Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows Version Installer

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 12.05.2014, 09:49   #1
Jack83
 
Windows Version Installer - Standard

Windows Version Installer



Hallo, ich habe folgendes Problem mit der Meldung " Windows Version Installer" die immer auf Englisch erscheint!! Ich habe diese Meldung immer blockiert und abgebrochen!! Dann habe ich mal den Begriff gegoogelt und erfahren das es sich um Spyware handelt. Mein antivir hat nix gefunden und auch Ad-Ware war nicht erfoglreich, LEIDER. Ich Windows 8 suf dem rechner bin aba nicht so erfahren damit!! Wurde gern eure hilfe in anspruch nehmen!!! Danke schon mal

Alt 12.05.2014, 09:59   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Version Installer - Standard

Windows Version Installer



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 12.05.2014, 11:08   #3
Jack83
 
Windows Version Installer - Standard

Windows Version Installer



FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Jakob (administrator) on CAPTIVA on 12-05-2014 11:52:24
Running from C:\Users\Jakob\Desktop
Platform: Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Users\Jakob\AppData\Roaming\VOPackage\VOsrv.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avgnt.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Lavasoft) C:\ProgramData\Search Protection\SearchProtection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-03-07] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5123216 2012-06-08] (VIA)
HKLM-x32\...\Run: [avgnt] => D:\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Search Protection] => C:\ProgramData\Search Protection\SearchProtection.exe [949512 2014-02-17] (Lavasoft)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\Run: [Steam] => D:\spiele\steam.exe [1823656 2013-12-11] (Valve Corporation)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\Run: [BrowserChoice] => C:\Windows\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\MountPoints2: {3bafcbbd-340d-11e2-be6c-806e6f6e6963} - "E:\csplash.exe" 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13960
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe WebSearches
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM - {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM-x32 - {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKCU - DefaultScope {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-05-11&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = 
BHO: Freeven pro - {11111111-1111-1111-1111-110511421148} - C:\Program Files (x86)\Freeven pro\Freeven pro-bho64.dll (Freeven)
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: Freeven pro - {11111111-1111-1111-1111-110511421148} - C:\Program Files (x86)\Freeven pro\Freeven pro-bho.dll (Freeven)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default
FF NewTab: hxxp://istart.webssearches.com/newtab/?type=nt&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Freeven pro - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com [2014-05-09]
FF Extension: MediaPlayerplus - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-05-09]
FF Extension: Quick Start - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\quick_start@gmail.com [2014-05-12]
FF Extension: Ad-Aware Security Add-on - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\extensions\quick_start@gmail.com [2014-05-12]
FF HKCU\...\Firefox\Extensions: [{832743CD-6470-9D65-FC83-CDC692326A4A}] - C:\Program Files (x86)\Re-markit-soft\161.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit-soft\161.xpi [2014-05-09]

==================== Services (Whitelisted) =================

R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-07] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.exe [143872 2014-05-09] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 vosr; C:\Users\Jakob\AppData\Roaming\VOPackage\VOsrv.exe [51712 2014-05-08] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-05-09] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-28] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-28] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-12 11:52 - 2014-05-12 11:52 - 00015160 _____ () C:\Users\Jakob\Desktop\FRST.txt
2014-05-12 11:52 - 2014-05-12 11:52 - 00000000 ____D () C:\FRST
2014-05-12 11:50 - 2014-05-12 11:50 - 02066944 _____ (Farbar) C:\Users\Jakob\Desktop\FRST64.exe
2014-05-12 10:58 - 2014-05-12 10:58 - 00000000 _____ () C:\Users\Jakob\Desktop\poo.txt
2014-05-11 23:30 - 2014-05-11 23:30 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\LavasoftStatistics
2014-05-11 23:29 - 2014-05-12 10:05 - 00000000 ____D () C:\Users\Jakob\AppData\Local\adawarebp
2014-05-11 23:29 - 2014-05-12 09:03 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-11 23:29 - 2014-05-12 09:00 - 00002335 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SecureSearch
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Search Protection
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-05-11 23:28 - 2014-05-11 23:28 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-11 23:26 - 2014-05-11 23:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-11 23:04 - 2014-05-11 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-11 17:40 - 2014-05-11 17:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 19:32 - 2014-05-12 09:30 - 00001140 _____ () C:\Users\Jakob\Desktop\Continue VuuPC Installation.lnk
2014-05-09 19:25 - 2014-05-09 19:25 - 00000322 _____ () C:\Users\Jakob\AppData\Roaming\aps.uninstall.scan.results
2014-05-09 19:22 - 2014-05-12 09:00 - 00002192 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job
2014-05-09 19:22 - 2014-05-12 09:00 - 00001546 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job
2014-05-09 19:22 - 2014-05-12 09:00 - 00001460 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job
2014-05-09 19:22 - 2014-05-12 09:00 - 00001432 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job
2014-05-09 19:22 - 2014-05-09 19:22 - 00006818 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3
2014-05-09 19:22 - 2014-05-09 19:22 - 00005196 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4
2014-05-09 19:22 - 2014-05-09 19:22 - 00004550 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5
2014-05-09 19:22 - 2014-05-09 19:22 - 00004464 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1
2014-05-09 19:22 - 2014-05-09 19:22 - 00004436 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2
2014-05-09 19:21 - 2014-05-12 09:03 - 00000422 _____ () C:\WINDOWS\Tasks\Re-markit Update.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00003814 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00003462 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00002096 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00001474 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00001380 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00001360 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00000402 _____ () C:\WINDOWS\Tasks\Re-markit_wd.job
2014-05-09 19:21 - 2014-05-11 23:49 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-05-09 19:21 - 2014-05-11 23:48 - 00000000 ____D () C:\Users\Jakob\AppData\Local\fst_de_7
2014-05-09 19:21 - 2014-05-11 23:48 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-05-09 19:21 - 2014-05-09 19:22 - 00004478 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5
2014-05-09 19:21 - 2014-05-09 19:22 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00006466 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3
2014-05-09 19:21 - 2014-05-09 19:21 - 00005100 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4
2014-05-09 19:21 - 2014-05-09 19:21 - 00004384 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1
2014-05-09 19:21 - 2014-05-09 19:21 - 00004364 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2
2014-05-09 19:21 - 2014-05-09 19:21 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Re-markit Update
2014-05-09 19:21 - 2014-05-09 19:21 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Re-markit_wd
2014-05-09 19:21 - 2014-05-09 19:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\WPM
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Freeven pro
2014-05-06 19:50 - 2014-05-06 19:50 - 00002755 _____ () C:\Users\Public\Desktop\Fran Studio.lnk
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fran Studio
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\Program Files (x86)\FranStudio
2014-05-02 12:57 - 2014-04-09 14:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-02 12:57 - 2014-04-09 05:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-02 12:57 - 2014-04-09 05:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-02 12:57 - 2014-04-09 05:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-02 12:57 - 2014-04-09 05:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-02 04:33 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-02 04:33 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

