Trojaner-Board - Ein Virus auf dem Pc ?

Hallo!

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Sara L at 2014-09-21 11:51:46 Run:1
Running from C:\Users\Sara L\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {0C9AFBC1-164F-46FE-8C9D-FC862494B2AB} - System32\Tasks\opwaya => C:\Users\Sara L\AppData\Local\opwaya.bat [2014-07-03] ()
Task: {0D572472-4FF4-4395-AE66-1FBAF9B4AED5} - System32\Tasks\cnaoto => C:\Users\Sara L\AppData\Local\cnaoto.bat [2014-07-03] ()
Task: {0FB73119-969C-4AA0-B5C3-CC23C475A767} - System32\Tasks\pjddya => C:\Users\Sara L\AppData\Local\pjddya.bat [2014-07-03] ()
Task: {1075DC03-3172-4868-9529-F91EF6A7B1A8} - System32\Tasks\hbbve => C:\Users\Sara L\AppData\Local\hbbve.bat [2014-07-03] ()
Task: {1A32DA29-E8CF-47E0-910B-6E0018EBF0D3} - System32\Tasks\nneekkk => C:\Users\Sara L\AppData\Local\nneekkk.bat [2014-07-03] ()
Task: {1E898093-1526-4C2E-94AB-88092B5CF8E0} - System32\Tasks\etrhxvec => C:\Users\Sara L\AppData\Local\etrhxvec.bat [2014-07-03] ()
Task: {26424C53-AACC-481D-9C6C-54E97B9C9ED7} - System32\Tasks\ehijase => C:\Users\Sara L\AppData\Local\ehijase.bat [2014-07-03] ()
Task: {2A2DF03B-7534-42CE-A15B-A80CECD25509} - System32\Tasks\rxbyc => C:\Users\Sara L\AppData\Local\rxbyc.bat [2014-07-03] ()
Task: {3A31CE72-DF8E-42F8-8361-6AB948B875D5} - System32\Tasks\nmllk => C:\Users\Sara L\AppData\Local\nmllk.bat [2014-07-03] ()
Task: {4C82BA33-8CED-46FC-B5D5-5F89981EFA09} - System32\Tasks\capnvsig => C:\Users\Sara L\AppData\Local\capnvsig.bat [2014-07-03] ()
Task: {4CB19AF2-CDC5-48CD-BDFC-ADE09BA1174B} - System32\Tasks\befbcf => C:\Users\Sara L\AppData\Local\befbcf.bat [2014-07-03] ()
Task: {4E51DAC4-D3BC-4735-9724-C249AF403556} - System32\Tasks\auadwcvj => C:\Users\Sara L\AppData\Local\auadwcvj.bat [2014-07-03] ()
Task: {522A60BF-9A26-4B6B-AC0E-B33D4EFE0A32} - System32\Tasks\xhyjb => C:\Users\Sara L\AppData\Local\xhyjb.bat [2014-07-03] ()
Task: {62E8880D-5ACF-4ABB-A7DC-FD4D76ED4145} - System32\Tasks\crguj => C:\Users\Sara L\AppData\Local\crguj.bat [2014-07-03] ()
Task: {6F19AF2E-6477-4606-B4B5-4AD98AE256AD} - System32\Tasks\cpdrna => C:\Users\Sara L\AppData\Local\cpdrna.bat [2014-07-03] ()
Task: {6F5E4BD3-3CD6-4563-BA67-5F0AC149CAF9} - System32\Tasks\mnmtslk => C:\Users\Sara L\AppData\Local\mnmtslk.bat [2014-07-03] ()
Task: {744E9A75-2ECA-4368-986C-1BEB378407C4} - System32\Tasks\cglyd => C:\Users\Sara L\AppData\Local\cglyd.bat [2014-07-03] ()
Task: {8211BDBA-1CA8-45B4-9974-97AFA33E82AB} - System32\Tasks\gaslfx => C:\Users\Sara L\AppData\Local\gaslfx.bat [2014-07-03] ()
Task: {838E7EF4-D326-4503-AD93-7CFE9EE970F7} - System32\Tasks\rvgkdb => C:\Users\Sara L\AppData\Local\rvgkdb.bat [2014-07-03] ()
Task: {8695D233-FD91-457D-94F8-DF114B563EC5} - System32\Tasks\jfavrnbg => C:\Users\Sara L\AppData\Local\jfavrnbg.bat [2014-07-03] ()
Task: {8BFF26FA-8447-4A7D-90C0-54E6F1B43FF7} - System32\Tasks\jgkhkhdh => C:\Users\Sara L\AppData\Local\jgkhkhdh.bat [2014-07-03] ()
Task: {96909E94-8FC4-45C0-AC35-59CA6A5C55A9} - System32\Tasks\etkia => C:\Users\Sara L\AppData\Local\etkia.bat [2014-07-03] ()
Task: {9BDB6EB2-AC9E-44FE-80CF-8A00B67C039C} - System32\Tasks\hrlmh => C:\Users\Sara L\AppData\Local\hrlmh.bat [2014-07-03] ()
Task: {A4AB3189-43BD-45C2-8EC8-D13E6D540F17} - System32\Tasks\kpbhd => C:\Users\Sara L\AppData\Local\kpbhd.bat [2014-07-03] ()
