| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ein Virus auf dem Pc ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
21.09.2014, 10:03
| #1 |
| /// the machine /// TB-Ausbilder    |  Ein Virus auf dem Pc ? Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {0C9AFBC1-164F-46FE-8C9D-FC862494B2AB} - System32\Tasks\opwaya => C:\Users\Sara L\AppData\Local\opwaya.bat [2014-07-03] ()
Task: {0D572472-4FF4-4395-AE66-1FBAF9B4AED5} - System32\Tasks\cnaoto => C:\Users\Sara L\AppData\Local\cnaoto.bat [2014-07-03] ()
Task: {0FB73119-969C-4AA0-B5C3-CC23C475A767} - System32\Tasks\pjddya => C:\Users\Sara L\AppData\Local\pjddya.bat [2014-07-03] ()
Task: {1075DC03-3172-4868-9529-F91EF6A7B1A8} - System32\Tasks\hbbve => C:\Users\Sara L\AppData\Local\hbbve.bat [2014-07-03] ()
Task: {1A32DA29-E8CF-47E0-910B-6E0018EBF0D3} - System32\Tasks\nneekkk => C:\Users\Sara L\AppData\Local\nneekkk.bat [2014-07-03] ()
Task: {1E898093-1526-4C2E-94AB-88092B5CF8E0} - System32\Tasks\etrhxvec => C:\Users\Sara L\AppData\Local\etrhxvec.bat [2014-07-03] ()
Task: {26424C53-AACC-481D-9C6C-54E97B9C9ED7} - System32\Tasks\ehijase => C:\Users\Sara L\AppData\Local\ehijase.bat [2014-07-03] ()
Task: {2A2DF03B-7534-42CE-A15B-A80CECD25509} - System32\Tasks\rxbyc => C:\Users\Sara L\AppData\Local\rxbyc.bat [2014-07-03] ()
Task: {3A31CE72-DF8E-42F8-8361-6AB948B875D5} - System32\Tasks\nmllk => C:\Users\Sara L\AppData\Local\nmllk.bat [2014-07-03] ()
Task: {4C82BA33-8CED-46FC-B5D5-5F89981EFA09} - System32\Tasks\capnvsig => C:\Users\Sara L\AppData\Local\capnvsig.bat [2014-07-03] ()
Task: {4CB19AF2-CDC5-48CD-BDFC-ADE09BA1174B} - System32\Tasks\befbcf => C:\Users\Sara L\AppData\Local\befbcf.bat [2014-07-03] ()
Task: {4E51DAC4-D3BC-4735-9724-C249AF403556} - System32\Tasks\auadwcvj => C:\Users\Sara L\AppData\Local\auadwcvj.bat [2014-07-03] ()
Task: {522A60BF-9A26-4B6B-AC0E-B33D4EFE0A32} - System32\Tasks\xhyjb => C:\Users\Sara L\AppData\Local\xhyjb.bat [2014-07-03] ()
Task: {62E8880D-5ACF-4ABB-A7DC-FD4D76ED4145} - System32\Tasks\crguj => C:\Users\Sara L\AppData\Local\crguj.bat [2014-07-03] ()
Task: {6F19AF2E-6477-4606-B4B5-4AD98AE256AD} - System32\Tasks\cpdrna => C:\Users\Sara L\AppData\Local\cpdrna.bat [2014-07-03] ()
Task: {6F5E4BD3-3CD6-4563-BA67-5F0AC149CAF9} - System32\Tasks\mnmtslk => C:\Users\Sara L\AppData\Local\mnmtslk.bat [2014-07-03] ()
Task: {744E9A75-2ECA-4368-986C-1BEB378407C4} - System32\Tasks\cglyd => C:\Users\Sara L\AppData\Local\cglyd.bat [2014-07-03] ()
Task: {8211BDBA-1CA8-45B4-9974-97AFA33E82AB} - System32\Tasks\gaslfx => C:\Users\Sara L\AppData\Local\gaslfx.bat [2014-07-03] ()
Task: {838E7EF4-D326-4503-AD93-7CFE9EE970F7} - System32\Tasks\rvgkdb => C:\Users\Sara L\AppData\Local\rvgkdb.bat [2014-07-03] ()
