Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online

PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online


Plagegeister aller Art und deren Bekämpfung: PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.01.2015, 18:19   #1
doxter
 
PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online - Standard

PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online


Wertes Team,

ich habe ein gebrachtes Laptop bekommen und dieses mit Mailwarebytes überprüft. Nachdem über 2.500 Dateien angemahnt wurden, habe ich eine Säuberung, analog zur letzten Hilfestellung von Euch (Schrauber) durchgeführt. Es lief auch alles ohen Probleme, bis zum Schritt 4 - dem Eset online Scanner.
Es klappt bis zum Start. Beim Herunterladen der Signaturdatenbanken bricht dieser mit folgender Meldung ab mit " unerwarteter Fehler in 2002".

Was ist da schief gelaufen? Vielen Dank im Voraus!

Alt 18.01.2015, 18:54   #2
schrauber
/// the machine
/// TB-Ausbilder
 
PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online - Standard

PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 19.01.2015, 15:53   #3
doxter
 
PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online - Standard

PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online


#FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by ETE at 2015-01-19 15:49:13
Running from C:\Users\ETE\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Nero SoundTrax Help (x32 Version: 4.0.15.0 - Nero AG) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.159.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
ATI Catalyst Install Manager (HKLM\...\{4ACA5AE7-E68C-5A48-F8E6-D67946267506}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 (HKLM-x32\...\{22f1df52-7b24-43dc-85bb-be7a5e8086c8}) (Version:  - Nero AG)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Shopping Helper Smartbar (HKLM-x32\...\{C64BEB42-B25D-4674-BB55-4099CB720110}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKU\S-1-5-21-1052115409-2860602021-3274823310-1000\...\{7362fc2c-6330-4956-8e6c-ba2318b58318}) (Version: 11.113.63.19229 - ReSoft Ltd.) <==== ATTENTION
SoundTrax (x32 Version: 4.0.18.0 - Nero AG) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
TuneUp Utilities 2011 (HKLM-x32\...\TuneUp Utilities 2011) (Version: 10.0.4600.4 - TuneUp Software)
TuneUp Utilities 2011 (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
Unchecky v0.3.5 (HKLM-x32\...\Unchecky) (Version: 0.3.5 - RaMMicHaeL)
unincar (HKLM-x32\...\{eb4c7b00-66dd-43cc-6fd4-201961863adc}) (Version: 1.0.0 - citgen) <==== ATTENTION!
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1052115409-2860602021-3274823310-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\ETE\AppData\Roaming\unincar\cumadis.dll () <==== ATTENTION

==================== Restore Points  =========================

26-10-2014 18:25:07 Windows Update
01-11-2014 10:24:29 Windows Update
06-11-2014 20:38:14 Windows Update
14-11-2014 12:35:55 Windows Update
14-11-2014 13:02:00 Windows Update
18-01-2015 09:13:04 Windows Update
18-01-2015 19:37:25 Windows Update
19-01-2015 12:32:36 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-19 15:22 - 00001993 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04D38B4E-2063-4206-959C-F59447D07A26} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 => C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe [2011-12-13] (TuneUp Software)
Task: {124B2496-D195-4829-876F-ADCEA04A0081} - System32\Tasks\RegClean Prosch => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION
Task: {360C7886-8D7F-4BA7-8D2A-A4A5974D9DC9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {5C6748CC-8FF9-40A9-B8AE-350806419F4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-04] (Google Inc.)
Task: {7E2C9D5A-0BFA-4DE4-9BA4-C21D61F04DDF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-04] (Google Inc.)
Task: {EABED8D7-6CE9-480C-95CE-9ED5662E3214} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Prosch.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-05-01 01:55 - 2014-05-01 01:55 - 00137728 _____ () C:\Users\ETE\AppData\Roaming\unincar\cumadis.dll
2011-06-07 21:11 - 2011-06-07 21:11 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-22 09:17 - 2011-03-22 09:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-05-01 01:54 - 2014-05-01 01:54 - 00116736 _____ () C:\Users\ETE\AppData\Roaming\unincar\adcoing.dll
2015-01-18 10:13 - 2015-01-09 01:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-18 10:13 - 2015-01-09 01:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-18 10:13 - 2015-01-09 01:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-18 10:13 - 2015-01-09 01:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\ETE\AppData\Local\Smartbar\Application\Smartbar.exe startup
MSCONFIG\startupreg: PCSpeedUp => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
MSCONFIG\startupreg: Registry Helper => "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
MSCONFIG\startupreg: Super Optimizer => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1052115409-2860602021-3274823310-500 - Administrator - Disabled)
ETE (S-1-5-21-1052115409-2860602021-3274823310-1000 - Administrator - Enabled) => C:\Users\ETE
Gast (S-1-5-21-1052115409-2860602021-3274823310-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1052115409-2860602021-3274823310-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2015 03:45:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 19.1.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 6d8