==================== One Month Modified Files and Folders =======

2014-05-12 11:52 - 2014-05-12 11:52 - 00015160 _____ () C:\Users\Jakob\Desktop\FRST.txt
2014-05-12 11:52 - 2014-05-12 11:52 - 00000000 ____D () C:\FRST
2014-05-12 11:51 - 2014-01-28 12:33 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{28A0F685-3228-4E0C-9A90-AB153C51F873}
2014-05-12 11:50 - 2014-05-12 11:50 - 02066944 _____ (Farbar) C:\Users\Jakob\Desktop\FRST64.exe
2014-05-12 11:07 - 2012-11-21 22:19 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-12 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-12 10:58 - 2014-05-12 10:58 - 00000000 _____ () C:\Users\Jakob\Desktop\poo.txt
2014-05-12 10:58 - 2014-01-28 11:35 - 01711988 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-12 10:05 - 2014-05-11 23:29 - 00000000 ____D () C:\Users\Jakob\AppData\Local\adawarebp
2014-05-12 09:30 - 2014-05-09 19:32 - 00001140 _____ () C:\Users\Jakob\Desktop\Continue VuuPC Installation.lnk
2014-05-12 09:14 - 2012-11-21 21:57 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3066429388-508488622-3996325178-1002
2014-05-12 09:05 - 2013-11-14 09:27 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-12 09:05 - 2013-11-14 09:11 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-05-12 09:05 - 2013-11-14 09:11 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-05-12 09:03 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-12 09:03 - 2014-05-09 19:21 - 00000422 _____ () C:\WINDOWS\Tasks\Re-markit Update.job
2014-05-12 09:02 - 2012-11-21 22:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 09:00 - 2014-05-11 23:29 - 00002335 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-12 09:00 - 2014-05-09 19:22 - 00002192 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job
2014-05-12 09:00 - 2014-05-09 19:22 - 00001546 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job
2014-05-12 09:00 - 2014-05-09 19:22 - 00001460 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job
2014-05-12 09:00 - 2014-05-09 19:22 - 00001432 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00003814 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00003462 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00002096 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00001474 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00001380 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00001360 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00000402 _____ () C:\WINDOWS\Tasks\Re-markit_wd.job
2014-05-12 09:00 - 2014-01-28 11:49 - 00000000 ___RD () C:\Users\Jakob\SkyDrive
2014-05-12 09:00 - 2014-01-28 11:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-12 09:00 - 2013-11-14 00:18 - 00010522 _____ () C:\WINDOWS\PFRO.log
2014-05-12 09:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-12 09:00 - 2013-08-01 15:45 - 00000040 ___SH () C:\ProgramData\.zreglib
2014-05-11 23:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-11 23:49 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-05-11 23:48 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Local\fst_de_7
2014-05-11 23:48 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-05-11 23:39 - 2013-03-03 21:04 - 00000000 ____D () C:\Users\Jakob\Desktop\reifen
2014-05-11 23:30 - 2014-05-11 23:30 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\LavasoftStatistics
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SecureSearch
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Search Protection
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-05-11 23:28 - 2014-05-11 23:28 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-11 23:26 - 2014-05-11 23:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-11 23:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-11 23:04 - 2014-05-11 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-11 23:04 - 2013-01-03 20:19 - 00000773 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-11 17:40 - 2014-05-11 17:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-11 17:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-09 20:44 - 2012-11-21 21:50 - 00000000 ___RD () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-09 19:25 - 2014-05-09 19:25 - 00000322 _____ () C:\Users\Jakob\AppData\Roaming\aps.uninstall.scan.results
2014-05-09 19:22 - 2014-05-09 19:22 - 00006818 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3
2014-05-09 19:22 - 2014-05-09 19:22 - 00005196 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4
2014-05-09 19:22 - 2014-05-09 19:22 - 00004550 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5
2014-05-09 19:22 - 2014-05-09 19:22 - 00004464 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1
2014-05-09 19:22 - 2014-05-09 19:22 - 00004436 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2
2014-05-09 19:22 - 2014-05-09 19:21 - 00004478 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5
2014-05-09 19:22 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00006466 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3
2014-05-09 19:21 - 2014-05-09 19:21 - 00005100 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4
2014-05-09 19:21 - 2014-05-09 19:21 - 00004384 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1
2014-05-09 19:21 - 2014-05-09 19:21 - 00004364 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2
2014-05-09 19:21 - 2014-05-09 19:21 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Re-markit Update
2014-05-09 19:21 - 2014-05-09 19:21 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Re-markit_wd
2014-05-09 19:21 - 2014-05-09 19:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\WPM
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Freeven pro
2014-05-09 19:21 - 2014-01-28 11:48 - 00001680 _____ () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-09 19:21 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-05-09 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-05-09 19:21 - 2012-11-21 22:01 - 00001377 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-09 19:21 - 2012-11-21 22:01 - 00001365 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-06 19:50 - 2014-05-06 19:50 - 00002755 _____ () C:\Users\Public\Desktop\Fran Studio.lnk
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fran Studio
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\Program Files (x86)\FranStudio
2014-05-06 19:50 - 2012-11-21 21:49 - 00000000 ____D () C:\Users\Jakob\AppData\Local\VirtualStore
2014-05-04 04:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-29 18:00 - 2014-05-02 04:33 - 23133184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 16:47 - 2014-05-02 04:33 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-28 19:07 - 2012-11-21 22:19 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-04-23 02:24 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-04-23 02:24 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 10:19 - 2013-02-06 21:55 - 00030208 ___SH () C:\Users\Jakob\Downloads\Thumbs.db
2014-04-13 23:46 - 2013-08-22 16:46 - 00339609 _____ () C:\WINDOWS\setupact.log

Some content of TEMP:
====================
C:\Users\Jakob\AppData\Local\Temp\34630ebe-6eef-4e83-8824-b8dee8da1d9d.exe
C:\Users\Jakob\AppData\Local\Temp\avgnt.exe
C:\Users\Jakob\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jakob\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-12 09:14

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01
Ran by Jakob at 2014-05-12 11:52:37
Running from C:\Users\Jakob\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Ad-Aware Antivirus (HKLM\...\{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 3.8.0.11 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Any DVD Cloner Platinum 1.2.5 (HKLM-x32\...\Any DVD Cloner Platinum_is1) (Version:  - dvdsmith.com)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.3.3.0 - SlySoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EA Download Manager (HKLM-x32\...\EADM) (Version: 7.2.0.32 - Electronic Arts, Inc.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
FranStudioEurop (HKLM-x32\...\{73A413C2-E2AD-4C5E-8291-DFD6BB0A199A}) (Version: 1.25 - Ihr Firmenname)
Freeven pro (HKLM-x32\...\Freeven pro) (Version: 1.34.5.4 - Freeven) <==== ATTENTION
fst_de_7 (HKLM-x32\...\fst_de_7_is1) (Version:  - free_soft_today)
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
MakeMKV v1.8.7 (HKLM-x32\...\MakeMKV) (Version: v1.8.7 - GuinpinSoft inc)
MediaPlayerplus (HKLM-x32\...\MediaPlayerplus) (Version: 1.34.5.4 - Freeven) <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.0.162.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10300 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13200.33.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Re-markit (HKLM-x32\...\18207752-7B25-D11E-66E0-B4094AF95D7F) (Version:  - Re-markit-software) <==== ATTENTION
Rossmann Fotowelt Software 4.12.1 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.5.4.24540 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.30 - Firefly Studios)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
webssearches uninstaller (HKLM-x32\...\webssearches uninstaller) (Version:  - webssearches) <==== ATTENTION
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL) <==== ATTENTION

==================== Restore Points  =========================

22-04-2014 18:50:16 Geplanter Prüfpunkt
01-05-2014 14:01:40 Geplanter Prüfpunkt
04-05-2014 17:27:56 Windows Update
06-05-2014 17:50:08 Installed FranStudioEurop.
09-05-2014 17:21:09 Uniblue SpeedUpMyPC installation
11-05-2014 21:26:59 AA11

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0FA72663-90AB-4F9E-A7BB-82D3366B0B9C} - System32\Tasks\{C09699BF-FF5E-4D85-8605-A7A7D417ACBC} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?LastError=1603
Task: {143D30F2-3FF3-4B13-833C-7E21D2F28685} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit-soft\Re-markite19.exe [2014-05-09] () <==== ATTENTION
Task: {158A1A16-450A-49B7-AC17-5518BEBD8CEB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {1DD803C6-08DC-4E48-B1F4-27141152AC9B} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-4.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {39F6739D-4BEF-480B-9D63-E73D21065A60} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-3.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5638BE3F-CFDB-45B4-9541-C70A7829C481} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {57F7E4D6-8940-422B-9252-85431097DE0F} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6D324D52-E64D-4B0C-AAC0-A9994A0D8B4D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F4C5CB6-A2FA-4845-8BC1-52D6DB9573B5} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BE76A80-1DC7-4486-A36F-73F6D1BD86ED} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1 => C:\Program Files (x86)\Freeven pro\Freeven pro-codedownloader.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {85A079E9-28D8-4E92-BCFD-0532BBF88014} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-2.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9463940B-B0DB-4304-A78B-6FAF15BD3816} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-10] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A64F768F-323C-4FDD-9F3D-80FBD9A53B0A} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {B447318D-DCC3-49C6-8500-34555164C124} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit-soft\Re-markitd.exe <==== ATTENTION
Task: {B5897E89-40E3-4777-A18E-A7BCF0DC99E7} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-5.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D2A05054-224A-49DA-9AC8-C9AD5560EDB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD02520D-C238-46ED-AF2F-32AB0CC19CAE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E921D998-5889-4144-A611-F11C56EAC52D} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1.job => C:\Program Files (x86)\Freeven pro\Freeven pro-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\Re-markite19.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markitd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-01-28 11:35 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-23 16:09 - 2014-01-23 16:09 - 00702744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 03720040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00602984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00268152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00253800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00293744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00607584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00325488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00333688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00219488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00129896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00599920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 01926504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00263536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00490848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00777296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2014-05-09 19:20 - 2014-05-09 19:20 - 00143872 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.exe
2014-05-08 19:40 - 2014-05-08 19:40 - 00051712 _____ () C:\Users\Jakob\AppData\Roaming\VOPackage\VOsrv.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 04114264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2012-10-17 12:38 - 2012-06-08 21:15 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-10-17 12:38 - 2012-06-08 21:15 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-05-09 19:20 - 2014-05-09 19:20 - 00133120 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.dll
2012-10-17 12:34 - 2012-03-07 01:27 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-11 17:40 - 2014-05-11 17:40 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:B946D9EE
AlternateDataStreams: C:\Users\Jakob\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2014 11:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9c88

