Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Pop Ups im Browser adsdelivery1 und s.m2pup

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.05.2014, 00:59   #1
flo91
 
Pop Ups im Browser adsdelivery1 und s.m2pup - Standard

Pop Ups im Browser adsdelivery1 und s.m2pup



Hallo,

bin auf der Suche nach Hilfe.
Folgendes Problem: seit kurzer Zeit tauchen bei mir immer wieder Pop Ups im Browser auf.(s.m2pup.com...) Zu dem kann ich mich in mein Typo3 Backend nicht mehr einloggen, es erscheint nach dem Login nur noch eine weisse Seite. Wenn man den Quellcode dieser Seite untersucht, stellt man fest das Codefragmente vorhanden sind, die da nicht hingehören z.B. von adsdelivery1.com.
Habe schon diverse Anleitung im Inet ausprobiert, mit Malwarebytes, AdwCleaner, JRT usw. Hat aber alles nichts gebracht.
Ich hoffe mir kann hier irgendjemand helfen.

Danke schonma

Grüße Flo

Alt 15.05.2014, 01:16   #2
Bootsektor
/// TB-Ausbilder
 
Pop Ups im Browser adsdelivery1 und s.m2pup - Standard

Pop Ups im Browser adsdelivery1 und s.m2pup





Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Bitte poste zusätzlich die Logs von Malwarebytes, adwarecleaner und jrt, danke

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 15.05.2014, 01:42   #3
flo91
 
Pop Ups im Browser adsdelivery1 und s.m2pup - Standard

Pop Ups im Browser adsdelivery1 und s.m2pup



Hallo hier mal die Logfiles von Malwarebytes, adwcleaner und JRT

Malwarebytes:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.05.09.05

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Flo :: FLO-PC [Administrator]

12.05.2014 12:52:17
mbam-log-2014-05-12 (12-52-17).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 268263
Laufzeit: 24 Minute(n), 6 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 5
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0 (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\html (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\images (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\js (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 8
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\manifest.json (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\html\background.html (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\images\icon.16.png (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\images\icon.48.png (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\images\icon.64.png (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\js\background.js (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\js\ex.js (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlfohjgijhjlpidbbnmcdooegafnnnm\1.6_0\js\jquery.js (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by Flo on 15.05.2014 at  0:07:22,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4223059665-2855684604-1908478797-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.05.2014 at  0:10:30,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Den Log vom AdwareCleaner kann ich leider nicht mehr finden. Kann man den irgendwo noch auftreiben, wenn man ihn nach dem Neustart nicht explizit irgendwo hin gespeichert hat?

Hier der FRST Scan:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-05-2014
Ran by Flo (administrator) on FLO-PC on 15-05-2014 01:30:48
Running from C:\Users\Flo\Desktop
Platform: Microsoft Windows 7 Professional  (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\Windows\System32\brsvc01a.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(brother Industries Ltd) C:\Windows\System32\brss01a.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(QUALCOMM, Inc.) C:\Program Files\QUALCOMM\QDLService2k\QDLService2kDell.exe
() C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Telefónica) C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(The Privoxy team - www.privoxy.org) C:\Program Files\MSR\Privoxy\privoxy.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe
() C:\Windows\System32\hale.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Dropbox, Inc.) C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(ESET) C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Chew7Hale] => C:\Windows\System32\hale.exe [2169856 2012-10-18] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1594664 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [TrayServer] => C:\Program Files\MAGIX\Video_deluxe_16_Plus_Download-Version\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7830048 2009-10-13] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-12] (AVAST Software)
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\MountPoints2: {12540901-4578-11e3-9621-00266c105fd3} - F:\pushinst.exe
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\MountPoints2: {15c4ff6c-1efa-11e3-86ec-00266c105fd3} - F:\AutoRun.exe
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\MountPoints2: {36aa5693-19c6-11e2-be90-0024d665a1bc} - E:\SETUP.EXE
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\MountPoints2: {8770aaf6-247d-11e2-8d44-0024d665a1bc} - F:\AutoRun.exe
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\MountPoints2: {8770ab04-247d-11e2-8d44-0024d665a1bc} - G:\AutoRun.exe
HKU\S-1-5-21-4223059665-2855684604-1908478797-1000\...\MountPoints2: {9ea542f6-35ba-11e2-bad6-00266c105fd3} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Flo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {074C1DC5-9320-4A9A-947D-C042949C6216} -  No File
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll No File
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - @msdxmLC.dll,-1@1031,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\SieMaSoft\Wecker\msdxm.ocx No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -  No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Program Files\SieMaSoft\Wecker\msdxm.ocx No File
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Flo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-04-23]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-02-26]

