Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 22.12.2014, 17:51   #1
liaralia
 
Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool - Standard

Problem: Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool



Ich habe langsam ein schlechtes Gewissen und es tut mir unglaublich leid so viel hier zu Fragen.
Aber jetzt ist keine Weihnachtszeit bei mir, nein. Es ist Bluescreenzeit. Und wir freuen uns alle ganz doll ...

System ist nach wie vor in Samsung Chronos 7 Serie NP770Z5E
Windows 8.1, keine SSD Platte, normale Platte.


Seit ca einer Dreiviertelstunde würde ich das Teil am liebsten gegen die Wand klatschen. Mein Vater hat eben kaspersky runtergeladen und installiert ( er hat nicht wie ich ihm gesagt habe erst Avast deinstallieren ). Nachdem ich dann Kaspersky schließen wollte und avast deinstallieren wollte hat sich der gesamte laptop eingefroren. Sofort besagter Bluescreen 'DCP Watchdog Violation'.

Gut laptop hat sich neu gestartet. Nachdem ich wieder avast deinstallieren wollte. Selbes Spiel. Laptop zwar nicht eingefroren aber Bluescreen. Startet sich neu, braucht eine halbe Ewigkeit ( vielleicht bin ich auch ungeduldig, wollen wir mal nicht anzweifeln ). Schwarzer Bildschirm, nicht hochgefahren. Nächster bluescreen. 'Driver Corrupted Expool'. Wieder ewigkeiten. Schwarzer Bildschirm. Wieder bluescreen. Wieder 'DCP Watchdog Violation'

Jetzt ist er endlich wieder oben ich mag GRADE aber nichts machen weil ich befürchte sofort wieder einen Bluescreen zu bekommen. ICH vermute dass es an beiden Virenprogramm liegt da der Fehler ist dann aufgetreten ist.
NE Stunde vor dem Problem wurde noch Java installiert in Chrome.


Mein erstes Ziel wäre jetzt avast endlich runter zu schmeißen aber ich vermute ich werde direkt wieder mit einem Bluescreen beschenkt und habe Angst mir alles zu zerschießen was ich grade nicht wirklich brauchen kann da ich über Neujahr dringend mit dem Laptop arbeiten muss.

Wie soll ich vorgehen? Was sagen mir diese Bluescreens? Muss ich sorge haben?
Ich würde auch gerne alle Treiber updaten ( habe ich eigentlich vor kurzen aber heißt ja nichts ) nur ich habe wie gesagt angst vor weiteren abstürzen und möchte eigentlich erst Avast runter haben. Oder doch erst Treiber updaten?

Ich muss dazu sagen ich habe in der ganzen Zeit noch nie einen einzigen Bluescreen mit dem Laptop gehabt. Weder vor noch nach dem Austausch des Mainboards.


Ganz liebe Grüße

Alt 22.12.2014, 18:34   #2
Seven
 
Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool - Standard

Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool Anleitung / Hilfe



Hi und Willkommen

Zitat:
Ich habe langsam ein schlechtes Gewissen und es tut mir unglaublich leid so viel hier zu Fragen.
Aber jetzt ist keine Weihnachtszeit bei mir, nein. Es ist Bluescreenzeit. Und wir freuen uns alle ganz doll ...
dafür sind wir doch hier

Erstelle bitte das Logfile der Bluesreens wie hier beschrieben:
Windows Bluescreen Absturz analysieren und beheben - so geht's - Anleitungen

Das kriegen wir schon hin
__________________

__________________

Alt 22.12.2014, 18:49   #3
liaralia
 
Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool - Standard

Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool Details



Hallo Seven,

danke für die schnelle Antwort.
Ich habe mir BlueScreenView runtergeladen, allerdings hat er darin keine Minidump Files. So wie es scheint ist auch der Minidump File Ordner unter C/Windows wenn ich die Dateigröße betrachte leer.

