Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.05.2014, 15:25   #1
Stitchy
 
Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. - Standard

Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.



Hi,

das im Titel beschriebene Problem taucht seit gestern auf. Zudem kommt folgende Meldung, wenn ich versuche GDATA oder Malwarebytes zu öffnen: "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert." Ich denke es liegt an einem E-Mail Anhang, den ich dummerweise öffnete. Bei dem Anhang handelte es sich um eine .zip Datei. Die E-Mail ist noch vorhanden.

Ich hoffe ihr könnt mir hier weiterhelfen.

Hier noch die Logs:

defogger_disable.log:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:21 on 14/05/2014 (Molli)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         
FRST

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-05-2014
Ran by Molli (administrator) on IKKE on 14-05-2014 14:41:40
Running from C:\Users\Molli\Desktop
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\TotalCare\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
() C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(G Data Software AG) C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2221352 2011-03-31] (Synaptics Incorporated)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [G Data AntiVirus Tray] => C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13797920 2009-07-18] (NVIDIA Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\Run: [mvakco] => regsvr32.exe "C:\ProgramData\mvakco.dat"
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {3412f1c3-9f88-11e3-945e-00214f4ac9d9} - F:\_AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {3412f1d1-9f88-11e3-945e-00214f4ac9d9} - G:\_AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {3d1e61ad-27a0-11df-8886-001dba23d75d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {4755452f-d7b0-11de-a144-00214f4ac9d9} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {c6eabc4f-d85d-11de-a60b-001dba23d75d} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {c923fa56-d212-11de-b129-00214f4ac9d9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {c923faed-d212-11de-b129-00214f4ac9d9} - F:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Molli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-1082474812-2605128907-3220185666-1004\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD89F05CF6E5ACA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {01_TL-YODL-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_yodl&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {03_TL-GOOGLE-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_google&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {03_TL-TELEFONBUCH-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_telefonbuch&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {04_TL-AMAZON-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_amazon&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {05_TL-EBAY-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_ebay&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {07_TL-CONRAD-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_conrad&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {08_TL-OTTO-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_otto&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {09_TL-CLIPFISH-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_clipfish&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {10_TL-MYVIDEO-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_myvideo&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {11_TL-MUSICLOAD-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_musicload&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {203DCB67-2D93-48A7-91A6-5191CE0E9B21} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=cb92cdcb-750d-4042-a5bb-7dba688fa52e&apn_sauid=8A0545F7-59BC-46C6-8373-94CF11C1EA96
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {49D8B1FD-55AE-445A-8EDF-925D0C8307FA} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2549263&CUI=UN28464778871778294
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} -  No File
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Molli\AppData\Roaming\Mozilla\Firefox\Profiles\4zv0il04.default-1391269307954
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Molli\AppData\Roaming\Mozilla\Firefox\Profiles\4zv0il04.default-1391269307954\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2014-02-18]
FF Extension: Adblock Plus - C:\Users\Molli\AppData\Roaming\Mozilla\Firefox\Profiles\4zv0il04.default-1391269307954\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-02]
FF Extension: G Data BankGuard - C:\Program Files\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2014-05-09]
FF Extension: G Data WebFilter - C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2014-05-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-05-09]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-28]

Chrome: 
=======
CHR HomePage: hxxp://www.holasearch.com/?babsrc=HP_ss&mntrId=B0A300214F4AC9D9&affID=121963&tsp=4975
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Extension: (No Name) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-03-19]
CHR Extension: (DivX HiQ) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-01-30]
CHR Extension: (No Name) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc [2013-03-19]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-30]
CHR Extension: (No Name) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2013-03-19]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Molli\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2013-03-19]