Task: {A8A8D05D-5376-4459-8772-4845B4DADA3C} - System32\Tasks\ylwitfr => C:\Users\Sara L\AppData\Local\ylwitfr.bat [2014-07-03] ()
Task: {AADF8341-56E0-4738-B806-A9DDB27C5272} - System32\Tasks\jeavr => C:\Users\Sara L\AppData\Local\jeavr.bat [2014-07-03] ()
Task: {AB45A765-ADA7-4380-89D3-9F16A8C3B8D8} - System32\Tasks\jmimhl => C:\Users\Sara L\AppData\Local\jmimhl.bat [2014-07-03] ()
Task: {AD03A6B9-A208-4C78-A8AE-92FB622B9197} - System32\Tasks\tcffejx => C:\Users\Sara L\AppData\Local\tcffejx.bat [2014-07-03] ()
Task: {B418B53C-47DE-4AD6-B534-3C8BB3C4CBF5} - System32\Tasks\sxbhmrv => C:\Users\Sara L\AppData\Local\sxbhmrv.bat [2014-07-03] ()
Task: {B7751633-DF71-477F-81AE-7F1962C2B60A} - System32\Tasks\dcbwolc => C:\Users\Sara L\AppData\Local\dcbwolc.bat [2014-07-03] ()
Task: {B937815C-9EE1-490D-89A9-C666D595A2CC} - System32\Tasks\gasst => C:\Users\Sara L\AppData\Local\gasst.bat [2014-07-03] ()
Task: {C15CE7E7-D9AB-4FA7-A51F-2FF2103C6441} - System32\Tasks\bncpbwk => C:\Users\Sara L\AppData\Local\bncpbwk.bat [2014-07-03] ()
Task: {C2D49DED-3B05-404C-B892-26B7B2ABB51C} - System32\Tasks\daihvedq => C:\Users\Sara L\AppData\Local\daihvedq.bat [2014-07-03] ()
Task: {D33B1AF6-3F44-4890-B4F8-A1E3741F411D} - System32\Tasks\qbuei => C:\Users\Sara L\AppData\Local\qbuei.bat [2014-07-03] ()
Task: {EA4082C9-CC4E-48E2-95B2-00787060402D} - System32\Tasks\cwtod => C:\Users\Sara L\AppData\Local\cwtod.bat [2014-07-03] ()
Task: {F5336358-898D-41C5-886C-3A8CE6579D59} - System32\Tasks\thkxcjv => C:\Users\Sara L\AppData\Local\thkxcjv.bat [2014-07-03] ()
Task: {FC16EA7B-476C-4912-9478-0CCA9A1FA7C0} - System32\Tasks\azsmfy => C:\Users\Sara L\AppData\Local\azsmfy.bat [2014-07-03] ()
Task: {FD380AC2-6EB6-4DA1-9190-F82EAF80F724} - System32\Tasks\gogqa => C:\Users\Sara L\AppData\Local\gogqa.bat [2014-07-03] ()
C:\Users\Sara L\AppData\Local\*.bat
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C9AFBC1-164F-46FE-8C9D-FC862494B2AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C9AFBC1-164F-46FE-8C9D-FC862494B2AB}" => Key deleted successfully.
C:\Windows\System32\Tasks\opwaya => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\opwaya" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D572472-4FF4-4395-AE66-1FBAF9B4AED5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D572472-4FF4-4395-AE66-1FBAF9B4AED5}" => Key deleted successfully.
C:\Windows\System32\Tasks\cnaoto => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cnaoto" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FB73119-969C-4AA0-B5C3-CC23C475A767}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FB73119-969C-4AA0-B5C3-CC23C475A767}" => Key deleted successfully.
C:\Windows\System32\Tasks\pjddya => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pjddya" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1075DC03-3172-4868-9529-F91EF6A7B1A8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1075DC03-3172-4868-9529-F91EF6A7B1A8}" => Key deleted successfully.
C:\Windows\System32\Tasks\hbbve => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hbbve" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A32DA29-E8CF-47E0-910B-6E0018EBF0D3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A32DA29-E8CF-47E0-910B-6E0018EBF0D3}" => Key deleted successfully.
C:\Windows\System32\Tasks\nneekkk => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nneekkk" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1E898093-1526-4C2E-94AB-88092B5CF8E0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E898093-1526-4C2E-94AB-88092B5CF8E0}" => Key deleted successfully.
