () C:\Users\ulrike\AppData\Roaming\BupSystem\bup.exe
2014-03-20 00:04 - 2014-03-20 00:04 - 00374272 _____ () C:\Users\ulrike\AppData\Roaming\BupSystem\sub\default.dll
2014-03-20 00:04 - 2014-03-20 00:04 - 00070656 _____ () C:\Windows\system32\pwrsiplugin.exe
2014-03-20 00:04 - 2014-03-20 00:04 - 00096256 _____ () C:\Windows\System32\DlProtectSvc.exe
2007-04-11 08:50 - 2006-07-19 20:36 - 00262247 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2011-03-21 19:25 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2014-03-19 01:33 - 2014-04-22 20:41 - 00350496 _____ () C:\Program Files\ResultsAlpha\updateResultsAlpha.exe
2014-03-20 12:46 - 2014-04-22 20:08 - 00350496 _____ () C:\Program Files\ResultsAlpha\bin\utilResultsAlpha.exe
2014-02-25 08:29 - 2014-02-25 08:29 - 00353792 _____ () C:\Users\ulrike\AppData\Roaming\VOPackage\VOsrv.exe
2014-04-14 23:00 - 2014-04-14 23:00 - 00541696 _____ () C:\Program Files\003\vxlsnyaiet32.exe
2007-04-11 09:20 - 2007-12-19 18:09 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
2007-04-11 09:20 - 2007-12-19 18:09 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Computer.dll
2007-04-11 09:20 - 2007-12-19 18:08 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.ComputerInterfaces.dll
2007-04-11 09:20 - 2007-12-19 18:08 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Library.dll
2007-04-11 09:20 - 2007-11-06 09:30 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\iteio.dll
2007-04-11 09:20 - 2007-12-19 18:09 - 00006656 _____ () C:\Acer\Empowering Technology\eSettings\Service\CPUID.dll
2007-04-11 09:15 - 2008-01-09 18:43 - 00326176 _____ () C:\Acer\Empowering Technology\SysMonitor.exe
2008-03-04 23:38 - 2008-03-04 23:38 - 00227888 _____ () C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
2009-11-01 19:06 - 2010-08-14 21:41 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
2009-10-14 14:36 - 2009-10-14 14:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2014-03-20 00:04 - 2014-03-20 00:04 - 00012800 _____ () C:\ProgramData\dlprotect.exe
2014-04-18 16:01 - 2014-04-25 16:01 - 00465408 _____ () C:\Program Files\Browsersafeguard\BrowserSafeguard.exe
2009-10-14 14:34 - 2009-10-14 14:34 - 00560472 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
2007-04-11 09:15 - 2008-01-09 18:43 - 00057344 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
2007-04-11 09:14 - 2008-01-09 18:42 - 00024576 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
2007-04-11 09:20 - 2007-12-19 18:09 - 00028672 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
2007-04-11 09:20 - 2007-12-19 18:08 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
2007-04-11 09:20 - 2007-12-19 18:08 - 03420160 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
2007-04-11 09:20 - 2007-12-19 18:08 - 00155648 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
2007-04-11 09:25 - 2007-10-17 10:38 - 00045056 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll
2007-04-11 09:25 - 2007-10-17 10:38 - 00024576 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll
2007-04-11 09:25 - 2007-10-17 09:55 - 00020480 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll
2007-04-11 09:25 - 2007-10-17 10:38 - 00028672 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll
2007-04-11 09:25 - 2007-10-17 09:55 - 00016384 _____ () C:\Acer\Empowering Technology\MemCheck.Interface.dll
2007-04-11 09:20 - 2007-12-19 18:09 - 00003584 _____ () C:\Acer\Empowering Technology\eSettings\de\eSettings.Plugin.resources.dll
2007-04-11 09:20 - 2007-12-19 18:08 - 00010752 _____ () C:\Acer\Empowering Technology\eSettings\de\eSettings.Presenter.resources.dll
2007-04-11 09:25 - 2007-10-17 10:38 - 00003584 _____ () C:\Acer\Empowering Technology\ePerformance\de\ePerformance.Plugin.resources.dll
2014-04-25 21:25 - 2014-04-24 12:30 - 00239392 _____ () C:\Program Files\ResultsAlpha\bin\ResultsAlpha.PurBrowse.exe
2014-04-10 00:21 - 2014-04-17 22:25 - 00095520 _____ () C:\Program Files\ResultsAlpha\bin\ResultsAlpha.BrowserAdapter.exe
2014-03-30 00:14 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-04-03 14:25 - 2014-03-16 23:41 - 03018864 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2014-04-03 14:25 - 2014-03-16 23:41 - 00158832 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-03 14:25 - 2014-03-16 23:41 - 00023152 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-04-22 22:09 - 2014-04-22 22:09 - 16351920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: PCMMediaSharing => C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/26/2014 10:24:16 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÃ„T)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschÃ¤digt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgefÃ¼hrt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/26/2014 10:20:17 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 10:20:13 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PluginService.exe, Version: 13.27.0.223, Zeitstempel: 0x53474b44
Name des fehlerhaften Moduls: PluginService.exe, Version: 13.27.0.223, Zeitstempel: 0x53474b44
Ausnahmecode: 0x40000015
Fehleroffset: 0x00027810
ID des fehlerhaften Prozesses: 0x64c
Startzeit der fehlerhaften Anwendung: 0xPluginService.exe0
Pfad der fehlerhaften Anwendung: PluginService.exe1
Pfad des fehlerhaften Moduls: PluginService.exe2
Berichtskennung: PluginService.exe3

Error: (04/26/2014 10:20:09 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RSHP.exe, Version: 2.0.3.199, Zeitstempel: 0x5344bf21
Name des fehlerhaften Moduls: RSHP.exe, Version: 2.0.3.199, Zeitstempel: 0x5344bf21
Ausnahmecode: 0x40000015
Fehleroffset: 0x00017300
ID des fehlerhaften Prozesses: 0xf40
Startzeit der fehlerhaften Anwendung: 0xRSHP.exe0
Pfad der fehlerhaften Anwendung: RSHP.exe1
Pfad des fehlerhaften Moduls: RSHP.exe2
Berichtskennung: RSHP.exe3

Error: (04/26/2014 10:08:23 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÃ„T)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschÃ¤digt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgefÃ¼hrt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/26/2014 10:04:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 10:03:48 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PluginService.exe, Version: 13.27.0.223, Zeitstempel: 0x53474b44
Name des fehlerhaften Moduls: PluginService.exe, Version: 13.27.0.223, Zeitstempel: 0x53474b44
Ausnahmecode: 0x40000015
Fehleroffset: 0x00027810
ID des fehlerhaften Prozesses: 0x628
Startzeit der fehlerhaften Anwendung: 0xPluginService.exe0
Pfad der fehlerhaften Anwendung: PluginService.exe1
Pfad des fehlerhaften Moduls: PluginService.exe2
Berichtskennung: PluginService.exe3