Task: {8695D233-FD91-457D-94F8-DF114B563EC5} - System32\Tasks\jfavrnbg => C:\Users\Sara L\AppData\Local\jfavrnbg.bat [2014-07-03] ()
Task: {8BFF26FA-8447-4A7D-90C0-54E6F1B43FF7} - System32\Tasks\jgkhkhdh => C:\Users\Sara L\AppData\Local\jgkhkhdh.bat [2014-07-03] ()
Task: {96909E94-8FC4-45C0-AC35-59CA6A5C55A9} - System32\Tasks\etkia => C:\Users\Sara L\AppData\Local\etkia.bat [2014-07-03] ()
Task: {9BDB6EB2-AC9E-44FE-80CF-8A00B67C039C} - System32\Tasks\hrlmh => C:\Users\Sara L\AppData\Local\hrlmh.bat [2014-07-03] ()
Task: {A4AB3189-43BD-45C2-8EC8-D13E6D540F17} - System32\Tasks\kpbhd => C:\Users\Sara L\AppData\Local\kpbhd.bat [2014-07-03] ()
Task: {A8A8D05D-5376-4459-8772-4845B4DADA3C} - System32\Tasks\ylwitfr => C:\Users\Sara L\AppData\Local\ylwitfr.bat [2014-07-03] ()
Task: {AADF8341-56E0-4738-B806-A9DDB27C5272} - System32\Tasks\jeavr => C:\Users\Sara L\AppData\Local\jeavr.bat [2014-07-03] ()
Task: {AB45A765-ADA7-4380-89D3-9F16A8C3B8D8} - System32\Tasks\jmimhl => C:\Users\Sara L\AppData\Local\jmimhl.bat [2014-07-03] ()
Task: {AD03A6B9-A208-4C78-A8AE-92FB622B9197} - System32\Tasks\tcffejx => C:\Users\Sara L\AppData\Local\tcffejx.bat [2014-07-03] ()
Task: {B418B53C-47DE-4AD6-B534-3C8BB3C4CBF5} - System32\Tasks\sxbhmrv => C:\Users\Sara L\AppData\Local\sxbhmrv.bat [2014-07-03] ()
Task: {B7751633-DF71-477F-81AE-7F1962C2B60A} - System32\Tasks\dcbwolc => C:\Users\Sara L\AppData\Local\dcbwolc.bat [2014-07-03] ()
Task: {B937815C-9EE1-490D-89A9-C666D595A2CC} - System32\Tasks\gasst => C:\Users\Sara L\AppData\Local\gasst.bat [2014-07-03] ()
Task: {C15CE7E7-D9AB-4FA7-A51F-2FF2103C6441} - System32\Tasks\bncpbwk => C:\Users\Sara L\AppData\Local\bncpbwk.bat [2014-07-03] ()
Task: {C2D49DED-3B05-404C-B892-26B7B2ABB51C} - System32\Tasks\daihvedq => C:\Users\Sara L\AppData\Local\daihvedq.bat [2014-07-03] ()
Task: {D33B1AF6-3F44-4890-B4F8-A1E3741F411D} - System32\Tasks\qbuei => C:\Users\Sara L\AppData\Local\qbuei.bat [2014-07-03] ()
Task: {EA4082C9-CC4E-48E2-95B2-00787060402D} - System32\Tasks\cwtod => C:\Users\Sara L\AppData\Local\cwtod.bat [2014-07-03] ()
Task: {F5336358-898D-41C5-886C-3A8CE6579D59} - System32\Tasks\thkxcjv => C:\Users\Sara L\AppData\Local\thkxcjv.bat [2014-07-03] ()
Task: {FC16EA7B-476C-4912-9478-0CCA9A1FA7C0} - System32\Tasks\azsmfy => C:\Users\Sara L\AppData\Local\azsmfy.bat [2014-07-03] ()
Task: {FD380AC2-6EB6-4DA1-9190-F82EAF80F724} - System32\Tasks\gogqa => C:\Users\Sara L\AppData\Local\gogqa.bat [2014-07-03] ()
C:\Users\Sara L\AppData\Local\*.bat
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Nochmal frische FRST und Addition.txt bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.09.2014, 10:56
| #2 |
 |  Ein Virus auf dem Pc ? Hallo!