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Drive) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-13]
CHR Extension: (YouTube) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-13]
CHR Extension: (Google-Suche) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-13]
CHR Extension: (AdBlock) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-13]
CHR Extension: (avast! Online Security) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-13]
CHR Extension: (Google Wallet) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-13]
CHR Extension: (Google Mail) - C:\Users\Flo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-13]
CHR HKLM\...\Chrome\Extension: [faklkmlkcleeoibffcbligohmkciloif] - C:\Program Files\PutLockerDownloader\PutLockerDownloader10.crx [2014-05-13]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-12]
CHR HKLM\...\Chrome\Extension: [ohlfohjgijhjlpidbbnmcdooegafnnnm] - C:\Program Files\SockshareDownloader\SockshareDownloader10.crx [2012-11-15]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-10-18] ()
S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-12] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 Brother XP spl Service; C:\Windows\system32\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1220608 2009-05-06] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 QDLService2kDell; C:\Program Files\QUALCOMM\QDLService2k\QDLService2kDell.exe [330488 2010-01-14] (QUALCOMM, Inc.)
R2 System Update kb70007; C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe [16384 2014-04-23] ()
R2 TGCM_ImportWiFiSvc; C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)

==================== Drivers (Whitelisted) ====================

S3 AlesisFirewire; C:\Windows\System32\Drivers\AlesisFirewire.sys [129504 2010-05-03] (Alesis)
S3 AlesisFirewireAudio; C:\Windows\System32\drivers\AlesisFirewireAudio.sys [28384 2010-05-03] (Alesis)
S3 AlesisFirewireMidi; C:\Windows\System32\drivers\AlesisFirewireMidi.sys [30944 2010-05-03] (Alesis)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-05-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-12] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-05-12] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-12] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-10-19] (DT Soft Ltd)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2010-11-26] (MBB Incorporated)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [9728 2010-10-15] (ZTE Incorporated)
S3 MAUSBJAMLAB; C:\Windows\System32\DRIVERS\MAudioJamLab.sys [158344 2009-09-02] (Avid Technology, Inc.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [682232 2012-10-18] (Duplex Secure Ltd.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [201168 2009-12-07] (Huawei Technologies Co., Ltd.)
S0 ndgxslu; System32\drivers\qycqkei.sys [X]
S4 Ndpsrsntbwaw; No ImagePath
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
S3 WinPhlash; \??\C:\Users\Flo\AppData\Local\Temp\Winphlash\PHLASHNT.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-15 01:30 - 2014-05-15 01:31 - 00017840 _____ () C:\Users\Flo\Desktop\FRST.txt
2014-05-15 01:24 - 2014-05-15 01:19 - 01056256 _____ (Farbar) C:\Users\Flo\Desktop\FRST.exe
2014-05-15 01:18 - 2014-05-15 01:19 - 01056256 _____ (Farbar) C:\Users\Flo\Downloads\FRST.exe
2014-05-15 00:34 - 2014-05-15 00:36 - 10094400 _____ (SurfRight B.V.) C:\Users\Flo\Downloads\HitmanPro.exe
2014-05-15 00:31 - 2014-05-15 00:31 - 00001226 _____ () C:\Users\Flo\Desktop\Revo Uninstaller.lnk
2014-05-15 00:31 - 2014-05-15 00:31 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-15 00:30 - 2014-05-15 00:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Flo\Desktop\revosetup95.exe
