Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Svchost Bitcoinminer

Svchost Bitcoinminer


Log-Analyse und Auswertung: Svchost Bitcoinminer

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.04.2015, 14:44   #1
lolle1
 
Svchost Bitcoinminer - Standard

Svchost Bitcoinminer


Hallo,
Beim Starten des PCs kommt von Kaspersky entweder die Meldung 'Die datei svchost.exe wurde gelöscht da sie irreparabel ist' oder das 'Trojan.Win64.BitMin.ft' gefunden wurde, und es wird gefragt wie es Desinfiziert werden soll. Dabei habe ich bereits mit und ohne System neustart ausgewählt, und bei beiden varianten wurde die Datei bis zum nächsten Systemstart auch wirklich entfernt (sie war nicht mehr in C:\Windows\Temp\svchost.exe zu finden), bei der Desinfektion mit Neustart wird beim 1. systemneustart keine Meldung von Kaspersky angezeigt und die datei ist auch nicht zu finden, aber nach einen Neustart kommt wieder eine Meldung.
GMER log ist zu lang... deshalb als rar!
FRST passt nicht mehr in diesen post kann aber nachgereicht werden!
Suchlauf Datum: 24.04.2015
Suchlauf-Zeit: 13:47:36
Logdatei: 1.txt
Administrator: Ja
Malewarebytes:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Version: 2.01.6.1022
Malware Datenbank: v2015.04.24.02
Rootkit Datenbank: v2015.04.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 357246
Verstrichene Zeit: 17 Min, 42 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 3
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [5909353b9ded79bd7ce788b4fe07a45c], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [6200e68a662454e230503f9e19eaee12], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\sweet-page uninstall, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 5
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX&q={searchTerms}),Ersetzt,[65fdbab63d4d70c6ad8366a13ec836ca]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX),Ersetzt,[1a48363a206a52e465cb3ec9f80e827e]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX),Ersetzt,[afb38ae6424844f248e8b94e0afce41c]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX&q={searchTerms}),Ersetzt,[342e2c444b3f42f498989671c640926e]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[9ec46d032b5f4de97b5be81e32d4da26]

Ordner: 3
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\code, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 