========================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\TotalCare\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe [2101280 2013-10-15] (G Data Software AG)
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] ()
S3 GDBackupSvc; C:\Program Files\G Data\TotalCare\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG)
R3 GDFwSvc; C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe [2373712 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files\G Data\TotalCare\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
S2 nvservice; C:\Windows\system32\nvservice.exe [160544 2013-02-04] (NVIDIA Corporation)
R2 ScrybeUpdater; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1020976 2013-09-25] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [45912 2014-01-31] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd32.sys [70488 2014-01-31] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv32.sys [53208 2014-01-31] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [96600 2014-01-31] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon32.sys [29400 2012-06-07] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [52056 2014-01-31] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [54104 2014-01-31] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [30040 2014-02-01] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [51032 2014-01-31] (G Data Software AG)
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [102912 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-03-14] (Malwarebytes Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-07-03] (Duplex Secure Ltd.)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2012-01-05] (AnchorFree Inc)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-14 14:34 - 2014-05-14 14:41 - 00042854 _____ () C:\Users\Molli\Desktop\Addition.txt
2014-05-14 14:30 - 2014-05-14 14:41 - 00021188 _____ () C:\Users\Molli\Desktop\FRST.txt
2014-05-14 14:30 - 2014-05-14 14:41 - 00000000 ____D () C:\FRST
2014-05-14 14:30 - 2014-05-14 14:30 - 01056256 _____ (Farbar) C:\Users\Molli\Desktop\FRST.exe
2014-05-14 14:21 - 2014-05-14 14:22 - 00000632 _____ () C:\Users\Molli\Desktop\defogger_disable.log
2014-05-14 14:21 - 2014-05-14 14:22 - 00000020 _____ () C:\Users\Molli\defogger_reenable
2014-05-14 14:20 - 2014-05-14 14:20 - 00050477 _____ () C:\Users\Molli\Desktop\Defogger.exe
2014-05-13 13:25 - 2014-05-13 20:19 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-05-13 12:20 - 2014-05-13 12:20 - 00247408 _____ (Microsoft Corporation) C:\ProgramData\mvakco.dat
2014-05-10 03:01 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-10 03:01 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-09 21:26 - 2014-05-09 21:26 - 00126112 _____ (Spotify Ltd) C:\Users\Molli\Downloads\SpotifySetup.exe
2014-05-09 20:57 - 2014-05-09 20:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-06 20:49 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 20:49 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-06 20:49 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-06 20:49 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-06 20:48 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-06 20:48 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-06 20:48 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-06 20:48 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-06 20:48 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-06 20:48 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-06 20:48 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-06 20:48 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-06 20:48 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-06 20:48 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 20:48 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-06 20:48 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-06 20:48 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 20:48 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-06 20:48 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-06 20:48 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-06 20:48 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-06 20:48 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-06 20:48 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-06 20:48 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-04 17:04 - 2014-05-04 17:04 - 00000000 ____D () C:\Users\Molli\AppData\Roaming\DropboxMaster
2014-05-02 07:24 - 2014-05-10 04:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-04-15 16:41 - 2014-04-15 16:41 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk

==================== One Month Modified Files and Folders =======

2014-05-14 14:41 - 2014-05-14 14:34 - 00042854 _____ () C:\Users\Molli\Desktop\Addition.txt
2014-05-14 14:41 - 2014-05-14 14:30 - 00021188 _____ () C:\Users\Molli\Desktop\FRST.txt
2014-05-14 14:41 - 2014-05-14 14:30 - 00000000 ____D () C:\FRST
2014-05-14 14:41 - 2013-08-22 17:49 - 00000842 _____ () C:\Users\Molli\Desktop\Neues Textdokument.txt
2014-05-14 14:36 - 2009-11-01 01:27 - 00000000 ____D () C:\Program Files\Counter-Strike Source
2014-05-14 14:32 - 2009-07-14 06:34 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-14 14:32 - 2009-07-14 06:34 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-14 14:30 - 2014-05-14 14:30 - 01056256 _____ (Farbar) C:\Users\Molli\Desktop\FRST.exe
2014-05-14 14:29 - 2009-10-31 18:06 - 01212392 _____ () C:\Windows\WindowsUpdate.log
2014-05-14 14:27 - 2011-03-31 17:33 - 00000000 ___RD () C:\Users\Molli\Dropbox
2014-05-14 14:27 - 2011-03-31 17:22 - 00000000 ____D () C:\Users\Molli\AppData\Roaming\Dropbox
2014-05-14 14:25 - 2013-09-13 19:18 - 00000328 _____ () C:\Windows\Tasks\dsmonitor.job
2014-05-14 14:25 - 2010-07-29 03:42 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-14 14:24 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-14 14:24 - 2009-07-14 06:39 - 00165826 _____ () C:\Windows\setupact.log
2014-05-14 14:23 - 2012-10-23 14:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-14 14:22 - 2014-05-14 14:21 - 00000632 _____ () C:\Users\Molli\Desktop\defogger_disable.log
2014-05-14 14:22 - 2014-05-14 14:21 - 00000020 _____ () C:\Users\Molli\defogger_reenable
2014-05-14 14:21 - 2009-10-31 20:58 - 00000000 ____D () C:\Users\Molli
2014-05-14 14:20 - 2014-05-14 14:20 - 00050477 _____ () C:\Users\Molli\Desktop\Defogger.exe
2014-05-14 14:20 - 2014-02-27 15:30 - 00000000 ____D () C:\Program Files\RollerCoaster Tycoon 3
2014-05-14 14:02 - 2010-05-25 22:19 - 00000000 ____D () C:\Windows\Minidump
2014-05-14 13:45 - 2010-07-29 03:42 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-14 11:01 - 2014-02-01 17:21 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-13 20:19 - 2014-05-13 13:25 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-05-13 12:20 - 2014-05-13 12:20 - 00247408 _____ (Microsoft Corporation) C:\ProgramData\mvakco.dat
2014-05-10 20:19 - 2009-10-31 23:22 - 00304192 _____ () C:\Windows\PFRO.log
2014-05-10 04:01 - 2014-05-02 07:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-05-09 21:26 - 2014-05-09 21:26 - 00126112 _____ (Spotify Ltd) C:\Users\Molli\Downloads\SpotifySetup.exe
2014-05-09 20:57 - 2014-05-09 20:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 09:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-09 08:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-04 17:04 - 2014-05-04 17:04 - 00000000 ____D () C:\Users\Molli\AppData\Roaming\DropboxMaster
2014-05-04 17:04 - 2011-03-31 17:33 - 00001013 _____ () C:\Users\Molli\Desktop\Dropbox.lnk
2014-05-04 17:04 - 2011-03-31 17:23 - 00000000 ____D () C:\Users\Molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-29 20:23 - 2012-04-17 16:04 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 20:23 - 2011-05-17 10:18 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 14:48 - 2014-05-10 03:01 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:34 - 2014-05-10 03:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 22:36 - 2008-10-16 14:54 - 00000000 ____D () C:\Update
2014-04-15 16:41 - 2014-04-15 16:41 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-04-15 16:41 - 2012-07-19 18:15 - 00000000 ____D () C:\ProgramData\Sony Corporation

Files to move or delete:
====================
C:\ProgramData\mvakco.dat
C:\ProgramData\z7_0ytr.pad


Some content of TEMP:
====================
C:\Users\Molli\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwcqql5.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
         
Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-05-2014
Ran by Molli at 2014-05-14 14:42:16
Running from C:\Users\Molli\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data TotalProtection 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data TotalProtection 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CanoScan 8600F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4804) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 2.32 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version:  - Microsoft)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
G Data TotalProtection 2014 (HKLM\...\{63DEADD1-C032-4F1F-AF76-26B166D6AC30}) (Version: 24.0.3.4 - G Data Software AG)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.370 - Oracle)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Works 7.0  (HKLM\...\{EDDDC607-91D9-4758-9F57-265FDCD8A772}) (Version: 07.02.0702 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Guard Service 1.3 (Version: 1.3 - NVIDIA Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
Presto! PageManager 7.15.13 (HKLM\...\{307B9D04-A1F4-48EA-809C-DF7FA9C4BB6D}) (Version:  - )
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Search Protect (HKLM\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.0.0.08060 - Sony Corporation)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
SWAT 4 (Version: 1.0.31763 - Ihr Firmenname) Hidden
Synaptics Gesture Suite featuring SYNAPTICS | Scrybe (HKLM\...\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}) (Version: 1.6.5.17120 - Synaptics Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.20.0 - Synaptics Incorporated)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM\...\{90150000-0015-0407-0000-0000000FF1CE}_Office15.PROPLUS_{02DD2FBD-76D9-4B8B-AAE6-657542F4F6E6}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{7FBE2D23-9F3C-4983-B927-2A4BF600B7A7}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{885A0D95-13A8-4A31-B01C-B02454F414AA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{49893259-C896-4972-9B6C-6B75790945F1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{65D789FD-9118-45AF-8DE4-F49F358A8525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{B9DB28D9-15D0-4DDE-A123-C9B82AC9A579}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{8E942418-D7DE-48A4-8210-AD994006EFAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUS_{A1416C8A-2BA0-43D0-BCD5-C6C29D029327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DA3F3D63-4C9F-407B-9CA1-39638F85BDDD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUS_{67F8928F-664E-47A9-B283-3121D5F904CC}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version:  - Microsoft)
VAIO Update (HKLM\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.1.10120 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VU5x86 (Version: 1.1.0 - Sony Corporation ) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Restore Points  =========================