2014-05-15 00:28 - 2014-05-15 00:28 - 00000000 ____D () C:\Program Files\ESET
2014-05-15 00:27 - 2014-05-15 00:27 - 02347384 _____ (ESET) C:\Users\Flo\Downloads\esetsmartinstaller_enu.exe
2014-05-15 00:27 - 2014-05-15 00:27 - 00001756 _____ () C:\sc-cleaner.txt
2014-05-15 00:26 - 2014-05-15 00:26 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Flo\Desktop\sc-cleaner.exe
2014-05-15 00:10 - 2014-05-15 00:10 - 00001351 _____ () C:\Users\Flo\Desktop\JRT.txt
2014-05-14 12:51 - 2014-05-14 12:51 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 20:51 - 2014-05-13 22:55 - 00000416 _____ () C:\Users\Flo\Desktop\texte hp.txt
2014-05-13 19:45 - 2014-05-13 19:45 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-13 19:45 - 2014-05-13 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-13 19:41 - 2014-05-15 00:53 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 19:41 - 2014-05-15 00:17 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 17:32 - 2014-05-13 17:32 - 01016261 _____ (Thisisu) C:\Users\Flo\Desktop\JRT.exe
2014-05-13 17:31 - 2014-05-13 17:31 - 01325827 _____ () C:\Users\Flo\Desktop\adwcleaner.exe
2014-05-12 13:52 - 2014-05-12 13:52 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\AVAST Software
2014-05-12 13:51 - 2014-05-12 13:51 - 00002123 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-12 13:51 - 2014-05-12 13:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-12 13:50 - 2014-05-12 13:51 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-12 13:50 - 2014-05-12 13:51 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-12 13:50 - 2014-05-12 13:51 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1399895491640
2014-05-12 13:50 - 2014-05-12 13:50 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1399895491640
2014-05-12 13:50 - 2014-05-12 13:50 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-12 13:50 - 2014-05-12 13:50 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-12 13:50 - 2014-05-12 13:50 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-12 13:48 - 2014-05-12 13:48 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-12 13:47 - 2014-05-12 13:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-12 12:53 - 2014-05-12 12:53 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Mozilla
2014-05-12 12:28 - 2014-05-12 12:28 - 00000000 ____D () C:\Users\Flo\AppData\Local\Deployment
2014-05-12 12:28 - 2014-05-12 12:28 - 00000000 ____D () C:\Users\Flo\AppData\Local\Apps\2.0
2014-05-12 12:21 - 2014-05-12 12:21 - 00065056 _____ () C:\Users\Flo\Documents\bookmarks_12.05.14.html
2014-05-08 20:38 - 2014-05-08 20:56 - 00000000 ____D () C:\goldene_sonne
2014-05-03 14:11 - 2014-05-03 14:11 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\DropboxMaster
2014-04-30 17:33 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-04-30 17:21 - 2014-04-30 17:23 - 00000000 ____D () C:\Program Files\MSR
2014-04-30 17:20 - 2014-04-30 17:26 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-30 17:19 - 2014-04-30 17:19 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Wise
2014-04-24 11:58 - 2014-05-13 17:54 - 00000000 ____D () C:\ProgramData\FreePDF
2014-04-24 11:58 - 2014-05-13 17:54 - 00000000 ____D () C:\Program Files\FreePDF_XP
2014-04-23 23:07 - 2014-05-12 12:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-19 23:38 - 2014-04-19 23:39 - 00000000 ____D () C:\Users\Flo\Desktop\flosongs
2014-04-19 21:04 - 2014-04-19 21:05 - 47743768 _____ () C:\Users\Flo\Desktop\pille_licht_120bpmn.WAV
2014-04-17 22:24 - 2014-05-12 12:31 - 00000000 ____D () C:\Users\Flo\Desktop\neue plugins