Startzeit: 01cf6dc6e7734957

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: daf1e0b9-d9ba-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 11:17:20 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 76f0

Startzeit: 01cf6dc2443d20e3

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 37bbf337-d9b6-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 7008

Startzeit: 01cf6dbe85aa0424

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 79293805-d9b2-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:20:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 108c

Startzeit: 01cf6dba54c5e7ed

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 484127b6-d9ae-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2180

Startzeit: 01cf6db623e147c2

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 175e4e4a-d9aa-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:19:40 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1354

Startzeit: 01cf6db1d3e605c7

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: c768b55a-d9a5-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:14:51 AM) (Source: Microsoft-Windows-Defrag) (User: ) (EventID: 257)
Description: Das Volume "System (C:)" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (05/12/2014 09:10:54 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10a8

Startzeit: 01cf6db09ae68cee

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 8e5eb89c-d9a4-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:05:49 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e1c

Startzeit: 01cf6dafe1f25f24

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: d8767c2b-d9a3-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:05:44 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e1c

Startzeit: 01cf6dafe1f25f24

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: d57de075-d9a3-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (05/12/2014 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/12/2014 09:02:28 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/12/2014 09:02:28 AM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/11/2014 05:25:38 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/09/2014 06:35:28 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/08/2014 01:56:57 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/07/2014 05:53:51 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/06/2014 02:35:15 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/05/2014 07:04:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT) (EventID: 20)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073712 fehlgeschlagen: Windows 8.1 Update für x64-basierte Systeme (KB2919355)

Error: (05/05/2014 06:00:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT) (EventID: 20)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073712 fehlgeschlagen: Windows 8.1 Update für x64-basierte Systeme (KB2919355)


Microsoft Office Sessions:
=========================
Error: (05/12/2014 11:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.204619c8801cf6dc6e77349574294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exedaf1e0b9-d9ba-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 11:17:20 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.2046176f001cf6dc2443d20e34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe37bbf337-d9b6-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461700801cf6dbe85aa04244294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe79293805-d9b2-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:20:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461108c01cf6dba54c5e7ed4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe484127b6-d9ae-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461218001cf6db623e147c24294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe175e4e4a-d9aa-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:19:40 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461135401cf6db1d3e605c74294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exec768b55a-d9a5-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:14:51 AM) (Source: Microsoft-Windows-Defrag) (User: ) (EventID: 257)
Description: System (C:)Falscher Parameter. (0x80070057)

Error: (05/12/2014 09:10:54 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.2046110a801cf6db09ae68cee4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe8e5eb89c-d9a4-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:05:49 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461e1c01cf6dafe1f25f244294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exed8767c2b-d9a3-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:05:44 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461e1c01cf6dafe1f25f244294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exed57de075-d9a3-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


CodeIntegrity Errors:
===================================
  Date: 2014-05-11 23:04:19.118
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4BEAE4A-1D5D-4B3A-A8F9-354B846D6F52}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-11 23:04:18.880
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Definition Updates\{554CE6B2-B351-485C-A3E7-CF5A52174467}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 16317.64 MB
Available physical RAM: 13611.58 MB
Total Pagefile: 18749.64 MB
Available Pagefile: 15810.47 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:119.24 GB) (Free:75.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:1709.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: D8991ECE)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA615720)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

hey danke für die schnelle antwort!! hab nur noch ne frage! wenn wa hier jetzt weiter machen würde ich gern wissen ob wir bis halb zwei fertig werden weil ich noch in die spätschicht muss?? sorry


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Jakob (administrator) on CAPTIVA on 12-05-2014 11:52:24
Running from C:\Users\Jakob\Desktop
Platform: Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Users\Jakob\AppData\Roaming\VOPackage\VOsrv.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avgnt.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Lavasoft) C:\ProgramData\Search Protection\SearchProtection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-03-07] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5123216 2012-06-08] (VIA)
HKLM-x32\...\Run: [avgnt] => D:\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Search Protection] => C:\ProgramData\Search Protection\SearchProtection.exe [949512 2014-02-17] (Lavasoft)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\Run: [Steam] => D:\spiele\steam.exe [1823656 2013-12-11] (Valve Corporation)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\Run: [BrowserChoice] => C:\Windows\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\MountPoints2: {3bafcbbd-340d-11e2-be6c-806e6f6e6963} - "E:\csplash.exe" 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13960
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM - {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM-x32 - {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKCU - DefaultScope {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-05-11&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = 
BHO: Freeven pro - {11111111-1111-1111-1111-110511421148} - C:\Program Files (x86)\Freeven pro\Freeven pro-bho64.dll (Freeven)
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: Freeven pro - {11111111-1111-1111-1111-110511421148} - C:\Program Files (x86)\Freeven pro\Freeven pro-bho.dll (Freeven)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default
FF NewTab: hxxp://istart.webssearches.com/newtab/?type=nt&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Freeven pro - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com [2014-05-09]
FF Extension: MediaPlayerplus - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-05-09]
FF Extension: Quick Start - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\quick_start@gmail.com [2014-05-12]
FF Extension: Ad-Aware Security Add-on - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\extensions\quick_start@gmail.com [2014-05-12]
FF HKCU\...\Firefox\Extensions: [{832743CD-6470-9D65-FC83-CDC692326A4A}] - C:\Program Files (x86)\Re-markit-soft\161.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit-soft\161.xpi [2014-05-09]

==================== Services (Whitelisted) =================

R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-07] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.exe [143872 2014-05-09] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 vosr; C:\Users\Jakob\AppData\Roaming\VOPackage\VOsrv.exe [51712 2014-05-08] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-05-09] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-28] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-28] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-12 11:52 - 2014-05-12 11:52 - 00015160 _____ () C:\Users\Jakob\Desktop\FRST.txt
2014-05-12 11:52 - 2014-05-12 11:52 - 00000000 ____D () C:\FRST
2014-05-12 11:50 - 2014-05-12 11:50 - 02066944 _____ (Farbar) C:\Users\Jakob\Desktop\FRST64.exe
2014-05-12 10:58 - 2014-05-12 10:58 - 00000000 _____ () C:\Users\Jakob\Desktop\poo.txt
2014-05-11 23:30 - 2014-05-11 23:30 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\LavasoftStatistics
2014-05-11 23:29 - 2014-05-12 10:05 - 00000000 ____D () C:\Users\Jakob\AppData\Local\adawarebp
2014-05-11 23:29 - 2014-05-12 09:03 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-11 23:29 - 2014-05-12 09:00 - 00002335 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SecureSearch
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Search Protection
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-05-11 23:28 - 2014-05-11 23:28 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-11 23:26 - 2014-05-11 23:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-11 23:04 - 2014-05-11 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-11 17:40 - 2014-05-11 17:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 19:32 - 2014-05-12 09:30 - 00001140 _____ () C:\Users\Jakob\Desktop\Continue VuuPC Installation.lnk
2014-05-09 19:25 - 2014-05-09 19:25 - 00000322 _____ () C:\Users\Jakob\AppData\Roaming\aps.uninstall.scan.results
2014-05-09 19:22 - 2014-05-12 09:00 - 00002192 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job
2014-05-09 19:22 - 2014-05-12 09:00 - 00001546 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job
2014-05-09 19:22 - 2014-05-12 09:00 - 00001460 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job
2014-05-09 19:22 - 2014-05-12 09:00 - 00001432 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job
2014-05-09 19:22 - 2014-05-09 19:22 - 00006818 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3
2014-05-09 19:22 - 2014-05-09 19:22 - 00005196 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4
2014-05-09 19:22 - 2014-05-09 19:22 - 00004550 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5
2014-05-09 19:22 - 2014-05-09 19:22 - 00004464 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1
2014-05-09 19:22 - 2014-05-09 19:22 - 00004436 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2
2014-05-09 19:21 - 2014-05-12 09:03 - 00000422 _____ () C:\WINDOWS\Tasks\Re-markit Update.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00003814 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00003462 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00002096 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00001474 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00001380 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00001360 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2.job
2014-05-09 19:21 - 2014-05-12 09:00 - 00000402 _____ () C:\WINDOWS\Tasks\Re-markit_wd.job
2014-05-09 19:21 - 2014-05-11 23:49 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-05-09 19:21 - 2014-05-11 23:48 - 00000000 ____D () C:\Users\Jakob\AppData\Local\fst_de_7
2014-05-09 19:21 - 2014-05-11 23:48 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-05-09 19:21 - 2014-05-09 19:22 - 00004478 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5
2014-05-09 19:21 - 2014-05-09 19:22 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00006466 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3
2014-05-09 19:21 - 2014-05-09 19:21 - 00005100 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4
2014-05-09 19:21 - 2014-05-09 19:21 - 00004384 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1
2014-05-09 19:21 - 2014-05-09 19:21 - 00004364 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2
2014-05-09 19:21 - 2014-05-09 19:21 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Re-markit Update
2014-05-09 19:21 - 2014-05-09 19:21 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Re-markit_wd
2014-05-09 19:21 - 2014-05-09 19:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\WPM
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Freeven pro
2014-05-06 19:50 - 2014-05-06 19:50 - 00002755 _____ () C:\Users\Public\Desktop\Fran Studio.lnk
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fran Studio
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\Program Files (x86)\FranStudio
2014-05-02 12:57 - 2014-04-09 14:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-02 12:57 - 2014-04-09 05:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-02 12:57 - 2014-04-09 05:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-02 12:57 - 2014-04-09 05:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-02 12:57 - 2014-04-09 05:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-02 04:33 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-02 04:33 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

