Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Habe ich mir einen Trojaner eingefangen?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.01.2014, 09:44   #1
dakiha
 
Habe ich mir einen Trojaner eingefangen? - Icon31

Habe ich mir einen Trojaner eingefangen?



Ich habe an meinem Laptop mal mit ein paar Zusatzprogrammen nach Trojanern, Rootkits und sonstigen Plagegeistern Ausschau gehalten.


Bei Adwcleaner kam dabei folgendes Ergebnis heraus:

/ info: Rootkit removal help file
// copyright: (c) 2008-2014 Safer-Networking Ltd. All rights reserved.

:: RootAlyzer Results
File:"Unknown ADS","C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh:$DATA"
File:"Unknown ADS","C:\Users\dakiha\Documents\Scanned Documents\Begrüßungsscan.jpg:3or4kl4x13tuuug3Byamue2s4b:$DATA"
File:"No admin in ACL","C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\Quarantine"
File:"No admin in ACL","C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp"
File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{02DDA8BD-182F-4C35-A0F7-9CC378822AC3}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{1069C4A9-670D-4C57-9CA5-71218FCDCD2E}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{120BB232-922B-4B9B-9209-69C66CACC926}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{2BD26FC8-8218-400C-B78A-7F076A4526FA}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{2E0A3B99-BC6A-4768-A4B5-925E62CB4533}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{33C12629-6AC2-43A0-9891-A949FE5350FA}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{34D260C4-221A-46D5-AD70-037DA8A5EFC6}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{39A15998-D2F8-4A2A-8C12-AAE638C78A99}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{39F714D7-4A9E-47C7-8066-0CA682093ED4}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{40A944A9-D06A-45D6-93A7-61B082951052}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{4422A9FE-7955-465F-80D2-FDEE1776D49D}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{45502708-3D39-47AA-9215-7512AD66826D}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{46807AC3-998B-437B-8C74-E5C564B6799F}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{49037F55-F502-45C1-BE68-6E1CD32F54AC}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{4C8F4015-7EF4-439F-B88F-F717416666EE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{4EEEE2C4-945B-4AB1-B9A9-9013CFD5D37D}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{50BE94FA-13F1-4756-90B3-F2B5E5B520A6}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{5C7913F5-08DB-4393-932E-581939375956}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{6121FC78-E211-4E36-A552-AA0E839322B7}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{6733C283-3FC0-4D2D-9F8A-12BF6AF70C13}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{72F0146C-3427-4BD1-9A1B-C426667A7C24}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{742F599C-EEBA-46DF-B0DC-9F23968DEF18}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{7CCD2C87-CCC2-4DBF-9849-0EECD338F4CE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{7FCF3854-8827-4C29-9A10-F5C483B350FE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{806D06AA-4042-4AB5-A12B-0C823F3CA7F1}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{897697F5-CA06-4C02-AE23-9BBE750048AE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{95ADC026-C053-4D40-8F72-5EDFAB892EAD}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{95E2566A-8B39-4522-8132-03897A1E463C}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{9B1E4AF1-1AF3-47BF-9A1C-5DEF466AD7AE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{9D6EA07E-AD99-4CE2-94DE-ADD23358BCB1}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{9F256E78-C1B9-4410-8C59-C20DEF7DEF1C}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{AD484EB1-AF35-4D73-8116-82BA4D41EDB2}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{AFFF6E32-B238-4F89-B251-92524F3E2B11}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{B1D216ED-FBFF-48EB-8474-804E3D81BA07}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{B890C390-B302-43D3-A762-69B857BB6457}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{BC476207-E286-4716-8CD6-BA390B8B21DC}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{C58D3108-8DB4-4215-B9A2-5A799F7FFE34}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{C6B47E52-CEF0-4DE6-8672-1647A5F327D4}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{C7D47111-12E9-40EF-A3FD-483D143ABCCF}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{CC1B58C4-F064-48E0-9EBE-5C926A09697F}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{CC7EE4CF-ED02-44D4-A61F-3F6A46549496}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{D8FCFAC3-5612-45EB-81F3-90132F213681}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{DAE815BD-B723-4FAF-9C44-6CC3CEA5C97E}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{DC931526-CD37-4631-8E2A-11C96465EF8C}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{E888F9A1-FD68-4FD4-912A-CCBDA5AE07CA}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{EA627572-8E23-4148-95D4-9568BB1B9788}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{EAEF6852-066B-469A-B4DD-61E95DF7234E}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\","{FBA5768E-012F-4C8D-BFE0-2B23106CFD78}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{FBA5768E-012F-4C8D-BFE0-2B23106CFD78}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{EAEF6852-066B-469A-B4DD-61E95DF7234E}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{EA627572-8E23-4148-95D4-9568BB1B9788}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{E888F9A1-FD68-4FD4-912A-CCBDA5AE07CA}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{DC931526-CD37-4631-8E2A-11C96465EF8C}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{DAE815BD-B723-4FAF-9C44-6CC3CEA5C97E}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{D8FCFAC3-5612-45EB-81F3-90132F213681}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{CC7EE4CF-ED02-44D4-A61F-3F6A46549496}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{CC1B58C4-F064-48E0-9EBE-5C926A09697F}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{C7D47111-12E9-40EF-A3FD-483D143ABCCF}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{C6B47E52-CEF0-4DE6-8672-1647A5F327D4}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{C58D3108-8DB4-4215-B9A2-5A799F7FFE34}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{BC476207-E286-4716-8CD6-BA390B8B21DC}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{B890C390-B302-43D3-A762-69B857BB6457}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{AFFF6E32-B238-4F89-B251-92524F3E2B11}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{AD484EB1-AF35-4D73-8116-82BA4D41EDB2}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{9F256E78-C1B9-4410-8C59-C20DEF7DEF1C}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{9D6EA07E-AD99-4CE2-94DE-ADD23358BCB1}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{9B1E4AF1-1AF3-47BF-9A1C-5DEF466AD7AE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{95E2566A-8B39-4522-8132-03897A1E463C}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{95ADC026-C053-4D40-8F72-5EDFAB892EAD}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{897697F5-CA06-4C02-AE23-9BBE750048AE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{806D06AA-4042-4AB5-A12B-0C823F3CA7F1}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{7FCF3854-8827-4C29-9A10-F5C483B350FE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{7CCD2C87-CCC2-4DBF-9849-0EECD338F4CE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{742F599C-EEBA-46DF-B0DC-9F23968DEF18}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{72F0146C-3427-4BD1-9A1B-C426667A7C24}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{6733C283-3FC0-4D2D-9F8A-12BF6AF70C13}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{5C7913F5-08DB-4393-932E-581939375956}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{50BE94FA-13F1-4756-90B3-F2B5E5B520A6}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{4EEEE2C4-945B-4AB1-B9A9-9013CFD5D37D}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{4C8F4015-7EF4-439F-B88F-F717416666EE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{49037F55-F502-45C1-BE68-6E1CD32F54AC}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{46807AC3-998B-437B-8C74-E5C564B6799F}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{45502708-3D39-47AA-9215-7512AD66826D}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{40A944A9-D06A-45D6-93A7-61B082951052}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{39F714D7-4A9E-47C7-8066-0CA682093ED4}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{39A15998-D2F8-4A2A-8C12-AAE638C78A99}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{34D260C4-221A-46D5-AD70-037DA8A5EFC6}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{33C12629-6AC2-43A0-9891-A949FE5350FA}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{2E0A3B99-BC6A-4768-A4B5-925E62CB4533}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{2BD26FC8-8218-400C-B78A-7F076A4526FA}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{120BB232-922B-4B9B-9209-69C66CACC926}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{1069C4A9-670D-4C57-9CA5-71218FCDCD2E}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\Wow6432Node\CLSID\{02DDA8BD-182F-4C35-A0F7-9CC378822AC3}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{02DDA8BD-182F-4C35-A0F7-9CC378822AC3}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{1069C4A9-670D-4C57-9CA5-71218FCDCD2E}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{120BB232-922B-4B9B-9209-69C66CACC926}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{2BD26FC8-8218-400C-B78A-7F076A4526FA}