==================== One Month Modified Files and Folders =======

2014-05-15 01:31 - 2014-05-15 01:30 - 00017840 _____ () C:\Users\Flo\Desktop\FRST.txt
2014-05-15 01:30 - 2013-09-08 17:13 - 00000000 ____D () C:\FRST
2014-05-15 01:30 - 2012-11-24 02:25 - 00000920 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4223059665-2855684604-1908478797-1000UA.job
2014-05-15 01:30 - 2012-11-24 02:25 - 00000898 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4223059665-2855684604-1908478797-1000Core.job
2014-05-15 01:30 - 2012-10-22 08:25 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Dropbox
2014-05-15 01:28 - 2012-10-18 21:57 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Skype
2014-05-15 01:19 - 2014-05-15 01:24 - 01056256 _____ (Farbar) C:\Users\Flo\Desktop\FRST.exe
2014-05-15 01:19 - 2014-05-15 01:18 - 01056256 _____ (Farbar) C:\Users\Flo\Downloads\FRST.exe
2014-05-15 00:53 - 2014-05-13 19:41 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-15 00:36 - 2014-05-15 00:34 - 10094400 _____ (SurfRight B.V.) C:\Users\Flo\Downloads\HitmanPro.exe
2014-05-15 00:31 - 2014-05-15 00:31 - 00001226 _____ () C:\Users\Flo\Desktop\Revo Uninstaller.lnk
2014-05-15 00:31 - 2014-05-15 00:31 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-05-15 00:30 - 2014-05-15 00:30 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Flo\Desktop\revosetup95.exe
2014-05-15 00:28 - 2014-05-15 00:28 - 00000000 ____D () C:\Program Files\ESET
2014-05-15 00:27 - 2014-05-15 00:27 - 02347384 _____ (ESET) C:\Users\Flo\Downloads\esetsmartinstaller_enu.exe
2014-05-15 00:27 - 2014-05-15 00:27 - 00001756 _____ () C:\sc-cleaner.txt
2014-05-15 00:26 - 2014-05-15 00:26 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Flo\Desktop\sc-cleaner.exe
2014-05-15 00:21 - 2012-10-18 21:13 - 01724070 _____ () C:\Windows\WindowsUpdate.log
2014-05-15 00:19 - 2012-10-22 08:28 - 00000000 ___RD () C:\Users\Flo\Dropbox
2014-05-15 00:17 - 2014-05-13 19:41 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-15 00:15 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-15 00:15 - 2009-07-14 06:39 - 00152634 _____ () C:\Windows\setupact.log
2014-05-15 00:10 - 2014-05-15 00:10 - 00001351 _____ () C:\Users\Flo\Desktop\JRT.txt
2014-05-15 00:05 - 2012-10-18 21:24 - 00171564 _____ () C:\Windows\PFRO.log
2014-05-15 00:04 - 2013-09-08 17:16 - 00000000 ____D () C:\AdwCleaner
2014-05-15 00:01 - 2013-01-07 19:56 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-05-14 22:54 - 2012-12-07 16:22 - 00000000 ____D () C:\Users\Flo\Desktop\Zeug
2014-05-14 22:47 - 2012-10-19 14:44 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\vlc
2014-05-14 22:39 - 2012-10-18 21:45 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-05-14 22:35 - 2013-02-04 21:31 - 00000000 ____D () C:\Windows\uninstall
2014-05-14 22:34 - 2013-02-04 21:34 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\COWON
2014-05-14 22:30 - 2013-02-26 22:17 - 00000000 ____D () C:\Program Files\PDFCreator
2014-05-14 22:28 - 2013-10-13 21:36 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-05-14 22:28 - 2013-04-23 23:14 - 00000000 ____D () C:\Program Files\Sony
2014-05-14 22:27 - 2013-10-13 21:38 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-05-14 22:23 - 2012-12-16 13:16 - 02685952 ___SH () C:\Users\Flo\Desktop\Thumbs.db
2014-05-14 22:09 - 2013-02-17 21:20 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SockshareDownloader.com
2014-05-14 22:05 - 2009-07-14 06:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-14 22:05 - 2009-07-14 06:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-14 21:19 - 2012-10-18 21:22 - 01611160 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-14 12:51 - 2014-05-14 12:51 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-05-13 23:41 - 2012-10-22 08:26 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-13 22:55 - 2014-05-13 20:51 - 00000416 _____ () C:\Users\Flo\Desktop\texte hp.txt
2014-05-13 20:43 - 2013-03-21 13:20 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-05-13 19:45 - 2014-05-13 19:45 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-13 19:45 - 2014-05-13 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-13 19:45 - 2012-10-18 21:57 - 00000000 ____D () C:\Users\Flo\AppData\Local\Google
2014-05-13 19:45 - 2012-10-18 21:57 - 00000000 ____D () C:\Program Files\Google
2014-05-13 17:55 - 2012-12-11 13:36 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\DVDVideoSoft
2014-05-13 17:54 - 2014-04-24 11:58 - 00000000 ____D () C:\ProgramData\FreePDF
2014-05-13 17:54 - 2014-04-24 11:58 - 00000000 ____D () C:\Program Files\FreePDF_XP
2014-05-13 17:32 - 2014-05-13 17:32 - 01016261 _____ (Thisisu) C:\Users\Flo\Desktop\JRT.exe
2014-05-13 17:31 - 2014-05-13 17:31 - 01325827 _____ () C:\Users\Flo\Desktop\adwcleaner.exe
2014-05-13 12:39 - 2013-09-03 21:18 - 00000000 ____D () C:\Users\Flo\AppData\Local\avgchrome
2014-05-13 11:06 - 2013-07-15 16:14 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\FileZilla
2014-05-13 10:14 - 2012-10-19 20:27 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\AIMP