Dateien: 32
PUP.Optional.Somoto.SID.A, C:\Users\Admin\AppData\Local\Temp\nsvDDA.tmp, In Quarantäne, [68fa86ea34562b0bcee2152c18eef808], 
Trojan.CoinMiner, C:\Users\Admin\AppData\Local\Temp\update.exe, In Quarantäne, [e2805818fd8dde585acdb85f2dd5c63a], 
Trojan.Agent.MNR, C:\Windows\Temp\lsass.exe, In Quarantäne, [de84ed832565b482e7f648f012f1e41c], 
PUP.Dialupass, C:\Users\Admin\Downloads\20170_nirsoft_package_1.19.28.zip, In Quarantäne, [ee7484ece6a4f0467d49712c30d057a9], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\294.json, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\MessageBox.xml, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\un.ini, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\uninstallDlg2.xml, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\UninstallManager.exe, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\bg.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\bg1.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\bk_shadow.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\button.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\button1.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\checkbox.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\checkbox_select.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\checked.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\close.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\loading_bg.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\loading_light.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\min.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\scrollbar.bmp, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\Thumbs.db, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\unchecked.png, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\code\code1.jpg, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\code\code2.jpg, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\code\code3.jpg, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\code\code4.jpg, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\code\code5.jpg, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\code\code6.jpg, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Roaming\sweet-page\images\code\Thumbs.db, In Quarantäne, [5b077000652582b49b4f6845b94ac040], 
PUP.Optional.SweetPage.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: (), Schlecht: (   "homepage": "hxxp://www.sweet-page.com/?type=hp&ts=1426522025&from=cor&uid=TOSHIBAXDT01ACA100_6357HJWNSXX6357HJWNSX",), Ersetzt,[f66ce28efa90241227a13314d6308d73]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2015
Ran by Admin at 2015-04-26 14:49:43
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2897107241-917314487-1310154325-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2897107241-917314487-1310154325-500 - Administrator - Disabled)
Gast (S-1-5-21-2897107241-917314487-1310154325-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2897107241-917314487-1310154325-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\uTorrent) (Version: 3.4.2.38429 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.04.02 - ASUSTeK Computer Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
concept/design onlineTV 11 (HKLM-x32\...\{8A4C3184-DA2F-4553-BF61-83F5690C3048}_is1) (Version: 11.3.16.0 - concept/design GmbH)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
CSGO (HKLM-x32\...\South Park The Stick of Truth_is1) (Version: 1.0.0.0 - )
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit)
Dropbox (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
DSL Soforthilfe (HKLM-x32\...\DSL Soforthilfe) (Version: 1.1.0.51 - Telefónica Germany GmbH & Co. OHG)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{4705DBFD-9D5E-4D23-817C-8CA7359B7BDE}) (Version: 11.1.20810.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse)
Free YouTube to MP3 Converter version 3.12.56.301 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.56.301 - DVDVideoSoft Ltd.)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
Genymotion version 2.4.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.4.0 - Genymobile)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Google Chrome SxS) (Version: 44.0.2383.0 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.14 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Lemonade Tycoon Deluxe (HKLM-x32\...\Lemonade Tycoon Deluxe) (Version:  - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
ManyCam 4.1.1 (HKLM-x32\...\ManyCam) (Version: 4.1.1 - Visicom Media Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.3 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 28.0.1750.51 (HKLM-x32\...\Opera 28.0.1750.51) (Version: 28.0.1750.51 - Opera Software ASA)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
PC Camera (0022.2009.1125.1004) (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.22.09 - PixArt)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1045.0 - Passmark Software)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.4.15.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