Startzeit: 01d033f65b07f92b

Endzeit: 12

Anwendungspfad: C:\Users\ETE\Downloads\FRST64.exe

Berichts-ID: d1c6559a-9fe9-11e4-9833-e840f290897c

Error: (01/19/2015 00:43:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.1.711 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ff4

Startzeit: 01d033dcec4ac4a5

Endzeit: 15

Anwendungspfad: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe

Berichts-ID: 58423df6-9fd0-11e4-9751-e840f290897c

Error: (01/19/2015 00:21:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/19/2015 00:21:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/19/2015 09:10:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/19/2015 09:10:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/19/2015 09:10:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/18/2015 06:41:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/18/2015 06:41:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/18/2015 06:41:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (01/19/2015 03:22:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update surf slide" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/19/2015 03:22:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (01/19/2015 02:05:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/19/2015 02:04:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update surf slide" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/19/2015 02:03:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (01/19/2015 01:45:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/19/2015 00:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update surf slide" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/19/2015 00:39:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (01/19/2015 00:38:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/19/2015 00:35:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update surf slide" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (01/19/2015 03:45:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe19.1.2015.06d801d033f65b07f92b12C:\Users\ETE\Downloads\FRST64.exed1c6559a-9fe9-11e4-9833-e840f290897c

Error: (01/19/2015 00:43:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.1.711ff401d033dcec4ac4a515C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe58423df6-9fd0-11e4-9751-e840f290897c

Error: (01/19/2015 00:21:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest

Error: (01/19/2015 00:21:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest

Error: (01/19/2015 09:10:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ETE\Downloads\esetsmartinstaller_deu.exe

Error: (01/19/2015 09:10:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ETE\Downloads\esetsmartinstaller_deu.exe

Error: (01/19/2015 09:10:03 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ETE\Downloads\esetsmartinstaller_deu.exe

Error: (01/18/2015 06:41:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ETE\Downloads\esetsmartinstaller_deu (1).exe

Error: (01/18/2015 06:41:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ETE\Downloads\esetsmartinstaller_deu (2).exe

Error: (01/18/2015 06:41:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ETE\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 35%
Total physical RAM: 3693.41 MB
Available physical RAM: 2364.24 MB
Total Pagefile: 7685.01 MB
Available Pagefile: 5915.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.7 GB) (Free:252.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 16A4AA25)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---


