| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.05.2014, 14:25
| #1 |
| |  Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. Hi, das im Titel beschriebene Problem taucht seit gestern auf. Zudem kommt folgende Meldung, wenn ich versuche GDATA oder Malwarebytes zu öffnen: "Dieses Programm wurde durch eine Gruppenrichtlinie blockiert." Ich denke es liegt an einem E-Mail Anhang, den ich dummerweise öffnete. Bei dem Anhang handelte es sich um eine .zip Datei. Die E-Mail ist noch vorhanden. Ich hoffe ihr könnt mir hier weiterhelfen. Hier noch die Logs: defogger_disable.log: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:21 on 14/05/2014 (Molli)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-05-2014
Ran by Molli (administrator) on IKKE on 14-05-2014 14:41:40
Running from C:\Users\Molli\Desktop
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\TotalCare\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
() C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(G Data Software AG) C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\TotalCare\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2221352 2011-03-31] (Synaptics Incorporated)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [G Data AntiVirus Tray] => C:\Program Files\G Data\TotalCare\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13797920 2009-07-18] (NVIDIA Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\Run: [mvakco] => regsvr32.exe "C:\ProgramData\mvakco.dat"
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {3412f1c3-9f88-11e3-945e-00214f4ac9d9} - F:\_AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {3412f1d1-9f88-11e3-945e-00214f4ac9d9} - G:\_AUTORUN\AUTORUN.EXE
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {3d1e61ad-27a0-11df-8886-001dba23d75d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {4755452f-d7b0-11de-a144-00214f4ac9d9} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {c6eabc4f-d85d-11de-a60b-001dba23d75d} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {c923fa56-d212-11de-b129-00214f4ac9d9} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1082474812-2605128907-3220185666-1000\...\MountPoints2: {c923faed-d212-11de-b129-00214f4ac9d9} - F:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Molli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-1082474812-2605128907-3220185666-1004\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD89F05CF6E5ACA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {01_TL-YODL-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_yodl&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {03_TL-GOOGLE-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_google&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {03_TL-TELEFONBUCH-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_telefonbuch&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {04_TL-AMAZON-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_amazon&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {05_TL-EBAY-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_ebay&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {07_TL-CONRAD-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_conrad&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {08_TL-OTTO-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_otto&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {09_TL-CLIPFISH-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_clipfish&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {10_TL-MYVIDEO-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_myvideo&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {11_TL-MUSICLOAD-DE-E1416B8B2E3A} URL = hxxp://www.yodl.de/href.php?hrefname=FF-splug_musicload&q={searchTerms}&affid=1&uid=659ED35E-524C-48CA-9164-326AEED4BAC3
SearchScopes: HKCU - {203DCB67-2D93-48A7-91A6-5191CE0E9B21} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=cb92cdcb-750d-4042-a5bb-7dba688fa52e&apn_sauid=8A0545F7-59BC-46C6-8373-94CF11C1EA96
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {49D8B1FD-55AE-445A-8EDF-925D0C8307FA} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2549263&CUI=UN28464778871778294
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No File
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Molli\AppData\Roaming\Mozilla\Firefox\Profiles\4zv0il04.default-1391269307954
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Molli\AppData\Roaming\Mozilla\Firefox\Profiles\4zv0il04.default-1391269307954\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2014-02-18]
FF Extension: Adblock Plus - C:\Users\Molli\AppData\Roaming\Mozilla\Firefox\Profiles\4zv0il04.default-1391269307954\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-02]
FF Extension: G Data BankGuard - C:\Program Files\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2014-05-09]
FF Extension: G Data WebFilter - C:\Program Files\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2014-05-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-05-09]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-28]
Chrome:
=======
CHR HomePage: hxxp://www.holasearch.com/?babsrc=HP_ss&mntrId=B0A300214F4AC9D9&affID=121963&tsp=4975
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Extension: (No Name) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-03-19]
CHR Extension: (DivX HiQ) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-01-30]
CHR Extension: (No Name) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc [2013-03-19]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-30]
CHR Extension: (No Name) - C:\Users\Molli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2013-03-19]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Molli\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2013-03-19]