20-04-2014 20:42:51 Windows Update
23-04-2014 20:54:06 Windows Update
29-04-2014 12:50:46 Windows Update
02-05-2014 17:50:54 Windows Update
04-05-2014 01:00:11 Windows Update
06-05-2014 18:47:26 Windows Update
10-05-2014 01:00:22 Windows Update
13-05-2014 10:02:41 Windows Update
14-05-2014 12:21:35 Installiert Railroad Tycoon 3
14-05-2014 12:37:06 Installiert Railroad Tycoon 3

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0240B074-8DED-49B1-B6CA-065E7FE715CD} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-09-27] (Sony Corporation)
Task: {0897015A-6811-4F80-BD9C-2C0F48A9CF1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {15943AB4-FB47-47A7-A01A-12108C5C00AC} - System32\Tasks\dsmonitor => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: {161C73A6-DFE4-4C4B-A742-C729294392CA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1082474812-2605128907-3220185666-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {286C4069-99D2-483A-80B8-A6E7E6C77A44} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2B5E2AAF-685E-472A-9673-CB6A2D1AA776} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {48AD6DEB-CC31-4125-9B31-5C74BA510533} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {4F57792A-66B9-4C50-A20B-5AB757B5F781} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5383082C-5C75-4270-AE5E-F9E105FA55BB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1082474812-2605128907-3220185666-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {5CD98A73-20E1-4CB1-ABF1-0F5B2E09183D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-29] (Google Inc.)
Task: {62E6F2A1-5063-4CB3-B654-971EDE8E82AC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1082474812-2605128907-3220185666-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9CA44BBC-F8A1-40FE-83F6-FC45D3A339E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-29] (Google Inc.)
Task: {A8389393-E55B-4D37-80D9-6EE6A23905FB} - System32\Tasks\{C6D297CF-0092-452D-8353-B9F3550C96DF} => C:\Program Files\2K Games\Sid Meier's Railroad Tycoon\2k_intro.exe
Task: {B0EA1DAC-32CB-4177-985F-6075818734EE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-09-19] (Sony Corporation)
Task: {D0311E29-B4AA-4A15-9442-0FAC49BA3E3F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1082474812-2605128907-3220185666-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E4F9458A-6772-4C01-B0B2-37A1A17BFCA7} - System32\Tasks\{47EAD875-EF5F-4A89-B1EF-457F245C1830} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============
         
GMER:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-14 15:08:05
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-6 FUJITSU_MHZ2400BT_G1 rev.0041000C 372,61GB
Running: Gmer-19357.exe; Driver: C:\Users\Molli\AppData\Local\Temp\pxldrpow.sys


---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                                            8305AA15 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                              83094212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.vmp2           C:\Windows\system32\drivers\acedrv11.sys                                                                            entry point in ".vmp2" section [0xA04A969D]