Ich habe halt vorher den 'Automatischen Neustart durchführen' noch aktiviert und erst jetzt nachdem ich deine Anleitung bekommen habe, deaktiviert. Liegt das vielleicht daran?

Avast ist mittlerweile zum Glück deinstalliert und alles sieht tutti aus, was natürlich absolut nichts heißt zudem wäre es ja ziemlich seltsam wenn sich BlueScreen Probleme selbst heilen würden.
__________________

Alt 22.12.2014, 23:42   #4
Seven
 
Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool - Standard

Lösung: Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool



Zeigt WhoCrashed - Download - Filepony vielleicht etwas an?

Kannst du mal schauen, ob bei Dir das erstellen von Dumps eingeschaltet ist?




Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
- Seven
Das TB unterstützen

Alt 23.12.2014, 16:39   #5
liaralia
 
Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool - Standard

Wie Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool



Hallo Seven, nein WhoCrashed hat auch nichts gefunden. :/

edit./ Hups, ja man sollte es auch vom Desktop aus laufen lassen. Sorry, hier nochmal neu. Weiß zwar nicht ob es einen Unterschied macht, aber egal.

FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
Ran by Julia Katharina (administrator) on JULIA on 23-12-2014 16:50:43
Running from C:\Users\Julia Katharina\Desktop
Loaded Profile: Julia Katharina (Available profiles: Julia Katharina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Spotify Ltd) C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Config.Msi\565b5.rbf
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Julia Katharina\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Spotify Web Helper] => C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [GoogleChromeAutoLaunch_700797C5FD25A9D44CE34EF536B76C0F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Spotify] => C:\Users\Julia Katharina\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2043904 2014-09-29] (RemoteMouse.net)
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-2027014631-3366834958-3693072843-1001 -> DefaultScope {8ED0DBFC-D795-412D-8AD0-7A2B30B7B09B} URL = 
SearchScopes: HKU\S-1-5-21-2027014631-3366834958-3693072843-1001 -> {8ED0DBFC-D795-412D-8AD0-7A2B30B7B09B} URL = 
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF user.js: detected! => C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\user.js
FF Extension: YouTube Unblocker - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-11]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-12-11]
FF Extension: YouTube High Definition - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-11-11]
FF Extension: {bae321f3-cea8-4cea-a66e-995c74d96824} - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{bae321f3-cea8-4cea-a66e-995c74d96824}.xpi [2014-11-11]
FF Extension: Adblock Plus - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-11]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-11]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-22]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-22]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-22]
FF HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
FF Extension: No Name - content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com [Not Found]
FF Extension: No Name - virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com [Not Found]
FF Extension: No Name - online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-12]
CHR Extension: (HD for YouTube™) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-11-12]
CHR Extension: (Google Docs) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-12]
CHR Extension: (Google Drive) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-12]
CHR Extension: (YouTube) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-12]
CHR Extension: (Google-Suche) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-12]
CHR Extension: (Google Tabellen) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-12]
CHR Extension: (AdBlock) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-12]
CHR Extension: (Google Wallet) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-12]
CHR Extension: (YouTube Unblocker) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-11-14]
CHR Extension: (Google Mail) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-12]
CHR HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2014-12-22] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [799944 2014-12-22] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2014-12-22] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2014-12-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S1 KLIM6; \SystemRoot\system32\DRIVERS\klim6.sys [X]