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{2E0A3B99-BC6A-4768-A4B5-925E62CB4533}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{33C12629-6AC2-43A0-9891-A949FE5350FA}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{34D260C4-221A-46D5-AD70-037DA8A5EFC6}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{39A15998-D2F8-4A2A-8C12-AAE638C78A99}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{39F714D7-4A9E-47C7-8066-0CA682093ED4}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{40A944A9-D06A-45D6-93A7-61B082951052}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{4422A9FE-7955-465F-80D2-FDEE1776D49D}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{45502708-3D39-47AA-9215-7512AD66826D}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{46807AC3-998B-437B-8C74-E5C564B6799F}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{49037F55-F502-45C1-BE68-6E1CD32F54AC}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{4C8F4015-7EF4-439F-B88F-F717416666EE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{4EEEE2C4-945B-4AB1-B9A9-9013CFD5D37D}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{50BE94FA-13F1-4756-90B3-F2B5E5B520A6}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{5C7913F5-08DB-4393-932E-581939375956}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{6121FC78-E211-4E36-A552-AA0E839322B7}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{6733C283-3FC0-4D2D-9F8A-12BF6AF70C13}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{72F0146C-3427-4BD1-9A1B-C426667A7C24}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{742F599C-EEBA-46DF-B0DC-9F23968DEF18}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{7CCD2C87-CCC2-4DBF-9849-0EECD338F4CE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{7FCF3854-8827-4C29-9A10-F5C483B350FE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{806D06AA-4042-4AB5-A12B-0C823F3CA7F1}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{897697F5-CA06-4C02-AE23-9BBE750048AE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{95ADC026-C053-4D40-8F72-5EDFAB892EAD}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{95E2566A-8B39-4522-8132-03897A1E463C}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{9B1E4AF1-1AF3-47BF-9A1C-5DEF466AD7AE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{9D6EA07E-AD99-4CE2-94DE-ADD23358BCB1}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{9F256E78-C1B9-4410-8C59-C20DEF7DEF1C}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{AD484EB1-AF35-4D73-8116-82BA4D41EDB2}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{AFFF6E32-B238-4F89-B251-92524F3E2B11}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{B1D216ED-FBFF-48EB-8474-804E3D81BA07}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{B890C390-B302-43D3-A762-69B857BB6457}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{BC476207-E286-4716-8CD6-BA390B8B21DC}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{C58D3108-8DB4-4215-B9A2-5A799F7FFE34}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{C6B47E52-CEF0-4DE6-8672-1647A5F327D4}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{C7D47111-12E9-40EF-A3FD-483D143ABCCF}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{CC1B58C4-F064-48E0-9EBE-5C926A09697F}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{CC7EE4CF-ED02-44D4-A61F-3F6A46549496}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{D8FCFAC3-5612-45EB-81F3-90132F213681}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{DAE815BD-B723-4FAF-9C44-6CC3CEA5C97E}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{DC931526-CD37-4631-8E2A-11C96465EF8C}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{E888F9A1-FD68-4FD4-912A-CCBDA5AE07CA}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{EA627572-8E23-4148-95D4-9568BB1B9788}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{EAEF6852-066B-469A-B4DD-61E95DF7234E}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\","{FBA5768E-012F-4C8D-BFE0-2B23106CFD78}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{FBA5768E-012F-4C8D-BFE0-2B23106CFD78}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{EAEF6852-066B-469A-B4DD-61E95DF7234E}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{EA627572-8E23-4148-95D4-9568BB1B9788}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{E888F9A1-FD68-4FD4-912A-CCBDA5AE07CA}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{DC931526-CD37-4631-8E2A-11C96465EF8C}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{DAE815BD-B723-4FAF-9C44-6CC3CEA5C97E}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{D8FCFAC3-5612-45EB-81F3-90132F213681}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{CC7EE4CF-ED02-44D4-A61F-3F6A46549496}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{CC1B58C4-F064-48E0-9EBE-5C926A09697F}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{C7D47111-12E9-40EF-A3FD-483D143ABCCF}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{C6B47E52-CEF0-4DE6-8672-1647A5F327D4}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{C58D3108-8DB4-4215-B9A2-5A799F7FFE34}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{BC476207-E286-4716-8CD6-BA390B8B21DC}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{B890C390-B302-43D3-A762-69B857BB6457}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{AFFF6E32-B238-4F89-B251-92524F3E2B11}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{AD484EB1-AF35-4D73-8116-82BA4D41EDB2}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{9F256E78-C1B9-4410-8C59-C20DEF7DEF1C}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{9D6EA07E-AD99-4CE2-94DE-ADD23358BCB1}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{9B1E4AF1-1AF3-47BF-9A1C-5DEF466AD7AE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{95E2566A-8B39-4522-8132-03897A1E463C}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{95ADC026-C053-4D40-8F72-5EDFAB892EAD}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{897697F5-CA06-4C02-AE23-9BBE750048AE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{806D06AA-4042-4AB5-A12B-0C823F3CA7F1}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{7FCF3854-8827-4C29-9A10-F5C483B350FE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{7CCD2C87-CCC2-4DBF-9849-0EECD338F4CE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{742F599C-EEBA-46DF-B0DC-9F23968DEF18}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{72F0146C-3427-4BD1-9A1B-C426667A7C24}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{6733C283-3FC0-4D2D-9F8A-12BF6AF70C13}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{5C7913F5-08DB-4393-932E-581939375956}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{50BE94FA-13F1-4756-90B3-F2B5E5B520A6}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{4EEEE2C4-945B-4AB1-B9A9-9013CFD5D37D}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{4C8F4015-7EF4-439F-B88F-F717416666EE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{49037F55-F502-45C1-BE68-6E1CD32F54AC}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{46807AC3-998B-437B-8C74-E5C564B6799F}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{45502708-3D39-47AA-9215-7512AD66826D}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{40A944A9-D06A-45D6-93A7-61B082951052}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{39F714D7-4A9E-47C7-8066-0CA682093ED4}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{39A15998-D2F8-4A2A-8C12-AAE638C78A99}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{34D260C4-221A-46D5-AD70-037DA8A5EFC6}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{33C12629-6AC2-43A0-9891-A949FE5350FA}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{2E0A3B99-BC6A-4768-A4B5-925E62CB4533}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{2BD26FC8-8218-400C-B78A-7F076A4526FA}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{120BB232-922B-4B9B-9209-69C66CACC926}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{1069C4A9-670D-4C57-9CA5-71218FCDCD2E}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\Wow6432Node\CLSID\{02DDA8BD-182F-4C35-A0F7-9CC378822AC3}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{02DDA8BD-182F-4C35-A0F7-9CC378822AC3}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{1069C4A9-670D-4C57-9CA5-71218FCDCD2E}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{120BB232-922B-4B9B-9209-69C66CACC926}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{2BD26FC8-8218-400C-B78A-7F076A4526FA}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{2E0A3B99-BC6A-4768-A4B5-925E62CB4533}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{33C12629-6AC2-43A0-9891-A949FE5350FA}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{34D260C4-221A-46D5-AD70-037DA8A5EFC6}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{39A15998-D2F8-4A2A-8C12-AAE638C78A99}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{39F714D7-4A9E-47C7-8066-0CA682093ED4}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{40A944A9-D06A-45D6-93A7-61B082951052}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{4422A9FE-7955-465F-80D2-FDEE1776D49D}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{45502708-3D39-47AA-9215-7512AD66826D}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{46807AC3-998B-437B-8C74-E5C564B6799F}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{49037F55-F502-45C1-BE68-6E1CD32F54AC}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{4C8F4015-7EF4-439F-B88F-F717416666EE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{4EEEE2C4-945B-4AB1-B9A9-9013CFD5D37D}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{50BE94FA-13F1-4756-90B3-F2B5E5B520A6}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{5C7913F5-08DB-4393-932E-581939375956}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