==================== One Month Modified Files and Folders =======

2014-05-12 11:52 - 2014-05-12 11:52 - 00015160 _____ () C:\Users\Jakob\Desktop\FRST.txt
2014-05-12 11:52 - 2014-05-12 11:52 - 00000000 ____D () C:\FRST
2014-05-12 11:51 - 2014-01-28 12:33 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{28A0F685-3228-4E0C-9A90-AB153C51F873}
2014-05-12 11:50 - 2014-05-12 11:50 - 02066944 _____ (Farbar) C:\Users\Jakob\Desktop\FRST64.exe
2014-05-12 11:07 - 2012-11-21 22:19 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-12 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-12 10:58 - 2014-05-12 10:58 - 00000000 _____ () C:\Users\Jakob\Desktop\poo.txt
2014-05-12 10:58 - 2014-01-28 11:35 - 01711988 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-12 10:05 - 2014-05-11 23:29 - 00000000 ____D () C:\Users\Jakob\AppData\Local\adawarebp
2014-05-12 09:30 - 2014-05-09 19:32 - 00001140 _____ () C:\Users\Jakob\Desktop\Continue VuuPC Installation.lnk
2014-05-12 09:14 - 2012-11-21 21:57 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3066429388-508488622-3996325178-1002
2014-05-12 09:05 - 2013-11-14 09:27 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-12 09:05 - 2013-11-14 09:11 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-05-12 09:05 - 2013-11-14 09:11 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-05-12 09:03 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-12 09:03 - 2014-05-09 19:21 - 00000422 _____ () C:\WINDOWS\Tasks\Re-markit Update.job
2014-05-12 09:02 - 2012-11-21 22:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 09:00 - 2014-05-11 23:29 - 00002335 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-12 09:00 - 2014-05-09 19:22 - 00002192 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job
2014-05-12 09:00 - 2014-05-09 19:22 - 00001546 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job
2014-05-12 09:00 - 2014-05-09 19:22 - 00001460 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job
2014-05-12 09:00 - 2014-05-09 19:22 - 00001432 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00003814 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00003462 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00002096 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00001474 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00001380 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00001360 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2.job
2014-05-12 09:00 - 2014-05-09 19:21 - 00000402 _____ () C:\WINDOWS\Tasks\Re-markit_wd.job
2014-05-12 09:00 - 2014-01-28 11:49 - 00000000 ___RD () C:\Users\Jakob\SkyDrive
2014-05-12 09:00 - 2014-01-28 11:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-12 09:00 - 2013-11-14 00:18 - 00010522 _____ () C:\WINDOWS\PFRO.log
2014-05-12 09:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-12 09:00 - 2013-08-01 15:45 - 00000040 ___SH () C:\ProgramData\.zreglib
2014-05-11 23:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-11 23:49 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-05-11 23:48 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Local\fst_de_7
2014-05-11 23:48 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-05-11 23:39 - 2013-03-03 21:04 - 00000000 ____D () C:\Users\Jakob\Desktop\reifen
2014-05-11 23:30 - 2014-05-11 23:30 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\LavasoftStatistics
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SecureSearch
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Search Protection
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-05-11 23:28 - 2014-05-11 23:28 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-11 23:26 - 2014-05-11 23:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-11 23:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-11 23:04 - 2014-05-11 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-11 23:04 - 2013-01-03 20:19 - 00000773 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-11 17:40 - 2014-05-11 17:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-11 17:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-09 20:44 - 2012-11-21 21:50 - 00000000 ___RD () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-09 19:25 - 2014-05-09 19:25 - 00000322 _____ () C:\Users\Jakob\AppData\Roaming\aps.uninstall.scan.results
2014-05-09 19:22 - 2014-05-09 19:22 - 00006818 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3
2014-05-09 19:22 - 2014-05-09 19:22 - 00005196 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4
2014-05-09 19:22 - 2014-05-09 19:22 - 00004550 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5
2014-05-09 19:22 - 2014-05-09 19:22 - 00004464 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1
2014-05-09 19:22 - 2014-05-09 19:22 - 00004436 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2
2014-05-09 19:22 - 2014-05-09 19:21 - 00004478 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5
2014-05-09 19:22 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00006466 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3
2014-05-09 19:21 - 2014-05-09 19:21 - 00005100 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4
2014-05-09 19:21 - 2014-05-09 19:21 - 00004384 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1
2014-05-09 19:21 - 2014-05-09 19:21 - 00004364 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2
2014-05-09 19:21 - 2014-05-09 19:21 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Re-markit Update
2014-05-09 19:21 - 2014-05-09 19:21 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Re-markit_wd
2014-05-09 19:21 - 2014-05-09 19:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\WPM
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Freeven pro
2014-05-09 19:21 - 2014-01-28 11:48 - 00001680 _____ () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-09 19:21 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-05-09 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-05-09 19:21 - 2012-11-21 22:01 - 00001377 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-09 19:21 - 2012-11-21 22:01 - 00001365 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-06 19:50 - 2014-05-06 19:50 - 00002755 _____ () C:\Users\Public\Desktop\Fran Studio.lnk
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fran Studio
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\Program Files (x86)\FranStudio
2014-05-06 19:50 - 2012-11-21 21:49 - 00000000 ____D () C:\Users\Jakob\AppData\Local\VirtualStore
2014-05-04 04:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-29 18:00 - 2014-05-02 04:33 - 23133184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 16:47 - 2014-05-02 04:33 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-28 19:07 - 2012-11-21 22:19 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-04-23 02:24 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-04-23 02:24 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 10:19 - 2013-02-06 21:55 - 00030208 ___SH () C:\Users\Jakob\Downloads\Thumbs.db
2014-04-13 23:46 - 2013-08-22 16:46 - 00339609 _____ () C:\WINDOWS\setupact.log

Some content of TEMP:
====================
C:\Users\Jakob\AppData\Local\Temp\34630ebe-6eef-4e83-8824-b8dee8da1d9d.exe
C:\Users\Jakob\AppData\Local\Temp\avgnt.exe
C:\Users\Jakob\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jakob\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-12 09:14

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 12.05.2014, 11:43   #4
Jack83
 
Windows Version Installer - Standard

Windows Version Installer



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01
Ran by Jakob at 2014-05-12 11:52:37
Running from C:\Users\Jakob\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Ad-Aware Antivirus (HKLM\...\{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 3.8.0.11 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Any DVD Cloner Platinum 1.2.5 (HKLM-x32\...\Any DVD Cloner Platinum_is1) (Version:  - dvdsmith.com)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.3.3.0 - SlySoft)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EA Download Manager (HKLM-x32\...\EADM) (Version: 7.2.0.32 - Electronic Arts, Inc.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
FranStudioEurop (HKLM-x32\...\{73A413C2-E2AD-4C5E-8291-DFD6BB0A199A}) (Version: 1.25 - Ihr Firmenname)
Freeven pro (HKLM-x32\...\Freeven pro) (Version: 1.34.5.4 - Freeven) <==== ATTENTION
fst_de_7 (HKLM-x32\...\fst_de_7_is1) (Version:  - free_soft_today)
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
MakeMKV v1.8.7 (HKLM-x32\...\MakeMKV) (Version: v1.8.7 - GuinpinSoft inc)
MediaPlayerplus (HKLM-x32\...\MediaPlayerplus) (Version: 1.34.5.4 - Freeven) <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.0.162.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10300 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13200.33.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Re-markit (HKLM-x32\...\18207752-7B25-D11E-66E0-B4094AF95D7F) (Version:  - Re-markit-software) <==== ATTENTION
Rossmann Fotowelt Software 4.12.1 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.5.4.24540 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.30 - Firefly Studios)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
webssearches uninstaller (HKLM-x32\...\webssearches uninstaller) (Version:  - webssearches) <==== ATTENTION
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL) <==== ATTENTION