========================== Services (Whitelisted) =================
R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\TotalCare\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\TotalCare\AVK\AVKWCtl.exe [2101280 2013-10-15] (G Data Software AG)
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] ()
S3 GDBackupSvc; C:\Program Files\G Data\TotalCare\AVKBackup\AVKBackupService.exe [1947768 2013-08-21] (G Data Software AG)
R3 GDFwSvc; C:\Program Files\G Data\TotalCare\Firewall\GDFwSvc.exe [2373712 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files\G Data\TotalCare\AVKTuner\AVKTunerService.exe [1711568 2013-02-25] (G Data Software AG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
S2 nvservice; C:\Windows\system32\nvservice.exe [160544 2013-02-04] (NVIDIA Corporation)
R2 ScrybeUpdater; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1020976 2013-09-25] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [45912 2014-01-31] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd32.sys [70488 2014-01-31] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv32.sys [53208 2014-01-31] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [96600 2014-01-31] (G Data Software AG)
S3 GdNetMon; C:\Windows\system32\drivers\GdNetMon32.sys [29400 2012-06-07] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [52056 2014-01-31] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [54104 2014-01-31] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [30040 2014-02-01] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [51032 2014-01-31] (G Data Software AG)
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [102912 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-03-14] (Malwarebytes Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-07-03] (Duplex Secure Ltd.)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2012-01-05] (AnchorFree Inc)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-14 14:34 - 2014-05-14 14:41 - 00042854 _____ () C:\Users\Molli\Desktop\Addition.txt
2014-05-14 14:30 - 2014-05-14 14:41 - 00021188 _____ () C:\Users\Molli\Desktop\FRST.txt
2014-05-14 14:30 - 2014-05-14 14:41 - 00000000 ____D () C:\FRST
2014-05-14 14:30 - 2014-05-14 14:30 - 01056256 _____ (Farbar) C:\Users\Molli\Desktop\FRST.exe
2014-05-14 14:21 - 2014-05-14 14:22 - 00000632 _____ () C:\Users\Molli\Desktop\defogger_disable.log
2014-05-14 14:21 - 2014-05-14 14:22 - 00000020 _____ () C:\Users\Molli\defogger_reenable
2014-05-14 14:20 - 2014-05-14 14:20 - 00050477 _____ () C:\Users\Molli\Desktop\Defogger.exe
2014-05-13 13:25 - 2014-05-13 20:19 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-05-13 12:20 - 2014-05-13 12:20 - 00247408 _____ (Microsoft Corporation) C:\ProgramData\mvakco.dat
2014-05-10 03:01 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-10 03:01 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-09 21:26 - 2014-05-09 21:26 - 00126112 _____ (Spotify Ltd) C:\Users\Molli\Downloads\SpotifySetup.exe
2014-05-09 20:57 - 2014-05-09 20:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-06 20:49 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 20:49 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-06 20:49 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-06 20:49 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-06 20:48 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-06 20:48 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-06 20:48 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-06 20:48 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-06 20:48 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-06 20:48 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-06 20:48 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-06 20:48 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-06 20:48 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-06 20:48 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 20:48 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-06 20:48 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-06 20:48 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 20:48 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-06 20:48 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-06 20:48 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-06 20:48 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-06 20:48 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-06 20:48 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-06 20:48 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-04 17:04 - 2014-05-04 17:04 - 00000000 ____D () C:\Users\Molli\AppData\Roaming\DropboxMaster
2014-05-02 07:24 - 2014-05-10 04:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-04-15 16:41 - 2014-04-15 16:41 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
==================== One Month Modified Files and Folders =======
2014-05-14 14:41 - 2014-05-14 14:34 - 00042854 _____ () C:\Users\Molli\Desktop\Addition.txt
2014-05-14 14:41 - 2014-05-14 14:30 - 00021188 _____ () C:\Users\Molli\Desktop\FRST.txt
2014-05-14 14:41 - 2014-05-14 14:30 - 00000000 ____D () C:\FRST
2014-05-14 14:41 - 2013-08-22 17:49 - 00000842 _____ () C:\Users\Molli\Desktop\Neues Textdokument.txt
2014-05-14 14:36 - 2009-11-01 01:27 - 00000000 ____D () C:\Program Files\Counter-Strike Source
2014-05-14 14:32 - 2009-07-14 06:34 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-14 14:32 - 2009-07-14 06:34 - 00014960 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-14 14:30 - 2014-05-14 14:30 - 01056256 _____ (Farbar) C:\Users\Molli\Desktop\FRST.exe
2014-05-14 14:29 - 2009-10-31 18:06 - 01212392 _____ () C:\Windows\WindowsUpdate.log