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 16:50 - 2014-12-23 16:50 - 00027123 _____ () C:\Users\Julia Katharina\Desktop\FRST.txt
2014-12-23 16:22 - 2014-12-23 16:23 - 00058765 _____ () C:\Users\Julia Katharina\Downloads\FRST.txt
2014-12-23 16:22 - 2014-12-23 16:23 - 00032839 _____ () C:\Users\Julia Katharina\Downloads\Addition.txt
2014-12-23 16:21 - 2014-12-23 16:50 - 00000000 ____D () C:\FRST
2014-12-23 16:19 - 2014-12-23 16:21 - 02122240 _____ (Farbar) C:\Users\Julia Katharina\Desktop\FRST64.exe
2014-12-23 16:19 - 2014-12-23 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2014-12-23 16:19 - 2014-12-23 16:19 - 00000000 ____D () C:\Program Files\WhoCrashed
2014-12-23 16:17 - 2014-12-23 16:18 - 02668480 _____ (Resplendence Software Projects Sp. ) C:\Users\Julia Katharina\Downloads\whocrashedSetup.exe
2014-12-22 19:06 - 2014-12-22 19:06 - 00001122 _____ () C:\Users\Julia Katharina\Desktop\EVEREST Home Edition.lnk
2014-12-22 19:06 - 2014-12-22 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2014-12-22 19:05 - 2014-12-22 19:05 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-12-22 19:04 - 2014-12-22 19:05 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Julia Katharina\Downloads\everesthome220.exe
2014-12-22 19:03 - 2014-12-22 19:03 - 00001045 _____ () C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 8.5.lnk
2014-12-22 19:03 - 2014-12-22 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 8.5
2014-12-22 19:03 - 2014-12-22 19:03 - 00000000 ____D () C:\Program Files\EaseUS
2014-12-22 18:55 - 2014-12-22 18:56 - 10561416 _____ (EaseUS ) C:\Users\Julia Katharina\Downloads\drw85_free.exe
2014-12-22 18:52 - 2014-12-22 18:56 - 28598072 _____ (TuneUp Software) C:\Users\Julia Katharina\Downloads\TuneUpUtilities2014_34de-DE.exe
2014-12-22 18:43 - 2014-12-22 18:43 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2014-12-22 18:43 - 2014-12-22 18:43 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-12-22 18:42 - 2014-12-22 18:42 - 00141480 _____ () C:\Users\Julia Katharina\Downloads\bluescreenview_152setup.exe
2014-12-22 18:35 - 2014-12-22 18:35 - 00010240 _____ () C:\Users\Julia Katharina\Downloads\test_10k.bin
2014-12-22 17:55 - 2014-12-22 17:58 - 17086240 _____ (IObit) C:\Users\Julia Katharina\Downloads\iobituninstaller41.exe
2014-12-22 17:46 - 2014-12-22 17:46 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-16-46-02.039-AvastVBoxSVC.exe-2436.log
2014-12-22 17:23 - 2014-12-22 17:24 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-16-23-51.053-AvastVBoxSVC.exe-3508.log
2014-12-22 17:09 - 2014-12-22 17:10 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-16-09-12.054-AvastVBoxSVC.exe-3452.log
2014-12-22 17:01 - 2014-12-22 18:14 - 00000000 ____D () C:\WINDOWS\Minidump
2014-12-22 16:52 - 2014-12-22 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-12-22 16:52 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2014-12-22 16:51 - 2014-12-23 16:30 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-22 16:51 - 2014-12-22 16:51 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-12-22 16:50 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klhk.sys
2014-12-22 16:47 - 2014-12-22 16:47 - 00000000 ____D () C:\ProgramData\Sun
2014-12-22 16:47 - 2014-12-22 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-22 16:47 - 2014-12-22 16:46 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-22 16:46 - 2014-12-22 16:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-22 16:46 - 2014-12-22 16:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-22 16:42 - 2014-12-22 16:42 - 00638888 _____ (Oracle Corporation) C:\Users\Julia Katharina\Downloads\chromeinstall-8u25.exe
2014-12-22 16:12 - 2014-12-22 16:48 - 204166464 _____ () C:\Users\Julia Katharina\Downloads\kis15.0.1.415de_6844.exe
2014-12-21 22:05 - 2014-12-21 22:13 - 00325462 _____ () C:\Users\Julia Katharina\Desktop\TOP.aep
2014-12-21 21:10 - 2014-12-21 21:12 - 05855315 _____ () C:\Users\Julia Katharina\Desktop\TOP.wmv
2014-12-21 21:00 - 2014-12-21 21:00 - 00025496 _____ () C:\Users\Julia Katharina\Desktop\TOP.veg
2014-12-21 20:44 - 2014-12-21 20:44 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Neue Helvetica
2014-12-21 20:44 - 2014-12-21 20:44 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Helvetica World
2014-12-21 20:44 - 2014-12-21 20:44 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Helvetica