C:\Windows\System32\Tasks\etrhxvec => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\etrhxvec" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{26424C53-AACC-481D-9C6C-54E97B9C9ED7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26424C53-AACC-481D-9C6C-54E97B9C9ED7}" => Key deleted successfully.
C:\Windows\System32\Tasks\ehijase => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ehijase" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A2DF03B-7534-42CE-A15B-A80CECD25509}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A2DF03B-7534-42CE-A15B-A80CECD25509}" => Key deleted successfully.
C:\Windows\System32\Tasks\rxbyc => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rxbyc" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3A31CE72-DF8E-42F8-8361-6AB948B875D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A31CE72-DF8E-42F8-8361-6AB948B875D5}" => Key deleted successfully.
C:\Windows\System32\Tasks\nmllk => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nmllk" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C82BA33-8CED-46FC-B5D5-5F89981EFA09}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C82BA33-8CED-46FC-B5D5-5F89981EFA09}" => Key deleted successfully.
C:\Windows\System32\Tasks\capnvsig => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\capnvsig" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4CB19AF2-CDC5-48CD-BDFC-ADE09BA1174B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CB19AF2-CDC5-48CD-BDFC-ADE09BA1174B}" => Key deleted successfully.
C:\Windows\System32\Tasks\befbcf => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\befbcf" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E51DAC4-D3BC-4735-9724-C249AF403556}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E51DAC4-D3BC-4735-9724-C249AF403556}" => Key deleted successfully.
C:\Windows\System32\Tasks\auadwcvj => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\auadwcvj" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{522A60BF-9A26-4B6B-AC0E-B33D4EFE0A32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{522A60BF-9A26-4B6B-AC0E-B33D4EFE0A32}" => Key deleted successfully.
C:\Windows\System32\Tasks\xhyjb => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\xhyjb" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{62E8880D-5ACF-4ABB-A7DC-FD4D76ED4145}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62E8880D-5ACF-4ABB-A7DC-FD4D76ED4145}" => Key deleted successfully.
C:\Windows\System32\Tasks\crguj => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\crguj" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F19AF2E-6477-4606-B4B5-4AD98AE256AD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F19AF2E-6477-4606-B4B5-4AD98AE256AD}" => Key deleted successfully.
C:\Windows\System32\Tasks\cpdrna => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cpdrna" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F5E4BD3-3CD6-4563-BA67-5F0AC149CAF9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F5E4BD3-3CD6-4563-BA67-5F0AC149CAF9}" => Key deleted successfully.
C:\Windows\System32\Tasks\mnmtslk => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\mnmtslk" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{744E9A75-2ECA-4368-986C-1BEB378407C4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{744E9A75-2ECA-4368-986C-1BEB378407C4}" => Key deleted successfully.