RESCUE 2013 (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\RESCUE 2013) (Version: 1.10.00.00 - rondomedia GmbH)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Setup - Life Is Strange (c) Square Enix ... (HKLM-x32\...\Setup - Life Is Strange (c) Square Enix ...) (Version: ... - DONTNOD Entertainment)
SHIELD Streaming (Version: 4.0.100 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.13.3 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.5.0 - Palit Microsystems Ltd.)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
TransOcean - The Shipping Company (HKLM-x32\...\TransOcean - The Shipping Company_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
TuneGet 3.4.6 (HKLM-x32\...\{050A0D31-6B33-4137-ADE5-C0896E5FA98D}_is1) (Version: 3.4.6 - cyan soft ltd)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
XChat 2 (remove only) (HKLM-x32\...\xchat) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{1BEAC3E3-B852-44F4-B468-8906C062422E}\localserver32 -> C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\44.0.2383.0\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2897107241-917314487-1310154325-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-04-2015 13:18:30 Windows Update
20-04-2015 13:37:25 Installed Java SE Development Kit 8 Update 45 (64-bit)
21-04-2015 12:07:13 Windows Update
24-04-2015 13:37:43 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C3AE204-53FF-4F95-93EC-601BE4A826B9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {0EB155AB-6154-4A5A-9281-F7AD2F43413A} - System32\Tasks\{81B20F25-A8D3-401B-A8AF-13833EFF0409} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?source=lightinstaller&page=tsBing
Task: {11021CBA-17D1-407F-89DB-7D664689B835} - System32\Tasks\Origin => C:\ProgramData\Origin\update.vbe [2015-02-04] () <==== ATTENTION
Task: {12DF5342-9EF1-4E57-A804-14E16C3B9A25} - System32\Tasks\Uninstaller_SkipUac_Admin => C:\mystuff\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {14E65D74-C31C-4796-B2D4-B26FA9D97433} - System32\Tasks\{A6EFA8B0-0E6C-49C3-9DDB-81D542A2D1F5} => pcalua.exe -a C:\Windows\unvise32.exe -c C:\Games\Lemonade Tycoon\Deluxe\uninstal.log
Task: {19818A66-9C6A-4E00-85A9-2C03A58F7AA5} - System32\Tasks\{701E15D1-5EFA-4ED6-9EE6-903E652B9E56} => D:\ConfigTool.exe
Task: {1A1FAE80-3315-4F2A-9838-FE4122F4BE3E} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {251C110C-8386-4F6A-A2C9-48A217A2554B} - System32\Tasks\{5BED8C99-B888-433C-B558-29CF724897C0} => Chrome.exe 
Task: {40C1C43A-3E66-4644-B966-CA82D5FE6622} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {448F0E75-EFB7-4AAB-B42F-1C2ED7EDF819} - System32\Tasks\{7B478976-E56C-41B3-A889-25308FB70DC5} => pcalua.exe -a D:\Autorun.exe -d D:\
Task: {4973D486-168C-4467-B4C6-031A94DA92F8} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {50B74EC5-0109-4875-AC5B-08FD351E8E8D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-25] (Google Inc.)
Task: {644E50EE-D823-49C0-8673-3C78D8BBBB97} - System32\Tasks\{857C73D2-1CA9-42B6-8B95-D80EF5F91DC1} => pcalua.exe -a "C:\Windows.old\Program Files (x86)\OkayFreedom\setuptool.exe" -d "C:\Windows.old\Program Files (x86)\OkayFreedom"
Task: {6E51A7E0-D38F-4C92-9CCF-E74745EBCCBD} - \Driver Booster SkipUAC (Admin) No Task File <==== ATTENTION
Task: {70E942FB-282D-4E6B-BE51-9BB994DC0A64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {89D8FC99-0E9A-400E-9423-F26BF25E5E33} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {920C1C59-D466-499A-A94A-7A3EE112035E} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {9ED27160-0AD5-49A9-980A-1C7A45E33E77} - \Driver Booster Scan No Task File <==== ATTENTION
Task: {9FDBA844-E42E-47E8-9A6A-DF02A597EBD6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {A80F3743-D177-446B-B438-73CF308E9084} - System32\Tasks\ASC8_SkipUac_Admin => C:\mystuff\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {B0BF2EB8-B30B-4D63-B657-2AC8578EC61F} - System32\Tasks\ASC8_PerformanceMonitor => C:\mystuff\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {BC05F33F-5B2E-4BF6-BC97-1F55F9FC7BEC} - System32\Tasks\{91A5B4F2-BB58-42C9-B538-0123CD3354EB} => D:\AutoRun.exe
Task: {C8BB97D8-D717-4E18-AD97-BB0E3A9A34DF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {DCAF1F6D-C500-42FA-A28D-D24AE95C6E27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {DE4064AA-E591-42BA-B5C4-6076972FB21D} - System32\Tasks\Opera scheduled Autoupdate 1429188192 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-07] (Opera Software)
Task: {E16F7F64-785F-4879-BD72-CF3F80A2F6BE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-25] (Google Inc.)
Task: {E8A024B4-4E5C-4E78-AFCE-BF3D16594920} - System32\Tasks\{AC484F85-0206-4066-A413-5D14D2B3271F} => pcalua.exe -a D:\AutoRun.exe -d D:\
Task: {E8F4C604-B99D-4E90-9019-22E5F22289D5} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\MyStuff\Asus\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {F0C522AD-884A-4CDC-843C-1F491C061EB9} - \Driver Booster Update No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-25 12:45 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-08 14:44 - 2015-03-08 14:44 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-02-03 18:46 - 2015-02-03 18:46 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-10 19:20 - 2015-03-10 19:20 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-03-02 16:43 - 2015-03-02 16:43 - 00099288 _____ () C:\mystuff\FileZilla FTP Client\fzshellext_64.dll