2014-12-21 19:46 - 2014-12-21 19:46 - 00013712 _____ () C:\Users\Julia Katharina\Downloads\Sony Vegas Coloring #9 [ Seaside ].veg
2014-12-21 19:45 - 2014-12-21 19:45 - 00013840 _____ () C:\Users\Julia Katharina\Downloads\Sony Vegas Coloring #11 [ Menschen sind wie Lieder ].veg
2014-12-21 19:39 - 2014-12-21 19:39 - 00001313 _____ () C:\Users\Julia Katharina\Documents\iste1.txt
2014-12-19 18:19 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-19 18:19 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-17 10:45 - 2014-12-17 11:01 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\DCIM
2014-12-11 15:38 - 2014-12-11 15:39 - 00000197 _____ () C:\WINDOWS\system32\2014-12-11-14-38-30.053-AvastVBoxSVC.exe-3624.log
2014-12-11 15:36 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-11 15:36 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-11 14:50 - 2014-12-11 14:51 - 09041655 _____ () C:\Users\Julia Katharina\Downloads\Screen Glitch - Free Stock Footage.mp4
2014-12-11 14:20 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 14:20 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 14:20 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 14:20 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 14:16 - 2014-12-11 14:17 - 10115550 _____ () C:\Users\Julia Katharina\Downloads\tuts.mov
2014-12-11 14:07 - 2014-12-11 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2014-12-11 14:07 - 2014-12-11 14:09 - 00000000 ____D () C:\Program Files\NewBlue
2014-12-11 14:07 - 2014-12-11 14:09 - 00000000 ____D () C:\Program Files (x86)\NewBlue
2014-12-11 14:00 - 2014-12-21 16:38 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\LooksBuilder
2014-12-11 13:35 - 2014-10-13 03:43 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 13:35 - 2014-10-13 03:43 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 13:35 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 13:35 - 2014-10-13 03:43 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 13:34 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 13:34 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 13:34 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 13:34 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 13:34 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 13:34 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 13:34 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 13:34 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 13:34 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 13:34 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 13:34 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 13:34 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 13:34 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 13:34 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 13:34 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 13:34 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 13:34 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 13:34 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 13:34 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 13:34 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 13:34 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 13:34 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 13:34 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 13:34 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 13:34 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 13:34 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 13:34 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 13:34 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 13:34 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 13:34 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 13:34 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 13:34 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 13:34 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 13:34 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 13:34 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 13:34 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 13:34 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 13:34 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 13:34 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 13:34 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 13:34 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 13:34 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 13:34 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 13:27 - 2014-12-11 14:06 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\musik