Error: (04/26/2014 10:03:46 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RSHP.exe, Version: 2.0.3.199, Zeitstempel: 0x5344bf21
Name des fehlerhaften Moduls: RSHP.exe, Version: 2.0.3.199, Zeitstempel: 0x5344bf21
Ausnahmecode: 0x40000015
Fehleroffset: 0x00017300
ID des fehlerhaften Prozesses: 0xa94
Startzeit der fehlerhaften Anwendung: 0xRSHP.exe0
Pfad der fehlerhaften Anwendung: RSHP.exe1
Pfad des fehlerhaften Moduls: RSHP.exe2
Berichtskennung: RSHP.exe3

Error: (04/26/2014 08:47:04 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: McSvHost.exe, Version: 3.8.703.0, Zeitstempel: 0x51f7de31
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x006b0072
ID des fehlerhaften Prozesses: 0x810
Startzeit der fehlerhaften Anwendung: 0xMcSvHost.exe0
Pfad der fehlerhaften Anwendung: McSvHost.exe1
Pfad des fehlerhaften Moduls: McSvHost.exe2
Berichtskennung: McSvHost.exe3

Error: (04/26/2014 07:45:39 AM) (Source: Google Update) (User: ulrike-PC)
Description: Network Request Error.
Error: 0x80072ee2. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:49179;https=127.0.0.1:49179, bypass=<-loopback>.
trying CUP:WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying WinHTTP.
Send request returned 0x80072efd. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct


System errors:
=============
Error: (04/26/2014 10:23:23 AM) (Source: Schannel) (User: NT-AUTORITÃ„T)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (04/26/2014 10:21:49 AM) (Source: Schannel) (User: NT-AUTORITÃ„T)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (04/26/2014 10:21:21 AM) (Source: Schannel) (User: NT-AUTORITÃ„T)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (04/26/2014 10:20:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/26/2014 10:20:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/26/2014 10:20:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/26/2014 10:20:14 AM) (Source: Service Control Manager) (User: )
Description: Dienst "IePlugin Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/26/2014 10:18:59 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/26/2014 10:04:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/26/2014 10:04:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhÃ¤ngig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 3071.49 MB
Available physical RAM: 1568.32 MB
Total Pagefile: 6139.78 MB
Available Pagefile: 4451.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.01 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:290.83 GB) (Free:222.03 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:290.69 GB) (Free:25.06 GB) NTFS
Drive g: (CnMemory) (Fixed) (Total:465.76 GB) (Free:404.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 940FE0A2)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=291 GB) - (Type=06)
Partition 3: (Not Active) - (Size=291 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F089B496)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Code:

ATTFilter


	Code: 

 ATTFilter

  
	Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-04-2014 01
Ran by ulrike (administrator) on ULRIKE-PC on 26-04-2014 10:59:01
Running from C:\Users\ulrike\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(CyberLink) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
() C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
() C:\Users\ulrike\AppData\Roaming\BupSystem\bup.exe
() C:\Windows\system32\pwrsiplugin.exe
() C:\Windows\System32\DlProtectSvc.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\ResultsAlpha\updateResultsAlpha.exe
() C:\Program Files\ResultsAlpha\bin\utilResultsAlpha.exe
() C:\Users\ulrike\AppData\Roaming\VOPackage\VOsrv.exe
() C:\Program Files\003\vxlsnyaiet32.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Acer\Empowering Technology\SysMonitor.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
() C:\ProgramData\dlprotect.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
() C:\Program Files\Browsersafeguard\BrowserSafeguard.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Funkwerk Enterprise Communications GmbH) C:\Program Files\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe
() C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Acer Inc.) C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
() C:\Program Files\ResultsAlpha\bin\ResultsAlpha.PurBrowse.exe
() C:\Program Files\ResultsAlpha\bin\ResultsAlpha.BrowserAdapter.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4493312 2007-06-20] (Realtek Semiconductor)
HKLM\...\Run: [Acer Empowering Technology Monitor] => C:\Acer\Empowering Technology\SysMonitor.exe [326176 2008-01-09] ()
HKLM\...\Run: [eDataSecurity Loader] => C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (Egis Incorporated)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-14] (Google)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-10] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-10] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [517392 2014-01-28] (McAfee, Inc.)
HKLM\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe [12800 2014-03-20] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [BrowserSafeguard] => C:\Program Files\Browsersafeguard\BrowserSafeguard.exe [465408 2014-04-25] ()
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-2034902095-3904954408-3625675904-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2034902095-3904954408-3625675904-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
AppInit_DLLs: c:\progra~1\google\google~1\go36f4~1.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-14] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Control Center.lnk
ShortcutTarget: Control Center.lnk -> C:\Program Files\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe (Funkwerk Enterprise Communications GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)
Startup: C:\Users\ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Program Files\FRITZ!DSL\StCenter.exe (AVM Berlin)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49178;https=127.0.0.1:49178
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397765969&from=tugs&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY640720007200
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5hMV2B0UTQYtL9f04fHfR-huEkUX6tsUXE5wMTIORkuk33X8BcRN-D7IC9teyzx0K-Np1ni-Koz6sVfj5yZf1scrJ7_YqYSaB6wJNvh8YJcyIlrJnFAI0uXH_0tpMsds,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5hMV2B0UTQYtL9f04fHfR-huEkUX6tsUXE5wMTIORkuk33X8BcRN-D7IC9teyzx0K-Np1ni-Koz6sVfj5yZf1scrJ7_YqYSaB6wJNvh8YJcyIlrJnFAI0uXH_0tpMsds,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397765969&from=tugs&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY640720007200&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397765969&from=tugs&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY640720007200&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397765969&from=tugs&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY640720007200
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397765969&from=tugs&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY640720007200
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397765969&from=tugs&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY640720007200&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5hMV2B0UTQYtL9f04fHfR-huEkUX6tsUXE5wMTIORkuk33X8BcRN-D7IC9teyzx0K-Np1ni-Koz6sVfj5yZf1scrJ7_YqYSaB6wJNvh8YJcyIlrJnFAI0uXH_0tpMsdw,&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397765969&from=tugs&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY640720007200&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397765969&from=tugs&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY640720007200&q={searchTerms}
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3320324&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP8F541729-48E3-4A33-B117-71D2E09156C4&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5hMV2B0UTQYtL9f04fHfR-huEkUX6tsUXE5wMTIORkuk33X8BcRN-D7IC9teyzx0K-Np1ni-Koz6sVfj5yZf1scrJ7_YqYSaB6wJNvh8YJcyIlrJnFAI0uXH_0tpMsds,&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397765969&from=tugs&uid=WDCXWD6400AAKS-22A7B2_WD-WCASY640720007200&q={searchTerms}
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: No Name - {27B4851A-3207-45A2-B947-BE8AFE6163AB} -  No File
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: ResultsAlpha - {cbab673a-a480-4050-bd2b-5de24a7a0282} - C:\Program Files\ResultsAlpha\ResultsAlphabho.dll (ResultsAlpha)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.250