2014-12-18 16:10 - 2014-12-18 16:10 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-14 14:45 - 2013-11-21 22:57 - 20585888 ____N () C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
2015-04-25 19:17 - 2015-04-24 19:25 - 01733448 _____ () C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\44.0.2382.0\libglesv2.dll
2015-04-25 19:17 - 2015-04-24 19:25 - 00093000 _____ () C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\44.0.2382.0\libegl.dll
2015-04-26 14:43 - 2015-04-26 14:43 - 00050477 _____ () C:\Users\Admin\Downloads\Defogger.exe
2015-03-22 16:29 - 2013-10-25 13:08 - 00517408 _____ () C:\mystuff\IObit\Advanced SystemCare 8\sqlite3.dll
2015-03-08 14:44 - 2015-04-26 12:32 - 00022528 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-03-08 14:44 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-12-18 16:06 - 2014-12-18 16:06 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:08 - 2014-12-18 16:08 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 16:09 - 2014-12-18 16:09 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 16:08 - 2014-12-18 16:08 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 16:09 - 2014-12-18 16:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 16:11 - 2014-12-18 16:11 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 16:14 - 2014-12-18 16:14 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\kpcengine.2.3.dll
2015-03-22 16:29 - 2013-01-15 19:48 - 00348992 _____ () C:\mystuff\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-03-22 16:29 - 2013-01-15 19:48 - 00183616 _____ () C:\mystuff\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-03-22 16:29 - 2013-01-15 19:48 - 00051008 _____ () C:\mystuff\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-03-08 14:46 - 2011-07-12 20:14 - 00147456 _____ () C:\MyStuff\Asus\AI Suite II\AssistFunc.dll
2015-03-08 14:46 - 2010-10-05 09:22 - 00253952 _____ () C:\MyStuff\Asus\AI Suite II\pngio.dll
2015-03-08 14:46 - 2012-03-21 13:07 - 00972288 _____ () C:\MyStuff\Asus\AI Suite II\BarGadget\BarGadget.dll
2015-03-08 14:46 - 2012-07-12 12:27 - 01125376 _____ () C:\MyStuff\Asus\AI Suite II\Network iControl\Network iControl.dll
2015-03-08 14:46 - 2012-05-25 11:33 - 00883712 _____ () C:\MyStuff\Asus\AI Suite II\Sensor\Sensor.dll
2015-03-08 14:46 - 2012-05-28 22:27 - 01622528 _____ () C:\MyStuff\Asus\AI Suite II\Sensor Graph\SensorGraph.dll
2015-03-08 14:46 - 2011-09-19 21:18 - 01243136 _____ () C:\MyStuff\Asus\AI Suite II\Settings\Settings.dll
2015-03-08 14:46 - 2011-07-21 10:06 - 00846848 _____ () C:\MyStuff\Asus\AI Suite II\Splitter\Splitter.dll
2015-03-08 14:46 - 2011-10-14 21:03 - 00885248 _____ () C:\MyStuff\Asus\AI Suite II\TabGadget\TabGadget.dll
2015-03-08 14:44 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2015-03-08 14:46 - 2010-10-05 09:22 - 00208896 _____ () C:\MyStuff\Asus\AI Suite II\ImageHelper.dll
2015-03-08 14:46 - 2009-08-12 21:15 - 00253952 _____ () C:\MyStuff\Asus\AI Suite II\Sensor\AlertHelper\pngio.dll
2015-03-08 14:46 - 2012-07-11 14:57 - 00152064 _____ () C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\gep.dll
2015-03-22 16:29 - 2013-01-15 19:47 - 00893248 _____ () C:\MyStuff\IObit\Advanced SystemCare 8\webres.dll
2015-03-22 16:29 - 2013-01-15 19:48 - 00348992 _____ () C:\mystuff\IObit\IObit Uninstaller\madExcept_.bpl
2015-03-22 16:29 - 2013-01-15 19:48 - 00183616 _____ () C:\mystuff\IObit\IObit Uninstaller\madBasic_.bpl
2015-03-22 16:29 - 2013-01-15 19:48 - 00051008 _____ () C:\mystuff\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-03-08 14:46 - 2012-05-10 17:38 - 00786432 _____ () C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\func.dll
2015-03-08 14:46 - 2010-10-05 09:22 - 00253952 _____ () C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
2015-04-26 12:40 - 2015-04-26 12:40 - 00043008 _____ () c:\users\admin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa3nokf.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\dell.com -> dell.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2897107241-917314487-1310154325-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{B5093128-BD39-4F2A-B12A-1B051772CE5E}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F714D1AA-AB26-41F2-9E53-D6860E7D7F4A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{679D759C-B9B6-468A-B7B2-B0DC7E77B63D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D6056236-36AE-4B04-936E-4EDB1FF0F3DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{01F9A4FD-8944-4780-9B14-A601027B5B54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9EB602C3-DC7C-4E05-98D1-4E577CDA077D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EFFFB17B-2C45-4AA0-9153-64318F88396B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D8CC8935-7204-419D-AA2B-06AA73B9BC4B}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{6EF97883-B640-4178-AC21-A0D7A8414C85}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{30C0475D-D2B9-4B62-9FCC-AE2BCAFA2BD1