---- User code sections - GMER 2.1 ----

.text           C:\Windows\Explorer.EXE[3396] kernel32.dll!CreateProcessW                                                           7671204D 5 Bytes  JMP 05078840 
.text           C:\Windows\Explorer.EXE[3396] kernel32.dll!CreateProcessA                                                           76712082 5 Bytes  JMP 050788E9 
.text           C:\Windows\Explorer.EXE[3396] ADVAPI32.dll!CreateProcessAsUserW                                                     7667C592 5 Bytes  JMP 0507898E 
.text           C:\Windows\Explorer.EXE[3396] ADVAPI32.dll!CreateProcessAsUserA                                                     766B2538 5 Bytes  JMP 05078A3A 
.text           C:\Windows\Explorer.EXE[3396] CRYPT32.dll!PFXImportCertStore                                                        75E218B8 5 Bytes  JMP 05077410 
.text           C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] kernel32.dll!CreateProcessW                               7671204D 5 Bytes  JMP 03F48840 
.text           C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] kernel32.dll!CreateProcessA                               76712082 5 Bytes  JMP 03F488E9 
.text           C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] ADVAPI32.dll!CreateProcessAsUserW                         7667C592 5 Bytes  JMP 03F4898E 
.text           C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] ADVAPI32.dll!CreateProcessAsUserA                         766B2538 5 Bytes  JMP 03F48A3A 
.text           C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] CRYPT32.dll!PFXImportCertStore                            75E218B8 5 Bytes  JMP 03F47410 
.text           C:\Windows\system32\taskeng.exe[3472] kernel32.dll!CreateProcessW                                                   7671204D 5 Bytes  JMP 01C88840 
.text           C:\Windows\system32\taskeng.exe[3472] kernel32.dll!CreateProcessA                                                   76712082 5 Bytes  JMP 01C888E9 
.text           C:\Windows\system32\taskeng.exe[3472] ADVAPI32.dll!CreateProcessAsUserW                                             7667C592 5 Bytes  JMP 01C8898E 
.text           C:\Windows\system32\taskeng.exe[3472] ADVAPI32.dll!CreateProcessAsUserA                                             766B2538 5 Bytes  JMP 01C88A3A 
.text           C:\Windows\system32\taskeng.exe[3472] Crypt32.dll!PFXImportCertStore                                                75E218B8 5 Bytes  JMP 01C87410 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] kernel32.dll!CreateProcessW                                     7671204D 5 Bytes  JMP 024E8840 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] kernel32.dll!CreateProcessA                                     76712082 5 Bytes  JMP 024E88E9 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] ADVAPI32.dll!CreateProcessAsUserW                               7667C592 5 Bytes  JMP 024E898E 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] ADVAPI32.dll!CreateProcessAsUserA                               766B2538 5 Bytes  JMP 024E8A3A 
.text           C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] Crypt32.dll!PFXImportCertStore                                  75E218B8 5 Bytes  JMP 024E7410 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] kernel32.dll!CreateProcessW                                  7671204D 5 Bytes  JMP 01B68840 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] kernel32.dll!CreateProcessA                                  76712082 5 Bytes  JMP 01B688E9 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] ADVAPI32.dll!CreateProcessAsUserW                            7667C592 5 Bytes  JMP 01B6898E 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] ADVAPI32.dll!CreateProcessAsUserA                            766B2538 5 Bytes  JMP 01B68A3A 
.text           C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] CRYPT32.dll!PFXImportCertStore                               75E218B8 5 Bytes  JMP 01B67410 
.text           C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] kernel32.dll!CreateProcessW                                  7671204D 5 Bytes  JMP 01448840 
.text           C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] kernel32.dll!CreateProcessA                                  76712082 5 Bytes  JMP 014488E9 
.text           C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] ADVAPI32.dll!CreateProcessAsUserW                            7667C592 5 Bytes  JMP 0144898E 
.text           C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] ADVAPI32.dll!CreateProcessAsUserA                            766B2538 5 Bytes  JMP 01448A3A 