FireFox:
========
FF ProfilePath: C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin: @ei.MapsGalaxy_39.com/Plugin - C:\Program Files\MapsGalaxy_39EI\Installr\1.bin\NP39EISB.dll (MapsGalaxy)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/MVT - C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\ulrike\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: addplushd - C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\Extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com [2014-04-26]
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2014-03-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2014-03-18]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\yxg3ij41.default-1396875284370\extensions\quick_start@gmail.com
FF HKLM\...\Firefox\Extensions: [{8D342CA3-2B93-4004-A22C-E4B7A2BFC5E7}] - C:\Windows\Installer\{9AD8B119-B137-40E9-BA11-1DBB18A13D75}\{8D342CA3-2B93-4004-A22C-E4B7A2BFC5E7}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{9AD8B119-B137-40E9-BA11-1DBB18A13D75}\{8D342CA3-2B93-4004-A22C-E4B7A2BFC5E7}.xpi [2014-04-25]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-03-18]

========================== Services (Whitelisted) =================

R2 Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [269448 2008-01-25] (CyberLink)
R2 AcerMemUsageCheckService; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [28672 2007-10-17] ()
R2 AVM IGD CTRL Service; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [81920 2005-11-21] (AVM Berlin)
R2 bupService; C:\Users\ulrike\AppData\Roaming\BupSystem\bup.exe [1005056 2014-03-20] ()
S3 de_serv; C:\Program Files\Common Files\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin)
R2 DispmaySwitch; C:\Windows\system32\pwrsiplugin.exe [70656 2014-03-20] ()
R2 DlProtectSvc; C:\Windows\System32\DlProtectSvc.exe [96256 2014-03-20] ()
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [500784 2008-03-04] (Egis Incorporated)
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-14] (Google)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145568 2014-01-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [644088 2014-01-21] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [175480 2014-03-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-19] ()
R2 Update ResultsAlpha; C:\Program Files\ResultsAlpha\updateResultsAlpha.exe [350496 2014-04-22] ()
R2 Util ResultsAlpha; C:\Program Files\ResultsAlpha\bin\utilResultsAlpha.exe [350496 2014-04-22] ()
R2 VOsrv; C:\Users\ulrike\AppData\Roaming\VOPackage\VOsrv.exe [353792 2014-02-25] ()
R2 vxlsnyaiet32; C:\Program Files\003\vxlsnyaiet32.exe [541696 2014-04-14] ()

==================== Drivers (Whitelisted) ====================

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61400 2014-03-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [134600 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236480 2014-03-17] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [66408 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [367776 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [573968 2014-03-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [330248 2014-01-21] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [81264 2014-01-21] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [214856 2014-03-17] (McAfee, Inc.)
R3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [135400 2007-05-14] (Realtek Semiconductor Corp.)
R1 {f727685b-ed90-4adc-8eec-8234574a91e6}Gw; C:\Windows\System32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}Gw.sys [52928 2014-04-24] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 10:59 - 2014-04-26 10:59 - 00024372 _____ () C:\Users\ulrike\Downloads\FRST.txt
2014-04-26 10:58 - 2014-04-26 10:59 - 00000000 ____D () C:\FRST
2014-04-26 10:56 - 2014-04-26 10:58 - 01049088 _____ (Farbar) C:\Users\ulrike\Downloads\FRST.exe
2014-04-26 10:52 - 2014-04-26 10:52 - 00001099 _____ () C:\Users\ulrike\Desktop\Continue VuuPC Installation.lnk
2014-04-26 10:49 - 2014-04-26 10:50 - 00000448 _____ () C:\Users\ulrike\Downloads\defogger_disable.log
2014-04-26 10:49 - 2014-04-26 10:49 - 00000000 _____ () C:\Users\ulrike\defogger_reenable
2014-04-26 10:48 - 2014-04-26 10:49 - 00050477 _____ () C:\Users\ulrike\Downloads\Defogger.exe
2014-04-26 00:01 - 2013-12-27 18:10 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot.exe
2014-04-26 00:00 - 2014-04-26 01:05 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\systweak
2014-04-25 23:51 - 2014-04-25 23:57 - 00000000 ____D () C:\Users\ulrike\AppData\Local\VisualBeeExe
2014-04-25 23:44 - 2014-04-25 23:51 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-25 23:44 - 2014-04-25 23:44 - 00000000 ____D () C:\Users\ulrike\AppData\Local\emaze
2014-04-25 23:40 - 2014-04-25 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard
2014-04-25 23:40 - 2014-04-25 23:40 - 00000000 ____D () C:\Program Files\Browsersafeguard
2014-04-25 23:34 - 2014-04-25 23:34 - 00237344 _____ (Premium Installer ) C:\Users\ulrike\Downloads\Setup(2).exe
2014-04-25 22:44 - 2014-04-25 23:18 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\Nico Mak Computing
2014-04-25 21:25 - 2014-04-24 12:30 - 00052928 _____ (StdLib) C:\Windows\system32\Drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}Gw.sys
2014-04-22 22:15 - 2013-09-23 13:48 - 00147912 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-04-22 22:02 - 2014-04-22 22:02 - 00624000 _____ () C:\Users\ulrike\Downloads\uplayermediaplayer-setup.exe
2014-04-17 22:42 - 2014-04-17 22:42 - 00000000 __SHD () C:\Users\ulrike\AppData\Local\EmieUserList
2014-04-17 22:42 - 2014-04-17 22:42 - 00000000 __SHD () C:\Users\ulrike\AppData\Local\EmieSiteList
2014-04-17 22:41 - 2014-04-17 22:41 - 00000000 ____D () C:\Users\ulrike\AppData\Local\Tuguu_SL
2014-04-17 22:31 - 2014-04-17 22:31 - 00000000 ____D () C:\Users\ulrike\Desktop\Documents\Optimizer Pro
2014-04-17 22:29 - 2014-04-17 22:50 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-04-17 22:26 - 2014-04-26 00:00 - 00000000 ____D () C:\ProgramData\WPM
2014-04-17 22:26 - 2014-04-17 22:26 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\SupTab
2014-04-17 22:26 - 2014-04-17 22:26 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-17 22:26 - 2014-04-17 22:26 - 00000000 ____D () C:\Program Files\SupTab
2014-04-17 22:23 - 2014-04-17 22:50 - 00000000 ____D () C:\Users\ulrike\AppData\Local\Genesis
2014-04-14 23:24 - 2014-04-22 21:54 - 00001126 _____ () C:\Users\ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-14 23:12 - 2014-03-12 16:00 - 00295080 _____ (SecureAssist) C:\Windows\system32\SecureAssist.dll
2014-04-14 23:09 - 2014-04-26 10:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 23:09 - 2014-04-25 22:43 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-14 23:09 - 2014-04-25 22:43 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-14 22:59 - 2014-04-14 23:00 - 00000000 ____D () C:\Program Files\003
2014-04-14 22:51 - 2014-04-14 22:51 - 00236320 _____ (Premium Installer ) C:\Users\ulrike\Downloads\Media_Player_Setup.exe
2014-04-12 23:40 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 23:40 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 23:40 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 23:40 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-12 23:40 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 23:40 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-12 23:40 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 23:40 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 23:40 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 23:40 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 23:40 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-12 23:40 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-12 23:40 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-12 23:40 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-12 23:40 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-12 23:40 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-12 23:40 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 23:40 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-12 23:40 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-12 23:40 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-12 23:40 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 23:40 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-12 23:40 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 23:40 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-12 23:40 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 23:40 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 00:41 - 2014-04-10 01:01 - 00000000 ____D () C:\Program Files\VideoLAN
2014-04-10 00:37 - 2014-04-10 00:37 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\VOPackage
2014-04-10 00:27 - 2014-04-10 01:03 - 00000000 ____D () C:\Users\ulrike\AppData\Local\Mobogenie
2014-04-10 00:27 - 2014-04-10 00:27 - 00000000 ____D () C:\Users\ulrike\Desktop\Documents\Mobogenie
2014-04-10 00:27 - 2014-04-10 00:27 - 00000000 ____D () C:\Users\ulrike\AppData\Local\cache
2014-04-10 00:27 - 2014-04-10 00:27 - 00000000 ____D () C:\Users\ulrike\.android
2014-04-10 00:02 - 2014-04-10 00:03 - 00993712 _____ () C:\Users\ulrike\Downloads\setup(1).exe
2014-04-10 00:01 - 2014-04-10 00:01 - 00993712 _____ () C:\Users\ulrike\Downloads\setup.exe
2014-04-09 10:03 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 10:03 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 10:03 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 10:03 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 10:03 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 10:03 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 23:02 - 2014-04-08 23:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-08 22:56 - 2014-04-08 22:56 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-08 22:56 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-08 22:56 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 22:56 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 22:56 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 22:55 - 2014-04-08 22:56 - 00006648 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-08 22:55 - 2014-04-08 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 22:40 - 2014-04-08 22:40 - 00921000 _____ (Oracle Corporation) C:\Users\ulrike\Downloads\jxpiinstall(1).exe
2014-04-08 22:39 - 2014-04-08 22:39 - 00921512 _____ (Oracle Corporation) C:\Users\ulrike\Downloads\jre-7u51-windows-i586-iftw.exe
2014-04-08 21:49 - 2014-04-08 21:49 - 00705168 _____ () C:\Windows\Minidump\040814-19000-01.dmp
2014-04-08 16:14 - 2014-04-08 16:14 - 00705168 _____ () C:\Windows\Minidump\040814-16707-01.dmp
2014-04-07 15:45 - 2014-04-05 20:30 - 00017141 _____ () C:\Users\ulrike\Desktop\Documents\Teilnehmer%20Bläser%20Warrink.doc_0.odt
2014-04-07 14:33 - 2014-04-07 14:42 - 25032080 _____ (Mozilla) C:\Users\ulrike\Downloads\Firefox Setup 28.0.exe
2014-04-06 18:02 - 2014-04-06 18:02 - 00704976 _____ () C:\Windows\Minidump\040614-17175-01.dmp
2014-04-03 14:25 - 2014-04-07 15:10 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-03-31 09:42 - 2014-03-31 09:42 - 00000000 ____D () C:\Users\ulrike\AppData\Local\Skype
2014-03-31 09:42 - 2014-03-31 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-03-31 09:42 - 2014-03-31 09:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-30 00:14 - 2014-04-07 14:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-27 18:15 - 2014-03-27 18:15 - 00000000 ____D () C:\Users\Barbara\Neuer Ordner
2014-03-27 00:25 - 2014-03-27 00:28 - 10233664 _____ () C:\Users\ulrike\Downloads\saSetup.exe