#
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by ETE (administrator) on ETE-PC on 19-01-2015 15:46:35
Running from C:\Users\ETE\Downloads
Loaded Profiles: ETE (Available profiles: ETE)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2011-03-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1052115409-2860602021-3274823310-1000\...\Run: [Super Optimizer] => C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe
HKU\S-1-5-21-1052115409-2860602021-3274823310-1000\...\MountPoints2: E - E:\autorun.exe
HKU\S-1-5-21-1052115409-2860602021-3274823310-1000\...\MountPoints2: {b629764a-252d-11e4-b4bf-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-09-17] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found
AppInit_DLLs:  C:\Users\ETE\AppData\Local\Linkey\IEEXTE~1\iedll64.dll => C:\Users\ETE\AppData\Local\Linkey\IEEXTE~1\iedll64.dll File Not Found
BootExecute: autocheck autochk * sasnative64
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1052115409-2860602021-3274823310-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49329;https=127.0.0.1:49329
ProxyServer: [S-1-5-21-1052115409-2860602021-3274823310-1000] => http=127.0.0.1:49361;https=127.0.0.1:49361
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKU\S-1-5-21-1052115409-2860602021-3274823310-1000\...\Firefox\Extensions: [{A874F45A-B00A-F87A-6334-1439AB066666}] - C:\Program Files (x86)\ver3BlockAndSurf\180.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3331617&octid=EB_ORIGINAL_CTID&ISID=MFD4DCC59-C299-4B46-ACAC-9D2DA97D33B3&SearchSource=55&CUI=&UM=6&UP=SP9FDC02CF-C847-45D9-B98C-89C0C98B457F&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3331617&octid=EB_ORIGINAL_CTID&ISID=MFD4DCC59-C299-4B46-ACAC-9D2DA97D33B3&SearchSource=55&CUI=&UM=6&UP=SP9FDC02CF-C847-45D9-B98C-89C0C98B457F&SSPV=", "hxxp://istart.webssearches.com/?type=hp&ts=1405016150&from=pjr&uid=HitachiXHTS543232A7A384_120309E2M312333VAHPSX", "hxxp://www.trovi.com/?gd=&ctid=CT3331617&octid=EB_ORIGINAL_CTID&ISID=MFD4DCC59-C299-4B46-ACAC-9D2DA97D33B3&SearchSource=55&CUI=&UM=6&UP=SP9FDC02CF-C847-45D9-B98C-89C0C98B457F&SSPV=", "hxxp://astromenda.com/?f=7&a=ast_cmi_14_44_ie&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzytDzzzyyB0CzyyD0CtCtN0D0Tzu0StCtDtAtCtN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0FyByCtCtByB0EtGyC0DzyyCtGtD0E0BtDtGyB0EyE0BtGtA0F0ByCzy0BtByEtB0DyD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0D0EyCtB0C0CtDtGzztA0A0BtGyEtDyBzytGzzzz0B0FtGyEyCyE0Dzy0B0AzytB0DyD0C2Q&cr=578660042&ir=", "hxxp://google.de/"
CHR DefaultSearchKeyword: Default -> bf
CHR DefaultSuggestURL: Default -> hxxp://www.benefind.de/lib/autocompletev.php?q={searchTerms}
CHR Profile: C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-04]
CHR Extension: (Google Drive) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-17]
CHR Extension: (YouTube) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-04]
CHR Extension: (Adblock Plus) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-28]
CHR Extension: (Google-Suche) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-04]
CHR Extension: (Avira Browserschutz) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-04]
CHR Extension: (Facebook for Chrome) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-09-28]
CHR Extension: (Google Wallet) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-04]
CHR Extension: (Google Mail) - C:\Users\ETE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2028864 2011-12-13] (TuneUp Software)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-12-28] (RaMMicHaeL)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2011-03-30] (4G Systems GmbH & Co. KG)
S2 Update surf slide; "C:\Program Files (x86)\surf slide\updatesurfslide.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2014-08-16] (Mobile Connector)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2010-10-07] (TuneUp Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 15:44 - 2015-01-19 15:47 - 00011999 _____ () C:\Users\ETE\Downloads\FRST.txt
2015-01-19 15:42 - 2015-01-19 15:42 - 02126848 _____ (Farbar) C:\Users\ETE\Downloads\FRST64.exe
2015-01-19 13:01 - 2015-01-19 13:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-19 13:00 - 2015-01-19 13:00 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-19 13:00 - 2015-01-19 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-19 13:00 - 2015-01-19 13:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-19 13:00 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-19 13:00 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-19 13:00 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-19 12:58 - 2015-01-19 12:58 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ETE\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-19 11:03 - 2015-01-19 11:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-19 08:57 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-19 08:57 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-18 19:45 - 2015-01-18 19:45 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-18 19:39 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-18 19:39 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-18 19:39 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-18 19:39 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-18 19:39 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-18 19:39 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-18 19:39 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-18 19:39 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-18 19:39 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-18 19:39 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-18 19:28 - 2015-01-18 19:26 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-01-18 19:25 - 2015-01-18 19:25 - 00000000 ____D () C:\Users\ETE\AppData\Roaming\Avira
2015-01-18 19:24 - 2015-01-18 19:24 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-01-18 19:24 - 2015-01-18 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-18 19:22 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-01-18 19:22 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-01-18 19:22 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-01-18 15:36 - 2015-01-18 18:38 - 00000000 ____D () C:\OETemp
2015-01-18 13:14 - 2015-01-18 13:14 - 00001456 _____ () C:\Users\ETE\Desktop\JRT.txt
2015-01-18 13:06 - 2015-01-18 13:06 - 00000000 ____D () C:\Windows\ERUNT
2015-01-18 13:00 - 2015-01-18 19:14 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-18 13:00 - 2015-01-18 13:00 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-18 13:00 - 2015-01-18 13:00 - 00001035 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-01-18 12:14 - 2015-01-18 12:37 - 00000000 ____D () C:\AdwCleaner
2015-01-18 11:48 - 2015-01-19 15:46 - 00000000 ____D () C:\FRST
2015-01-18 11:38 - 2015-01-18 11:38 - 00413424 _____ () C:\Users\ETE\Documents\2015_01_mailware_scan.txt