{6121FC78-E211-4E36-A552-AA0E839322B7}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{6733C283-3FC0-4D2D-9F8A-12BF6AF70C13}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{72F0146C-3427-4BD1-9A1B-C426667A7C24}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{742F599C-EEBA-46DF-B0DC-9F23968DEF18}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{7CCD2C87-CCC2-4DBF-9849-0EECD338F4CE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{7FCF3854-8827-4C29-9A10-F5C483B350FE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{806D06AA-4042-4AB5-A12B-0C823F3CA7F1}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{897697F5-CA06-4C02-AE23-9BBE750048AE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{95ADC026-C053-4D40-8F72-5EDFAB892EAD}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{95E2566A-8B39-4522-8132-03897A1E463C}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{9B1E4AF1-1AF3-47BF-9A1C-5DEF466AD7AE}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{9D6EA07E-AD99-4CE2-94DE-ADD23358BCB1}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{9F256E78-C1B9-4410-8C59-C20DEF7DEF1C}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{AD484EB1-AF35-4D73-8116-82BA4D41EDB2}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{AFFF6E32-B238-4F89-B251-92524F3E2B11}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{B1D216ED-FBFF-48EB-8474-804E3D81BA07}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{B890C390-B302-43D3-A762-69B857BB6457}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{BC476207-E286-4716-8CD6-BA390B8B21DC}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{C58D3108-8DB4-4215-B9A2-5A799F7FFE34}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{C6B47E52-CEF0-4DE6-8672-1647A5F327D4}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{C7D47111-12E9-40EF-A3FD-483D143ABCCF}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{CC1B58C4-F064-48E0-9EBE-5C926A09697F}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{CC7EE4CF-ED02-44D4-A61F-3F6A46549496}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{D8FCFAC3-5612-45EB-81F3-90132F213681}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{DAE815BD-B723-4FAF-9C44-6CC3CEA5C97E}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{DC931526-CD37-4631-8E2A-11C96465EF8C}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{E888F9A1-FD68-4FD4-912A-CCBDA5AE07CA}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{EA627572-8E23-4148-95D4-9568BB1B9788}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{EAEF6852-066B-469A-B4DD-61E95DF7234E}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\","{FBA5768E-012F-4C8D-BFE0-2B23106CFD78}"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{FBA5768E-012F-4C8D-BFE0-2B23106CFD78}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{EAEF6852-066B-469A-B4DD-61E95DF7234E}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{EA627572-8E23-4148-95D4-9568BB1B9788}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{E888F9A1-FD68-4FD4-912A-CCBDA5AE07CA}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{DC931526-CD37-4631-8E2A-11C96465EF8C}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{DAE815BD-B723-4FAF-9C44-6CC3CEA5C97E}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{D8FCFAC3-5612-45EB-81F3-90132F213681}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{CC7EE4CF-ED02-44D4-A61F-3F6A46549496}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{CC1B58C4-F064-48E0-9EBE-5C926A09697F}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{C7D47111-12E9-40EF-A3FD-483D143ABCCF}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{C6B47E52-CEF0-4DE6-8672-1647A5F327D4}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{C58D3108-8DB4-4215-B9A2-5A799F7FFE34}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{BC476207-E286-4716-8CD6-BA390B8B21DC}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{B890C390-B302-43D3-A762-69B857BB6457}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{AFFF6E32-B238-4F89-B251-92524F3E2B11}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{AD484EB1-AF35-4D73-8116-82BA4D41EDB2}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{9F256E78-C1B9-4410-8C59-C20DEF7DEF1C}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{9D6EA07E-AD99-4CE2-94DE-ADD23358BCB1}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{9B1E4AF1-1AF3-47BF-9A1C-5DEF466AD7AE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{95E2566A-8B39-4522-8132-03897A1E463C}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{95ADC026-C053-4D40-8F72-5EDFAB892EAD}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{897697F5-CA06-4C02-AE23-9BBE750048AE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{806D06AA-4042-4AB5-A12B-0C823F3CA7F1}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{7FCF3854-8827-4C29-9A10-F5C483B350FE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{7CCD2C87-CCC2-4DBF-9849-0EECD338F4CE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{742F599C-EEBA-46DF-B0DC-9F23968DEF18}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{72F0146C-3427-4BD1-9A1B-C426667A7C24}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{6733C283-3FC0-4D2D-9F8A-12BF6AF70C13}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{5C7913F5-08DB-4393-932E-581939375956}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{50BE94FA-13F1-4756-90B3-F2B5E5B520A6}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{4EEEE2C4-945B-4AB1-B9A9-9013CFD5D37D}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{4C8F4015-7EF4-439F-B88F-F717416666EE}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{49037F55-F502-45C1-BE68-6E1CD32F54AC}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{46807AC3-998B-437B-8C74-E5C564B6799F}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{45502708-3D39-47AA-9215-7512AD66826D}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{40A944A9-D06A-45D6-93A7-61B082951052}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{39F714D7-4A9E-47C7-8066-0CA682093ED4}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{39A15998-D2F8-4A2A-8C12-AAE638C78A99}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{34D260C4-221A-46D5-AD70-037DA8A5EFC6}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{33C12629-6AC2-43A0-9891-A949FE5350FA}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{2E0A3B99-BC6A-4768-A4B5-925E62CB4533}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{2BD26FC8-8218-400C-B78A-7F076A4526FA}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{120BB232-922B-4B9B-9209-69C66CACC926}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{1069C4A9-670D-4C57-9CA5-71218FCDCD2E}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Classes\CLSID\{02DDA8BD-182F-4C35-A0F7-9CC378822AC3}\","InprocServer32"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","AACCodes"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","AACV4Codes"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","DolbyAC3_5.1"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","DolbyAC3Stereo"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","GoGoCodes"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","MP3Codes"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","MP3SCodes"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst01"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst02"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst03"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst04"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst05"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst06"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst07"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst08"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst09"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst10"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst11"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst12"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst13"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst14"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst15"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst16"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst17"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst18"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaInst19"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst01"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst02"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst03"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst04"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst05"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst06"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst07"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst08"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst09"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst10"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst11"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst12"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst13"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst14"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst15"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst16"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst17"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst18"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst19"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst20"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst21"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst22"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst23"
RegyKey:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\MAGIX\","VitaSoloInst24"