.text           C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] Crypt32.dll!PFXImportCertStore                               75E218B8 5 Bytes  JMP 01447410 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] kernel32.dll!CreateProcessW                        7671204D 5 Bytes  JMP 01B38840 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] kernel32.dll!CreateProcessA                        76712082 5 Bytes  JMP 01B388E9 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] ADVAPI32.dll!CreateProcessAsUserW                  7667C592 5 Bytes  JMP 01B3898E 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] ADVAPI32.dll!CreateProcessAsUserA                  766B2538 5 Bytes  JMP 01B38A3A 
.text           C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] Crypt32.dll!PFXImportCertStore                     75E218B8 5 Bytes  JMP 01B37410 
.text           C:\Program Files\iTunes\iTunesHelper.exe[3980] kernel32.dll!CreateProcessW                                          7671204D 5 Bytes  JMP 01B58840 
.text           C:\Program Files\iTunes\iTunesHelper.exe[3980] kernel32.dll!CreateProcessA                                          76712082 5 Bytes  JMP 01B588E9 
.text           C:\Program Files\iTunes\iTunesHelper.exe[3980] ADVAPI32.dll!CreateProcessAsUserW                                    7667C592 5 Bytes  JMP 01B5898E 
.text           C:\Program Files\iTunes\iTunesHelper.exe[3980] ADVAPI32.dll!CreateProcessAsUserA                                    766B2538 5 Bytes  JMP 01B58A3A 
.text           C:\Program Files\iTunes\iTunesHelper.exe[3980] CRYPT32.dll!PFXImportCertStore                                       75E218B8 5 Bytes  JMP 01B57410 
.text           C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] kernel32.dll!CreateProcessW                     7671204D 5 Bytes  JMP 00728840 
.text           C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] kernel32.dll!CreateProcessA                     76712082 5 Bytes  JMP 007288E9 
.text           C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] CRYPT32.dll!PFXImportCertStore                  75E218B8 5 Bytes  JMP 00727410 
.text           C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] ADVAPI32.dll!CreateProcessAsUserW               7667C592 5 Bytes  JMP 0072898E 
.text           C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] ADVAPI32.dll!CreateProcessAsUserA               766B2538 5 Bytes  JMP 00728A3A 
.text           C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] kernel32.dll!CreateProcessW                                    7671204D 5 Bytes  JMP 01D68840 
.text           C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] kernel32.dll!CreateProcessA                                    76712082 5 Bytes  JMP 01D688E9 
.text           C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] ADVAPI32.dll!CreateProcessAsUserW                              7667C592 5 Bytes  JMP 01D6898E 
.text           C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] ADVAPI32.dll!CreateProcessAsUserA                              766B2538 5 Bytes  JMP 01D68A3A 
.text           C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] Crypt32.dll!PFXImportCertStore                                 75E218B8 5 Bytes  JMP 01D67410 
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] kernel32.dll!CreateProcessW                        7671204D 5 Bytes  JMP 01368840 
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] kernel32.dll!CreateProcessA                        76712082 5 Bytes  JMP 013688E9 
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] ADVAPI32.dll!CreateProcessAsUserW                  7667C592 5 Bytes  JMP 0136898E 
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] ADVAPI32.dll!CreateProcessAsUserA                  766B2538 5 Bytes  JMP 01368A3A 
.text           C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] CRYPT32.dll!PFXImportCertStore                     75E218B8 5 Bytes  JMP 01367410 
.text           C:\Users\Molli\Desktop\Gmer-19357.exe[11196] kernel32.dll!CreateProcessW                                            7671204D 5 Bytes  JMP 00328840 
.text           C:\Users\Molli\Desktop\Gmer-19357.exe[11196] kernel32.dll!CreateProcessA                                            76712082 5 Bytes  JMP 003288E9 
.text           C:\Users\Molli\Desktop\Gmer-19357.exe[11196] ADVAPI32.dll!CreateProcessAsUserW                                      7667C592 5 Bytes  JMP 0032898E 
.text           C:\Users\Molli\Desktop\Gmer-19357.exe[11196] ADVAPI32.dll!CreateProcessAsUserA                                      766B2538 5 Bytes  JMP 00328A3A 
.text           C:\Users\Molli\Desktop\Gmer-19357.exe[11196] Crypt32.dll!PFXImportCertStore                                         75E218B8 5 Bytes  JMP 00327410 