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6990B04E-D314-470A-8D65-7B5B367552F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5068AE5E-6AA6-47BE-8C81-7140864CD90D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FCE483A1-7192-4453-9ACA-3E95FE13CF21}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{304FC498-2FC1-4336-9373-45945AC76FBD}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED337DB5-F927-403E-B3E8-DD6BE77785C0}] => (Allow) C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3B3995AA-9C43-4A83-A741-96630408D1B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{DEEB3993-5A18-45DA-930D-F5294819FA4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{165FB8D0-8C4B-4E93-B4B9-D8C9207D3834}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\BG1A3Z5H.GLC\KR34V786.273\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{EEF2ED0A-DFE1-40F9-B5C6-9EA29D479E12}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\BG1A3Z5H.GLC\KR34V786.273\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{866BCE60-409C-406B-B17B-6B0F5C2BC745}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3CD5DB73-2064-4BB0-A69F-DA06B9F3E5B0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F20897B8-504A-4CF7-B6D0-68A0C2DD2587}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E53865BC-854F-437F-B280-E2D2FEF4C58D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{993D861F-F87A-42A8-A585-DB493A203B0B}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{C09B481A-B2B2-435B-A57C-AC0D1E48371A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe
FirewallRules: [{FF90BE29-6C97-4F37-ACF8-6C5BD73A0E7B}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5D03016B-9D17-408A-A658-C94E44BEFAD2}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A1AE9762-3551-4BDC-AB21-EA9ECAD8C442}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5F980772-19D0-43A1-95A9-BDBE01C1FF6C}] => (Allow) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{79C7C257-EB7B-4541-BA4F-4A6F0C87B309}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{9ED48F84-2FC9-4302-89EF-9061B25DB01D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{6351247D-5EBE-4DB0-AFB6-AFE49C05412C}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{1927CB6E-F8D4-43C1-930E-858DBAD89969}] => (Allow) C:\MyStuff\Asus\AI Suite II\AI Suite II.exe
FirewallRules: [{9FCEC3D0-F7AD-4523-B394-6D35318F5C6F}] => (Allow) C:\MyStuff\Asus\AI Suite II\AI Suite II.exe
FirewallRules: [{A09D318E-8ACA-4DCE-B340-CFE72088E08D}] => (Allow) C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
FirewallRules: [{65EDCAC5-BCB8-42E1-94C5-3A5F2D1A8693}] => (Allow) C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
FirewallRules: [{DE4F105B-17AF-4C6B-8CF8-12F897450751}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3D4B25CF-908B-41C9-8334-2B7476F3FF1F}] => (Allow) C:\mystuff\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{843A4135-63B2-41AB-9006-302D4F22D044}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 11\onlineTV.exe
FirewallRules: [{BDAF5A92-45B9-430E-A919-4ACCA72B9CCF}] => (Allow) C:\Program Files (x86)\concept design\onlineTV 11\onlineTV.exe
FirewallRules: [{41E12B42-0856-4950-BD64-8F25ED8516AE}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\BG1A3Z5H.GLC\KR34V786.273\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C49E55F5-A48F-4ADE-BF3A-BF4E779895F4}] => (Allow) C:\Users\Admin\AppData\Local\Apps\2.0\BG1A3Z5H.GLC\KR34V786.273\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
FirewallRules: [{D493C102-0FA9-46D5-82CE-2EFF976EB8D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{383DD8F8-4A04-48A4-B6D9-A7AB70DE5930}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D6DBF906-C093-4408-B945-B774B9EFDBF8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E7AAEA63-24F3-4D29-9339-153F568F122D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{695BC763-C4E7-4873-8C43-00B4E5D466FC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BF77153F-5186-474C-8F9D-BA2B7A32CE8C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DA9C52C0-4726-4ED4-9129-9C992212429A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5A346E7C-45E5-4464-82E4-928521CA334D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0FF3DFEF-3C6F-425F-863B-A3DF24310498}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8C5AC043-C522-401B-9FA3-E8AFBFD693F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9EA35874-E0CC-44B3-859A-7F28B2037982}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{DF9EDED3-05C7-412E-8F1A-2099C146364C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{92551A0F-4ADA-40CD-ACCF-839DAEA1A3A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{344422EA-8C04-4DCE-8592-230018B0D896}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{221940D1-E694-46DE-BDF1-FCD4CCBB9A34}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B2CC07E0-3C8B-4719-8920-E49BBEFD328D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9A18ABBF-5A15-418D-9B66-CECD60F2C732}] => (Allow) C:\Windows.old\Program Files (x86)\OkayFreedom\polipo\node.exe
StandardProfile\AuthorizedApplications: [C:\mystuff)\xchat\xchat.exe] => C:\mystuff)\xchat\xchat.exe:*:Enabled:XChat IRC Client