==================== One Month Modified Files and Folders =======

2014-04-26 10:59 - 2014-04-26 10:59 - 00024372 _____ () C:\Users\ulrike\Downloads\FRST.txt
2014-04-26 10:59 - 2014-04-26 10:58 - 00000000 ____D () C:\FRST
2014-04-26 10:58 - 2014-04-26 10:56 - 01049088 _____ (Farbar) C:\Users\ulrike\Downloads\FRST.exe
2014-04-26 10:52 - 2014-04-26 10:52 - 00001099 _____ () C:\Users\ulrike\Desktop\Continue VuuPC Installation.lnk
2014-04-26 10:50 - 2014-04-26 10:49 - 00000448 _____ () C:\Users\ulrike\Downloads\defogger_disable.log
2014-04-26 10:49 - 2014-04-26 10:49 - 00000000 _____ () C:\Users\ulrike\defogger_reenable
2014-04-26 10:49 - 2014-04-26 10:48 - 00050477 _____ () C:\Users\ulrike\Downloads\Defogger.exe
2014-04-26 10:49 - 2010-08-12 14:25 - 00000000 ____D () C:\Users\ulrike
2014-04-26 10:39 - 2013-07-24 16:34 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2034902095-3904954408-3625675904-1000UA.job
2014-04-26 10:26 - 2010-08-12 14:23 - 00010896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 10:26 - 2010-08-12 14:23 - 00010896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 10:24 - 2014-03-18 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-04-26 10:24 - 2010-08-12 15:06 - 00398672 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-26 10:23 - 2012-12-03 22:52 - 01844809 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 10:21 - 2014-04-14 23:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 10:21 - 2006-11-02 12:23 - 00000344 _____ () C:\Windows\win.ini
2014-04-26 10:20 - 2014-03-20 00:06 - 00003074 _____ () C:\Windows\Tasks\addplushd-chromeinstaller.job
2014-04-26 10:20 - 2014-03-20 00:06 - 00002280 _____ () C:\Windows\Tasks\addplushd-firefoxinstaller.job
2014-04-26 10:19 - 2014-03-20 00:06 - 00001440 _____ () C:\Windows\Tasks\addplushd-codedownloader.job
2014-04-26 10:19 - 2012-12-05 14:01 - 14750719 _____ () C:\Windows\setupact.log
2014-04-26 10:19 - 2012-12-05 14:00 - 05297616 _____ () C:\Windows\PFRO.log
2014-04-26 10:19 - 2012-08-14 20:09 - 00000326 _____ () C:\Windows\Tasks\SpeedUpMyPC.job
2014-04-26 10:19 - 2009-11-22 01:24 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-26 10:19 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 10:18 - 2009-11-22 01:24 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 01:11 - 2007-04-11 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2014-04-26 01:11 - 2007-04-11 08:31 - 00000000 ____D () C:\Program Files\Acer GameZone
2014-04-26 01:05 - 2014-04-26 00:00 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\systweak
2014-04-26 00:00 - 2014-04-17 22:26 - 00000000 ____D () C:\ProgramData\WPM
2014-04-25 23:57 - 2014-04-25 23:51 - 00000000 ____D () C:\Users\ulrike\AppData\Local\VisualBeeExe
2014-04-25 23:51 - 2014-04-25 23:44 - 00000000 ____D () C:\ProgramData\VisualBee
2014-04-25 23:44 - 2014-04-25 23:44 - 00000000 ____D () C:\Users\ulrike\AppData\Local\emaze
2014-04-25 23:40 - 2014-04-25 23:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard
2014-04-25 23:40 - 2014-04-25 23:40 - 00000000 ____D () C:\Program Files\Browsersafeguard
2014-04-25 23:34 - 2014-04-25 23:34 - 00237344 _____ (Premium Installer ) C:\Users\ulrike\Downloads\Setup(2).exe
2014-04-25 23:18 - 2014-04-25 22:44 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\Nico Mak Computing
2014-04-25 23:17 - 2013-01-14 01:47 - 00021026 _____ () C:\Windows\DPINST.LOG
2014-04-25 22:43 - 2014-04-14 23:09 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-25 22:43 - 2014-04-14 23:09 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-25 20:50 - 2014-03-26 23:31 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-24 12:30 - 2014-04-25 21:25 - 00052928 _____ (StdLib) C:\Windows\system32\Drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}Gw.sys
2014-04-22 22:26 - 2014-03-18 17:13 - 00000000 ____D () C:\Program Files\McAfee
2014-04-22 22:02 - 2014-04-22 22:02 - 00624000 _____ () C:\Users\ulrike\Downloads\uplayermediaplayer-setup.exe
2014-04-22 21:54 - 2014-04-14 23:24 - 00001126 _____ () C:\Users\ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-22 21:54 - 2011-03-25 00:02 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-22 21:54 - 2011-03-25 00:02 - 00001113 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 21:54 - 2010-08-12 15:35 - 00001417 _____ () C:\Users\ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-22 19:59 - 2014-03-20 00:05 - 00000000 ____D () C:\Program Files\ResultsAlpha
2014-04-17 22:50 - 2014-04-17 22:29 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-04-17 22:50 - 2014-04-17 22:23 - 00000000 ____D () C:\Users\ulrike\AppData\Local\Genesis
2014-04-17 22:42 - 2014-04-17 22:42 - 00000000 __SHD () C:\Users\ulrike\AppData\Local\EmieUserList
2014-04-17 22:42 - 2014-04-17 22:42 - 00000000 __SHD () C:\Users\ulrike\AppData\Local\EmieSiteList
2014-04-17 22:41 - 2014-04-17 22:41 - 00000000 ____D () C:\Users\ulrike\AppData\Local\Tuguu_SL
2014-04-17 22:31 - 2014-04-17 22:31 - 00000000 ____D () C:\Users\ulrike\Desktop\Documents\Optimizer Pro