2014-05-14 14:27 - 2011-03-31 17:33 - 00000000 ___RD () C:\Users\Molli\Dropbox
2014-05-14 14:27 - 2011-03-31 17:22 - 00000000 ____D () C:\Users\Molli\AppData\Roaming\Dropbox
2014-05-14 14:25 - 2013-09-13 19:18 - 00000328 _____ () C:\Windows\Tasks\dsmonitor.job
2014-05-14 14:25 - 2010-07-29 03:42 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-14 14:24 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-14 14:24 - 2009-07-14 06:39 - 00165826 _____ () C:\Windows\setupact.log
2014-05-14 14:23 - 2012-10-23 14:22 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-14 14:22 - 2014-05-14 14:21 - 00000632 _____ () C:\Users\Molli\Desktop\defogger_disable.log
2014-05-14 14:22 - 2014-05-14 14:21 - 00000020 _____ () C:\Users\Molli\defogger_reenable
2014-05-14 14:21 - 2009-10-31 20:58 - 00000000 ____D () C:\Users\Molli
2014-05-14 14:20 - 2014-05-14 14:20 - 00050477 _____ () C:\Users\Molli\Desktop\Defogger.exe
2014-05-14 14:20 - 2014-02-27 15:30 - 00000000 ____D () C:\Program Files\RollerCoaster Tycoon 3
2014-05-14 14:02 - 2010-05-25 22:19 - 00000000 ____D () C:\Windows\Minidump
2014-05-14 13:45 - 2010-07-29 03:42 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-14 11:01 - 2014-02-01 17:21 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-13 20:19 - 2014-05-13 13:25 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-05-13 12:20 - 2014-05-13 12:20 - 00247408 _____ (Microsoft Corporation) C:\ProgramData\mvakco.dat
2014-05-10 20:19 - 2009-10-31 23:22 - 00304192 _____ () C:\Windows\PFRO.log
2014-05-10 04:01 - 2014-05-02 07:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-05-09 21:26 - 2014-05-09 21:26 - 00126112 _____ (Spotify Ltd) C:\Users\Molli\Downloads\SpotifySetup.exe
2014-05-09 20:57 - 2014-05-09 20:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-09 09:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-09 08:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-04 17:04 - 2014-05-04 17:04 - 00000000 ____D () C:\Users\Molli\AppData\Roaming\DropboxMaster
2014-05-04 17:04 - 2011-03-31 17:33 - 00001013 _____ () C:\Users\Molli\Desktop\Dropbox.lnk
2014-05-04 17:04 - 2011-03-31 17:23 - 00000000 ____D () C:\Users\Molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-29 20:23 - 2012-04-17 16:04 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 20:23 - 2011-05-17 10:18 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 14:48 - 2014-05-10 03:01 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:34 - 2014-05-10 03:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 22:36 - 2008-10-16 14:54 - 00000000 ____D () C:\Update
2014-04-15 16:41 - 2014-04-15 16:41 - 00001145 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2014-04-15 16:41 - 2012-07-19 18:15 - 00000000 ____D () C:\ProgramData\Sony Corporation
Files to move or delete:
====================
C:\ProgramData\mvakco.dat
C:\ProgramData\z7_0ytr.pad
Some content of TEMP:
====================
C:\Users\Molli\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwcqql5.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-05-2014
Ran by Molli at 2014-05-14 14:42:16
Running from C:\Users\Molli\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: G Data TotalProtection 2014 (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data TotalProtection 2014 (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CanoScan 8600F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4804) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 2.32 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version: - Microsoft)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
G Data TotalProtection 2014 (HKLM\...\{63DEADD1-C032-4F1F-AF76-26B166D6AC30}) (Version: 24.0.3.4 - G Data Software AG)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.370 - Oracle)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Works 7.0 (HKLM\...\{EDDDC607-91D9-4758-9F57-265FDCD8A772}) (Version: 07.02.0702 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA Guard Service 1.3 (Version: 1.3 - NVIDIA Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
Presto! PageManager 7.15.13 (HKLM\...\{307B9D04-A1F4-48EA-809C-DF7FA9C4BB6D}) (Version: - )
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Search Protect (HKLM\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.0.0.08060 - Sony Corporation)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
SWAT 4 (Version: 1.0.31763 - Ihr Firmenname) Hidden
Synaptics Gesture Suite featuring SYNAPTICS | Scrybe (HKLM\...\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}) (Version: 1.6.5.17120 - Synaptics Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.20.0 - Synaptics Incorporated)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM\...\{90150000-0015-0407-0000-0000000FF1CE}_Office15.PROPLUS_{02DD2FBD-76D9-4B8B-AAE6-657542F4F6E6}) (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{7FBE2D23-9F3C-4983-B927-2A4BF600B7A7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{885A0D95-13A8-4A31-B01C-B02454F414AA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{49893259-C896-4972-9B6C-6B75790945F1}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{65D789FD-9118-45AF-8DE4-F49F358A8525}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{B9DB28D9-15D0-4DDE-A123-C9B82AC9A579}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{8E942418-D7DE-48A4-8210-AD994006EFAA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUS_{A1416C8A-2BA0-43D0-BCD5-C6C29D029327}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DA3F3D63-4C9F-407B-9CA1-39638F85BDDD}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUS_{67F8928F-664E-47A9-B283-3121D5F904CC}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version: - Microsoft)