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/26/2015 01:36:28 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/26/2015 01:36:28 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/26/2015 01:23:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (04/25/2015 09:33:16 PM) (Source: OkayFreedomStarterService) (EventID: 0) (User: )
Description: OkayFreedomStarterServicenStartServiceCtrlDispatcher failed.

Error: (04/25/2015 09:31:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OkayFreedomClient.exe, Version: 1.4.1.11192, Zeitstempel: 0x548af2fa
Name des fehlerhaften Moduls: OkayFreedomClient.exe, Version: 1.4.1.11192, Zeitstempel: 0x548af2fa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007682a
ID des fehlerhaften Prozesses: 0x2bf8
Startzeit der fehlerhaften Anwendung: 0xOkayFreedomClient.exe0
Pfad der fehlerhaften Anwendung: OkayFreedomClient.exe1
Pfad des fehlerhaften Moduls: OkayFreedomClient.exe2
Berichtskennung: OkayFreedomClient.exe3

Error: (04/25/2015 09:27:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OkayFreedomClient.exe, Version: 1.4.1.11192, Zeitstempel: 0x548af2fa
Name des fehlerhaften Moduls: OkayFreedomClient.exe, Version: 1.4.1.11192, Zeitstempel: 0x548af2fa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007682a
ID des fehlerhaften Prozesses: 0x2b4c
Startzeit der fehlerhaften Anwendung: 0xOkayFreedomClient.exe0
Pfad der fehlerhaften Anwendung: OkayFreedomClient.exe1
Pfad des fehlerhaften Moduls: OkayFreedomClient.exe2
Berichtskennung: OkayFreedomClient.exe3