Meine Frage nun, was kann ich davon löschen?

Ich habe natürlich schon mal selbst versucht zu forschen und kam zu dem Ergebnis, dass die
Schlüssel mit dem "Wow6432Nod" sich wohl auf Anwendungen beziehen, die vom 32Bit-System in das 64Bit-System transferiert worden sind oder so ähnlich

Die mit Magix müssten ebenfalls ungefährlich sein, aber was ist mit den anderen? Droht eine Rootkitsgefahr?




Dann habe ich auch noch einen Gmer-Quickscan durchgeführt.

Hier die Logs:

GMER 2.1.19355 - hxxp://www.gmer.net
Rootkit scan 2014-01-24 04:26:23
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB4O 465,76GB
Running: gmer.exe; Driver: C:\Users\dakiha\AppData\Local\Temp\fwdcipod.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80003209000 63 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 592 fffff80003209040 1 byte [10]

---- User code sections - GMER 2.1 ----

? C:\Windows\system32\mssprxy.dll [1840] entry point in ".rdata" section 0000000074b071e6
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1972] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076791465 2 bytes [79, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1972] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000767914bb 2 bytes [79, 76]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3768] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000076791465 2 bytes [79, 76]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3768] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000767914bb 2 bytes [79, 76]
.text ... * 2

---- User IAT/EAT - GMER 2.1 ----

IAT C:\Windows\system32\winlogon.exe[636] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress] [55580002820] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\winlogon.exe[636] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!ReadFile] [55580002700] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\winlogon.exe[636] @ C:\Windows\system32\themeservice.dll[KERNEL32.dll!GetProcAddress] [55580002820] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\winlogon.exe[636] @ C:\Windows\system32\themeservice.dll[KERNEL32.dll!ReadFile] [55580002700] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\svchost.exe[420] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!GetProcAddress] [55580002820] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\svchost.exe[420] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!ReadFile] [55580002700] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\svchost.exe[420] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress] [55580002820] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\svchost.exe[420] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!ReadFile] [55580002700] c:\windows\system32\uxtuneup.dll

---- Threads - GMER 2.1 ----

Thread C:\Windows\system32\svchost.exe [1020:4504] 000007feef1ed3c8
Thread C:\Windows\system32\svchost.exe [1020:2504] 000007feef1ed3c8
Thread C:\Windows\system32\svchost.exe [1020:5468] 000007feef1ed3c8
Thread C:\Windows\system32\svchost.exe [1020:2940] 000007feef1ed3c8
---- Processes - GMER 2.1 ----

Library C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20140123.001\IDSxpx86.dll (*** suspicious ***) @ C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe [1840] 0000000065000000
Library C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20140121.001\BHEngine.dll (*** suspicious ***) @ C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe [1840] 0000000066640000
Library \\?\C:\Program Files (x86)\Spybot - Search & Destroy 2\av\avxdisk.dll (*** suspicious ***) @ C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1972] 0000000003f00000
Process C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe [3300] 0000000000180000
Process C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe [3096] 0000000000180000
Process C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe [3984] 0000000000180000
Process C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe [3352] 0000000000180000
Process C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe [3460] 0000000000180000
Process C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe [3524] 0000000000180000
Process C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe [3404] 0000000000180000
Process C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe (*** suspicious ***) @ C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe [3616] 0000000000180000
Library \\?\C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [2472] (Individualized Black Box DLL/Microsoft Corporation SIGNED)(2013-12-25 17:36:45) 000000000ac00000

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\d0df9acd1e24
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\d0df9acd1e24 (not active ControlSet)

---- EOF - GMER 2.1 ----

Alt 24.01.2014, 09:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich mir einen Trojaner eingefangen? - Standard

Habe ich mir einen Trojaner eingefangen?



Eine Rootkit Gefahr kann bei einem Scan nach Adware ja irgendwie nit bestehen oder?

Lösch das was AdwCleaner dir anzeigt und gut is. Probleme mit dem Rechner oder einfach nur die Neujahrs-Panik?
__________________

__________________

Alt 24.01.2014, 19:33   #3
dakiha
 
Habe ich mir einen Trojaner eingefangen? - Standard

Habe ich mir einen Trojaner eingefangen?



Naja, eigentlich bin ich mir bis vor kurzem schon sicher, dass mein Rechner gut geschützt ist. Allerdings war bei den 16 Mio geklauten E-Mail Passwörtern leider auch meines mit dabei. Obwohl ich Groß - und Kleinschreibung beachtet hatte; Zahlen und genügend Sonderzeichen waren auch dabei. Laut Test hätte es eigentlich mehrere Trilliarden Jahre dauern müssen, um mein hochkompliziertes Passwort zu knacken!

Daher habe ich nach Trojanern mit einschlägiger Software auf meinen Rechner gesucht.

Bei den hier geposteten Logfiles war ich mir nicht sicher, ob ich das alles löschen kann, da man ja auch eventuell mal ein paar wichtige Registry-Einträge versehentlich runterhauen könnte.

Bei Spybot heißt es ja auch extra in einer Warnung am Seitenrand, dass nicht alle angezeigten Werte gleich Malware sein müssen, da Rootkit-Mechanismen auch von normaler Software benutzt werden, um Einträge vor dem Benutzer zu verbergen.
__________________

Alt 25.01.2014, 12:27   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich mir einen Trojaner eingefangen? - Standard

Habe ich mir einen Trojaner eingefangen?