VAIO Update (HKLM\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.3.1.10120 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VU5x86 (Version: 1.1.0 - Sony Corporation ) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Yahoo! Detect (HKLM\...\YTdetect) (Version: - )
==================== Restore Points =========================
20-04-2014 20:42:51 Windows Update
23-04-2014 20:54:06 Windows Update
29-04-2014 12:50:46 Windows Update
02-05-2014 17:50:54 Windows Update
04-05-2014 01:00:11 Windows Update
06-05-2014 18:47:26 Windows Update
10-05-2014 01:00:22 Windows Update
13-05-2014 10:02:41 Windows Update
14-05-2014 12:21:35 Installiert Railroad Tycoon 3
14-05-2014 12:37:06 Installiert Railroad Tycoon 3
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0240B074-8DED-49B1-B6CA-065E7FE715CD} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-09-27] (Sony Corporation)
Task: {0897015A-6811-4F80-BD9C-2C0F48A9CF1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {15943AB4-FB47-47A7-A01A-12108C5C00AC} - System32\Tasks\dsmonitor => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: {161C73A6-DFE4-4C4B-A742-C729294392CA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1082474812-2605128907-3220185666-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {286C4069-99D2-483A-80B8-A6E7E6C77A44} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2B5E2AAF-685E-472A-9673-CB6A2D1AA776} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {48AD6DEB-CC31-4125-9B31-5C74BA510533} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {4F57792A-66B9-4C50-A20B-5AB757B5F781} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {5383082C-5C75-4270-AE5E-F9E105FA55BB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1082474812-2605128907-3220185666-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {5CD98A73-20E1-4CB1-ABF1-0F5B2E09183D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-29] (Google Inc.)
Task: {62E6F2A1-5063-4CB3-B654-971EDE8E82AC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1082474812-2605128907-3220185666-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9CA44BBC-F8A1-40FE-83F6-FC45D3A339E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-29] (Google Inc.)
Task: {A8389393-E55B-4D37-80D9-6EE6A23905FB} - System32\Tasks\{C6D297CF-0092-452D-8353-B9F3550C96DF} => C:\Program Files\2K Games\Sid Meier's Railroad Tycoon\2k_intro.exe
Task: {B0EA1DAC-32CB-4177-985F-6075818734EE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-09-19] (Sony Corporation)
Task: {D0311E29-B4AA-4A15-9442-0FAC49BA3E3F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1082474812-2605128907-3220185666-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E4F9458A-6772-4C01-B0B2-37A1A17BFCA7} - System32\Tasks\{47EAD875-EF5F-4A89-B1EF-457F245C1830} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-14 15:08:05
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-6 FUJITSU_MHZ2400BT_G1 rev.0041000C 372,61GB
Running: Gmer-19357.exe; Driver: C:\Users\Molli\AppData\Local\Temp\pxldrpow.sys
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 8305AA15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 83094212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.vmp2 C:\Windows\system32\drivers\acedrv11.sys entry point in ".vmp2" section [0xA04A969D]
---- User code sections - GMER 2.1 ----
.text C:\Windows\Explorer.EXE[3396] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 05078840
.text C:\Windows\Explorer.EXE[3396] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 050788E9
.text C:\Windows\Explorer.EXE[3396] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 0507898E
.text C:\Windows\Explorer.EXE[3396] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 05078A3A
.text C:\Windows\Explorer.EXE[3396] CRYPT32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 05077410
.text C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 03F48840
.text C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 03F488E9
.text C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 03F4898E
.text C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 03F48A3A
.text C:\Program Files\TeamViewer\Version7\TeamViewer.exe[3448] CRYPT32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 03F47410
.text C:\Windows\system32\taskeng.exe[3472] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 01C88840
.text C:\Windows\system32\taskeng.exe[3472] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 01C888E9
.text C:\Windows\system32\taskeng.exe[3472] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 01C8898E
.text C:\Windows\system32\taskeng.exe[3472] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 01C88A3A
.text C:\Windows\system32\taskeng.exe[3472] Crypt32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 01C87410
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 024E8840
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 024E88E9
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 024E898E
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 024E8A3A
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3752] Crypt32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 024E7410
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 01B68840
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 01B688E9
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 01B6898E
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 01B68A3A
.text C:\Program Files\DivX\DivX Update\DivXUpdate.exe[3832] CRYPT32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 01B67410
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 01448840
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 014488E9
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 0144898E
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 01448A3A