2014-05-12 14:42 - 2013-02-17 21:21 - 00000000 ____D () C:\Program Files\SockshareDownloader
2014-05-12 13:52 - 2014-05-12 13:52 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\AVAST Software
2014-05-12 13:51 - 2014-05-12 13:51 - 00002123 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-12 13:51 - 2014-05-12 13:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-12 13:51 - 2014-05-12 13:50 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-12 13:51 - 2014-05-12 13:50 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-12 13:51 - 2014-05-12 13:50 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1399895491640
2014-05-12 13:50 - 2014-05-12 13:50 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1399895491640
2014-05-12 13:50 - 2014-05-12 13:50 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-12 13:50 - 2014-05-12 13:50 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-12 13:50 - 2014-05-12 13:50 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-12 13:50 - 2014-05-12 13:50 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-12 13:48 - 2014-05-12 13:48 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-12 13:47 - 2014-05-12 13:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-12 12:53 - 2014-05-12 12:53 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Mozilla
2014-05-12 12:32 - 2012-10-31 09:11 - 00000000 ____D () C:\Users\Flo\Documents\Intronomic
2014-05-12 12:31 - 2014-04-17 22:24 - 00000000 ____D () C:\Users\Flo\Desktop\neue plugins
2014-05-12 12:31 - 2013-01-17 22:24 - 00000000 ____D () C:\Users\Flo\Grafik
2014-05-12 12:28 - 2014-05-12 12:28 - 00000000 ____D () C:\Users\Flo\AppData\Local\Deployment
2014-05-12 12:28 - 2014-05-12 12:28 - 00000000 ____D () C:\Users\Flo\AppData\Local\Apps\2.0
2014-05-12 12:27 - 2014-04-23 23:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 12:21 - 2014-05-12 12:21 - 00065056 _____ () C:\Users\Flo\Documents\bookmarks_12.05.14.html
2014-05-08 20:56 - 2014-05-08 20:38 - 00000000 ____D () C:\goldene_sonne
2014-05-07 12:41 - 2009-07-14 06:33 - 04000352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-05 09:48 - 2012-10-18 21:14 - 00131152 _____ () C:\Users\Flo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-03 14:11 - 2014-05-03 14:11 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\DropboxMaster
2014-04-30 17:34 - 2012-10-18 21:12 - 00001136 _____ () C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-30 17:26 - 2014-04-30 17:20 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-04-30 17:23 - 2014-04-30 17:21 - 00000000 ____D () C:\Program Files\MSR
2014-04-30 17:20 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-30 17:19 - 2014-04-30 17:19 - 00000000 ____D () C:\Users\Flo\AppData\Roaming\Wise
2014-04-25 12:28 - 2014-02-14 15:32 - 00000000 ____D () C:\Users\Flo\Desktop\bwm kopm
2014-04-23 22:28 - 2012-10-21 13:40 - 00000000 ____D () C:\Users\Flo\AppData\Local\Eclipse
2014-04-22 10:06 - 2012-10-18 22:32 - 00000000 ____D () C:\Users\Flo\Documents\Studium
2014-04-19 23:39 - 2014-04-19 23:38 - 00000000 ____D () C:\Users\Flo\Desktop\flosongs
2014-04-19 21:05 - 2014-04-19 21:04 - 47743768 _____ () C:\Users\Flo\Desktop\pille_licht_120bpmn.WAV
2014-04-18 08:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\Flo\AppData\Local\Temp\AskSLib.dll
C:\Users\Flo\AppData\Local\Temp\avgnt.exe
C:\Users\Flo\AppData\Local\Temp\BackupSetup.exe
C:\Users\Flo\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Flo\AppData\Local\Temp\card_setup.exe
C:\Users\Flo\AppData\Local\Temp\converter.exe
C:\Users\Flo\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Flo\AppData\Local\Temp\Delta.exe
C:\Users\Flo\AppData\Local\Temp\DeltaTB.exe
C:\Users\Flo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi2korx.dll
C:\Users\Flo\AppData\Local\Temp\GoogleChromeInstaller.exe
C:\Users\Flo\AppData\Local\Temp\htmlayout.dll
C:\Users\Flo\AppData\Local\Temp\InstallAX.exe
C:\Users\Flo\AppData\Local\Temp\installhelper.dll
C:\Users\Flo\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Flo\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Flo\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Flo\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Flo\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\Flo\AppData\Local\Temp\mp3el2.exe
C:\Users\Flo\AppData\Local\Temp\MybabylonTB.exe
C:\Users\Flo\AppData\Local\Temp\propsys.dll
C:\Users\Flo\AppData\Local\Temp\ResetDevice.exe
C:\Users\Flo\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Flo\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Flo\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Flo\AppData\Local\Temp\uninst.exe
C:\Users\Flo\AppData\Local\Temp\uninst1.exe
C:\Users\Flo\AppData\Local\Temp\v1vepvhy.w4z.exe
C:\Users\Flo\AppData\Local\Temp\wpsetup.exe
C:\Users\Flo\AppData\Local\Temp\WSSetup.exe
C:\Users\Flo\AppData\Local\Temp\{9D45C112-DE7B-4D24-B963-7D8FE891DF91}-30.0.1599.69_29.0.1547.76_chrome_updater.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2009-07-14 01:37] - [2009-07-14 03:14] - 0285696 ____A (Microsoft Corporation) 1562571D6B1541098E677C3BB78709A0