Zitat:
Allerdings war bei den 16 Mio geklauten E-Mail Passwörtern leider auch meines mit dabei. Obwohl ich Groß - und Kleinschreibung beachtet hatte; Zahlen und genügend Sonderzeichen waren auch dabei. Laut Test hätte es eigentlich mehrere Trilliarden Jahre dauern müssen, um mein hochkompliziertes Passwort zu knacken!
Der BSI Wahn ist ebenso unnötige Panikmache. WIeviele rechner ich die letzten Tage ohne Grund geprüft habe.....

Email Accs werden zu 99% online gehackt.

Ich schau aber gerne mal drüber:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.01.2014, 18:17   #5
dakiha
 
Habe ich mir einen Trojaner eingefangen? - Standard

Habe ich mir einen Trojaner eingefangen?



DANKE für deine Mühen!


Hier die Additional:FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-01-2014 01
Ran by dakiha at 2014-01-25 19:13:24
Running from C:\Users\dakiha\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security CBE (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Norton Internet Security CBE (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security CBE (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden <==== ATTENTION
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Atheros Driver Installation Program (x32 Version: 9.2 - Atheros)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (x32 Version: 7.0.610.0 - Microsoft Corporation)
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (Version: 7.2.0.60 - Atheros Communications)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden <==== ATTENTION
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink YouCam (x32 Version: 3.2.1.3726 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.2.1.3726 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
EVEREST Home Edition v2.20 (x32 Version: 2.20 - Lavalys Inc)
Evernote v. 4.2.2 (x32 Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0 - MAGIX AG)
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKCU Version: 32.0.1700.76 - Google Inc.)
Google Earth (x32 Version: 6.1.0.5001 - Google)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden <==== ATTENTION
HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)
HP Games (x32 Version: 1.0.2.4 - WildTangent)
HP On Screen Display (x32 Version: 1.0.7 - Hewlett-Packard Company)
HP Power Manager (x32 Version: 1.2.1 - Hewlett-Packard Company)
HP Quick Launch (x32 Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Software Framework (x32 Version: 4.0.108.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 5.1.11.1 - Hewlett-Packard Company)
HP Wireless Assistant (Version: 4.0.10.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation) <==== ATTENTION
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.3347 - Intel Corporation) <==== ATTENTION
Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046 - Intel Corporation)
Java 7 Update 51 (64-bit) (Version: 7.0.510 - Oracle)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
LG PC Suite (x32 Version: 5.2.26.20130220 - LG Electronics)
LG United Mobile Drivers (x32 Version: 3.8.1 - LG Electronics)
MAGIX Content und Soundpools (x32 Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Synthesizer und Effekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (Synthesizer und Effekte) (x32 Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Version: 19.0.1.36 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium (x32 Version: 19.0.1.36 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (x32 Version: 1.0.0 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Norton Internet Security CBE (x32 Version: 20.4.0.40 - Symantec Corporation)
PDF Complete Special Edition (x32 Version: 4.0.34 - PDF Complete, Inc)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6287 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden
SimpleScreenshot 1.30 (x32 Version:  - )
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spybot - Search & Destroy (x32 Version: 2.2.25 - Safer-Networking Ltd.)
Synaptics TouchPad Driver (Version: 15.3.29.0 - Synaptics Incorporated)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0 - Magix Development GmbH)
Trojan Remover 6.9.0 (x32 Version: 6.9.0 - Simply Super Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.73 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Vita Bass Machine (Version: 1.0.0.0 - MAGIX AG) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.8.7 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Product Key Finder Pro® 2.3 (x32 Version:  - )
Xobni (x32 Version: 1.9.5.13209 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Yahoo! Install Manager (x32 Version:  - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

12-12-2013 02:59:19 Windows Update
15-12-2013 21:52:31 Windows Update
16-01-2014 07:28:35 Windows Update
21-01-2014 21:11:59 Avira EU-Cleaner - 21.01.2014 22:11
22-01-2014 09:39:12 Removed Java(TM) 6 Update 22
22-01-2014 09:40:23 Removed Java(TM) 6 Update 22 (64-bit)
22-01-2014 09:42:00 Installed Java 7 Update 51 (64-bit)
22-01-2014 10:13:23 Removed Skype™ 5.1
22-01-2014 10:15:10 A.F.5 Rename your files 1.1 wird entfernt
22-01-2014 10:15:46 Removed Firebird SQL Server - MAGIX Edition
23-01-2014 11:52:36 Avira EU-Cleaner - 23.01.2014 12:52

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02BA8AD0-9E93-4990-B965-0FD60406EF86} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {145BC493-4347-46F1-8EC4-9EB32740BD8F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {1B1D8308-B54A-451B-944D-6D1DF29848DB} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-25] ()
Task: {3A185D7C-D5B1-4DCA-94F4-6CFD3F11C496} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3972868225-1230873189-1615908833-1000Core => C:\Users\dakiha\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-23] (Google Inc.)
Task: {4BFFEF8B-A401-4D3B-A2AA-82049800C7D5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-22] (Adobe Systems Incorporated)
Task: {571D9618-BE52-4727-ADD5-92500CC3F4C5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {74FDC116-59AF-4CED-9908-02C015E61097} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {7D9DDFAC-FF05-4FCD-B027-F59F1969F205} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3972868225-1230873189-1615908833-1000UA => C:\Users\dakiha\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-23] (Google Inc.)
Task: {8A5C265D-4AEB-47C2-8353-EAB69E411A7B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {8B4A3A62-0C2F-4DB2-B0DE-FE0395435FF5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-12-01] (Hewlett-Packard Company)
Task: {A200EF4E-7129-48D0-9E76-555661DFF5D7} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {AC7BD8BB-959A-42B3-8AA4-A19E0EF158E8} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-09] (CyberLink)
Task: {BB4ACCE6-3286-4002-9DCA-40852233C46A} - System32\Tasks\Google Updater and Installer => C:\Users\dakiha\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-23] (Google Inc.)
Task: {BD160F2F-266E-4BF3-B9A3-2A6C509B5B89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-12-01] (Hewlett-Packard Company)
Task: {BD5F5492-750C-40B5-AD55-F01BD23A2A10} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Anwendungen\Tune Up Utilities\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {C2F1A721-0FCB-498D-B03A-FAB0E5B0F4C4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972868225-1230873189-1615908833-1000Core.job => C:\Users\dakiha\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972868225-1230873189-1615908833-1000UA.job => C:\Users\dakiha\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 01:37 - 2010-12-17 01:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-24 01:45 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-01-24 01:45 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-01-24 01:45 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-01-24 01:45 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-01-24 01:45 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-01 16:47 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY CBE\ENGINE\20.4.0.40\wincfi39.dll
2014-01-17 22:44 - 2014-01-11 11:28 - 00715544 _____ () C:\Users\dakiha\AppData\Local\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-17 22:44 - 2014-01-11 11:28 - 00100120 _____ () C:\Users\dakiha\AppData\Local\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-17 22:44 - 2014-01-11 11:29 - 04055320 _____ () C:\Users\dakiha\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-17 22:44 - 2014-01-11 11:29 - 00399640 _____ () C:\Users\dakiha\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-17 22:44 - 2014-01-11 11:28 - 01634584 _____ () C:\Users\dakiha\AppData\Local\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2011-09-07 02:15 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2014 07:04:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/25/2014 07:04:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/25/2014 07:04:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2014 09:50:12 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/25/2014 09:44:26 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/25/2014 09:44:24 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/25/2014 09:43:50 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/25/2014 00:05:21 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/24/2014 10:40:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/24/2014 10:40:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (01/25/2014 07:05:21 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (01/25/2014 07:05:21 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (01/25/2014 09:45:24 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (01/25/2014 09:45:24 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (01/24/2014 10:40:53 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (01/24/2014 10:40:53 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (01/24/2014 10:01:19 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/24/2014 08:06:33 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (01/24/2014 08:06:32 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422