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[3884] Crypt32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 01447410
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 01B38840
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 01B388E9
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 01B3898E
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 01B38A3A
.text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3908] Crypt32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 01B37410
.text C:\Program Files\iTunes\iTunesHelper.exe[3980] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 01B58840
.text C:\Program Files\iTunes\iTunesHelper.exe[3980] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 01B588E9
.text C:\Program Files\iTunes\iTunesHelper.exe[3980] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 01B5898E
.text C:\Program Files\iTunes\iTunesHelper.exe[3980] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 01B58A3A
.text C:\Program Files\iTunes\iTunesHelper.exe[3980] CRYPT32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 01B57410
.text C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 00728840
.text C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 007288E9
.text C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] CRYPT32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 00727410
.text C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 0072898E
.text C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe[4044] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 00728A3A
.text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 01D68840
.text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 01D688E9
.text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 01D6898E
.text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 01D68A3A
.text C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe[5020] Crypt32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 01D67410
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 01368840
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 013688E9
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 0136898E
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 01368A3A
.text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[5452] CRYPT32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 01367410
.text C:\Users\Molli\Desktop\Gmer-19357.exe[11196] kernel32.dll!CreateProcessW 7671204D 5 Bytes JMP 00328840
.text C:\Users\Molli\Desktop\Gmer-19357.exe[11196] kernel32.dll!CreateProcessA 76712082 5 Bytes JMP 003288E9
.text C:\Users\Molli\Desktop\Gmer-19357.exe[11196] ADVAPI32.dll!CreateProcessAsUserW 7667C592 5 Bytes JMP 0032898E
.text C:\Users\Molli\Desktop\Gmer-19357.exe[11196] ADVAPI32.dll!CreateProcessAsUserA 766B2538 5 Bytes JMP 00328A3A
.text C:\Users\Molli\Desktop\Gmer-19357.exe[11196] Crypt32.dll!PFXImportCertStore 75E218B8 5 Bytes JMP 00327410
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00214f4ac9d9
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD5 0xAF 0x93 0xC7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x40 0x61 0x4B 0xD5 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x30 0xB4 0x70 0x1D ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00214f4ac9d9 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD5 0xAF 0x93 0xC7 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x40 0x61 0x4B 0xD5 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x30 0xB4 0x70 0x1D ...
---- EOF - GMER 2.1 ----
|
|
14.05.2014, 18:53
| #2 |
| /// the machine /// TB-Ausbilder    | Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. hi,
__________________Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Scan mit Combofix
__________________ |
|
15.05.2014, 10:45
| #3 |
| | Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. Hier schonmal die Fixlog.txt:
__________________Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:14-05-2014
Ran by Molli at 2014-05-14 20:12:05 Run:1
Running from C:\Users\Molli\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Common Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
*****************
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
==== End of Fixlog ====
Ok, ich habe das mit dem Revounistaller auch gemacht. Allerdings funktioniert der Scan mit Combofix nicht, da Gdata immer wieder blockiert, obwohl ich es eigentlich ausgeschaltet habe. Soll heißen es läuft im Hintergrund weiter. Was soll oder kann ich dagegen tun? |
|
16.05.2014, 10:27
| #4 |
| /// the machine /// TB-Ausbilder | Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. GDATA deinstallieren 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.05.2014, 12:33
| #5 |
| | Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. :-D Nene, das lass ich mal. Ich glaube, ich bin den Kram jetzt so gut es geht losgeworden. Habe auch noch mal ne Virenprüfung durch Gdata machen lassen und Malwarebytes drüberlaufen lassen. Es funktioniert jetzt alles wieder. Ich danke dir auf jeden Fall vielmals.  |
|
17.05.2014, 13:18
| #6 |
| /// the machine /// TB-Ausbilder | Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. wenn du meinst, bleibt der Rest an Malware halt drauf.
__________________ --> Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. |
|
| Themen zu Abspielen von Internetvideos, sowie Öffnen von Virenprogrammen unmöglich. |
| adobe, antivirus, bonjour, browser, converter, defender, device driver, e-mail, e-mail anhang, excel, firefox, flash player, gdata, homepage, lightning, mozilla, onedrive, outlook 2013, problem, programm, registry, required, scan, security, services.exe, software, svchost.exe, symantec, system, temp, windows |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
WARNUNG an die MITLESER: 
Linear-Darstellung