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll
[2009-07-14 01:24] - [2009-07-14 03:16] - 0811520 ____A (Microsoft Corporation) 85AEB26057AAC125EEC1425305F86960

C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-02 02:05

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-05-2014
Ran by Flo at 2014-05-15 01:34:09
Running from C:\Users\Flo\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Acrobat 8 Professional - English, Français, Deutsch (Version: 8.1.0 - Adobe Systems) Hidden
Adobe After Effects CS3 (Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Presets (Version: 8 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Contribute CS3 (Version: 4.1 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Master Collection (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen (HKLM\...\Adobe_67a7fb1e97aa14ee9ef0950eb6fd757) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS3 (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 Codecs (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS3 (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS3 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS3 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Video Encoder (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 5 (HKLM\...\{D176CB09-1505-4D2B-838A-4483D7DF23FB}) (Version: 5.0.1 - Adobe)
Adobe Premiere Pro CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Functional Content (Version: 8 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Third Party Content (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Reader 8.1.0 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS3 (Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 Codecs (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Server (Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Video Profiles (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP DVA Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AIMP2 (HKLM\...\AIMP2) (Version:  - AIMP DevTeam)
Alesis Firewire 3.5.3.8671 (HKLM\...\Alesis Firewire_is1) (Version: 3.5.3.8671 - Alesis)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2018 - Avast Software)
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version:  - AVM Berlin)
BitNami Drupal Module (HKLM\...\BitNami Drupal Module 7.26-0) (Version: 7.26-0 - BitNami)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BRAINYOO 2.0 (HKLM\...\BRAINYOO) (Version: 2.0 - BRAINYOO Ltd.)
Brother MFL-Pro Suite DCP-115C (HKLM\...\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Evernote v. 4.6.1 (HKLM\...\{9D8BAA74-5B7D-11E2-8273-984BE15F174E}) (Version: 4.6.1.7860 - Evernote Corp.)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FileZilla Client 3.7.1.1 (HKLM\...\FileZilla Client) (Version: 3.7.1.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM\...\{AF37F9DE-0726-439E-BC10-43D9195394D0}) (Version: 2.1.26.0 - MAGIX AG)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Video Converter (HKLM\...\Free Video Converter) (Version: 1.0.1.4 - Extensoft)
Free Video Converter V 3.2 (HKLM\...\Free Video Converter_is1) (Version: 3.2.0.0 - Koyote Soft)
Geany 1.23.1 (HKLM\...\Geany) (Version: 1.23.1 - The Geany developer team)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
IcoFX 1.6.4 (HKLM\...\IcoFX_is1) (Version:  - )
iTunes (HKLM\...\{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 7 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
K-Lite Codec Pack 9.5.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 9.5.0 - )
Macromedia Dreamweaver 8 (HKLM\...\{44025BD7-AD10-4769-99AE-6378FD0303D6}) (Version: 8.0.0.2751 - Macromedia)
Macromedia Extension Manager (HKLM\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
MAGIX 3D Maker (embeded) (HKLM\...\MAGIX 3D Maker D) (Version: 6.0.0.8 - MAGIX AG)
Magix Samplitude Professional v8.01 (HKLM\...\Magix Samplitude Professional v8.01) (Version:  - )
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
Magix Sequoia v7.22 (HKLM\...\Magix Sequoia v7.22) (Version:  - )
MAGIX Speed burnR (HKLM\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
MAGIX Video deluxe 16 Plus Download-Version 9.0.0.55 (D) (HKLM\...\MAGIX Video deluxe 16 Plus Download-Version D) (Version: 9.0.0.55 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG)
MFC RunTime files (Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mobile Connection Manager (HKLM\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\MPEG4E) (Version:  - )
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
PDF Architect (HKLM\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photomatix Pro version 4.2.6 (HKLM\...\PhotomatixPro42x32_is1) (Version: 4.2.6 - HDRsoft Ltd)
PxMergeModule (Version: 1.00.0000 - Your Company Name) Hidden
Qualcomm Gobi 2000 Package for Dell (HKLM\...\{5030C973-F5BA-4432-860C-A3DA77BFEB05}) (Version: 1.1.100 - QUALCOMM)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5958 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30103 - Realtek Semiconductor Corp.)
Reason 4.0.1 (HKLM\...\Reason4_is1) (Version: 4.0.1 - Propellerhead Software AB)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SP-555 Wave Converter (HKLM\...\{BAF1A7E3-D88B-419E-935C-1F15F5745807}) (Version: 1.00.0006 - Roland Corporation)
Surf & E-Mail-Stick (HKLM\...\Surf & E-Mail-Stick) (Version: 16.001.06.02.35 - Huawei Technologies Co.,Ltd)
System Update kb70007 (Version: 1.0.0 - MSR) Hidden
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Topaz Adjust 5 (HKLM\...\Topaz Adjust 5) (Version: 5.0.0 - Topaz Labs)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
WavePad Audiobearbeitungs-Software (HKLM\...\WavePad) (Version:  - NCH Software)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.100 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XAMPP (HKLM\...\xampp) (Version: 1.8.3-3 - Bitnami)
Zattoo4 4.0.5 (HKLM\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)