==================== Restore Points  =========================

22-04-2014 18:50:16 Geplanter Prüfpunkt
01-05-2014 14:01:40 Geplanter Prüfpunkt
04-05-2014 17:27:56 Windows Update
06-05-2014 17:50:08 Installed FranStudioEurop.
09-05-2014 17:21:09 Uniblue SpeedUpMyPC installation
11-05-2014 21:26:59 AA11

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0FA72663-90AB-4F9E-A7BB-82D3366B0B9C} - System32\Tasks\{C09699BF-FF5E-4D85-8605-A7A7D417ACBC} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?LastError=1603
Task: {143D30F2-3FF3-4B13-833C-7E21D2F28685} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit-soft\Re-markite19.exe [2014-05-09] () <==== ATTENTION
Task: {158A1A16-450A-49B7-AC17-5518BEBD8CEB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {1DD803C6-08DC-4E48-B1F4-27141152AC9B} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-4.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {39F6739D-4BEF-480B-9D63-E73D21065A60} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-3.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5638BE3F-CFDB-45B4-9541-C70A7829C481} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {57F7E4D6-8940-422B-9252-85431097DE0F} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6D324D52-E64D-4B0C-AAC0-A9994A0D8B4D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F4C5CB6-A2FA-4845-8BC1-52D6DB9573B5} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BE76A80-1DC7-4486-A36F-73F6D1BD86ED} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1 => C:\Program Files (x86)\Freeven pro\Freeven pro-codedownloader.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {85A079E9-28D8-4E92-BCFD-0532BBF88014} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-2.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9463940B-B0DB-4304-A78B-6FAF15BD3816} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-10] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A64F768F-323C-4FDD-9F3D-80FBD9A53B0A} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {B447318D-DCC3-49C6-8500-34555164C124} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit-soft\Re-markitd.exe <==== ATTENTION
Task: {B5897E89-40E3-4777-A18E-A7BCF0DC99E7} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-5.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D2A05054-224A-49DA-9AC8-C9AD5560EDB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD02520D-C238-46ED-AF2F-32AB0CC19CAE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E921D998-5889-4144-A611-F11C56EAC52D} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1.job => C:\Program Files (x86)\Freeven pro\Freeven pro-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\Re-markite19.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markitd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-01-28 11:35 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-23 16:09 - 2014-01-23 16:09 - 00702744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 03720040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00602984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00268152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00253800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00293744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00607584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00325488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00333688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00219488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00129896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00599920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 01926504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00263536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00490848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00777296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2014-05-09 19:20 - 2014-05-09 19:20 - 00143872 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.exe
2014-05-08 19:40 - 2014-05-08 19:40 - 00051712 _____ () C:\Users\Jakob\AppData\Roaming\VOPackage\VOsrv.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 04114264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2012-10-17 12:38 - 2012-06-08 21:15 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-10-17 12:38 - 2012-06-08 21:15 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-05-09 19:20 - 2014-05-09 19:20 - 00133120 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.dll
2012-10-17 12:34 - 2012-03-07 01:27 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-11 17:40 - 2014-05-11 17:40 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:B946D9EE
AlternateDataStreams: C:\Users\Jakob\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2014 11:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9c88

Startzeit: 01cf6dc6e7734957

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: daf1e0b9-d9ba-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 11:17:20 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 76f0

Startzeit: 01cf6dc2443d20e3

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 37bbf337-d9b6-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 7008

Startzeit: 01cf6dbe85aa0424

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 79293805-d9b2-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:20:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 108c

Startzeit: 01cf6dba54c5e7ed

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 484127b6-d9ae-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2180

Startzeit: 01cf6db623e147c2

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 175e4e4a-d9aa-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:19:40 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1354

Startzeit: 01cf6db1d3e605c7

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: c768b55a-d9a5-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:14:51 AM) (Source: Microsoft-Windows-Defrag) (User: ) (EventID: 257)
Description: Das Volume "System (C:)" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (05/12/2014 09:10:54 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10a8

Startzeit: 01cf6db09ae68cee

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 8e5eb89c-d9a4-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:05:49 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e1c

Startzeit: 01cf6dafe1f25f24

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: d8767c2b-d9a3-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:05:44 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e1c

Startzeit: 01cf6dafe1f25f24

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: d57de075-d9a3-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (05/12/2014 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/12/2014 09:02:28 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/12/2014 09:02:28 AM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/11/2014 05:25:38 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/09/2014 06:35:28 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/08/2014 01:56:57 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/07/2014 05:53:51 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/06/2014 02:35:15 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/05/2014 07:04:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT) (EventID: 20)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073712 fehlgeschlagen: Windows 8.1 Update für x64-basierte Systeme (KB2919355)

Error: (05/05/2014 06:00:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT) (EventID: 20)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073712 fehlgeschlagen: Windows 8.1 Update für x64-basierte Systeme (KB2919355)


Microsoft Office Sessions:
=========================
Error: (05/12/2014 11:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.204619c8801cf6dc6e77349574294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exedaf1e0b9-d9ba-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 11:17:20 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.2046176f001cf6dc2443d20e34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe37bbf337-d9b6-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461700801cf6dbe85aa04244294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe79293805-d9b2-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:20:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461108c01cf6dba54c5e7ed4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe484127b6-d9ae-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461218001cf6db623e147c24294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe175e4e4a-d9aa-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:19:40 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461135401cf6db1d3e605c74294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exec768b55a-d9a5-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:14:51 AM) (Source: Microsoft-Windows-Defrag) (User: ) (EventID: 257)
Description: System (C:)Falscher Parameter. (0x80070057)

Error: (05/12/2014 09:10:54 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.2046110a801cf6db09ae68cee4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe8e5eb89c-d9a4-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:05:49 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461e1c01cf6dafe1f25f244294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exed8767c2b-d9a3-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:05:44 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461e1c01cf6dafe1f25f244294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exed57de075-d9a3-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


CodeIntegrity Errors:
===================================
  Date: 2014-05-11 23:04:19.118
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4BEAE4A-1D5D-4B3A-A8F9-354B846D6F52}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-11 23:04:18.880
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Definition Updates\{554CE6B2-B351-485C-A3E7-CF5A52174467}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 16%
Total physical RAM: 16317.64 MB
Available physical RAM: 13611.58 MB
Total Pagefile: 18749.64 MB
Available Pagefile: 15810.47 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:119.24 GB) (Free:75.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:1709.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: D8991ECE)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA615720)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Jakob (administrator) on CAPTIVA on 12-05-2014 12:36:16
Running from C:\Users\Jakob\Desktop
Platform: Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Users\Jakob\AppData\Roaming\VOPackage\VOsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avgnt.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Lavasoft) C:\ProgramData\Search Protection\SearchProtection.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [4114264 2014-01-23] ()
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-03-07] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5123216 2012-06-08] (VIA)
HKLM-x32\...\Run: [avgnt] => D:\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Search Protection] => C:\ProgramData\Search Protection\SearchProtection.exe [949512 2014-02-17] (Lavasoft)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\Run: [Steam] => D:\spiele\steam.exe [1823656 2013-12-11] (Valve Corporation)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\Run: [BrowserChoice] => C:\Windows\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3066429388-508488622-3996325178-1002\...\MountPoints2: {3bafcbbd-340d-11e2-be6c-806e6f6e6963} - "E:\csplash.exe" 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13960
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM - {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKLM-x32 - {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKCU - DefaultScope {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-05-11&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {5515406B-7305-4B62-BD86-4A66C01A4B99} URL = 
BHO: Freeven pro - {11111111-1111-1111-1111-110511421148} - C:\Program Files (x86)\Freeven pro\Freeven pro-bho64.dll (Freeven)
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: Freeven pro - {11111111-1111-1111-1111-110511421148} - C:\Program Files (x86)\Freeven pro\Freeven pro-bho.dll (Freeven)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default
FF NewTab: hxxp://istart.webssearches.com/newtab/?type=nt&ts=1399656065&from=tugs&uid=SAMSUNGXSSDX830XSeries_S0Z3NSAC905308
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Freeven pro - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\a0046b9b-fdb9-497f-a4b1-2a108ad6007a@5cdf80b7-0420-4bb7-b3c0-e188e6f4fb8a.com [2014-05-09]
FF Extension: MediaPlayerplus - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-05-09]
FF Extension: Quick Start - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\quick_start@gmail.com [2014-05-12]
FF Extension: Ad-Aware Security Add-on - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\hkn1629v.default\extensions\quick_start@gmail.com [2014-05-12]
FF HKCU\...\Firefox\Extensions: [{832743CD-6470-9D65-FC83-CDC692326A4A}] - C:\Program Files (x86)\Re-markit-soft\161.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit-soft\161.xpi [2014-05-09]