2015-01-18 10:19 - 2015-01-18 10:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-18 10:05 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-18 10:05 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-01-18 10:04 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-18 10:04 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-18 10:04 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-18 10:04 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-18 10:04 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-18 10:04 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-18 10:04 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-18 10:04 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-18 10:04 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-18 10:03 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-18 10:03 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-18 10:03 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-18 10:03 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-18 10:03 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-18 10:03 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-18 10:03 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-18 10:03 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-18 10:03 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-18 10:03 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-18 10:03 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-18 10:03 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-18 10:03 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-18 10:03 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-18 10:03 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-18 10:03 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-18 10:03 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-18 10:03 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-18 10:03 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-18 10:03 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-18 10:03 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-18 10:03 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-18 10:03 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-18 10:02 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-18 10:02 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-18 10:02 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-18 10:02 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-18 10:02 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-18 10:02 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-18 10:02 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-18 10:02 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-18 10:02 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-18 10:02 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-18 10:02 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-18 10:02 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-18 10:02 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-18 10:02 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-18 10:02 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-18 10:02 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-18 10:02 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-18 10:02 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-18 10:02 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-18 10:02 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-18 10:02 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-18 10:02 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-18 10:02 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-18 10:02 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-18 10:02 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-18 10:02 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-18 10:02 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-18 10:02 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-18 10:02 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-18 10:02 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-18 10:02 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-18 10:02 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-18 10:02 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-18 10:02 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-18 10:02 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-18 10:02 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-18 10:02 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-18 10:02 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-18 10:02 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-18 09:59 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-18 09:59 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-18 09:59 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-18 09:59 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-01-18 09:58 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-18 09:58 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-01-18 09:58 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-18 09:58 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-18 09:58 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-18 09:58 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-18 09:58 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-18 09:58 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-01-18 09:58 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-18 09:58 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-18 09:58 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-01-18 09:58 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-18 09:57 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-18 09:57 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-18 09:57 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-18 09:57 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-18 09:57 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-18 09:57 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-18 09:57 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-18 09:54 - 2015-01-18 09:54 - 00000000 ____D () C:\Users\ETE\AppData\Roaming\TeamViewer
2014-12-28 21:17 - 2014-12-28 21:17 - 06000640 _____ () C:\Program Files (x86)\GUT1239.tmp
2014-12-28 21:17 - 2014-12-28 21:17 - 00000000 ____D () C:\Program Files (x86)\GUM1238.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 15:30 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-19 15:30 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-19 15:28 - 2014-08-04 20:11 - 01285046 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 15:22 - 2014-10-21 19:09 - 00003088 _____ () C:\Windows\setupact.log
2015-01-19 15:22 - 2014-09-02 15:25 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-01-19 15:22 - 2014-08-04 20:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-19 15:22 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-19 14:03 - 2014-10-21 19:07 - 00568852 _____ () C:\Windows\PFRO.log
2015-01-19 12:51 - 2014-08-04 20:35 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-19 12:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-18 19:45 - 2014-08-05 18:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-18 19:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-18 19:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-01-18 19:22 - 2014-08-04 20:38 - 00000000 ____D () C:\ProgramData\Avira
2015-01-18 19:22 - 2014-08-04 20:38 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-18 19:18 - 2014-08-04 20:37 - 00058016 _____ () C:\Users\ETE\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-18 19:15 - 2009-07-14 05:45 - 00268536 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-18 12:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-18 12:46 - 2014-08-04 20:35 - 00001420 _____ () C:\Users\ETE\Desktop\Google Chrome.lnk
2015-01-18 12:37 - 2014-09-30 17:51 - 00001104 _____ () C:\Users\ETE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-18 12:37 - 2014-08-04 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-18 11:02 - 2014-10-27 20:44 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-18 09:46 - 2014-08-04 20:35 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-18 09:46 - 2014-08-04 20:35 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-08 09:55 - 2014-08-04 21:56 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======
2014-12-28 21:17 - 2014-12-28 21:17 - 6000640 _____ () C:\Program Files (x86)\GUT1239.tmp
2014-08-16 12:27 - 2014-08-16 12:27 - 0000175 _____ () C:\Users\ETE\AppData\Roaming\default.rss
2014-08-04 23:45 - 2014-08-04 23:45 - 2382523 _____ () C:\Users\ETE\AppData\Roaming\UserTile.png
2014-10-27 21:40 - 2014-11-06 20:40 - 0000129 _____ () C:\Users\ETE\AppData\Roaming\WB.CFG
2014-11-01 10:40 - 2014-11-01 10:40 - 0000001 _____ () C:\Users\ETE\AppData\Local\DSI.DAT
2014-10-05 10:39 - 2014-10-05 10:39 - 0612080 _____ (ClickMeIn Limited) C:\Users\ETE\AppData\Local\nsiEA93.tmp
2014-10-27 20:44 - 2014-10-27 20:44 - 0612321 _____ (CMI Limited) C:\Users\ETE\AppData\Local\nskDA0C.tmp
2014-10-19 08:44 - 2014-10-19 08:44 - 0612065 _____ (CMI Limited) C:\Users\ETE\AppData\Local\nsn8C2B.tmp