Error: (01/24/2014 10:18:21 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070422


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 3947.86 MB
Available physical RAM: 2077.07 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5867.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.59 GB) (Free:360.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.87 GB) (Free:1.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4F1C5FDC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================
         
--- --- ---


So, und hier nun noch die FRST:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-01-2014 01
Ran by dakiha (administrator) on DAKIHA-HP on 25-01-2014 19:12:48
Running from C:\Users\dakiha\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Users\dakiha\Pictures\Malbytes\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes Corporation) C:\Users\dakiha\Pictures\Malbytes\Malwarebytes' Anti-Malware\mbamservice.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccsvchst.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Malwarebytes Corporation) C:\Users\dakiha\Pictures\Malbytes\Malwarebytes' Anti-Malware\mbamgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccsvchst.exe
(Google Inc.) C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(TuneUp Software) C:\Anwendungen\Tune Up Utilities\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TuneUp Software) C:\Anwendungen\Tune Up Utilities\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-01] (Atheros Commnucations)
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2010-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [TrojanScanner] - C:\Users\dakiha\Downloads\Trojan Remover\Trjscan.exe [1702672 2014-01-25] (Simply Super Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoStrCmpLogical] 0
HKCU\...\Run: [GoogleChromeAutoLaunch_D5B6993BE0DE7ED3745BFC1105F5E626] - C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.)
HKCU\...\Policies\Explorer: [NoTrayItemsDisplay] 0x00000000
HKCU\...\Policies\Explorer: [NoDrives] 0x00000000
MountPoints2: {d5103ebc-d6ac-11e1-8cee-d0df9acd1e24} - F:\LGAutoRun.exe
IFEO\hpsf.exe: [Debugger] "C:\Anwendungen\Tune Up Utilities\TUAutoReactivator64.exe"
IFEO\hptcs.exe: [Debugger] "C:\Anwendungen\Tune Up Utilities\TUAutoReactivator64.exe"
IFEO\hpwa_main.exe: [Debugger] "C:\Anwendungen\Tune Up Utilities\TUAutoReactivator64.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Users\dakiha\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Anwendungen\Adobe\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\dakiha\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\dakiha\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Perion plugin) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.486_0\plugin/npVKPlugin.dll No File
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.486_0\plugin/npUrlAdvisor.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Popup Blocker Pro) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\allcegfcagkffchiajgmnmegdkbnblcj [2013-10-08]
CHR Extension: (Wetter (Erweiterung)) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2013-10-08]
CHR Extension: (WOT) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-10-08]
CHR Extension: (Gutscheine-Live.de Gutscheinfinder) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbknhlljidpngcpmgphjmehhbbofdpb [2013-10-08]
CHR Extension: (Klassische Spiele) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbofnbeakdognkanffmpldbjgkblljkh [2013-10-08]
CHR Extension: (Finanzen100) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifpobenbpfkbhiccbdifogbiachenpie [2013-10-08]
CHR Extension: (Google Theme) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne [2013-10-08]
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe [2013-10-08]
CHR Extension: (Norton Identity Protection) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-09-23]
CHR Extension: (Google Wallet) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\dakiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-01-21]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\Exts\Chrome.crx [2013-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\dakiha\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-01] (Atheros)
R2 MBAMScheduler; C:\Users\dakiha\Pictures\Malbytes\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Users\dakiha\Pictures\Malbytes\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Anwendungen\Tune Up Utilities\TuneUpUtilitiesService64.exe [2143072 2012-05-29] (TuneUp Software)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-02-25] (Xobni Corporation)