==================== Services (Whitelisted) =================

R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-07] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [702744 2014-01-23] ()
R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.exe [143872 2014-05-09] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies, Inc.)
R2 vosr; C:\Users\Jakob\AppData\Roaming\VOPackage\VOsrv.exe [51712 2014-05-08] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-05-09] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-28] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-28] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-12 12:35 - 2014-05-12 12:35 - 00000024 _____ () C:\WINDOWS\B0C63AF062C425F7.log
2014-05-12 11:52 - 2014-05-12 12:36 - 00014940 _____ () C:\Users\Jakob\Desktop\FRST.txt
2014-05-12 11:52 - 2014-05-12 12:36 - 00000000 ____D () C:\FRST
2014-05-12 11:50 - 2014-05-12 11:50 - 02066944 _____ (Farbar) C:\Users\Jakob\Desktop\FRST64.exe
2014-05-11 23:30 - 2014-05-11 23:30 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\LavasoftStatistics
2014-05-11 23:29 - 2014-05-12 10:05 - 00000000 ____D () C:\Users\Jakob\AppData\Local\adawarebp
2014-05-11 23:29 - 2014-05-12 09:03 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-11 23:29 - 2014-05-12 09:00 - 00002335 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SecureSearch
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Search Protection
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-05-11 23:28 - 2014-05-11 23:28 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-11 23:26 - 2014-05-11 23:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-11 23:04 - 2014-05-11 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-11 17:40 - 2014-05-11 17:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 19:32 - 2014-05-12 09:30 - 00001140 _____ () C:\Users\Jakob\Desktop\Continue VuuPC Installation.lnk
2014-05-09 19:25 - 2014-05-09 19:25 - 00000322 _____ () C:\Users\Jakob\AppData\Roaming\aps.uninstall.scan.results
2014-05-09 19:22 - 2014-05-12 12:35 - 00002192 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job
2014-05-09 19:22 - 2014-05-12 12:35 - 00001546 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job
2014-05-09 19:22 - 2014-05-12 12:35 - 00001460 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job
2014-05-09 19:22 - 2014-05-12 12:35 - 00001432 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job
2014-05-09 19:22 - 2014-05-09 19:22 - 00006818 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3
2014-05-09 19:22 - 2014-05-09 19:22 - 00005196 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4
2014-05-09 19:22 - 2014-05-09 19:22 - 00004550 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5
2014-05-09 19:22 - 2014-05-09 19:22 - 00004464 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1
2014-05-09 19:22 - 2014-05-09 19:22 - 00004436 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2
2014-05-09 19:21 - 2014-05-12 12:35 - 00003814 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job
2014-05-09 19:21 - 2014-05-12 12:35 - 00003462 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job
2014-05-09 19:21 - 2014-05-12 12:35 - 00002096 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4.job
2014-05-09 19:21 - 2014-05-12 12:35 - 00001474 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5.job
2014-05-09 19:21 - 2014-05-12 12:35 - 00001380 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1.job
2014-05-09 19:21 - 2014-05-12 12:35 - 00001360 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2.job
2014-05-09 19:21 - 2014-05-12 12:35 - 00000422 _____ () C:\WINDOWS\Tasks\Re-markit Update.job
2014-05-09 19:21 - 2014-05-12 12:35 - 00000402 _____ () C:\WINDOWS\Tasks\Re-markit_wd.job
2014-05-09 19:21 - 2014-05-11 23:49 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-05-09 19:21 - 2014-05-11 23:48 - 00000000 ____D () C:\Users\Jakob\AppData\Local\fst_de_7
2014-05-09 19:21 - 2014-05-11 23:48 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-05-09 19:21 - 2014-05-09 19:22 - 00004478 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5
2014-05-09 19:21 - 2014-05-09 19:22 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00006466 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3
2014-05-09 19:21 - 2014-05-09 19:21 - 00005100 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4
2014-05-09 19:21 - 2014-05-09 19:21 - 00004384 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1
2014-05-09 19:21 - 2014-05-09 19:21 - 00004364 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2
2014-05-09 19:21 - 2014-05-09 19:21 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Re-markit Update
2014-05-09 19:21 - 2014-05-09 19:21 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Re-markit_wd
2014-05-09 19:21 - 2014-05-09 19:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\WPM
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Freeven pro
2014-05-06 19:50 - 2014-05-06 19:50 - 00002755 _____ () C:\Users\Public\Desktop\Fran Studio.lnk
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fran Studio
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\Program Files (x86)\FranStudio
2014-05-02 12:57 - 2014-04-09 14:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-02 12:57 - 2014-04-09 05:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-02 12:57 - 2014-04-09 05:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-02 12:57 - 2014-04-09 05:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-02 12:57 - 2014-04-09 05:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-02 04:33 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-02 04:33 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