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                             Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                             Wdf01000.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00214f4ac9d9                                         
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0xD5 0xAF 0x93 0xC7 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0x40 0x61 0x4B 0xD5 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0x30 0xB4 0x70 0x1D ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00214f4ac9d9 (not active ControlSet)                     
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0xD5 0xAF 0x93 0xC7 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0x40 0x61 0x4B 0xD5 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0x30 0xB4 0x70 0x1D ...

---- EOF - GMER 2.1 ----
         

Alt 14.05.2014, 19:53   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. - Standard

Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.



hi,

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 15.05.2014, 11:45   #3
Stitchy
 
Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. - Standard

Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.



Hier schonmal die Fixlog.txt:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:14-05-2014
Ran by Molli at 2014-05-14 20:12:05 Run:1
Running from C:\Users\Molli\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
         
*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.

==== End of Fixlog ====
         

Ok, ich habe das mit dem Revounistaller auch gemacht. Allerdings funktioniert der Scan mit Combofix nicht, da Gdata immer wieder blockiert, obwohl ich es eigentlich ausgeschaltet habe.

Soll heißen es läuft im Hintergrund weiter. Was soll oder kann ich dagegen tun?
__________________

Alt 16.05.2014, 11:27   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. - Standard

Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.



GDATA deinstallieren
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.05.2014, 13:33   #5
Stitchy
 
Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. - Standard

Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.



:-D

Nene, das lass ich mal. Ich glaube, ich bin den Kram jetzt so gut es geht losgeworden. Habe auch noch mal ne Virenprüfung durch Gdata machen lassen und Malwarebytes drüberlaufen lassen. Es funktioniert jetzt alles wieder. Ich danke dir auf jeden Fall vielmals.


Alt 17.05.2014, 14:18   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. - Standard

Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.



wenn du meinst, bleibt der Rest an Malware halt drauf.
__________________
--> Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.

Antwort

Themen zu Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.
adobe, antivirus, bonjour, browser, converter, defender, device driver, e-mail, e-mail anhang, excel, firefox, flash player, gdata, homepage, lightning, mozilla, onedrive, outlook 2013, problem, programm, registry, required, scan, security, services.exe, software, svchost.exe, symantec, system, temp, windows



Ähnliche Themen: Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.


  1. Blu Ray abspielen Problematisch
    Netzwerk und Hardware - 27.09.2015 (8)
  2. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome
    Plagegeister aller Art und deren Bekämpfung - 12.03.2015 (15)
  3. Windows 7: Ständig neue Werbeanzeigen sowie neue Fenster öffnen sich in Chrome.
    Plagegeister aller Art und deren Bekämpfung - 13.01.2015 (10)
  4. Windows Vista erneutes Werbung öffnen macht Surfen wieder unmöglich
    Plagegeister aller Art und deren Bekämpfung - 09.01.2015 (15)
  5. Werbung und nervige Tabs die sich bei klick auf eine Seite öffnen sowie Blaue schricht im Brwoser mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 06.01.2015 (6)
  6. DVD über Notebook abspielen
    Netzwerk und Hardware - 08.11.2014 (2)
  7. Dauerhaftes Werbung öffnen macht Surfen fast unmöglich
    Plagegeister aller Art und deren Bekämpfung - 15.07.2014 (17)
  8. Alle Browser crashen + Probleme bei Installation von Anti-Virenprogrammen
    Log-Analyse und Auswertung - 17.08.2013 (21)
  9. TR/Trash.Gen sowie EXP/CVE-2011-3544 sowie TR/Crypt.ULPM.Gen
    Log-Analyse und Auswertung - 08.10.2012 (7)
  10. Bild friert bei Internetvideos/Filmen und Spielen ein.
    Log-Analyse und Auswertung - 04.07.2011 (11)
  11. Trojaner verhindert Update von Virenprogrammen
    Plagegeister aller Art und deren Bekämpfung - 07.06.2009 (1)
  12. Help! Kann DVD nicht abspielen :-(
    Alles rund um Windows - 16.02.2009 (3)
  13. Abspielen von Musik
    Alles rund um Windows - 03.09.2006 (6)
  14. Kann DVD nicht abspielen!
    Alles rund um Windows - 12.06.2006 (3)
  15. DVD mit winamp abspielen?!
    Alles rund um Windows - 24.11.2004 (4)
  16. Probleme mit dem abspielen von cds
    Alles rund um Windows - 22.10.2004 (1)
  17. Problem beim Abspielen der DVD
    Netzwerk und Hardware - 18.03.2003 (7)

Zum Thema Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. - Hi, das im Titel beschriebene Problem taucht seit gestern auf. Zudem kommt folgende Meldung, wenn ich versuche GDATA oder Malwarebytes zu öffnen: "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert." Ich - Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich....
Archiv
Du betrachtest: Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.