==================== Drivers (Whitelisted) ====================

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20140124.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20140124.016\ENG64.SYS [126040 2013-09-19] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20140124.016\EX64.SYS [2099288 2013-09-19] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-09-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Anwendungen\Tune Up Utilities\TuneUpUtilitiesDriver64.sys [11856 2012-05-08] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-25 19:12 - 2014-01-25 19:12 - 00016491 _____ C:\Users\dakiha\Downloads\FRST.txt
2014-01-25 19:11 - 2014-01-25 19:11 - 00000000 ____D C:\Users\dakiha\Downloads\Farbar
2014-01-25 19:11 - 2014-01-25 19:11 - 00000000 ____D C:\FRST
2014-01-25 19:10 - 2014-01-25 19:11 - 02077696 _____ (Farbar) C:\Users\dakiha\Downloads\FRST64.exe
2014-01-25 00:01 - 2014-01-25 09:42 - 00000000 ____D C:\Users\dakiha\Downloads\Trojan Remover
2014-01-25 00:01 - 2014-01-25 00:01 - 00000000 ____D C:\Users\dakiha\Documents\Simply Super Software
2014-01-25 00:01 - 2014-01-25 00:01 - 00000000 ____D C:\Users\dakiha\AppData\Roaming\Simply Super Software
2014-01-25 00:01 - 2014-01-25 00:01 - 00000000 ____D C:\ProgramData\Simply Super Software
2014-01-24 23:58 - 2014-01-24 23:59 - 28469872 _____ (Simply Super Software                                       ) C:\Users\dakiha\Downloads\trjsetup688-2625.exe
2014-01-24 23:57 - 2014-01-24 23:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\dakiha\Downloads\HiJackThis204.exe
2014-01-24 10:28 - 2014-01-24 02:34 - 00042459 _____ C:\Users\dakiha\Downloads\Rootkits.140124-0234.log
2014-01-24 04:26 - 2014-01-24 04:26 - 00010357 _____ C:\Users\dakiha\Downloads\gmer-quickscan.log
2014-01-24 03:58 - 2014-01-24 03:58 - 705825745 _____ C:\Windows\MEMORY.DMP
2014-01-24 03:58 - 2014-01-24 03:58 - 00279496 _____ C:\Windows\Minidump\012414-49483-01.dmp
2014-01-24 03:58 - 2014-01-24 03:58 - 00000000 ____D C:\Windows\Minidump
2014-01-24 03:20 - 2014-01-21 21:56 - 00380416 _____ C:\Users\dakiha\Downloads\gmer.exe
2014-01-24 03:19 - 2014-01-24 03:19 - 00370971 _____ C:\Users\dakiha\Downloads\gmer_2.1.19355 (1).zip
2014-01-24 01:45 - 2014-01-24 01:45 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-24 01:45 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-01-23 14:15 - 2014-01-23 14:15 - 00000000 ____D C:\ProgramData\Downloaded Installations
2014-01-23 14:14 - 2014-01-24 03:08 - 00000459 _____ C:\Windows\wininit.ini
2014-01-23 09:19 - 2014-01-24 01:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-23 09:19 - 2014-01-24 01:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-23 09:19 - 2014-01-23 09:19 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-23 09:18 - 2014-01-23 09:18 - 00000000 ____D C:\Users\dakiha\Downloads\bot
2014-01-22 11:08 - 2014-01-22 11:08 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2014-01-22 10:42 - 2014-01-22 10:42 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-22 10:42 - 2014-01-22 10:42 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-22 10:42 - 2014-01-22 10:42 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-22 10:42 - 2014-01-22 10:42 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-22 10:42 - 2014-01-22 10:42 - 00000000 ____D C:\Program Files\Java
2014-01-22 10:36 - 2014-01-22 10:37 - 30796712 _____ (Oracle Corporation) C:\Users\dakiha\Downloads\jre-7u51-windows-x64.exe
2014-01-22 10:25 - 2014-01-22 10:25 - 00000000 ____D C:\ProgramData\McAfee
2014-01-22 09:40 - 2014-01-24 21:10 - 00000000 ____D C:\AdwCleaner
2014-01-22 09:39 - 2014-01-22 09:39 - 01236282 _____ C:\Users\dakiha\Downloads\adwcleaner.exe
2014-01-22 07:20 - 2014-01-22 07:20 - 00000000 ____D C:\Users\dakiha\AppData\Roaming\Malwarebytes
2014-01-22 07:20 - 2014-01-22 07:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-22 07:20 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-22 07:16 - 2014-01-22 07:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\dakiha\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-22 07:16 - 2014-01-22 07:16 - 00000116 ___RH C:\Users\dakiha\Downloads\Stinger.opt
2014-01-22 06:53 - 2014-01-22 07:16 - 00000000 ____D C:\Program Files\stinger
2014-01-21 20:38 - 2014-01-21 20:38 - 02209056 _____ C:\Users\dakiha\Downloads\avira-eu-cleaner_de.exe
2014-01-21 14:23 - 2014-01-22 10:58 - 00000000 ____D C:\Users\dakiha\AppData\Roaming\QuickScan
2014-01-16 03:46 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 03:46 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 03:46 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 03:46 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 03:46 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 03:46 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 03:46 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 03:46 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 03:46 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

2014-01-25 19:12 - 2014-01-25 19:12 - 00016491 _____ C:\Users\dakiha\Downloads\FRST.txt
2014-01-25 19:11 - 2014-01-25 19:11 - 00000000 ____D C:\Users\dakiha\Downloads\Farbar
2014-01-25 19:11 - 2014-01-25 19:11 - 00000000 ____D C:\FRST
2014-01-25 19:11 - 2014-01-25 19:10 - 02077696 _____ (Farbar) C:\Users\dakiha\Downloads\FRST64.exe
2014-01-25 19:11 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-25 19:11 - 2009-07-14 05:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-25 19:10 - 2011-05-09 21:12 - 00699682 _____ C:\Windows\system32\perfh007.dat
2014-01-25 19:10 - 2011-05-09 21:12 - 00149790 _____ C:\Windows\system32\perfc007.dat
2014-01-25 19:10 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-25 19:08 - 2011-09-07 02:13 - 01147437 _____ C:\Windows\WindowsUpdate.log
2014-01-25 19:04 - 2011-05-09 11:38 - 00000000 ____D C:\ProgramData\PDFC
2014-01-25 19:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-25 19:03 - 2009-07-14 05:51 - 00091727 _____ C:\Windows\setupact.log
2014-01-25 10:41 - 2013-09-23 23:20 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972868225-1230873189-1615908833-1000UA.job
2014-01-25 10:29 - 2013-11-25 13:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 09:42 - 2014-01-25 00:01 - 00000000 ____D C:\Users\dakiha\Downloads\Trojan Remover
2014-01-25 00:01 - 2014-01-25 00:01 - 00000000 ____D C:\Users\dakiha\Documents\Simply Super Software
2014-01-25 00:01 - 2014-01-25 00:01 - 00000000 ____D C:\Users\dakiha\AppData\Roaming\Simply Super Software
2014-01-25 00:01 - 2014-01-25 00:01 - 00000000 ____D C:\ProgramData\Simply Super Software
2014-01-24 23:59 - 2014-01-24 23:58 - 28469872 _____ (Simply Super Software                                       ) C:\Users\dakiha\Downloads\trjsetup688-2625.exe
2014-01-24 23:57 - 2014-01-24 23:57 - 00388608 _____ (Trend Micro Inc.) C:\Users\dakiha\Downloads\HiJackThis204.exe
2014-01-24 21:10 - 2014-01-22 09:40 - 00000000 ____D C:\AdwCleaner
2014-01-24 10:46 - 2013-01-06 01:11 - 00000000 ____D C:\Users\dakiha\Documents\Schriftverkehr
2014-01-24 04:26 - 2014-01-24 04:26 - 00010357 _____ C:\Users\dakiha\Downloads\gmer-quickscan.log
2014-01-24 04:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-24 03:58 - 2014-01-24 03:58 - 705825745 _____ C:\Windows\MEMORY.DMP
2014-01-24 03:58 - 2014-01-24 03:58 - 00279496 _____ C:\Windows\Minidump\012414-49483-01.dmp
2014-01-24 03:58 - 2014-01-24 03:58 - 00000000 ____D C:\Windows\Minidump
2014-01-24 03:19 - 2014-01-24 03:19 - 00370971 _____ C:\Users\dakiha\Downloads\gmer_2.1.19355 (1).zip
2014-01-24 03:08 - 2014-01-23 14:14 - 00000459 _____ C:\Windows\wininit.ini
2014-01-24 02:41 - 2013-09-23 23:20 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3972868225-1230873189-1615908833-1000Core.job
2014-01-24 02:34 - 2014-01-24 10:28 - 00042459 _____ C:\Users\dakiha\Downloads\Rootkits.140124-0234.log
2014-01-24 01:45 - 2014-01-24 01:45 - 00001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-24 01:45 - 2014-01-23 09:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-24 01:45 - 2014-01-23 09:19 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-24 01:10 - 2010-11-21 04:47 - 00378042 _____ C:\Windows\PFRO.log
2014-01-23 14:20 - 2011-12-30 23:09 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-01-23 14:15 - 2014-01-23 14:15 - 00000000 ____D C:\ProgramData\Downloaded Installations
2014-01-23 09:19 - 2014-01-23 09:19 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2014-01-23 09:18 - 2014-01-23 09:18 - 00000000 ____D C:\Users\dakiha\Downloads\bot
2014-01-22 11:08 - 2014-01-22 11:08 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2014-01-22 10:58 - 2014-01-21 14:23 - 00000000 ____D C:\Users\dakiha\AppData\Roaming\QuickScan
2014-01-22 10:42 - 2014-01-22 10:42 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-22 10:42 - 2014-01-22 10:42 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-22 10:42 - 2014-01-22 10:42 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-22 10:42 - 2014-01-22 10:42 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-22 10:42 - 2014-01-22 10:42 - 00000000 ____D C:\Program Files\Java
2014-01-22 10:37 - 2014-01-22 10:36 - 30796712 _____ (Oracle Corporation) C:\Users\dakiha\Downloads\jre-7u51-windows-x64.exe
2014-01-22 10:35 - 2013-11-25 13:48 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-22 10:35 - 2013-11-25 13:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-22 10:35 - 2013-11-25 13:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-22 10:35 - 2011-12-21 09:47 - 00000000 ____D C:\Users\dakiha\AppData\Local\Adobe
2014-01-22 10:25 - 2014-01-22 10:25 - 00000000 ____D C:\ProgramData\McAfee
2014-01-22 10:24 - 2012-04-12 17:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-22 10:24 - 2011-12-21 09:43 - 00000000 ____D C:\ProgramData\Adobe
2014-01-22 09:41 - 2012-08-11 20:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-22 09:39 - 2014-01-22 09:39 - 01236282 _____ C:\Users\dakiha\Downloads\adwcleaner.exe
2014-01-22 07:20 - 2014-01-22 07:20 - 00000000 ____D C:\Users\dakiha\AppData\Roaming\Malwarebytes
2014-01-22 07:20 - 2014-01-22 07:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-22 07:16 - 2014-01-22 07:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\dakiha\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-22 07:16 - 2014-01-22 07:16 - 00000116 ___RH C:\Users\dakiha\Downloads\Stinger.opt
2014-01-22 07:16 - 2014-01-22 06:53 - 00000000 ____D C:\Program Files\stinger
2014-01-21 22:12 - 2012-08-11 20:32 - 00000000 ____D C:\Users\dakiha\Downloads\Wlan
2014-01-21 21:56 - 2014-01-24 03:20 - 00380416 _____ C:\Users\dakiha\Downloads\gmer.exe
2014-01-21 20:38 - 2014-01-21 20:38 - 02209056 _____ C:\Users\dakiha\Downloads\avira-eu-cleaner_de.exe
2014-01-17 22:44 - 2011-12-18 11:20 - 00002366 _____ C:\Users\dakiha\Desktop\Google Chrome.lnk
2014-01-16 09:52 - 2009-07-14 05:45 - 02424528 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 08:32 - 2013-09-01 17:03 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 08:29 - 2012-04-25 04:12 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 04:02 - 2012-01-04 21:24 - 00000000 ____D C:\Users\dakiha\AppData\Local\CrashDumps