==================== One Month Modified Files and Folders =======

2014-05-12 12:36 - 2014-05-12 11:52 - 00014940 _____ () C:\Users\Jakob\Desktop\FRST.txt
2014-05-12 12:36 - 2014-05-12 11:52 - 00000000 ____D () C:\FRST
2014-05-12 12:35 - 2014-05-12 12:35 - 00000024 _____ () C:\WINDOWS\B0C63AF062C425F7.log
2014-05-12 12:35 - 2014-05-09 19:22 - 00002192 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job
2014-05-12 12:35 - 2014-05-09 19:22 - 00001546 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job
2014-05-12 12:35 - 2014-05-09 19:22 - 00001460 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job
2014-05-12 12:35 - 2014-05-09 19:22 - 00001432 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job
2014-05-12 12:35 - 2014-05-09 19:21 - 00003814 _____ () C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job
2014-05-12 12:35 - 2014-05-09 19:21 - 00003462 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job
2014-05-12 12:35 - 2014-05-09 19:21 - 00002096 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4.job
2014-05-12 12:35 - 2014-05-09 19:21 - 00001474 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5.job
2014-05-12 12:35 - 2014-05-09 19:21 - 00001380 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1.job
2014-05-12 12:35 - 2014-05-09 19:21 - 00001360 _____ () C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2.job
2014-05-12 12:35 - 2014-05-09 19:21 - 00000422 _____ () C:\WINDOWS\Tasks\Re-markit Update.job
2014-05-12 12:35 - 2014-05-09 19:21 - 00000402 _____ () C:\WINDOWS\Tasks\Re-markit_wd.job
2014-05-12 12:22 - 2014-01-28 12:33 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{28A0F685-3228-4E0C-9A90-AB153C51F873}
2014-05-12 12:07 - 2012-11-21 22:19 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-12 11:50 - 2014-05-12 11:50 - 02066944 _____ (Farbar) C:\Users\Jakob\Desktop\FRST64.exe
2014-05-12 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-12 10:58 - 2014-01-28 11:35 - 01711988 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-12 10:05 - 2014-05-11 23:29 - 00000000 ____D () C:\Users\Jakob\AppData\Local\adawarebp
2014-05-12 09:30 - 2014-05-09 19:32 - 00001140 _____ () C:\Users\Jakob\Desktop\Continue VuuPC Installation.lnk
2014-05-12 09:14 - 2012-11-21 21:57 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3066429388-508488622-3996325178-1002
2014-05-12 09:05 - 2013-11-14 09:27 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-12 09:05 - 2013-11-14 09:11 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-05-12 09:05 - 2013-11-14 09:11 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-05-12 09:03 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-12 09:02 - 2012-11-21 22:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 09:00 - 2014-05-11 23:29 - 00002335 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-05-12 09:00 - 2014-01-28 11:49 - 00000000 ___RD () C:\Users\Jakob\SkyDrive
2014-05-12 09:00 - 2014-01-28 11:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-12 09:00 - 2013-11-14 00:18 - 00010522 _____ () C:\WINDOWS\PFRO.log
2014-05-12 09:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-12 09:00 - 2013-08-01 15:45 - 00000040 ___SH () C:\ProgramData\.zreglib
2014-05-11 23:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-11 23:49 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-05-11 23:48 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Local\fst_de_7
2014-05-11 23:48 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-05-11 23:39 - 2013-03-03 21:04 - 00000000 ____D () C:\Users\Jakob\Desktop\reifen
2014-05-11 23:30 - 2014-05-11 23:30 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\LavasoftStatistics
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SecureSearch
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Search Protection
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files\Lavasoft
2014-05-11 23:29 - 2014-05-11 23:29 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-05-11 23:28 - 2014-05-11 23:28 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Lavasoft
2014-05-11 23:27 - 2014-05-11 23:27 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-05-11 23:26 - 2014-05-11 23:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-05-11 23:05 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-11 23:04 - 2014-05-11 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-11 23:04 - 2013-01-03 20:19 - 00000773 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-11 17:40 - 2014-05-11 17:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-11 17:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-09 20:44 - 2012-11-21 21:50 - 00000000 ___RD () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-09 19:25 - 2014-05-09 19:25 - 00000322 _____ () C:\Users\Jakob\AppData\Roaming\aps.uninstall.scan.results
2014-05-09 19:22 - 2014-05-09 19:22 - 00006818 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3
2014-05-09 19:22 - 2014-05-09 19:22 - 00005196 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4
2014-05-09 19:22 - 2014-05-09 19:22 - 00004550 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5
2014-05-09 19:22 - 2014-05-09 19:22 - 00004464 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1
2014-05-09 19:22 - 2014-05-09 19:22 - 00004436 _____ () C:\WINDOWS\System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2
2014-05-09 19:22 - 2014-05-09 19:21 - 00004478 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5
2014-05-09 19:22 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00006466 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3
2014-05-09 19:21 - 2014-05-09 19:21 - 00005100 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4
2014-05-09 19:21 - 2014-05-09 19:21 - 00004384 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1
2014-05-09 19:21 - 2014-05-09 19:21 - 00004364 _____ () C:\WINDOWS\System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2
2014-05-09 19:21 - 2014-05-09 19:21 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Re-markit Update
2014-05-09 19:21 - 2014-05-09 19:21 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Re-markit_wd
2014-05-09 19:21 - 2014-05-09 19:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\SupTab
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\WPM
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\ProgramData\IePluginService
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-05-09 19:21 - 2014-05-09 19:21 - 00000000 ____D () C:\Program Files (x86)\Freeven pro
2014-05-09 19:21 - 2014-01-28 11:48 - 00001680 _____ () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-09 19:21 - 2013-08-22 17:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-05-09 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-05-09 19:21 - 2012-11-21 22:01 - 00001377 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-09 19:21 - 2012-11-21 22:01 - 00001365 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-06 19:50 - 2014-05-06 19:50 - 00002755 _____ () C:\Users\Public\Desktop\Fran Studio.lnk
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fran Studio
2014-05-06 19:50 - 2014-05-06 19:50 - 00000000 ____D () C:\Program Files (x86)\FranStudio
2014-05-06 19:50 - 2012-11-21 21:49 - 00000000 ____D () C:\Users\Jakob\AppData\Local\VirtualStore
2014-05-04 04:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-29 18:00 - 2014-05-02 04:33 - 23133184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 16:47 - 2014-05-02 04:33 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-28 19:07 - 2012-11-21 22:19 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-04-23 02:24 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-04-23 02:24 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 10:19 - 2013-02-06 21:55 - 00030208 ___SH () C:\Users\Jakob\Downloads\Thumbs.db
2014-04-13 23:46 - 2013-08-22 16:46 - 00339609 _____ () C:\WINDOWS\setupact.log

Some content of TEMP:
====================
C:\Users\Jakob\AppData\Local\Temp\34630ebe-6eef-4e83-8824-b8dee8da1d9d.exe
C:\Users\Jakob\AppData\Local\Temp\avgnt.exe
C:\Users\Jakob\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jakob\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-12 09:14

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

hi, ich wollte noch ein scan machen doch ich bekomm die addition.txt nicht!! mach ich was falsch??

Alt 13.05.2014, 08:22   #5
Jack83
 
Windows Version Installer - Standard

Windows Version Installer



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01
Ran by Jakob at 2014-05-12 12:45:34
Running from C:\Users\Jakob\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Ad-Aware Antivirus (HKLM\...\{6A16ADA5-0B30-4893-84AB-961B1340D14A}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 3.8.0.11 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EA Download Manager (HKLM-x32\...\EADM) (Version: 7.2.0.32 - Electronic Arts, Inc.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
FranStudioEurop (HKLM-x32\...\{73A413C2-E2AD-4C5E-8291-DFD6BB0A199A}) (Version: 1.25 - Ihr Firmenname)
Freeven pro (HKLM-x32\...\Freeven pro) (Version: 1.34.5.4 - Freeven) <==== ATTENTION
fst_de_7 (HKLM-x32\...\fst_de_7_is1) (Version:  - free_soft_today)
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
MakeMKV v1.8.7 (HKLM-x32\...\MakeMKV) (Version: v1.8.7 - GuinpinSoft inc)
MediaPlayerplus (HKLM-x32\...\MediaPlayerplus) (Version: 1.34.5.4 - Freeven) <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.0.162.0 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.11900.1.9 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18400.9.0 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.11400.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11900.20.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10300 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13200.33.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{ADEF1F0B-635E-4041-B50F-A510C1B4D2C5}) (Version: 10.5.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Re-markit (HKLM-x32\...\18207752-7B25-D11E-66E0-B4094AF95D7F) (Version:  - Re-markit-software) <==== ATTENTION
Rossmann Fotowelt Software 4.12.1 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Skype™ 6.1 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.5.4.24540 - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.30 - Firefly Studios)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
webssearches uninstaller (HKLM-x32\...\webssearches uninstaller) (Version:  - webssearches) <==== ATTENTION
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION
YTD Video Downloader 4.7.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.1 - GreenTree Applications SRL) <==== ATTENTION

==================== Restore Points  =========================

22-04-2014 18:50:16 Geplanter Prüfpunkt
01-05-2014 14:01:40 Geplanter Prüfpunkt
04-05-2014 17:27:56 Windows Update
06-05-2014 17:50:08 Installed FranStudioEurop.
09-05-2014 17:21:09 Uniblue SpeedUpMyPC installation
11-05-2014 21:26:59 AA11

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0FA72663-90AB-4F9E-A7BB-82D3366B0B9C} - System32\Tasks\{C09699BF-FF5E-4D85-8605-A7A7D417ACBC} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/go/help.faq.installer?LastError=1603
Task: {143D30F2-3FF3-4B13-833C-7E21D2F28685} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit-soft\Re-markite19.exe [2014-05-09] () <==== ATTENTION
Task: {158A1A16-450A-49B7-AC17-5518BEBD8CEB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2012-11-02] (Microsoft Corporation)
Task: {1DD803C6-08DC-4E48-B1F4-27141152AC9B} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-4.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {39F6739D-4BEF-480B-9D63-E73D21065A60} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-3.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5638BE3F-CFDB-45B4-9541-C70A7829C481} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {57F7E4D6-8940-422B-9252-85431097DE0F} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6CD26E97-7A19-4521-84C5-7B9AD42B8F7B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-04-10] (Microsoft Corporation)
Task: {6D324D52-E64D-4B0C-AAC0-A9994A0D8B4D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2012-11-02] (Microsoft)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F4C5CB6-A2FA-4845-8BC1-52D6DB9573B5} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BE76A80-1DC7-4486-A36F-73F6D1BD86ED} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1 => C:\Program Files (x86)\Freeven pro\Freeven pro-codedownloader.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {85A079E9-28D8-4E92-BCFD-0532BBF88014} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-2.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A64F768F-323C-4FDD-9F3D-80FBD9A53B0A} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {B447318D-DCC3-49C6-8500-34555164C124} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit-soft\Re-markitd.exe <==== ATTENTION
Task: {B5897E89-40E3-4777-A18E-A7BCF0DC99E7} - System32\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5 => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-5.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D2A05054-224A-49DA-9AC8-C9AD5560EDB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD02520D-C238-46ED-AF2F-32AB0CC19CAE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2012-11-02] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E921D998-5889-4144-A611-F11C56EAC52D} - System32\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2 => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.exe [2014-05-09] (Freeven) <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-1.job => C:\Program Files (x86)\Freeven pro\Freeven pro-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-2.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-3.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-4.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\1795578a-7254-462f-b3da-d2c4a8de3dce-5.job => C:\Program Files (x86)\Freeven pro\1795578a-7254-462f-b3da-d2c4a8de3dce-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.job => C:\Program Files (x86)\MediaPlayerplus\621fa3bd-d121-43bf-b9d9-362ccc506d29-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\Re-markite19.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markitd.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-01-23 16:09 - 2014-01-23 16:09 - 00702744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:30 - 2014-01-23 16:30 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 03720040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 02595144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00602984 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00268152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00253800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00293744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00607584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00325488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00333688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00219488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00129896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00599920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 01926504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00263536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00490848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:30 - 2014-01-23 16:30 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00291680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00777296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2014-05-09 19:20 - 2014-05-09 19:20 - 00143872 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.exe
2014-05-08 19:40 - 2014-05-08 19:40 - 00051712 _____ () C:\Users\Jakob\AppData\Roaming\VOPackage\VOsrv.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 02141040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareShellExtension.dll
2014-01-28 11:35 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 04114264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:29 - 2014-01-23 16:29 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00788848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2012-10-17 12:38 - 2012-06-08 21:15 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-10-17 12:38 - 2012-06-08 21:15 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-05-09 19:20 - 2014-05-09 19:20 - 00133120 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfy161.dll
2012-10-17 12:34 - 2012-03-07 01:27 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-11 17:40 - 2014-05-11 17:40 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:B946D9EE
AlternateDataStreams: C:\Users\Jakob\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2014 00:40:22 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a054