2014-04-17 22:26 - 2014-04-17 22:26 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\SupTab
2014-04-17 22:26 - 2014-04-17 22:26 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-17 22:26 - 2014-04-17 22:26 - 00000000 ____D () C:\Program Files\SupTab
2014-04-15 22:50 - 2012-09-27 21:47 - 00017920 ___SH () C:\Users\ulrike\Thumbs.db
2014-04-15 22:30 - 2014-03-18 19:01 - 00001848 _____ () C:\Users\ulrike\Desktop\McAfee Internet Security Suite.lnk
2014-04-14 23:00 - 2014-04-14 22:59 - 00000000 ____D () C:\Program Files\003
2014-04-14 22:51 - 2014-04-14 22:51 - 00236320 _____ (Premium Installer ) C:\Users\ulrike\Downloads\Media_Player_Setup.exe
2014-04-13 20:39 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-13 00:06 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-10 16:39 - 2013-07-24 16:34 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2034902095-3904954408-3625675904-1000Core.job
2014-04-10 01:06 - 2009-12-25 16:27 - 00000000 ____D () C:\Palm
2014-04-10 01:03 - 2014-04-10 00:27 - 00000000 ____D () C:\Users\ulrike\AppData\Local\Mobogenie
2014-04-10 01:01 - 2014-04-10 00:41 - 00000000 ____D () C:\Program Files\VideoLAN
2014-04-10 00:39 - 2012-03-10 16:54 - 00000000 ____D () C:\Program Files\Nokia
2014-04-10 00:37 - 2014-04-10 00:37 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\VOPackage
2014-04-10 00:27 - 2014-04-10 00:27 - 00000000 ____D () C:\Users\ulrike\Desktop\Documents\Mobogenie
2014-04-10 00:27 - 2014-04-10 00:27 - 00000000 ____D () C:\Users\ulrike\AppData\Local\cache
2014-04-10 00:27 - 2014-04-10 00:27 - 00000000 ____D () C:\Users\ulrike\.android
2014-04-10 00:03 - 2014-04-10 00:02 - 00993712 _____ () C:\Users\ulrike\Downloads\setup(1).exe
2014-04-10 00:01 - 2014-04-10 00:01 - 00993712 _____ () C:\Users\ulrike\Downloads\setup.exe
2014-04-09 16:53 - 2013-08-14 00:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 16:53 - 2007-04-11 08:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 16:46 - 2010-08-19 20:56 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 23:02 - 2014-04-08 23:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-08 22:56 - 2014-04-08 22:56 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-04-08 22:56 - 2014-04-08 22:55 - 00006648 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-04-08 22:56 - 2012-09-01 17:00 - 00000000 ____D () C:\Program Files\Java
2014-04-08 22:55 - 2014-04-08 22:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 22:40 - 2014-04-08 22:40 - 00921000 _____ (Oracle Corporation) C:\Users\ulrike\Downloads\jxpiinstall(1).exe
2014-04-08 22:39 - 2014-04-08 22:39 - 00921512 _____ (Oracle Corporation) C:\Users\ulrike\Downloads\jre-7u51-windows-i586-iftw.exe
2014-04-08 21:49 - 2014-04-08 21:49 - 00705168 _____ () C:\Windows\Minidump\040814-19000-01.dmp
2014-04-08 21:49 - 2012-12-02 16:24 - 324349685 _____ () C:\Windows\MEMORY.DMP
2014-04-08 21:49 - 2010-12-23 21:04 - 00000000 ____D () C:\Windows\Minidump
2014-04-08 16:14 - 2014-04-08 16:14 - 00705168 _____ () C:\Windows\Minidump\040814-16707-01.dmp
2014-04-07 21:07 - 2012-05-03 23:26 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-07 15:11 - 2014-03-20 00:07 - 00002040 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-04-07 15:11 - 2011-07-27 18:18 - 00002052 ___HT () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-04-07 15:10 - 2014-04-03 14:25 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-04-07 15:10 - 2009-11-07 18:34 - 00000000 ____D () C:\Users\ulrike\AppData\Local\Thunderbird
2014-04-07 14:57 - 2014-03-30 00:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-07 14:42 - 2014-04-07 14:33 - 25032080 _____ (Mozilla) C:\Users\ulrike\Downloads\Firefox Setup 28.0.exe
2014-04-07 11:25 - 2012-08-16 10:29 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\Nokia Suite
2014-04-07 11:25 - 2012-03-10 17:00 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\Nokia
2014-04-07 11:25 - 2012-03-10 16:59 - 00000000 ____D () C:\ProgramData\Nokia
2014-04-06 18:02 - 2014-04-06 18:02 - 00704976 _____ () C:\Windows\Minidump\040614-17175-01.dmp
2014-04-05 20:30 - 2014-04-07 15:45 - 00017141 _____ () C:\Users\ulrike\Desktop\Documents\Teilnehmer%20Bläser%20Warrink.doc_0.odt
2014-03-31 09:43 - 2009-11-29 20:44 - 00000000 ____D () C:\Users\ulrike\AppData\Roaming\Skype
2014-03-31 09:42 - 2014-03-31 09:42 - 00000000 ____D () C:\Users\ulrike\AppData\Local\Skype
2014-03-31 09:42 - 2014-03-31 09:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-03-31 09:42 - 2014-03-31 09:42 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-31 09:42 - 2009-11-29 20:37 - 00000000 ___RD () C:\Program Files\Skype
2014-03-31 09:42 - 2009-11-29 20:37 - 00000000 ____D () C:\ProgramData\Skype
2014-03-27 18:15 - 2014-03-27 18:15 - 00000000 ____D () C:\Users\Barbara\Neuer Ordner
2014-03-27 18:15 - 2010-02-04 10:52 - 00000000 ____D () C:\Users\Barbara
2014-03-27 00:28 - 2014-03-27 00:25 - 10233664 _____ () C:\Users\ulrike\Downloads\saSetup.exe