==================== Restore Points  =========================

12-05-2014 11:47:56 avast! antivirus system restore point

==================== Hosts content: ==========================

2009-07-14 04:04 - 2010-03-16 00:04 - 00001300 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {00A612A7-9AF6-4EDB-91C1-E6A4C44C7985} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4223059665-2855684604-1908478797-1000UA => C:\Users\Flo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24] (Facebook Inc.)
Task: {2F4A4691-7295-41D5-99A0-B1898E0A2653} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-13] (Google Inc.)
Task: {5F2286A5-BD37-4E24-A23D-338587B9AB8D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4223059665-2855684604-1908478797-1000Core => C:\Users\Flo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24] (Facebook Inc.)
Task: {951F214E-CA38-40F2-A37F-90F3E6D9CAF5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-12] (AVAST Software)
Task: {B929D1EA-2250-456D-9F4C-7963459A7E9E} - System32\Tasks\{289948D2-6E1D-46AD-8090-DBC132CFC5CA} => C:\Program Files\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {C94E00F2-18B0-4905-A777-485F9E22C37A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {D0D683EE-828E-4CBD-9894-2979FD8F25B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-13] (Google Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4223059665-2855684604-1908478797-1000Core.job => C:\Users\Flo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4223059665-2855684604-1908478797-1000UA.job => C:\Users\Flo\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-06-27 22:12 - 2013-06-27 22:12 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-08-11 16:10 - 2009-08-11 16:10 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Flo\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-15 00:17 - 2014-05-15 00:17 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051402\algo.dll
2013-03-21 12:36 - 2007-05-11 02:31 - 00921600 _____ () C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdistRes.DEU
2012-11-27 12:47 - 2012-10-04 20:50 - 00088688 _____ () C:\Windows\System32\cpwmon2k.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-30 17:23 - 2014-04-23 17:42 - 00016384 _____ () C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
2014-04-30 17:23 - 2014-04-23 17:42 - 00033792 _____ () C:\Windows\Microsoft\System Update kb70007\InstallerLibrary.dll
2014-04-30 17:23 - 2014-04-23 17:42 - 00015360 _____ () C:\Windows\Microsoft\System Update kb70007\Installer.dll
2014-04-30 17:23 - 2014-05-15 00:16 - 00086528 _____ () C:\Program Files\MSR\Privoxy\mgwz.dll
2012-10-18 21:14 - 2012-10-18 21:14 - 02169856 ___SH () C:\Windows\System32\hale.exe
2014-05-12 13:50 - 2014-05-12 13:50 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-15 00:18 - 2014-05-15 00:18 - 00041984 _____ () c:\users\flo\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi2korx.dll
2014-03-18 22:42 - 2014-03-18 22:42 - 03018864 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2014-03-18 22:42 - 2014-03-18 22:42 - 00158832 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-18 22:42 - 2014-03-18 22:42 - 00023152 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-05-13 19:45 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-05-13 19:45 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-05-13 19:45 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-05-13 19:45 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-05-13 19:45 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-05-13 19:45 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-05-13 19:45 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Adobe_ID0EYTHM => C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: AVMWlanClient => C:\Program Files\avmwlanstick\wlangui.exe
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Flo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreeFallProtection => C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: lollipop_10241747 => "c:\users\flo\appdata\local\lollipop\lollipop_10241747.exe" lollipop_10241747
MSCONFIG\startupreg: M-Audio Taskbar Icon => C:\Windows\system32\M-AudioTaskBarIcon.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: SDP => C:\Users\Flo\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto 

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (05/15/2014 00:16:08 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ndgxslu
sptd

Error: (05/15/2014 00:15:25 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (05/15/2014 00:12:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (07/25/2013 08:07:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 131 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 69%
Total physical RAM: 3004.88 MB
Available physical RAM: 921.88 MB
Total Pagefile: 6008.03 MB
Available Pagefile: 3563.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.4 GB) (Free:30.22 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:0.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: DAA6ADB6)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 15.05.2014, 14:22   #4
Bootsektor
/// TB-Ausbilder
 
Pop Ups im Browser adsdelivery1 und s.m2pup - Standard

Pop Ups im Browser adsdelivery1 und s.m2pup



Hallo flo91,

ich muss dir folgendes mitteilen:

Zitat:
Chew7Hale
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
Die von mir gelisteten Einträge deuten stark darauf hin, dass auf diesem Rechner Software benutzt wird, die nicht legal erworben und die Windows-aktivierung absichtlich ausgeschaltet wurde

Supportunterbrechung
Lesestoff:

Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.

Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle solange nicht weiter bereinigen, bis die Software entfernt wurde. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.

Bitte entscheide Dich also, wie Du weiter vorgehen möchtest und teile mir dieses hier in Deinem Thread mit.
Unsere Hilfe beschränkt sich, wenn Du diese Software nicht entfernst, nur auf das Neuaufsetzen und Absichern deines Systems.
Fragen dazu beantworten wir dir aber weiterhin gerne und zwar in unserem Forum.

Alt 15.05.2014, 14:54   #5
flo91
 
Pop Ups im Browser adsdelivery1 und s.m2pup - Standard

Pop Ups im Browser adsdelivery1 und s.m2pup



Schade...
aber trotzdem Danke.


Alt 15.05.2014, 21:41   #6
Bootsektor
/// TB-Ausbilder
 
Pop Ups im Browser adsdelivery1 und s.m2pup - Standard

Pop Ups im Browser adsdelivery1 und s.m2pup



Interessante Einstellung dazu ...