C:\Windows\System32\Tasks\cglyd => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cglyd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8211BDBA-1CA8-45B4-9974-97AFA33E82AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8211BDBA-1CA8-45B4-9974-97AFA33E82AB}" => Key deleted successfully.
C:\Windows\System32\Tasks\gaslfx => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gaslfx" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{838E7EF4-D326-4503-AD93-7CFE9EE970F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{838E7EF4-D326-4503-AD93-7CFE9EE970F7}" => Key deleted successfully.
C:\Windows\System32\Tasks\rvgkdb => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rvgkdb" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8695D233-FD91-457D-94F8-DF114B563EC5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8695D233-FD91-457D-94F8-DF114B563EC5}" => Key deleted successfully.
C:\Windows\System32\Tasks\jfavrnbg => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jfavrnbg" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8BFF26FA-8447-4A7D-90C0-54E6F1B43FF7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BFF26FA-8447-4A7D-90C0-54E6F1B43FF7}" => Key deleted successfully.
C:\Windows\System32\Tasks\jgkhkhdh => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jgkhkhdh" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96909E94-8FC4-45C0-AC35-59CA6A5C55A9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96909E94-8FC4-45C0-AC35-59CA6A5C55A9}" => Key deleted successfully.
C:\Windows\System32\Tasks\etkia => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\etkia" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9BDB6EB2-AC9E-44FE-80CF-8A00B67C039C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BDB6EB2-AC9E-44FE-80CF-8A00B67C039C}" => Key deleted successfully.
C:\Windows\System32\Tasks\hrlmh => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\hrlmh" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4AB3189-43BD-45C2-8EC8-D13E6D540F17}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4AB3189-43BD-45C2-8EC8-D13E6D540F17}" => Key deleted successfully.
C:\Windows\System32\Tasks\kpbhd => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\kpbhd" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A8A8D05D-5376-4459-8772-4845B4DADA3C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8A8D05D-5376-4459-8772-4845B4DADA3C}" => Key deleted successfully.
C:\Windows\System32\Tasks\ylwitfr => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ylwitfr" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AADF8341-56E0-4738-B806-A9DDB27C5272}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AADF8341-56E0-4738-B806-A9DDB27C5272}" => Key deleted successfully.
C:\Windows\System32\Tasks\jeavr => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jeavr" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB45A765-ADA7-4380-89D3-9F16A8C3B8D8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB45A765-ADA7-4380-89D3-9F16A8C3B8D8}" => Key deleted successfully.
C:\Windows\System32\Tasks\jmimhl => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jmimhl" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AD03A6B9-A208-4C78-A8AE-92FB622B9197}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD03A6B9-A208-4C78-A8AE-92FB622B9197}" => Key deleted successfully.