Some content of TEMP:
====================
C:\Users\ETE\AppData\Local\Temp\avgnt.exe
C:\Users\ETE\AppData\Local\Temp\f7iyzufl.dll
C:\Users\ETE\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\ETE\AppData\Local\Temp\Quarantine.exe
C:\Users\ETE\AppData\Local\Temp\rsxsdsth.dll
C:\Users\ETE\AppData\Local\Temp\sqlite3.dll
C:\Users\ETE\AppData\Local\Temp\sqlite3.exe
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite19402.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite22474.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite26327.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite27268.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite27802.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite28418.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite29537.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite35936.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite37925.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite41688.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite42482.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite45699.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite49803.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite51912.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite60101.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite60696.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite64737.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite66170.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite69314.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite70111.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite70683.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite73177.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite76777.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite78035.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite80870.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite81528.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite81959.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite87085.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite96585.dll
C:\Users\ETE\AppData\Local\Temp\System.Data.SQLite98198.dll
C:\Users\ETE\AppData\Local\Temp\tgk4qahp.dll
C:\Users\ETE\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-19 12:17

==================== End Of Log ============================
--- --- ---

--- --- ---
__________________
Alt 19.01.2015, 18:48   #4
schrauber
/// the machine
/// TB-Ausbilder
 
PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online - Standard

PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online


Poste noch bitte das Log von MBAM mit den vielen Funden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.01.2015, 10:22   #5
doxter
 
PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online - Standard

PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online


Ich habe doch nach dem Fund die üblichen Scans durchlaufen lassen und dann Probleme mit der Fehlermeldung vom "Eset online Scanner". Dieses lag am nicht durchgeführten Neustart. Ich konnte danach die weitere Überprüfug, durchführen und habe abschließen MBAM erneut ausgeführt - alles clean.

Sorry, es war also meine Schusseligkeit. Es läuft nun alles prima. Hab eine ruhige Woche.

Gruß
doxter


Alt 20.01.2015, 16:28   #6
schrauber
/// the machine
/// TB-Ausbilder
 
PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online - Standard

PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online


ok.
__________________
--> PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online

Antwort

Themen zu PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online
analog, bricht, dateien, ellung, entferne, entfernen, eset, fehler, fehlermeldung, folge, folgender, gelaufen, herunterladen, hilfestellung, laptop, meldung, online, plagegeister, probleme, scan, schief, schrauber, schritt, säuberung, unerwarteter


« Trojaner 44f74baf.exe | Bei Suchlauf mehrere Viren gemeldet, Laptop nach Start zunächst einige Sek. weiss »


Ähnliche Themen: PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online


  1. Trojaner durch ESET Online Scanner gefunden
    Log-Analyse und Auswertung - 26.03.2015 (10)
  2. Eset Online Scanner - Yontoo.B und andere Bedrohungen
    Log-Analyse und Auswertung - 01.02.2015 (7)
  3. Fundmeldung von Eset Online Scanner
    Plagegeister aller Art und deren Bekämpfung - 25.01.2015 (9)
  4. ESET Online virenscanner findet 9 infizierte Datei
    Plagegeister aller Art und deren Bekämpfung - 22.01.2015 (1)
  5. Eset Online Scanner: 25 Funde - Was tun?
    Plagegeister aller Art und deren Bekämpfung - 22.07.2014 (1)
  6. Fund von Eset online Scanner
    Log-Analyse und Auswertung - 01.06.2014 (5)
  7. Helfer für ESET Online Scanner Logfile
    Log-Analyse und Auswertung - 18.05.2014 (5)
  8. ESET Online Scanner hat Bedrohungen erkannt
    Log-Analyse und Auswertung - 31.01.2014 (5)
  9. Eset Online Scan
    Diskussionsforum - 13.01.2014 (3)
  10. Prüfergebnisse mit ESET Online Scanner - Total Verseuchung?
    Log-Analyse und Auswertung - 27.08.2013 (1)
  11. Probleme nach ESET Online Scanner
    Log-Analyse und Auswertung - 06.07.2013 (19)
  12. ESET online scanner fand trojans, was tun?
    Log-Analyse und Auswertung - 18.06.2013 (21)
  13. Windows Verschlüsselungstrojaner Malware + ESET online Scanner Log
    Log-Analyse und Auswertung - 04.01.2013 (19)
  14. ESET Online Scanner hat 5 infected Files gefunden
    Log-Analyse und Auswertung - 18.04.2012 (1)
  15. ESET Online Scanner (NOD32)
    Anleitungen, FAQs & Links - 21.12.2009 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online - Wertes Team, ich habe ein gebrachtes Laptop bekommen und dieses mit Mailwarebytes überprüft. Nachdem über 2.500 Dateien angemahnt wurden, habe ich eine Säuberung, analog zur letzten Hilfestellung von Euch (Schrauber) - PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online...
Archiv
Du betrachtest: PLAGEGEISTER ENTFERNEN BIST _ fehlermeldung bei Eset online auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131