Somit ist dieses Thema erledigt.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________
--> Pop Ups im Browser adsdelivery1 und s.m2pup

Alt 15.05.2014, 21:58   #7
flo91
 
Pop Ups im Browser adsdelivery1 und s.m2pup - Standard

Pop Ups im Browser adsdelivery1 und s.m2pup



Ich würde mich nächste Woche nochmal ranhocken und die ganzen Programmen rauschmeißen. Und dann noch mal einen neuen FRST Scan machen...??

Grüße

Alt 15.05.2014, 23:13   #8
Bootsektor
/// TB-Ausbilder
 
Pop Ups im Browser adsdelivery1 und s.m2pup - Standard

Pop Ups im Browser adsdelivery1 und s.m2pup



Ok, und was ist mit dem nicht aktivierten Windows?

Alt 27.05.2014, 11:54   #9
Bootsektor
/// TB-Ausbilder
 
Pop Ups im Browser adsdelivery1 und s.m2pup - Standard

Pop Ups im Browser adsdelivery1 und s.m2pup



Hallo,

ich habe schon länger keine Antwort mehr von Dir erhalten. Benötigst Du weiterhin noch Hilfe?

Wenn ich in den nächsten 24 Stunden nichts von Dir höre, gehe ich davon aus, dass sich das Thema erledigt hat wenn du weiter machen möchtest schicke mir bitte eine PN

Hinweis: Wir sind noch nicht fertig! Auch wenn die Symptome verschwunden sein sollten, kann dein System weiterhin infiziert sein und über Sicherheitslücken verfügen, welche eine erneute Infektion möglich machen.

Antwort

Themen zu Pop Ups im Browser adsdelivery1 und s.m2pup
adsdelivery1.com, adwcleaner, anleitung, ausprobiert, browser, diverse, einloggen, erschein, erscheint, gehören, hoffe, immer wieder, kurzer, leitung, login, malwarebytes, nicht mehr, nichts, pop up fenster, pop up fenster- öffnen sich- downloads werden angeboten, pop ups, popup werbung, problem, quellcode, sm2pup.com, suche, tauchen, ups, vorhanden, weisse



Ähnliche Themen: Pop Ups im Browser adsdelivery1 und s.m2pup


  1. quick_star im Browser
    Plagegeister aller Art und deren Bekämpfung - 25.08.2015 (16)
  2. VLC.de Browser Hijack
    Plagegeister aller Art und deren Bekämpfung - 12.10.2014 (3)
  3. Windows 8 / "Feun2Save": Nur noch Werbelinks usw. im Browser; Browser öffnet sich von alleine
    Log-Analyse und Auswertung - 06.10.2014 (18)
  4. Windows 7 (x64): ungewohntes Browser verhalten, instabile Verbindungen (Browser und Wlan)
    Log-Analyse und Auswertung - 20.09.2014 (9)
  5. Viren Problem: jsf.jsticket.net, m2pup.com
    Plagegeister aller Art und deren Bekämpfung - 16.03.2014 (13)
  6. Veralteter Browser erkannt: http://www.updating-your-browser.com/Firefox-DE/
    Plagegeister aller Art und deren Bekämpfung - 08.01.2014 (9)
  7. Trojaner als Browser
    Plagegeister aller Art und deren Bekämpfung - 31.12.2013 (1)
  8. Browser hat gesperrt!
    Plagegeister aller Art und deren Bekämpfung - 27.11.2013 (1)
  9. Ginyas Browser Companion in Chrome Browser
    Plagegeister aller Art und deren Bekämpfung - 27.03.2013 (11)
  10. p95.com I-net Browser problem
    Log-Analyse und Auswertung - 20.01.2012 (26)
  11. startsear.ch im Browser!
    Log-Analyse und Auswertung - 15.01.2012 (1)
  12. Browser Internetproblem
    Plagegeister aller Art und deren Bekämpfung - 17.12.2008 (0)
  13. Browser
    Diskussionsforum - 05.09.2008 (18)
  14. IE-Browser
    Log-Analyse und Auswertung - 01.01.2008 (0)
  15. Browser ist tot
    Alles rund um Windows - 28.11.2007 (5)
  16. Browser
    Netzwerk und Hardware - 29.06.2007 (6)
  17. TV-Browser
    Alles rund um Windows - 27.03.2005 (0)

Zum Thema Pop Ups im Browser adsdelivery1 und s.m2pup - Hallo, bin auf der Suche nach Hilfe. Folgendes Problem: seit kurzer Zeit tauchen bei mir immer wieder Pop Ups im Browser auf.(s.m2pup.com...) Zu dem kann ich mich in mein Typo3 - Pop Ups im Browser adsdelivery1 und s.m2pup...
Archiv
Du betrachtest: Pop Ups im Browser adsdelivery1 und s.m2pup auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.