C:\Windows\System32\Tasks\tcffejx => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\tcffejx" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B418B53C-47DE-4AD6-B534-3C8BB3C4CBF5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B418B53C-47DE-4AD6-B534-3C8BB3C4CBF5}" => Key deleted successfully.
C:\Windows\System32\Tasks\sxbhmrv => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\sxbhmrv" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B7751633-DF71-477F-81AE-7F1962C2B60A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7751633-DF71-477F-81AE-7F1962C2B60A}" => Key deleted successfully.
C:\Windows\System32\Tasks\dcbwolc => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\dcbwolc" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B937815C-9EE1-490D-89A9-C666D595A2CC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B937815C-9EE1-490D-89A9-C666D595A2CC}" => Key deleted successfully.
C:\Windows\System32\Tasks\gasst => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gasst" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C15CE7E7-D9AB-4FA7-A51F-2FF2103C6441}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C15CE7E7-D9AB-4FA7-A51F-2FF2103C6441}" => Key deleted successfully.
C:\Windows\System32\Tasks\bncpbwk => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\bncpbwk" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2D49DED-3B05-404C-B892-26B7B2ABB51C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2D49DED-3B05-404C-B892-26B7B2ABB51C}" => Key deleted successfully.
C:\Windows\System32\Tasks\daihvedq => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\daihvedq" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D33B1AF6-3F44-4890-B4F8-A1E3741F411D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D33B1AF6-3F44-4890-B4F8-A1E3741F411D}" => Key deleted successfully.
C:\Windows\System32\Tasks\qbuei => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\qbuei" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA4082C9-CC4E-48E2-95B2-00787060402D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA4082C9-CC4E-48E2-95B2-00787060402D}" => Key deleted successfully.
C:\Windows\System32\Tasks\cwtod => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cwtod" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F5336358-898D-41C5-886C-3A8CE6579D59}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5336358-898D-41C5-886C-3A8CE6579D59}" => Key deleted successfully.
C:\Windows\System32\Tasks\thkxcjv => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\thkxcjv" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC16EA7B-476C-4912-9478-0CCA9A1FA7C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC16EA7B-476C-4912-9478-0CCA9A1FA7C0}" => Key deleted successfully.
C:\Windows\System32\Tasks\azsmfy => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\azsmfy" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD380AC2-6EB6-4DA1-9190-F82EAF80F724}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD380AC2-6EB6-4DA1-9190-F82EAF80F724}" => Key deleted successfully.
C:\Windows\System32\Tasks\gogqa => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gogqa" => Key deleted successfully.
C:\Users\Sara L\AppData\Local\*.bat => Moved successfully.