Files to move or delete:
====================
C:\ProgramData\dlprotect.exe


Some content of TEMP:
====================
C:\Users\ulrike\AppData\Local\Temp\1_Offer_8.exe
C:\Users\ulrike\AppData\Local\Temp\6_Offer_11.exe
C:\Users\ulrike\AppData\Local\Temp\BackupSetup.exe
C:\Users\ulrike\AppData\Local\Temp\install_flashplayer11x32au_mssa_aih.exe
C:\Users\ulrike\AppData\Local\Temp\instruct.exe
C:\Users\ulrike\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\ulrike\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\ulrike\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\ulrike\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\ulrike\AppData\Local\Temp\nse8AFC.exe
C:\Users\ulrike\AppData\Local\Temp\nsjA3CA.exe
C:\Users\ulrike\AppData\Local\Temp\nsk6D88.exe
C:\Users\ulrike\AppData\Local\Temp\nso39D4.exe
C:\Users\ulrike\AppData\Local\Temp\nso412C.exe
C:\Users\ulrike\AppData\Local\Temp\nsoB806.exe
C:\Users\ulrike\AppData\Local\Temp\nst3D4E.exe
C:\Users\ulrike\AppData\Local\Temp\nst9CB1.exe
C:\Users\ulrike\AppData\Local\Temp\nstA144.exe
C:\Users\ulrike\AppData\Local\Temp\nstA49F.exe
C:\Users\ulrike\AppData\Local\Temp\nsu1228.tmp.exe
C:\Users\ulrike\AppData\Local\Temp\nsy1A68.exe
C:\Users\ulrike\AppData\Local\Temp\nsy2DE9.exe
C:\Users\ulrike\AppData\Local\Temp\nsy40C8.exe
C:\Users\ulrike\AppData\Local\Temp\SendMsg.dll
C:\Users\ulrike\AppData\Local\Temp\sp-downloader.exe
C:\Users\ulrike\AppData\Local\Temp\SpOrder.dll
C:\Users\ulrike\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\ulrike\AppData\Local\Temp\System.Data.SQLite74367.dll
C:\Users\ulrike\AppData\Local\Temp\System.Data.SQLite81636.dll
C:\Users\ulrike\AppData\Local\Temp\SysTweak_Installer.exe
C:\Users\ulrike\AppData\Local\Temp\vbmz10.exe
C:\Users\ulrike\AppData\Local\Temp\vcredist_x86.exe
C:\Users\ulrike\AppData\Local\Temp\VisualBeeSilent.exe
C:\Users\ulrike\AppData\Local\Temp\weather-it-up_20140422.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-23 14:27

==================== End Of Log ============================

schrauber · 26.04.2014, 14:47

hi,

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

ekirlueksuk · 26.04.2014, 15:12

Ich versuche den Uninstaller downzuloaden - ohne Erfolg. Ich bin übrigens 72 und nicht sehr computerfit. Aber dieser Download dreht leer, ohne dass eine Datei erscheint.

schrauber · 26.04.2014, 18:48

Hm, sonstige Downloads funktionieren aber?

Wenn es nicht geht die Programme mit dem Zusatz ATTENTION einfach über die Systemsteuerung von WIndows deinstallieren.

ekirlueksuk · 26.04.2014, 20:59

Download Combofix hat geklappt. Beim 2. Anlauf ist auch der Scan bis zum Ende durchgelaufen. Hier ist der Logfile:

Code:

ATTFilter

ComboFix 14-04-26.01 - ulrike 26.04.2014  21:31:21.2.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3071.1505 [GMT 2:00]
ausgeführt von:: c:\users\ulrike\Downloads\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus und Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Uniblue\SpeedUpMyPC
c:\program files\Uniblue\SpeedUpMyPC\Launcher.exe
c:\programdata\AMMYY
c:\programdata\AMMYY\hr
c:\programdata\AMMYY\hr3
c:\programdata\AMMYY\settings.bin
c:\programdata\AMMYY\settings3.bin
c:\programdata\dlprotect.exe
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0\1
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\background.html
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\chromeCoreFilesIndex.txt
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\crossriderManifest.json
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\manifest.xml
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins.json
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\1_base.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\102_dealply_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\103_intext_5_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\104_jollywallet_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\123_intext_adv_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\17_jQuery.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\180_bpo_serp_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\182_openUrl.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\183_tabsWrapper.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\184_noproblemppc_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\190_pops_5_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\191_ciuvo_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\207_dbWrapper.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\21_debug.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\22_resources.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\220_icm_base_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\221_icm_downloads_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\223_imonomy_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\231_revizer_ws_dynamic_2_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\246_setup.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\28_initializer.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\47_resources_background.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\64_appApiMessage.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\7_hooks.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\72_appApiValidation.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\9_search_engine_hook.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\userCode\background.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\extensionData\userCode\extension.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\icons\actions\1.png
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\icons\icon128.png
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\icons\icon16.png
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\icons\icon48.png
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\api\chrome.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\api\cookie.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\api\message.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\api\monitor.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\api\pageAction.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\api\pageActionBG.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\background.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\app_api.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\bg_app_api.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\consts.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\cookie_store.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\crossriderAPI.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\delegate.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\events.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\extensionDataStore.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\installer.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\logFile.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\logging.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\onBGDocumentLoad.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\popupResource\newPopup.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\popupResource\popup.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\reports.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\storageWrapper.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\updateManager.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\util.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\lib\xhr.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\main.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\js\platformVersion.js
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\manifest.json
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.20_0\popup.html
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\000003.log
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\CURRENT
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\LOCK
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\LOG
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\MANIFEST-000002
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0.localstorage-journal
c:\users\ulrike\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0.localstorage
c:\users\ulrike\AppData\Roaming\.#
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome.manifest
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\asyncDB.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\background.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\browserAction.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\contextMenu.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\dbManager.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\dom_bg.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\fileManager.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\firefox.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\firefoxNotifications.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\firefoxOmnibox.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\message.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\pageAction.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\request.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\tabs.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\webRequest.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\api\windowsMessagingHandler.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\background.html
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\baseObject.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\browser.xul
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\addressBarChangeObserver.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\console.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\consts.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\delegate.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\extensionDataStore.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\folderIOWrapper.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\httpObserver.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\IDBWrapper.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\installer.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\logFile.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\prefs.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\progressListenerObserver.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\registry.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\reloadObserver.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\reports.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\requestObject.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\searchSettings.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\uninstallObserver.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\updateManager.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\utils.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\core\xhr.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\dialog.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\ffCoreFilesIndex.txt
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\main.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\options.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\options.xul
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\platformVersion.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\chrome\content\search_dialog.xul
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\defaults\preferences\prefs.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\manifest.xml
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins.json
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\1_base.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\102_dealply_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\103_intext_5_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\104_jollywallet_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\123_intext_adv_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\17_jQuery.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\182_openUrl.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\183_tabsWrapper.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\190_pops_5_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\191_ciuvo_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\207_dbWrapper.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\21_debug.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\22_resources.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\220_icm_base_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\221_icm_downloads_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\223_imonomy_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\231_revizer_ws_dynamic_2_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\246_setup.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\28_initializer.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\47_resources_background.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\64_appApiMessage.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\7_hooks.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\72_appApiValidation.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\9_search_engine_hook.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins\98_omniCommands.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\userCode\background.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\userCode\extension.js
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\install.rdf
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\locale\en-US\translations.dtd
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\button1.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\button2.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\button3.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\button4.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\button5.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\crossrider_statusbar.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\icon128.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\icon16.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\icon24.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\icon48.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\panelarrow-up.png