__________________Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014 Ran by Sara L at 2014-09-21 11:51:46 Run:1 Running from C:\Users\Sara L\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** Task: {0C9AFBC1-164F-46FE-8C9D-FC862494B2AB} - System32\Tasks\opwaya => C:\Users\Sara L\AppData\Local\opwaya.bat [2014-07-03] () Task: {0D572472-4FF4-4395-AE66-1FBAF9B4AED5} - System32\Tasks\cnaoto => C:\Users\Sara L\AppData\Local\cnaoto.bat [2014-07-03] () Task: {0FB73119-969C-4AA0-B5C3-CC23C475A767} - System32\Tasks\pjddya => C:\Users\Sara L\AppData\Local\pjddya.bat [2014-07-03] () Task: {1075DC03-3172-4868-9529-F91EF6A7B1A8} - System32\Tasks\hbbve => C:\Users\Sara L\AppData\Local\hbbve.bat [2014-07-03] () Task: {1A32DA29-E8CF-47E0-910B-6E0018EBF0D3} - System32\Tasks\nneekkk => C:\Users\Sara L\AppData\Local\nneekkk.bat [2014-07-03] () Task: {1E898093-1526-4C2E-94AB-88092B5CF8E0} - System32\Tasks\etrhxvec => C:\Users\Sara L\AppData\Local\etrhxvec.bat [2014-07-03] () Task: {26424C53-AACC-481D-9C6C-54E97B9C9ED7} - System32\Tasks\ehijase => C:\Users\Sara L\AppData\Local\ehijase.bat [2014-07-03] () Task: {2A2DF03B-7534-42CE-A15B-A80CECD25509} - System32\Tasks\rxbyc => C:\Users\Sara L\AppData\Local\rxbyc.bat [2014-07-03] () Task: {3A31CE72-DF8E-42F8-8361-6AB948B875D5} - System32\Tasks\nmllk => C:\Users\Sara L\AppData\Local\nmllk.bat [2014-07-03] () Task: {4C82BA33-8CED-46FC-B5D5-5F89981EFA09} - System32\Tasks\capnvsig => C:\Users\Sara L\AppData\Local\capnvsig.bat [2014-07-03] () Task: {4CB19AF2-CDC5-48CD-BDFC-ADE09BA1174B} - System32\Tasks\befbcf => C:\Users\Sara L\AppData\Local\befbcf.bat [2014-07-03] () Task: {4E51DAC4-D3BC-4735-9724-C249AF403556} - System32\Tasks\auadwcvj => C:\Users\Sara L\AppData\Local\auadwcvj.bat [2014-07-03] () Task: {522A60BF-9A26-4B6B-AC0E-B33D4EFE0A32} - System32\Tasks\xhyjb => C:\Users\Sara L\AppData\Local\xhyjb.bat [2014-07-03] () Task: {62E8880D-5ACF-4ABB-A7DC-FD4D76ED4145} - System32\Tasks\crguj => C:\Users\Sara L\AppData\Local\crguj.bat [2014-07-03] () Task: {6F19AF2E-6477-4606-B4B5-4AD98AE256AD} - System32\Tasks\cpdrna => C:\Users\Sara L\AppData\Local\cpdrna.bat [2014-07-03] () Task: {6F5E4BD3-3CD6-4563-BA67-5F0AC149CAF9} - System32\Tasks\mnmtslk => C:\Users\Sara L\AppData\Local\mnmtslk.bat [2014-07-03] () Task: {744E9A75-2ECA-4368-986C-1BEB378407C4} - System32\Tasks\cglyd => C:\Users\Sara L\AppData\Local\cglyd.bat [2014-07-03] () Task: {8211BDBA-1CA8-45B4-9974-97AFA33E82AB} - System32\Tasks\gaslfx => C:\Users\Sara L\AppData\Local\gaslfx.bat [2014-07-03] () Task: {838E7EF4-D326-4503-AD93-7CFE9EE970F7} - System32\Tasks\rvgkdb => C:\Users\Sara L\AppData\Local\rvgkdb.bat [2014-07-03] () Task: {8695D233-FD91-457D-94F8-DF114B563EC5} - System32\Tasks\jfavrnbg => C:\Users\Sara L\AppData\Local\jfavrnbg.bat [2014-07-03] () Task: {8BFF26FA-8447-4A7D-90C0-54E6F1B43FF7} - System32\Tasks\jgkhkhdh => C:\Users\Sara L\AppData\Local\jgkhkhdh.bat [2014-07-03] () Task: {96909E94-8FC4-45C0-AC35-59CA6A5C55A9} - System32\Tasks\etkia => C:\Users\Sara L\AppData\Local\etkia.bat [2014-07-03] () Task: {9BDB6EB2-AC9E-44FE-80CF-8A00B67C039C} - System32\Tasks\hrlmh => C:\Users\Sara L\AppData\Local\hrlmh.bat [2014-07-03] () Task: {A4AB3189-43BD-45C2-8EC8-D13E6D540F17} - System32\Tasks\kpbhd => C:\Users\Sara L\AppData\Local\kpbhd.bat [2014-07-03] () Task: {A8A8D05D-5376-4459-8772-4845B4DADA3C} - System32\Tasks\ylwitfr => C:\Users\Sara L\AppData\Local\ylwitfr.bat [2014-07-03] () Task: {AADF8341-56E0-4738-B806-A9DDB27C5272} - System32\Tasks\jeavr => C:\Users\Sara L\AppData\Local\jeavr.bat [2014-07-03] () Task: {AB45A765-ADA7-4380-89D3-9F16A8C3B8D8} - System32\Tasks\jmimhl => C:\Users\Sara L\AppData\Local\jmimhl.bat [2014-07-03] () Task: {AD03A6B9-A208-4C78-A8AE-92FB622B9197} - System32\Tasks\tcffejx => C:\Users\Sara L\AppData\Local\tcffejx.bat [2014-07-03] () Task: {B418B53C-47DE-4AD6-B534-3C8BB3C4CBF5} - System32\Tasks\sxbhmrv => C:\Users\Sara L\AppData\Local\sxbhmrv.bat [2014-07-03] () Task: {B7751633-DF71-477F-81AE-7F1962C2B60A} - System32\Tasks\dcbwolc => C:\Users\Sara L\AppData\Local\dcbwolc.bat [2014-07-03] () Task: {B937815C-9EE1-490D-89A9-C666D595A2CC} - System32\Tasks\gasst => C:\Users\Sara L\AppData\Local\gasst.bat [2014-07-03] () Task: {C15CE7E7-D9AB-4FA7-A51F-2FF2103C6441} - System32\Tasks\bncpbwk => C:\Users\Sara L\AppData\Local\bncpbwk.bat [2014-07-03] () Task: {C2D49DED-3B05-404C-B892-26B7B2ABB51C} - System32\Tasks\daihvedq => C:\Users\Sara L\AppData\Local\daihvedq.bat [2014-07-03] () Task: {D33B1AF6-3F44-4890-B4F8-A1E3741F411D} - System32\Tasks\qbuei => C:\Users\Sara L\AppData\Local\qbuei.bat [2014-07-03] () Task: {EA4082C9-CC4E-48E2-95B2-00787060402D} - System32\Tasks\cwtod => C:\Users\Sara L\AppData\Local\cwtod.bat [2014-07-03] () Task: {F5336358-898D-41C5-886C-3A8CE6579D59} - System32\Tasks\thkxcjv => C:\Users\Sara L\AppData\Local\thkxcjv.bat [2014-07-03] () Task: {FC16EA7B-476C-4912-9478-0CCA9A1FA7C0} - System32\Tasks\azsmfy => C:\Users\Sara L\AppData\Local\azsmfy.bat [2014-07-03] () Task: {FD380AC2-6EB6-4DA1-9190-F82EAF80F724} - System32\Tasks\gogqa => C:\Users\Sara L\AppData\Local\gogqa.bat [2014-07-03] () C:\Users\Sara L\AppData\Local\*.bat ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C9AFBC1-164F-46FE-8C9D-FC862494B2AB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C9AFBC1-164F-46FE-8C9D-FC862494B2AB}" => Key deleted successfully. C:\Windows\System32\Tasks\opwaya => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\opwaya" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D572472-4FF4-4395-AE66-1FBAF9B4AED5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D572472-4FF4-4395-AE66-1FBAF9B4AED5}" => Key deleted successfully. C:\Windows\System32\Tasks\cnaoto => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cnaoto" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FB73119-969C-4AA0-B5C3-CC23C475A767}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FB73119-969C-4AA0-B5C3-CC23C475A767}" => Key deleted successfully. C:\Windows\System32\Tasks\pjddya => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pjddya" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1075DC03-3172-4868-9529-F91EF6A7B1A8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1075DC03-3172-4868-9529-F91EF6A7B1A8}" => Key deleted successfully. C:\Windows\System32\Tasks\hbbve => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hbbve" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A32DA29-E8CF-47E0-910B-6E0018EBF0D3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A32DA29-E8CF-47E0-910B-6E0018EBF0D3}" => Key deleted successfully. C:\Windows\System32\Tasks\nneekkk => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nneekkk" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E898093-1526-4C2E-94AB-88092B5CF8E0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E898093-1526-4C2E-94AB-88092B5CF8E0}" => Key deleted successfully. C:\Windows\System32\Tasks\etrhxvec => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\etrhxvec" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{26424C53-AACC-481D-9C6C-54E97B9C9ED7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26424C53-AACC-481D-9C6C-54E97B9C9ED7}" => Key deleted successfully. C:\Windows\System32\Tasks\ehijase => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ehijase" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A2DF03B-7534-42CE-A15B-A80CECD25509}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A2DF03B-7534-42CE-A15B-A80CECD25509}" => Key deleted successfully. C:\Windows\System32\Tasks\rxbyc => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rxbyc" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3A31CE72-DF8E-42F8-8361-6AB948B875D5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A31CE72-DF8E-42F8-8361-6AB948B875D5}" => Key deleted successfully. C:\Windows\System32\Tasks\nmllk => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nmllk" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C82BA33-8CED-46FC-B5D5-5F89981EFA09}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C82BA33-8CED-46FC-B5D5-5F89981EFA09}" => Key deleted successfully. C:\Windows\System32\Tasks\capnvsig => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\capnvsig" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4CB19AF2-CDC5-48CD-BDFC-ADE09BA1174B}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CB19AF2-CDC5-48CD-BDFC-ADE09BA1174B}" => Key deleted successfully. C:\Windows\System32\Tasks\befbcf => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\befbcf" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E51DAC4-D3BC-4735-9724-C249AF403556}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E51DAC4-D3BC-4735-9724-C249AF403556}" => Key deleted successfully. C:\Windows\System32\Tasks\auadwcvj => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\auadwcvj" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{522A60BF-9A26-4B6B-AC0E-B33D4EFE0A32}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{522A60BF-9A26-4B6B-AC0E-B33D4EFE0A32}" => Key deleted successfully. C:\Windows\System32\Tasks\xhyjb => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\xhyjb" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{62E8880D-5ACF-4ABB-A7DC-FD4D76ED4145}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62E8880D-5ACF-4ABB-A7DC-FD4D76ED4145}" => Key deleted successfully. C:\Windows\System32\Tasks\crguj => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\crguj" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F19AF2E-6477-4606-B4B5-4AD98AE256AD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F19AF2E-6477-4606-B4B5-4AD98AE256AD}" => Key deleted successfully. C:\Windows\System32\Tasks\cpdrna => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cpdrna" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F5E4BD3-3CD6-4563-BA67-5F0AC149CAF9}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F5E4BD3-3CD6-4563-BA67-5F0AC149CAF9}" => Key deleted successfully. C:\Windows\System32\Tasks\mnmtslk => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mnmtslk" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{744E9A75-2ECA-4368-986C-1BEB378407C4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{744E9A75-2ECA-4368-986C-1BEB378407C4}" => Key deleted successfully. C:\Windows\System32\Tasks\cglyd => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cglyd" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8211BDBA-1CA8-45B4-9974-97AFA33E82AB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8211BDBA-1CA8-45B4-9974-97AFA33E82AB}" => Key deleted successfully. C:\Windows\System32\Tasks\gaslfx => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gaslfx" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{838E7EF4-D326-4503-AD93-7CFE9EE970F7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{838E7EF4-D326-4503-AD93-7CFE9EE970F7}" => Key deleted successfully. C:\Windows\System32\Tasks\rvgkdb => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rvgkdb" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8695D233-FD91-457D-94F8-DF114B563EC5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8695D233-FD91-457D-94F8-DF114B563EC5}" => Key deleted successfully. C:\Windows\System32\Tasks\jfavrnbg => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jfavrnbg" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8BFF26FA-8447-4A7D-90C0-54E6F1B43FF7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BFF26FA-8447-4A7D-90C0-54E6F1B43FF7}" => Key deleted successfully. C:\Windows\System32\Tasks\jgkhkhdh => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jgkhkhdh" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96909E94-8FC4-45C0-AC35-59CA6A5C55A9}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96909E94-8FC4-45C0-AC35-59CA6A5C55A9}" => Key deleted successfully. C:\Windows\System32\Tasks\etkia => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\etkia" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BDB6EB2-AC9E-44FE-80CF-8A00B67C039C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BDB6EB2-AC9E-44FE-80CF-8A00B67C039C}" => Key deleted successfully. C:\Windows\System32\Tasks\hrlmh => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hrlmh" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4AB3189-43BD-45C2-8EC8-D13E6D540F17}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4AB3189-43BD-45C2-8EC8-D13E6D540F17}" => Key deleted successfully. C:\Windows\System32\Tasks\kpbhd => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\kpbhd" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A8A8D05D-5376-4459-8772-4845B4DADA3C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8A8D05D-5376-4459-8772-4845B4DADA3C}" => Key deleted successfully. C:\Windows\System32\Tasks\ylwitfr => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ylwitfr" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AADF8341-56E0-4738-B806-A9DDB27C5272}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AADF8341-56E0-4738-B806-A9DDB27C5272}" => Key deleted successfully. C:\Windows\System32\Tasks\jeavr => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jeavr" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB45A765-ADA7-4380-89D3-9F16A8C3B8D8}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB45A765-ADA7-4380-89D3-9F16A8C3B8D8}" => Key deleted successfully. C:\Windows\System32\Tasks\jmimhl => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jmimhl" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD03A6B9-A208-4C78-A8AE-92FB622B9197}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD03A6B9-A208-4C78-A8AE-92FB622B9197}" => Key