==== End of Fixlog ====

Task: {0C9AFBC1-164F-46FE-8C9D-FC862494B2AB} - System32\Tasks\opwaya => C:\Users\Sara L\AppData\Local\opwaya.bat [2014-07-03] ()
Task: {0D572472-4FF4-4395-AE66-1FBAF9B4AED5} - System32\Tasks\cnaoto => C:\Users\Sara L\AppData\Local\cnaoto.bat [2014-07-03] ()
Task: {0FB73119-969C-4AA0-B5C3-CC23C475A767} - System32\Tasks\pjddya => C:\Users\Sara L\AppData\Local\pjddya.bat [2014-07-03] ()
Task: {1075DC03-3172-4868-9529-F91EF6A7B1A8} - System32\Tasks\hbbve => C:\Users\Sara L\AppData\Local\hbbve.bat [2014-07-03] ()
Task: {1A32DA29-E8CF-47E0-910B-6E0018EBF0D3} - System32\Tasks\nneekkk => C:\Users\Sara L\AppData\Local\nneekkk.bat [2014-07-03] ()
Task: {1E898093-1526-4C2E-94AB-88092B5CF8E0} - System32\Tasks\etrhxvec => C:\Users\Sara L\AppData\Local\etrhxvec.bat [2014-07-03] ()
Task: {26424C53-AACC-481D-9C6C-54E97B9C9ED7} - System32\Tasks\ehijase => C:\Users\Sara L\AppData\Local\ehijase.bat [2014-07-03] ()
Task: {2A2DF03B-7534-42CE-A15B-A80CECD25509} - System32\Tasks\rxbyc => C:\Users\Sara L\AppData\Local\rxbyc.bat [2014-07-03] ()
Task: {3A31CE72-DF8E-42F8-8361-6AB948B875D5} - System32\Tasks\nmllk => C:\Users\Sara L\AppData\Local\nmllk.bat [2014-07-03] ()
Task: {4C82BA33-8CED-46FC-B5D5-5F89981EFA09} - System32\Tasks\capnvsig => C:\Users\Sara L\AppData\Local\capnvsig.bat [2014-07-03] ()
Task: {4CB19AF2-CDC5-48CD-BDFC-ADE09BA1174B} - System32\Tasks\befbcf => C:\Users\Sara L\AppData\Local\befbcf.bat [2014-07-03] ()
Task: {4E51DAC4-D3BC-4735-9724-C249AF403556} - System32\Tasks\auadwcvj => C:\Users\Sara L\AppData\Local\auadwcvj.bat [2014-07-03] ()
Task: {522A60BF-9A26-4B6B-AC0E-B33D4EFE0A32} - System32\Tasks\xhyjb => C:\Users\Sara L\AppData\Local\xhyjb.bat [2014-07-03] ()
Task: {62E8880D-5ACF-4ABB-A7DC-FD4D76ED4145} - System32\Tasks\crguj => C:\Users\Sara L\AppData\Local\crguj.bat [2014-07-03] ()
Task: {6F19AF2E-6477-4606-B4B5-4AD98AE256AD} - System32\Tasks\cpdrna => C:\Users\Sara L\AppData\Local\cpdrna.bat [2014-07-03] ()
Task: {6F5E4BD3-3CD6-4563-BA67-5F0AC149CAF9} - System32\Tasks\mnmtslk => C:\Users\Sara L\AppData\Local\mnmtslk.bat [2014-07-03] ()
Task: {744E9A75-2ECA-4368-986C-1BEB378407C4} - System32\Tasks\cglyd => C:\Users\Sara L\AppData\Local\cglyd.bat [2014-07-03] ()
Task: {8211BDBA-1CA8-45B4-9974-97AFA33E82AB} - System32\Tasks\gaslfx => C:\Users\Sara L\AppData\Local\gaslfx.bat [2014-07-03] ()
Task: {838E7EF4-D326-4503-AD93-7CFE9EE970F7} - System32\Tasks\rvgkdb => C:\Users\Sara L\AppData\Local\rvgkdb.bat [2014-07-03] ()