Startzeit: 01cf6dcddde46fa8

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: d1646ad3-d9c1-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 00:29:00 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x030e0fe3
ID des fehlerhaften Prozesses: 0xb1cc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (05/12/2014 00:28:58 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x030e0fe3
ID des fehlerhaften Prozesses: 0xb1cc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (05/12/2014 00:20:18 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 71c4

Startzeit: 01cf6dcb1053e0f5

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 03d2d9c9-d9bf-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 11:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9c88

Startzeit: 01cf6dc6e7734957

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: daf1e0b9-d9ba-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 11:17:20 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 76f0

Startzeit: 01cf6dc2443d20e3

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 37bbf337-d9b6-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 7008

Startzeit: 01cf6dbe85aa0424

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 79293805-d9b2-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:20:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 108c

Startzeit: 01cf6dba54c5e7ed

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 484127b6-d9ae-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2180

Startzeit: 01cf6db623e147c2

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 175e4e4a-d9aa-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:19:40 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Programm LiveComm.exe, Version 17.5.9600.20461 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1354

Startzeit: 01cf6db1d3e605c7

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: c768b55a-d9a5-11e3-be93-50465d06963f

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (05/12/2014 10:00:00 AM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/12/2014 09:02:28 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/12/2014 09:02:28 AM) (Source: Service Control Manager) (User: ) (EventID: 7038)
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/11/2014 05:25:38 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/09/2014 06:35:28 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/08/2014 01:56:57 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/07/2014 05:53:51 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/06/2014 02:35:15 PM) (Source: DCOM) (User: NT-AUTORITÄT) (EventID: 10016)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/05/2014 07:04:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT) (EventID: 20)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073712 fehlgeschlagen: Windows 8.1 Update für x64-basierte Systeme (KB2919355)

Error: (05/05/2014 06:00:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT) (EventID: 20)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073712 fehlgeschlagen: Windows 8.1 Update für x64-basierte Systeme (KB2919355)


Microsoft Office Sessions:
=========================
Error: (05/12/2014 00:40:22 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461a05401cf6dcddde46fa84294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exed1646ad3-d9c1-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 00:29:00 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: IEXPLORE.EXE11.0.9600.1651852f347b2unknown0.0.0.000000000c000041d030e0fe3b1cc01cf6dccf55e2709C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown3ad61324-d9c0-11e3-be93-50465d06963f

Error: (05/12/2014 00:28:58 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: IEXPLORE.EXE11.0.9600.1651852f347b2unknown0.0.0.000000000c0000005030e0fe3b1cc01cf6dccf55e2709C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown39e21596-d9c0-11e3-be93-50465d06963f

Error: (05/12/2014 00:20:18 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.2046171c401cf6dcb1053e0f54294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe03d2d9c9-d9bf-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 11:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.204619c8801cf6dc6e77349574294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exedaf1e0b9-d9ba-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 11:17:20 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.2046176f001cf6dc2443d20e34294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe37bbf337-d9b6-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461700801cf6dbe85aa04244294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe79293805-d9b2-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 10:20:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461108c01cf6dba54c5e7ed4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe484127b6-d9ae-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:50:32 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461218001cf6db623e147c24294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exe175e4e4a-d9aa-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (05/12/2014 09:19:40 AM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: LiveComm.exe17.5.9600.20461135401cf6db1d3e605c74294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\LiveComm.exec768b55a-d9a5-11e3-be93-50465d06963fmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


CodeIntegrity Errors:
===================================
  Date: 2014-05-11 23:04:19.118
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Definition Updates\{F4BEAE4A-1D5D-4B3A-A8F9-354B846D6F52}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-05-11 23:04:18.880
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Definition Updates\{554CE6B2-B351-485C-A3E7-CF5A52174467}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 13%
Total physical RAM: 16317.64 MB
Available physical RAM: 14058.57 MB
Total Pagefile: 18749.64 MB
Available Pagefile: 16225.72 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:119.24 GB) (Free:75.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:1709.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: D8991ECE)
Partition 1: (Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA615720)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================
         
so hab es doch geschaft! hoffentlich erkennst du da was, was nach der spyware aussieht!!!

hallo. ich versteh nicht warum ich keine antwort mehr bekomme???hab ich die sachen eingefügt?? ich würde gern eien antwort bekommen wenn es nicht zu viel mühe macht!! danke

hey leute bin etwas verwundert warum es nicht weiter geht?? hab ich die falschen sachen hier eingefügt?? wenn ja, dann würde ich gern ne ganauere beschreibung haben!! hab da leider nicht so die ahnung: danke schon mal.

ich seh schon hier wird mir auch nicht geholfen!!


Alt 14.05.2014, 07:47   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Version Installer - Standard

Windows Version Installer



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13960
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Windows Version Installer

Antwort

Themen zu Windows Version Installer
abgebrochen, ad-ware, antivir, blockiert, englisch, erschein, erscheint, folge, folgendes, gefunde, hilfe, installer, meldung, problem, rechner, spyware, version, windows, windows 8, windows version installer



Ähnliche Themen: Windows Version Installer


  1. windows version installer 2011-2014
    Plagegeister aller Art und deren Bekämpfung - 10.08.2015 (4)
  2. Windows Version Installer
    Plagegeister aller Art und deren Bekämpfung - 24.02.2015 (19)
  3. Windows Version Installer Problem
    Mülltonne - 06.01.2015 (3)
  4. Windows Installer Version 2011-2014
    Plagegeister aller Art und deren Bekämpfung - 02.01.2015 (1)
  5. Windows 7 : Windows Version Installer Overlay und Continue Live Installation.exe verschwindet nicht.
    Log-Analyse und Auswertung - 09.10.2014 (9)
  6. Windows Version Installer
    Plagegeister aller Art und deren Bekämpfung - 16.09.2014 (13)
  7. windows version installer
    Log-Analyse und Auswertung - 07.09.2014 (16)
  8. Windows Version Installer
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (13)
  9. Windows Version Installer
    Log-Analyse und Auswertung - 11.07.2014 (16)
  10. Windows Version Installer
    Log-Analyse und Auswertung - 25.06.2014 (15)
  11. Windows Installer Version / RegCleanPro / Flackernder Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 25.06.2014 (5)
  12. Windows Version Installer 2011-2014
    Plagegeister aller Art und deren Bekämpfung - 13.06.2014 (24)
  13. Windows Version Installer 2011-2014
    Plagegeister aller Art und deren Bekämpfung - 13.06.2014 (1)
  14. Windows Version Installer
    Log-Analyse und Auswertung - 02.06.2014 (8)
  15. Windows Version Installer
    Mülltonne - 26.05.2014 (1)
  16. Windows Version Installer 2011-2014
    Plagegeister aller Art und deren Bekämpfung - 06.05.2014 (7)
  17. Windows Version Installer
    Log-Analyse und Auswertung - 26.04.2014 (13)

Zum Thema Windows Version Installer - Hallo, ich habe folgendes Problem mit der Meldung " Windows Version Installer" die immer auf Englisch erscheint!! Ich habe diese Meldung immer blockiert und abgebrochen!! Dann habe ich mal den - Windows Version Installer...
Archiv
Du betrachtest: Windows Version Installer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.