2014-12-11 13:21 - 2014-12-11 13:21 - 00000000 ____D () C:\Users\Public\Documents\Red Giant
2014-12-11 13:21 - 2014-12-11 13:21 - 00000000 ____D () C:\Users\Public\Documents\Knoll Software
2014-12-11 13:01 - 2014-12-11 13:01 - 00004234 _____ () C:\WINDOWS\System32\Tasks\Red Giant Link
2014-12-11 13:01 - 2014-12-11 13:01 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Red Giant Link
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\Program Files\Magic Bullet Looks Vegas
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\Program Files (x86)\Red Giant Link
2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder
2014-12-11 12:48 - 2014-12-11 13:21 - 00000000 ____D () C:\ProgramData\RedGiant
2014-12-11 12:45 - 2014-12-11 12:45 - 00000000 ____D () C:\ProgramData\REVisionEffects
2014-12-11 12:45 - 2014-12-11 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REVisionEffects
2014-12-11 12:25 - 2014-12-11 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-11 12:24 - 2014-12-11 12:25 - 05532869 _____ () C:\Users\Julia Katharina\Downloads\Headlock.rar
2014-12-11 12:23 - 2014-12-11 12:23 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2014-12-11 12:22 - 2014-12-11 12:25 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-12-11 12:22 - 2014-12-11 12:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-11 12:21 - 2014-12-11 12:26 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\DVDVideoSoft
2014-12-11 12:20 - 2014-12-11 12:20 - 03529352 _____ (DVDVideoSoft Ltd. ) C:\Users\Julia Katharina\Downloads\FreeStudio.exe
2014-12-09 20:42 - 2014-12-09 20:42 - 03981488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-12-07 17:19 - 2014-12-07 17:19 - 23573675 _____ () C:\Users\Julia Katharina\Downloads\discord part 7 (liaralia).wmv
2014-12-07 15:46 - 2014-12-07 15:46 - 00000968 _____ () C:\Users\Julia Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2014-12-07 15:44 - 2014-12-07 15:47 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\osu!
2014-12-07 15:44 - 2014-12-07 15:44 - 03160648 _____ (ppy) C:\Users\Julia Katharina\Downloads\osu!install.exe
2014-12-07 15:44 - 2014-12-07 15:44 - 00000000 ____D () C:\Users\Julia Katharina\Downloads\Localisation
2014-12-07 14:42 - 2014-12-07 14:42 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-12-06 23:21 - 2014-12-06 23:24 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-22-21-15.091-AvastVBoxSVC.exe-4460.log
2014-12-06 23:14 - 2014-12-06 23:14 - 00003434 _____ () C:\WINDOWS\System32\Tasks\Settings
2014-12-06 23:13 - 2014-12-06 23:14 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-22-13-45.088-AvastVBoxSVC.exe-3968.log
2014-12-06 23:13 - 2014-12-06 23:13 - 00001216 _____ () C:\Users\Julia Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2014-12-06 22:51 - 2014-12-06 22:51 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-06 22:49 - 2014-07-07 19:55 - 00000008 _____ () C:\WINDOWS\system32\Drivers\rtkhdaud.dat
2014-12-06 22:48 - 2014-07-21 21:28 - 04016216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-12-06 22:48 - 2014-07-21 13:52 - 01279373 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-12-06 22:48 - 2014-07-07 14:07 - 02860760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-12-06 22:48 - 2014-07-04 11:07 - 01024728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-12-06 22:48 - 2014-06-17 13:32 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2014-12-06 22:48 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-12-06 22:48 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-12-06 22:48 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-12-06 22:48 - 2014-02-06 11:28 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2014-12-06 22:48 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2014-12-06 22:47 - 2014-07-18 18:10 - 02810736 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2014-12-06 22:47 - 2014-07-18 14:22 - 00955096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-12-06 22:47 - 2014-07-16 14:36 - 67245056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-12-06 22:47 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-12-06 22:47 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2014-12-06 22:47 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-12-06 22:47 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-12-06 22:47 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2014-12-06 22:47 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2014-12-06 22:47 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2014-12-06 22:47 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2014-12-06 22:47 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-12-06 22:47 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-12-06 22:47 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2014-12-06 22:47 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2014-12-06 22:39 - 2014-12-06 22:39 - 00000000 ____D () C:\Program Files\DIFX