Task: {8695D233-FD91-457D-94F8-DF114B563EC5} - System32\Tasks\jfavrnbg => C:\Users\Sara L\AppData\Local\jfavrnbg.bat [2014-07-03] ()
Task: {8BFF26FA-8447-4A7D-90C0-54E6F1B43FF7} - System32\Tasks\jgkhkhdh => C:\Users\Sara L\AppData\Local\jgkhkhdh.bat [2014-07-03] ()
Task: {96909E94-8FC4-45C0-AC35-59CA6A5C55A9} - System32\Tasks\etkia => C:\Users\Sara L\AppData\Local\etkia.bat [2014-07-03] ()
Task: {9BDB6EB2-AC9E-44FE-80CF-8A00B67C039C} - System32\Tasks\hrlmh => C:\Users\Sara L\AppData\Local\hrlmh.bat [2014-07-03] ()
Task: {A4AB3189-43BD-45C2-8EC8-D13E6D540F17} - System32\Tasks\kpbhd => C:\Users\Sara L\AppData\Local\kpbhd.bat [2014-07-03] ()
Task: {A8A8D05D-5376-4459-8772-4845B4DADA3C} - System32\Tasks\ylwitfr => C:\Users\Sara L\AppData\Local\ylwitfr.bat [2014-07-03] ()
Task: {AADF8341-56E0-4738-B806-A9DDB27C5272} - System32\Tasks\jeavr => C:\Users\Sara L\AppData\Local\jeavr.bat [2014-07-03] ()
Task: {AB45A765-ADA7-4380-89D3-9F16A8C3B8D8} - System32\Tasks\jmimhl => C:\Users\Sara L\AppData\Local\jmimhl.bat [2014-07-03] ()
Task: {AD03A6B9-A208-4C78-A8AE-92FB622B9197} - System32\Tasks\tcffejx => C:\Users\Sara L\AppData\Local\tcffejx.bat [2014-07-03] ()
Task: {B418B53C-47DE-4AD6-B534-3C8BB3C4CBF5} - System32\Tasks\sxbhmrv => C:\Users\Sara L\AppData\Local\sxbhmrv.bat [2014-07-03] ()
Task: {B7751633-DF71-477F-81AE-7F1962C2B60A} - System32\Tasks\dcbwolc => C:\Users\Sara L\AppData\Local\dcbwolc.bat [2014-07-03] ()
Task: {B937815C-9EE1-490D-89A9-C666D595A2CC} - System32\Tasks\gasst => C:\Users\Sara L\AppData\Local\gasst.bat [2014-07-03] ()
Task: {C15CE7E7-D9AB-4FA7-A51F-2FF2103C6441} - System32\Tasks\bncpbwk => C:\Users\Sara L\AppData\Local\bncpbwk.bat [2014-07-03] ()
Task: {C2D49DED-3B05-404C-B892-26B7B2ABB51C} - System32\Tasks\daihvedq => C:\Users\Sara L\AppData\Local\daihvedq.bat [2014-07-03] ()
Task: {D33B1AF6-3F44-4890-B4F8-A1E3741F411D} - System32\Tasks\qbuei => C:\Users\Sara L\AppData\Local\qbuei.bat [2014-07-03] ()
Task: {EA4082C9-CC4E-48E2-95B2-00787060402D} - System32\Tasks\cwtod => C:\Users\Sara L\AppData\Local\cwtod.bat [2014-07-03] ()
Task: {F5336358-898D-41C5-886C-3A8CE6579D59} - System32\Tasks\thkxcjv => C:\Users\Sara L\AppData\Local\thkxcjv.bat [2014-07-03] ()
Task: {FC16EA7B-476C-4912-9478-0CCA9A1FA7C0} - System32\Tasks\azsmfy => C:\Users\Sara L\AppData\Local\azsmfy.bat [2014-07-03] ()
Task: {FD380AC2-6EB6-4DA1-9190-F82EAF80F724} - System32\Tasks\gogqa => C:\Users\Sara L\AppData\Local\gogqa.bat [2014-07-03] ()
C:\Users\Sara L\AppData\Local\*.batFRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014