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-10 23:52

==================== End Of Log ============================
         
--- --- ---


Alt 26.01.2014, 06:51   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich mir einen Trojaner eingefangen? - Standard

Habe ich mir einen Trojaner eingefangen?



And the next one in der neverending Story der sauberen Rechner
__________________
--> Habe ich mir einen Trojaner eingefangen?

Alt 26.01.2014, 09:09   #7
dakiha
 
Habe ich mir einen Trojaner eingefangen? - Standard

Habe ich mir einen Trojaner eingefangen?



Danke schön für die Kontrolle, jetzt lebt und arbeitet es sich leichter und beruhigter!!

Alt 27.01.2014, 06:51   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Habe ich mir einen Trojaner eingefangen? - Standard

Habe ich mir einen Trojaner eingefangen?



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Habe ich mir einen Trojaner eingefangen?
anwendungen, frage, gefährlich, google, harddisk, help, internet, laptop, löschen, microsoft, norton internet security, ntoskrnl.exe, registry, scan, security, software, svchost.exe, system, system32, temp, trojaner, windows, windows media player, winlogon.exe, wmp



Ähnliche Themen: Habe ich mir einen Trojaner eingefangen?


  1. Unsicher, ob ich mir einen UPS-Trojaner eingefangen habe
    Plagegeister aller Art und deren Bekämpfung - 19.03.2015 (11)
  2. Habe ich mir einen Trojaner eingefangen?
    Log-Analyse und Auswertung - 02.03.2015 (19)
  3. Habe Telekom Rechnung geöffnet! Bin mir nicht sicher, ob ich einen Trjoaner eingefangen habe
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (15)
  4. Windows 7: Habe mir einen GVU-Trojaner eingefangen und keinen Erfolg mit der Kaspersky boot cd
    Log-Analyse und Auswertung - 10.01.2014 (11)
  5. Habe ich mir einen Bundespolizei-Trojaner eingefangen? Windows 7, Firefox
    Plagegeister aller Art und deren Bekämpfung - 26.11.2013 (9)
  6. Habe mir einen Trojaner eingefangen (TR/ATRAPS.Gen2)
    Log-Analyse und Auswertung - 08.10.2013 (15)
  7. Win7: Habe ich mir einen Trojaner eingefangen?
    Log-Analyse und Auswertung - 21.09.2013 (3)
  8. Ich habe 2 DllHost.exe Prozesse, Habe ich mir einen Virus eingefangen?
    Log-Analyse und Auswertung - 29.08.2013 (9)
  9. ich habe da einen Trojaner eingefangen...
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (1)
  10. Habe ich mir einen Trojaner eingefangen?
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (14)
  11. Habe mir einen Olmarik Trojaner eingefangen ;-(
    Plagegeister aller Art und deren Bekämpfung - 01.03.2010 (10)
  12. HILFE!!!! ich glaube ich habe mir einen Trojaner eingefangen!
    Plagegeister aller Art und deren Bekämpfung - 18.07.2009 (6)
  13. Ich habe mir einen Trojaner eingefangen
    Log-Analyse und Auswertung - 07.08.2008 (8)
  14. Habe mir einen trojaner eingefangen!
    Mülltonne - 07.01.2008 (0)
  15. Hilfe, habe mir einen Trojaner eingefangen
    Log-Analyse und Auswertung - 26.09.2007 (8)
  16. habe vermutlich einen Trojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 17.04.2006 (6)
  17. Hife habe mir wohl einen trojaner eingefangen
    Log-Analyse und Auswertung - 17.10.2004 (5)

Zum Thema Habe ich mir einen Trojaner eingefangen? - Ich habe an meinem Laptop mal mit ein paar Zusatzprogrammen nach Trojanern, Rootkits und sonstigen Plagegeistern Ausschau gehalten. Bei Adwcleaner kam dabei folgendes Ergebnis heraus: / info: Rootkit removal help - Habe ich mir einen Trojaner eingefangen?...
Archiv
Du betrachtest: Habe ich mir einen Trojaner eingefangen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.