2014-12-06 22:36 - 2014-12-06 22:36 - 00003126 _____ () C:\WINDOWS\System32\Tasks\advRecovery
2014-12-06 22:29 - 2014-12-22 18:03 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Skype
2014-12-06 22:29 - 2014-12-22 17:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-06 22:29 - 2014-12-22 17:48 - 00000000 ____D () C:\ProgramData\Skype
2014-12-06 22:29 - 2014-12-06 22:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-12-06 22:29 - 2014-12-06 22:29 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Skype
2014-12-06 22:29 - 2014-12-06 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-06 22:29 - 2013-04-25 18:12 - 09889352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtsUVStoricon.dll
2014-12-06 22:27 - 2013-07-26 15:07 - 00827096 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2014-12-06 22:27 - 2013-07-26 15:07 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2014-12-06 22:26 - 2014-12-06 22:26 - 01806364 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-12-06 22:25 - 2014-12-06 22:25 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Intel Corporation
2014-12-06 22:25 - 2013-07-24 14:57 - 00022832 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2014-12-06 22:24 - 2014-12-06 22:25 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Julia Katharina\Downloads\SkypeSetup.exe
2014-12-06 22:24 - 2014-12-06 22:24 - 00000000 ____D () C:\WINDOWS\RSTLog
2014-12-06 22:14 - 2014-12-06 22:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-12-06 22:08 - 2014-12-06 22:08 - 22850288 _____ () C:\Users\Julia Katharina\Downloads\SWUpdate_2.2.1.0 (1).ZIP
2014-12-06 22:06 - 2014-12-06 22:07 - 22850288 _____ () C:\Users\Julia Katharina\Downloads\SWUpdate_2.2.1.0.ZIP
2014-12-06 21:43 - 2014-12-06 21:45 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-20-43-57.011-AvastVBoxSVC.exe-3880.log
2014-12-06 19:02 - 2014-12-06 19:02 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Publish Providers
2014-12-06 19:01 - 2014-12-06 19:01 - 00002552 _____ () C:\Users\Julia Katharina\Documents\Vegas Pro registrieren.htm
2014-12-06 18:58 - 2014-12-06 18:58 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Sony
2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\ProgramData\Sony
2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\Program Files\Sony
2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-06 18:22 - 2014-12-06 19:02 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Sony
2014-12-06 11:12 - 2014-12-06 11:12 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-10-12-37.093-AvastVBoxSVC.exe-3628.log
2014-12-05 12:42 - 2014-12-05 12:42 - 00000247 _____ () C:\WINDOWS\system32\2014-12-05-11-42-30.066-aswFe.exe-6580.log
2014-12-05 12:34 - 2014-12-05 12:42 - 00000247 _____ () C:\WINDOWS\system32\2014-12-05-11-34-46.071-aswFe.exe-4272.log
2014-12-05 12:31 - 2014-12-05 12:34 - 00000247 _____ () C:\WINDOWS\system32\2014-12-05-11-31-23.002-aswFe.exe-4396.log
2014-12-05 12:31 - 2014-12-05 12:31 - 00000197 _____ () C:\WINDOWS\system32\2014-12-05-11-31-20.024-AvastVBoxSVC.exe-5212.log
2014-12-05 12:22 - 2014-12-05 12:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-12-05 12:22 - 2014-12-05 12:22 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-12-05 12:14 - 2014-12-05 12:14 - 00000000 __SHD () C:\found.003
2014-11-29 16:39 - 2014-11-29 16:39 - 00707224 _____ (Remote Mouse ) C:\Users\Julia Katharina\Downloads\RemoteMouse.exe
2014-11-29 16:39 - 2014-11-29 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2014-11-29 16:39 - 2014-11-29 16:39 - 00000000 ____D () C:\Program Files (x86)\Remote Mouse
2014-11-29 13:23 - 2014-11-29 13:23 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Dropbox
2014-11-29 13:09 - 2014-12-22 18:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-29 13:05 - 2014-11-29 13:07 - 131078000 _____ (AVAST Software) C:\Users\Julia Katharina\Downloads\avast_free_antivirus_setup.exe
2014-11-27 20:52 - 2014-11-27 20:52 - 00000000 __SHD () C:\found.002
2014-11-27 20:52 - 2014-11-27 20:52 - 00000000 __SHD () C:\found.001
2014-11-27 20:52 - 2014-11-27 20:52 - 00000000 __SHD () C:\found.000