Ran by Sara L at 2014-09-21 11:54:32

Running from C:\Users\Sara L\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)

ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden

Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)

Benutzerhandbuch EPSON SX130 Series (HKLM-x32\...\EPSON SX130 Series Useg) (Version:  - )

Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)

CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)

Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)

Epson Event Manager (HKLM-x32\...\{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}) (Version: 2.40.0009 - SEIKO EPSON CORPORATION)

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

EPSON SX130 Series Printer Uninstall (HKLM\...\EPSON SX130 Series) (Version:  - SEIKO EPSON Corporation)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden

Lernstudio Französisch (HKLM-x32\...\Lernstudio Französisch_is1) (Version:  - Jourist Verlag)

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)

Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)

OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)

PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)

Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Scansoft PDF Professional (x32 Version:  - ) Hidden

Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)

Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 

==================== Restore Points  =========================
 

19-09-2014 14:13:17 Ende der Bereinigung
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {23952B6C-3B4A-4862-B355-9AC2FDC18AEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-16] (Google Inc.)

Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {46F12BE5-AAE3-4960-AB58-5754F97634F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-16] (Google Inc.)

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {544D40F5-FB63-4272-BB95-E26C81BEBC04} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-12] (Microsoft Corporation)

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {77B7DB87-E5BF-4F2D-A2CF-FB9AD75563D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

Task: {85BA444B-0681-4118-AB18-FD8B951ED49A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D49B35FC-1648-4C5D-9C22-99B6222FA557} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-09-04 21:29 - 2005-04-22 06:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll

2014-09-04 21:28 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2014-07-18 19:16 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll

2014-07-18 19:16 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll

2014-07-18 19:16 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll

2014-07-18 19:16 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll

2014-07-18 19:16 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\Sara L\OneDrive:ms-properties
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

HKLM\...\StartupApproved\Run32: => "EEventManager"

HKLM\...\StartupApproved\Run32: => "AnyProtect Tray"

HKLM\...\StartupApproved\Run32: => "ControlCenter4"

HKLM\...\StartupApproved\Run32: => "IndexSearch"

HKLM\...\StartupApproved\Run32: => "PaperPort PTD"

HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"

HKLM\...\StartupApproved\Run32: => "PDFHook"

HKLM\...\StartupApproved\Run32: => "BrStsMon00"

HKCU\...\StartupApproved\Run: => "BrowserChoice"

HKCU\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

HKCU\...\StartupApproved\Run: => "ISUSPM"
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (09/21/2014 10:40:26 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 

Error: (09/21/2014 10:28:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/21/2014 10:28:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/21/2014 10:28:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)

Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 

Error: (09/20/2014 11:06:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: TWN BrtTWN: [2014/09/20 23:06:56.248]: [00004552]: Initialize TwdsMain Class failed!
 

Error: (09/20/2014 11:06:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: TWN BrtTWN: [2014/09/20 23:06:56.248]: [00004552]: ##### Fatal ERROR!! Create STI-device failed! #####
 

Error: (09/20/2014 10:08:27 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 

Error: (09/20/2014 10:06:28 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 

Error: (09/19/2014 07:12:23 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 

Error: (09/19/2014 07:08:14 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
 

System errors:

=============

Error: (09/21/2014 10:28:28 AM) (Source: DCOM) (EventID: 10010) (User: SARA)

Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
 

Error: (09/21/2014 10:28:27 AM) (Source: DCOM) (EventID: 10010) (User: SARA)

Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
 

Error: (09/21/2014 10:28:05 AM) (Source: DCOM) (EventID: 10010) (User: SARA)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 

Error: (09/21/2014 10:28:05 AM) (Source: DCOM) (EventID: 10010) (User: SARA)

Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
 

Error: (09/21/2014 10:26:05 AM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (09/20/2014 10:57:57 PM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (09/20/2014 09:50:35 AM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (09/19/2014 05:51:58 PM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (09/19/2014 04:18:49 PM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (09/19/2014 04:06:48 PM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{77A44502-1F09-4C96-A0C9-5469688E574F}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 
 

Microsoft Office Sessions:

=========================

Error: (09/21/2014 10:40:26 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 

Error: (09/21/2014 10:28:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
 

Error: (09/21/2014 10:28:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
 

Error: (09/21/2014 10:28:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARA)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
 

Error: (09/20/2014 11:06:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: TWNBrtTWN: [2014/09/20 23:06:56.248]: [00004552]: Initialize TwdsMain Class failed!
 

Error: (09/20/2014 11:06:56 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: TWNBrtTWN: [2014/09/20 23:06:56.248]: [00004552]: ##### Fatal ERROR!! Create STI-device failed! #####
 

Error: (09/20/2014 10:08:27 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 

Error: (09/20/2014 10:06:28 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 

Error: (09/19/2014 07:12:23 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 

Error: (09/19/2014 07:08:14 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
 

==================== Memory info =========================== 
 

Processor: AMD Athlon(tm) II X2 250 Processor

Percentage of memory in use: 35%

Total physical RAM: 3838.18 MB

Available physical RAM: 2457.05 MB

Total Pagefile: 4478.18 MB

Available Pagefile: 2562.29 MB

Total Virtual: 131072 MB

Available Virtual: 131071.84 MB
 

==================== Drives ================================
 

Drive c: (Windows) (Fixed) (Total:454.38 GB) (Free:431.04 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C9202A1C)

Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=454.4 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=11 GB) - (Type=27)
 

==================== End Of Log ============================

--- --- ---