deleted successfully. C:\Windows\System32\Tasks\tcffejx => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\tcffejx" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B418B53C-47DE-4AD6-B534-3C8BB3C4CBF5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B418B53C-47DE-4AD6-B534-3C8BB3C4CBF5}" => Key deleted successfully. C:\Windows\System32\Tasks\sxbhmrv => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\sxbhmrv" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7751633-DF71-477F-81AE-7F1962C2B60A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7751633-DF71-477F-81AE-7F1962C2B60A}" => Key deleted successfully. C:\Windows\System32\Tasks\dcbwolc => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dcbwolc" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B937815C-9EE1-490D-89A9-C666D595A2CC}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B937815C-9EE1-490D-89A9-C666D595A2CC}" => Key deleted successfully. C:\Windows\System32\Tasks\gasst => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gasst" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C15CE7E7-D9AB-4FA7-A51F-2FF2103C6441}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C15CE7E7-D9AB-4FA7-A51F-2FF2103C6441}" => Key deleted successfully. C:\Windows\System32\Tasks\bncpbwk => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bncpbwk" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2D49DED-3B05-404C-B892-26B7B2ABB51C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2D49DED-3B05-404C-B892-26B7B2ABB51C}" => Key deleted successfully. C:\Windows\System32\Tasks\daihvedq => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\daihvedq" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D33B1AF6-3F44-4890-B4F8-A1E3741F411D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D33B1AF6-3F44-4890-B4F8-A1E3741F411D}" => Key deleted successfully. C:\Windows\System32\Tasks\qbuei => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\qbuei" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA4082C9-CC4E-48E2-95B2-00787060402D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA4082C9-CC4E-48E2-95B2-00787060402D}" => Key deleted successfully. C:\Windows\System32\Tasks\cwtod => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cwtod" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F5336358-898D-41C5-886C-3A8CE6579D59}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5336358-898D-41C5-886C-3A8CE6579D59}" => Key deleted successfully. C:\Windows\System32\Tasks\thkxcjv => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\thkxcjv" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC16EA7B-476C-4912-9478-0CCA9A1FA7C0}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC16EA7B-476C-4912-9478-0CCA9A1FA7C0}" => Key deleted successfully. C:\Windows\System32\Tasks\azsmfy => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\azsmfy" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD380AC2-6EB6-4DA1-9190-F82EAF80F724}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD380AC2-6EB6-4DA1-9190-F82EAF80F724}" => Key deleted successfully. C:\Windows\System32\Tasks\gogqa => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gogqa" => Key deleted successfully. C:\Users\Sara L\AppData\Local\*.bat => Moved successfully. ==== End of Fixlog ==== Task: {0C9AFBC1-164F-46FE-8C9D-FC862494B2AB} - System32\Tasks\opwaya => C:\Users\Sara L\AppData\Local\opwaya.bat [2014-07-03] () Task: {0D572472-4FF4-4395-AE66-1FBAF9B4AED5} - System32\Tasks\cnaoto => C:\Users\Sara L\AppData\Local\cnaoto.bat [2014-07-03] () Task: {0FB73119-969C-4AA0-B5C3-CC23C475A767} - System32\Tasks\pjddya => C:\Users\Sara L\AppData\Local\pjddya.bat [2014-07-03] () Task: {1075DC03-3172-4868-9529-F91EF6A7B1A8} - System32\Tasks\hbbve => C:\Users\Sara L\AppData\Local\hbbve.bat [2014-07-03] () Task: {1A32DA29-E8CF-47E0-910B-6E0018EBF0D3} - System32\Tasks\nneekkk => C:\Users\Sara L\AppData\Local\nneekkk.bat [2014-07-03] () Task: {1E898093-1526-4C2E-94AB-88092B5CF8E0} - System32\Tasks\etrhxvec => C:\Users\Sara L\AppData\Local\etrhxvec.bat [2014-07-03] () Task: {26424C53-AACC-481D-9C6C-54E97B9C9ED7} - System32\Tasks\ehijase => C:\Users\Sara L\AppData\Local\ehijase.bat [2014-07-03] () Task: {2A2DF03B-7534-42CE-A15B-A80CECD25509} - System32\Tasks\rxbyc => C:\Users\Sara L\AppData\Local\rxbyc.bat [2014-07-03] () Task: {3A31CE72-DF8E-42F8-8361-6AB948B875D5} - System32\Tasks\nmllk => C:\Users\Sara L\AppData\Local\nmllk.bat [2014-07-03] () Task: {4C82BA33-8CED-46FC-B5D5-5F89981EFA09} - System32\Tasks\capnvsig => C:\Users\Sara L\AppData\Local\capnvsig.bat [2014-07-03] () Task: {4CB19AF2-CDC5-48CD-BDFC-ADE09BA1174B} - System32\Tasks\befbcf => C:\Users\Sara L\AppData\Local\befbcf.bat [2014-07-03] () Task: {4E51DAC4-D3BC-4735-9724-C249AF403556} - System32\Tasks\auadwcvj => C:\Users\Sara L\AppData\Local\auadwcvj.bat [2014-07-03] () Task: {522A60BF-9A26-4B6B-AC0E-B33D4EFE0A32} - System32\Tasks\xhyjb => C:\Users\Sara L\AppData\Local\xhyjb.bat [2014-07-03] () Task: {62E8880D-5ACF-4ABB-A7DC-FD4D76ED4145} - System32\Tasks\crguj => C:\Users\Sara L\AppData\Local\crguj.bat [2014-07-03] () Task: {6F19AF2E-6477-4606-B4B5-4AD98AE256AD} - System32\Tasks\cpdrna => C:\Users\Sara L\AppData\Local\cpdrna.bat [2014-07-03] () Task: {6F5E4BD3-3CD6-4563-BA67-5F0AC149CAF9} - System32\Tasks\mnmtslk => C:\Users\Sara L\AppData\Local\mnmtslk.bat [2014-07-03] () Task: {744E9A75-2ECA-4368-986C-1BEB378407C4} - System32\Tasks\cglyd => C:\Users\Sara L\AppData\Local\cglyd.bat [2014-07-03] () Task: {8211BDBA-1CA8-45B4-9974-97AFA33E82AB} - System32\Tasks\gaslfx => C:\Users\Sara L\AppData\Local\gaslfx.bat [2014-07-03] () Task: {838E7EF4-D326-4503-AD93-7CFE9EE970F7} - System32\Tasks\rvgkdb => C:\Users\Sara L\AppData\Local\rvgkdb.bat [2014-07-03] () Task: {8695D233-FD91-457D-94F8-DF114B563EC5} - System32\Tasks\jfavrnbg => C:\Users\Sara L\AppData\Local\jfavrnbg.bat [2014-07-03] () Task: {8BFF26FA-8447-4A7D-90C0-54E6F1B43FF7} - System32\Tasks\jgkhkhdh => C:\Users\Sara L\AppData\Local\jgkhkhdh.bat [2014-07-03] () Task: {96909E94-8FC4-45C0-AC35-59CA6A5C55A9} - System32\Tasks\etkia => C:\Users\Sara L\AppData\Local\etkia.bat [2014-07-03] () Task: {9BDB6EB2-AC9E-44FE-80CF-8A00B67C039C} - System32\Tasks\hrlmh => C:\Users\Sara L\AppData\Local\hrlmh.bat [2014-07-03] () Task: {A4AB3189-43BD-45C2-8EC8-D13E6D540F17} - System32\Tasks\kpbhd => C:\Users\Sara L\AppData\Local\kpbhd.bat [2014-07-03] () Task: {A8A8D05D-5376-4459-8772-4845B4DADA3C} - System32\Tasks\ylwitfr => C:\Users\Sara L\AppData\Local\ylwitfr.bat [2014-07-03] () Task: {AADF8341-56E0-4738-B806-A9DDB27C5272} - System32\Tasks\jeavr => C:\Users\Sara L\AppData\Local\jeavr.bat [2014-07-03] () Task: {AB45A765-ADA7-4380-89D3-9F16A8C3B8D8} - System32\Tasks\jmimhl => C:\Users\Sara L\AppData\Local\jmimhl.bat [2014-07-03] () Task: {AD03A6B9-A208-4C78-A8AE-92FB622B9197} - System32\Tasks\tcffejx => C:\Users\Sara L\AppData\Local\tcffejx.bat [2014-07-03] () Task: {B418B53C-47DE-4AD6-B534-3C8BB3C4CBF5} - System32\Tasks\sxbhmrv => C:\Users\Sara L\AppData\Local\sxbhmrv.bat [2014-07-03] () Task: {B7751633-DF71-477F-81AE-7F1962C2B60A} - System32\Tasks\dcbwolc => C:\Users\Sara L\AppData\Local\dcbwolc.bat [2014-07-03] () Task: {B937815C-9EE1-490D-89A9-C666D595A2CC} - System32\Tasks\gasst => C:\Users\Sara L\AppData\Local\gasst.bat [2014-07-03] () Task: {C15CE7E7-D9AB-4FA7-A51F-2FF2103C6441} - System32\Tasks\bncpbwk => C:\Users\Sara L\AppData\Local\bncpbwk.bat [2014-07-03] () Task: {C2D49DED-3B05-404C-B892-26B7B2ABB51C} - System32\Tasks\daihvedq => C:\Users\Sara L\AppData\Local\daihvedq.bat [2014-07-03] () Task: {D33B1AF6-3F44-4890-B4F8-A1E3741F411D} - System32\Tasks\qbuei => C:\Users\Sara L\AppData\Local\qbuei.bat [2014-07-03] () Task: {EA4082C9-CC4E-48E2-95B2-00787060402D} - System32\Tasks\cwtod => C:\Users\Sara L\AppData\Local\cwtod.bat [2014-07-03] () Task: {F5336358-898D-41C5-886C-3A8CE6579D59} - System32\Tasks\thkxcjv => C:\Users\Sara L\AppData\Local\thkxcjv.bat [2014-07-03] () Task: {FC16EA7B-476C-4912-9478-0CCA9A1FA7C0} - System32\Tasks\azsmfy => C:\Users\Sara L\AppData\Local\azsmfy.bat [2014-07-03] () Task: {FD380AC2-6EB6-4DA1-9190-F82EAF80F724} - System32\Tasks\gogqa => C:\Users\Sara L\AppData\Local\gogqa.bat [2014-07-03] () C:\Users\Sara L\AppData\Local\*.batFRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Sara L at 2014-09-21 11:54:32
Running from C:\Users\Sara L\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Benutzerhandbuch EPSON SX130 Series (HKLM-x32\...\EPSON SX130 Series Useg) (Version: - )
Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version: - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Lernstudio Französisch (HKLM-x32\...\Lernstudio Französisch_is1) (Version: - Jourist Verlag)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Scansoft PDF Professional (x32 Version: - ) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
19-09-2014 14:13:17 Ende der Bereinigung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23952B6C-3B4A-4862-B355-9AC2FDC18AEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-16] (Google Inc.)