Error: (04/25/2015 09:27:14 PM) (Source: OkayFreedomStarterService) (EventID: 0) (User: )
Description: OkayFreedomStarterServicenStartServiceCtrlDispatcher failed.

Error: (04/25/2015 09:25:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OkayFreedomClient.exe, Version: 1.4.1.11192, Zeitstempel: 0x548af2fa
Name des fehlerhaften Moduls: OkayFreedomClient.exe, Version: 1.4.1.11192, Zeitstempel: 0x548af2fa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007682a
ID des fehlerhaften Prozesses: 0x2710
Startzeit der fehlerhaften Anwendung: 0xOkayFreedomClient.exe0
Pfad der fehlerhaften Anwendung: OkayFreedomClient.exe1
Pfad des fehlerhaften Moduls: OkayFreedomClient.exe2
Berichtskennung: OkayFreedomClient.exe3

Error: (04/24/2015 09:26:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (04/24/2015 07:53:18 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Die Schnittstelle ist unbekannt


System errors:
=============
Error: (04/26/2015 00:32:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kaspersky Anti-Virus Service 15.0.1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/25/2015 07:01:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/25/2015 07:00:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/25/2015 07:00:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost 5 Client Service erreicht.

Error: (04/25/2015 06:59:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎04.‎2015 um 18:57:35 unerwartet heruntergefahren.

Error: (04/24/2015 08:35:06 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (04/24/2015 08:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/24/2015 01:40:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/24/2015 01:40:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/24/2015 01:40:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/26/2015 01:36:28 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/26/2015 01:36:28 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (04/26/2015 01:23:15 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

Error: (04/25/2015 09:33:16 PM) (Source: OkayFreedomStarterService) (EventID: 0) (User: )
Description: OkayFreedomStarterServicenStartServiceCtrlDispatcher failed.

Error: (04/25/2015 09:31:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OkayFreedomClient.exe1.4.1.11192548af2faOkayFreedomClient.exe1.4.1.11192548af2fac00000050007682a2bf801d07f8e6e498952C:\MyStuff\OkayFreedom\OkayFreedomClient.exeC:\MyStuff\OkayFreedom\OkayFreedomClient.exeb3c6d596-eb81-11e4-91fb-08002700102a

Error: (04/25/2015 09:27:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OkayFreedomClient.exe1.4.1.11192548af2faOkayFreedomClient.exe1.4.1.11192548af2fac00000050007682a2b4c01d07f8dd70369f7C:\Windows.old\Program Files (x86)\OkayFreedom\OkayFreedomClient.exeC:\Windows.old\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe178faf96-eb81-11e4-91fb-08002700102a

Error: (04/25/2015 09:27:14 PM) (Source: OkayFreedomStarterService) (EventID: 0) (User: )
Description: OkayFreedomStarterServicenStartServiceCtrlDispatcher failed.

Error: (04/25/2015 09:25:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OkayFreedomClient.exe1.4.1.11192548af2faOkayFreedomClient.exe1.4.1.11192548af2fac00000050007682a271001d07f8d9a839ec0C:\Windows.old\Program Files (x86)\OkayFreedom\OkayFreedomClient.exeC:\Windows.old\Program Files (x86)\OkayFreedom\OkayFreedomClient.exee5b878e3-eb80-11e4-91fb-08002700102a

Error: (04/24/2015 09:26:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe

Error: (04/24/2015 07:53:18 PM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Die Schnittstelle ist unbekannt