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\popup.html
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\skin.css
c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\skin\update.css
c:\users\ulrike\GoToAssistDownloadHelper.exe
c:\windows\IsUn0407.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-26 bis 2014-04-26  ))))))))))))))))))))))))))))))
.
.
2014-04-26 19:40 . 2014-04-26 19:40	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-04-26 19:40 . 2014-04-26 19:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-26 08:58 . 2014-04-26 09:00	--------	d-----w-	C:\FRST
2014-04-25 22:01 . 2013-12-27 16:10	18776	----a-w-	c:\windows\system32\roboot.exe
2014-04-25 22:00 . 2014-04-25 23:05	--------	d-----w-	c:\users\ulrike\AppData\Roaming\systweak
2014-04-25 21:51 . 2014-04-25 21:57	--------	d-----w-	c:\users\ulrike\AppData\Local\VisualBeeExe
2014-04-25 21:44 . 2014-04-25 21:51	--------	d-----w-	c:\programdata\VisualBee
2014-04-25 21:44 . 2014-04-25 21:44	--------	d-----w-	c:\users\ulrike\AppData\Local\emaze
2014-04-25 20:44 . 2014-04-25 21:18	--------	d-----w-	c:\users\ulrike\AppData\Roaming\Nico Mak Computing
2014-04-25 19:25 . 2014-04-24 10:30	52928	----a-w-	c:\windows\system32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}Gw.sys
2014-04-22 20:15 . 2013-09-23 11:48	147912	----a-w-	c:\windows\system32\drivers\HipShieldK.sys
2014-04-17 20:42 . 2014-04-17 20:42	--------	d-sh--w-	c:\users\ulrike\AppData\Local\EmieUserList
2014-04-17 20:42 . 2014-04-17 20:42	--------	d-sh--w-	c:\users\ulrike\AppData\Local\EmieSiteList
2014-04-17 20:41 . 2014-04-17 20:41	--------	d-----w-	c:\users\ulrike\AppData\Local\Tuguu_SL
2014-04-17 20:29 . 2014-04-17 20:50	--------	d-----w-	c:\program files\Optimizer Pro
2014-04-17 20:26 . 2014-04-17 20:26	--------	d-----w-	c:\users\ulrike\AppData\Roaming\SupTab
2014-04-17 20:26 . 2014-04-17 20:26	--------	d-----w-	c:\programdata\IePluginService
2014-04-17 20:26 . 2014-04-17 20:26	--------	d-----w-	c:\program files\SupTab
2014-04-17 20:26 . 2014-04-25 22:00	--------	d-----w-	c:\programdata\WPM
2014-04-17 20:23 . 2014-04-17 20:50	--------	d-----w-	c:\users\ulrike\AppData\Local\Genesis
2014-04-17 20:19 . 2014-04-22 19:54	--------	d-----w-	c:\users\ulrike\AppData\Roaming\webssearches
2014-04-14 21:12 . 2014-03-12 14:00	295080	----a-w-	c:\windows\system32\SecureAssist.dll
2014-04-14 21:09 . 2014-04-25 20:43	70832	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-14 21:09 . 2014-04-25 20:43	692400	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-04-14 21:09 . 2014-04-14 21:09	--------	d-----w-	c:\users\ulrike\AppData\Local\Programs
2014-04-14 21:00 . 2014-04-17 21:10	--------	d-----w-	C:\temp
2014-04-14 20:59 . 2014-04-14 21:00	--------	d-----w-	c:\program files\003
2014-04-09 22:41 . 2014-04-09 23:01	--------	d-----w-	c:\program files\VideoLAN
2014-04-09 22:27 . 2014-04-09 22:27	--------	d-----w-	c:\users\ulrike\.android
2014-04-09 22:27 . 2014-04-09 22:27	--------	d-----w-	c:\users\ulrike\AppData\Local\cache
2014-04-09 22:27 . 2014-04-09 23:03	--------	d-----w-	c:\users\ulrike\AppData\Local\Mobogenie
2014-04-09 08:03 . 2014-02-04 02:07	149440	----a-w-	c:\windows\system32\drivers\storport.sys
2014-04-09 08:03 . 2014-02-04 02:07	234432	----a-w-	c:\windows\system32\drivers\msiscsi.sys
2014-04-09 08:03 . 2014-02-04 02:07	27072	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2014-04-09 08:03 . 2014-02-04 02:00	2048	----a-w-	c:\windows\system32\iologmsg.dll
2014-04-09 08:03 . 2014-01-24 02:18	1212352	----a-w-	c:\windows\system32\drivers\ntfs.sys
2014-04-08 21:02 . 2014-04-08 21:02	--------	d-----w-	c:\programdata\Oracle
2014-04-08 20:56 . 2014-04-08 20:56	--------	d-----w-	c:\program files\Common Files\Java
2014-04-08 20:56 . 2013-12-18 19:10	94632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2014-04-03 12:25 . 2014-04-07 13:10	--------	d-----w-	c:\program files\Mozilla Thunderbird
2014-03-31 07:42 . 2014-03-31 07:42	--------	d-----w-	c:\users\ulrike\AppData\Local\Skype
2014-03-31 07:42 . 2014-03-31 07:42	--------	d-----w-	c:\program files\Common Files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-21 09:46 . 2014-03-21 09:46	152848	----a-w-	c:\windows\system32\comdlg32.ocx
2014-03-19 22:04 . 2014-03-19 22:04	70656	----a-w-	c:\windows\system32\pwrsiplugin.exe
2014-03-19 22:04 . 2014-03-19 22:04	96256	----a-w-	c:\windows\system32\DlProtectSvc.exe
2014-03-17 17:45 . 2014-01-27 08:18	61400	----a-w-	c:\windows\system32\drivers\cfwids.sys
2014-03-17 17:38 . 2014-01-27 08:12	214856	----a-w-	c:\windows\system32\drivers\mfewfpk.sys
2014-03-17 17:37 . 2014-03-18 15:50	175480	----a-w-	c:\windows\system32\mfevtps.exe
2014-03-17 17:31 . 2013-12-05 16:16	573968	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2014-03-17 17:29 . 2014-01-27 08:04	367776	----a-w-	c:\windows\system32\drivers\mfefirek.sys
2014-03-17 17:28 . 2014-01-27 08:04	66408	----a-w-	c:\windows\system32\drivers\mfebopk.sys
2014-03-17 17:27 . 2014-01-27 08:03	236480	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2014-03-17 17:26 . 2013-12-05 16:12	134600	----a-w-	c:\windows\system32\drivers\mfeapfk.sys
2014-03-17 09:16 . 2014-03-18 13:47	7969936	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{999812B8-DDD7-48B9-811E-C3A5CAC8A54A}\mpengine.dll
2014-02-07 01:07 . 2014-03-12 22:18	2349056	----a-w-	c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-12 22:17	1230336	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 22:23	509440	----a-w-	c:\windows\system32\qedit.dll
2014-01-29 02:06 . 2014-03-12 22:17	381440	----a-w-	c:\windows\system32\wer.dll
2014-01-28 02:07 . 2014-03-12 22:18	185344	----a-w-	c:\windows\system32\wwansvc.dll
2010-08-14 19:41 . 2014-03-29 22:14	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38	121392	----a-w-	c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-20 4493312]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2008-01-09 326176]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-14 30192]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-01-27 517392]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FRITZ!DSL Startcenter.lnk - c:\program files\FRITZ!DSL\StCenter.exe [2010-2-1 679936]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Control Center.lnk - c:\program files\funkwerk WIN-Tools\Eumex 401 WIN-Tools V1.00\ControlCenter.exe [2008-8-25 225280]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe 9999 [2007-4-11 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMMediaSharing]
2008-01-25 16:49	204908	----a-w-	c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-14 30192]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-09-23 147912]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2014-01-21 81264]
R3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2014-03-17 214856]
S1 {f727685b-ed90-4adc-8eec-8234574a91e6}Gw;{f727685b-ed90-4adc-8eec-8234574a91e6}Gw;c:\windows\system32\drivers\{f727685b-ed90-4adc-8eec-8234574a91e6}Gw.sys [2014-04-24 52928]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448]
S2 bupService;BUP Service;c:\users\ulrike\AppData\Roaming\BupSystem\bup.exe [2014-03-19 1005056]
S2 DispmaySwitch;adp94xx Ntfs Zertifikatverteilung;c:\windows\system32\pwrsiplugin.exe [2014-03-19 70656]
S2 DlProtectSvc;Download Protect Service;c:\windows\System32\DlProtectSvc.exe [2014-03-19 96256]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 IePluginService;IePlugin Service;c:\programdata\IePluginService\PluginService.exe [2014-04-11 705136]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe [2014-01-27 145568]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 281560]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2014-01-21 644088]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-03-17 169800]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2014-03-17 175480]
S2 Update ResultsAlpha;Update ResultsAlpha;c:\program files\ResultsAlpha\updateResultsAlpha.exe [2014-04-22 350496]
S2 Util ResultsAlpha;Util ResultsAlpha;c:\program files\ResultsAlpha\bin\utilResultsAlpha.exe [2014-04-22 350496]
S2 vxlsnyaiet32;vxlsnyaiet32;c:\program files\003\vxlsnyaiet32.exe run options=01100010030000000000000000000000 sourceguid=CB78F643-3729-434F-8C25-F28D15F025F3 [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2014-03-17 61400]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2014-03-17 367776]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2014-01-21 330248]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - mferkdet
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-09 13:23	1077576	----a-w-	c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-26 c:\windows\Tasks\addplushd-chromeinstaller.job
- c:\program files\addplushd\addplushd-chromeinstaller.exe [2014-03-19 22:06]
.
2014-04-26 c:\windows\Tasks\addplushd-firefoxinstaller.job
- c:\program files\addplushd\addplushd-firefoxinstaller.exe [2014-03-19 22:06]
.
2014-04-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14 20:43]
.
2014-04-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2034902095-3904954408-3625675904-1000Core.job
- c:\users\ulrike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-24 14:34]
.
2014-04-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2034902095-3904954408-3625675904-1000UA.job
- c:\users\ulrike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-24 14:34]
.
2014-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-21 23:24]
.
2014-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-21 23:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5hMV2B0UTQYtL9f04fHfR-huEkUX6tsUXE5wMTIORkuk33X8BcRN-D7IC9teyzx0K-Np1ni-Koz6sVfj5yZf1scrJ7_YqYSaB6wJNvh8YJcyIlrJnFAI0uXH_0tpMsds,&q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.250
FF - ProfilePath - c:\users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\m2rcfjat.default-1398500020344\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Download Protect - c:\programdata\dlprotect.exe
HKLM-Run-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
AddRemove-FRITZ!DSL - c:\windows\IsUn0407.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}\bm_installer.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(6708)
c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\FRITZ!DSL\IGDCTRL.EXE
c:\acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\taskhost.exe
c:\program files\003\vxlsnyaiet32.exe
c:\program files\Common Files\McAfee\SystemCore\mfefire.exe
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\Common Files\McAfee\Platform\mcuicnt.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-04-26  21:47:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-04-26 19:47
.
Vor Suchlauf: 21 Verzeichnis(se), 238.079.139.840 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 239.766.638.592 Bytes frei
.
- - End Of File - - 55ED55CA61B5316D997E5E6F34E9113A
A36C5E4F47E84449FF07ED3517B43A31

Ist damit schon alles bereinigt? Wenn ich nach wie vor Schwierigkeiten habe, melde ich mich. Ansonsten erstmal: danke.

schrauber · 27.04.2014, 18:39

Nee

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Google und facebook nicht verbunden, weil angeblich nicht vertrauenswürdig

Log-Analyse und Auswertung: Google und facebook nicht verbunden, weil angeblich nicht vertrauenswürdig