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {46F12BE5-AAE3-4960-AB58-5754F97634F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-16] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {544D40F5-FB63-4272-BB95-E26C81BEBC04} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-12] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77B7DB87-E5BF-4F2D-A2CF-FB9AD75563D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {85BA444B-0681-4118-AB18-FD8B951ED49A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D49B35FC-1648-4C5D-9C22-99B6222FA557} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-09-04 21:29 - 2005-04-22 06:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2014-09-04 21:28 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-07-18 19:16 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-18 19:16 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-18 19:16 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-18 19:16 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-18 19:16 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Sara L\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "AnyProtect Tray"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKCU\...\StartupApproved\Run: => "BrowserChoice"
HKCU\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKCU\...\StartupApproved\Run: => "ISUSPM"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/21/2014 10:40:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/21/2014 10:28:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/21/2014 10:28:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/21/2014 10:28:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/20/2014 11:06:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/09/20 23:06:56.248]: [00004552]: Initialize TwdsMain Class failed!
Error: (09/20/2014 11:06:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2014/09/20 23:06:56.248]: [00004552]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (09/20/2014 10:08:27 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/20/2014 10:06:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/19/2014 07:12:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (09/19/2014 07:08:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
System errors:
=============
Error: (09/21/2014 10:28:28 AM) (Source: DCOM) (EventID: 10010) (User: SARA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/21/2014 10:28:27 AM) (Source: DCOM) (EventID: 10010) (User: SARA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/21/2014 10:28:05 AM) (Source: DCOM) (EventID: 10010) (User: SARA)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/21/2014 10:28:05 AM) (Source: DCOM) (EventID: 10010) (User: SARA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (09/21/2014 10:26:05 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/20/2014 10:57:57 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/20/2014 09:50:35 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/19/2014 05:51:58 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/19/2014 04:18:49 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/19/2014 04:06:48 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (09/21/2014 10:40:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (09/21/2014 10:28:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (09/21/2014 10:28:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (09/21/2014 10:28:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (09/20/2014 11:06:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/09/20 23:06:56.248]: [00004552]: Initialize TwdsMain Class failed!
Error: (09/20/2014 11:06:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2014/09/20 23:06:56.248]: [00004552]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (09/20/2014 10:08:27 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (09/20/2014 10:06:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (09/19/2014 07:12:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (09/19/2014 07:08:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 250 Processor
Percentage of memory in use: 35%
Total physical RAM: 3838.18 MB
Available physical RAM: 2457.05 MB
Total Pagefile: 4478.18 MB
Available Pagefile: 2562.29 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:454.38 GB) (Free:431.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C9202A1C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=454.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)
==================== End Of Log ============================
|
|
22.09.2014, 07:38
| #3 |
| /// the machine /// TB-Ausbilder | Ein Virus auf dem Pc ? Noch Probleme?
__________________
__________________ |
|
22.09.2014, 08:48
| #4 |
| | Ein Virus auf dem Pc ? Hi, dankeschön !!!!!!!!!!! Es ist endlich weg   Ganz liebe Grüße |
|
22.09.2014, 16:22
| #5 |
| /// the machine /// TB-Ausbilder | Ein Virus auf dem Pc ? Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Ein Virus auf dem Pc ? |
| bat, cmd, dankbar, exe, fehlercode 0x40000015, fehlermeldung, fenster, gefunde, konnte, liebe, lieben, virus, virus auf dem pc |
Hybrid-Darstellung