CodeIntegrity Errors:
===================================
  Date: 2015-02-13 15:55:38.956
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 15:55:38.939
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 15:54:23.643
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-02-13 15:54:23.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 47%
Total physical RAM: 8143.76 MB
Available physical RAM: 4309.91 MB
Total Pagefile: 16285.71 MB
Available Pagefile: 11472.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:641.41 GB) NTFS
Drive d: (DVD) (CDROM) (Total:4.36 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E426742)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Themen zu Svchost Bitcoinminer
android/mobserv.a, bitcoinminer, coinminer, installmanager.exe, js/toolbar.crossrider.b, js/toolbar.crossrider.f, launch, pup.dialupass, pup.optional.qone8, pup.optional.somoto.sid.a, pup.optional.sweetpage.a, pup.optional.windowsmangerprotect.a, svchost.exe virus, sweetpage, trojan.agent.mnr, trojan.coinminer, vbs/kryptik.dc, virtualbox, win32/adware.linkular.ah, win32/adware.synatix.a, win32/downloadsponsor.c, win32/installcore.pc, win32/mobogenie.a, win32/mypcbackup.a, win32/toolbar.babylon.ad, win32/toolbar.babylon.p, win32/toolbar.widgi.b, win32/winloadsda.i, win64/systweak.a, windows.old


« Windows 8: "Ads by easy to Shop" entfernen | Agent5.WWL und Generic36.BJLS »


Ähnliche Themen: Svchost Bitcoinminer


  1. TR/BitCoinMiner.Gen und ander TR Viren in C:/User/Jannis/Appdata/Local/Temp/msupdate
    Log-Analyse und Auswertung - 08.10.2015 (13)
  2. TR/BitCoinMiner.Gen Virus will nicht weggehen
    Log-Analyse und Auswertung - 27.09.2015 (9)
  3. Schädlingsbefall mit TR/BitCoinMiner.Gen - permanente Meldungen in Avira Antivirus Pro
    Log-Analyse und Auswertung - 12.09.2015 (8)
  4. HEUR/Modified.SystemFile; 'TR/BitCoinMiner.Gen
    Plagegeister aller Art und deren Bekämpfung - 10.09.2015 (16)
  5. Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.
    Log-Analyse und Auswertung - 02.03.2015 (23)
  6. TR/BitCoinMiner.fm
    Log-Analyse und Auswertung - 10.01.2015 (17)
  7. Habe ein TR/BitCoinMiner.Gen
    Plagegeister aller Art und deren Bekämpfung - 08.10.2014 (9)
  8. Svhost.exe /Backdoor.Agent + PUP.BitCoinMiner
    Plagegeister aller Art und deren Bekämpfung - 29.09.2014 (35)
  9. Virus(bitcoinminer) durch svhost.exe
    Plagegeister aller Art und deren Bekämpfung - 10.09.2014 (15)
  10. Windows7: wincpu.exe laut AntiVir ein BitCoinMiner. Entfernte Datei ist nach Systemneustart wieder da.
    Log-Analyse und Auswertung - 03.07.2014 (25)
  11. Avirafund TR/BitCoinMiner.18717
    Plagegeister aller Art und deren Bekämpfung - 27.02.2014 (11)
  12. TR/BitCoinMiner.V
    Plagegeister aller Art und deren Bekämpfung - 23.01.2014 (11)
  13. 98% Auslastung der GPU im Leerlauf, Malwarebytes erkennt svhost.exe BitCoinMiner
    Log-Analyse und Auswertung - 04.01.2014 (9)
  14. Trojan.BitcoinMiner befall u. a. von svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 21.11.2013 (29)
  15. BitCoinMiner Adware entfernen
    Anleitungen, FAQs & Links - 27.10.2013 (2)
  16. "Trojan.BitCoinMiner" Entfernung mir nicht möglich
    Log-Analyse und Auswertung - 17.08.2013 (15)
  17. svchost Virus ! C:\Benutzer\Windows\Install\svchost.exe - WORM/Rebhip.A.318
    Plagegeister aller Art und deren Bekämpfung - 20.01.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Svchost Bitcoinminer - Hallo, Beim Starten des PCs kommt von Kaspersky entweder die Meldung 'Die datei svchost.exe wurde gelöscht da sie irreparabel ist' oder das 'Trojan.Win64.BitMin.ft' gefunden wurde, und es wird gefragt wie - Svchost Bitcoinminer...
Archiv
Du betrachtest: Svchost Bitcoinminer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131