2014-11-26 21:01 - 2014-11-26 21:01 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\AirMouse
2014-11-26 21:00 - 2014-12-11 13:03 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Downloaded Installations
2014-11-26 21:00 - 2014-11-26 21:00 - 10247768 _____ (RPA Tech, Inc ) C:\Users\Julia Katharina\Downloads\setup3.2.2.exe
2014-11-26 20:59 - 2014-12-19 16:49 - 00003846 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1417031848
2014-11-26 20:57 - 2014-12-19 16:49 - 00001057 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-11-26 20:55 - 2014-11-26 20:55 - 32532552 _____ (Opera Software) C:\Users\Julia Katharina\Downloads\Opera_26.0.1656.24_Setup.exe
2014-11-23 10:38 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-23 10:38 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-23 10:38 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-23 10:38 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 16:42 - 2014-11-11 15:17 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-23 16:25 - 2014-11-11 08:33 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Spotify
2014-12-23 16:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-22 21:53 - 2014-11-12 09:48 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-22 20:17 - 2014-11-10 11:01 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2027014631-3366834958-3693072843-1001
2014-12-22 18:56 - 2014-11-10 20:23 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-12-22 18:07 - 2013-01-17 08:47 - 00000000 ____D () C:\ProgramData\WinClon
2014-12-22 18:02 - 2014-11-12 09:49 - 00000000 ___RD () C:\Users\Julia Katharina\Google Drive
2014-12-22 18:01 - 2014-11-12 09:47 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-22 18:00 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-22 17:59 - 2014-11-11 17:34 - 00000000 ____D () C:\Users\Julia Katharina
2014-12-22 17:57 - 2014-08-20 18:04 - 00799944 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys
2014-12-22 17:57 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys
2014-12-22 17:57 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwtp.sys
2014-12-22 17:57 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
2014-12-22 17:50 - 2014-11-11 09:16 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Spotify
2014-12-22 17:48 - 2014-11-10 10:55 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Adobe
2014-12-22 17:01 - 2013-08-22 15:44 - 10514768 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-22 16:52 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-22 16:51 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-12-22 16:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-22 16:14 - 2014-11-10 20:34 - 00007620 _____ () C:\Users\Julia Katharina\AppData\Local\Resmon.ResmonCfg
2014-12-22 09:45 - 2014-11-12 17:16 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\vlc
2014-12-21 21:48 - 2014-11-12 16:54 - 00000414 _____ () C:\Users\Julia Katharina\Documents\DesignLibrary_Photoshop.log
2014-12-21 20:45 - 2014-09-24 07:17 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-21 20:45 - 2014-09-24 06:43 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-21 20:45 - 2014-09-24 06:43 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-21 16:36 - 2014-11-19 12:52 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Samsung_Quality_Report
2014-12-19 19:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-19 19:04 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 18:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-19 16:49 - 2014-11-12 09:37 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-11 15:26 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-11 15:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-11 15:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-11 15:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-11 14:37 - 2014-11-11 11:42 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 14:31 - 2014-11-11 11:42 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-11 13:21 - 2013-01-17 08:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-11 13:00 - 2014-11-12 10:26 - 00000000 ____D () C:\Program Files\Adobe
2014-12-09 20:42 - 2014-11-11 15:17 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-07 14:21 - 2014-11-12 13:30 - 00000000 ____D () C:\Users\Julia Katharina\Documents\Adobe
2014-12-06 23:13 - 2013-01-17 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-12-06 23:08 - 2014-11-11 17:27 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-12-06 23:08 - 2014-11-11 17:26 - 00000000 ____D () C:\Program Files\Elantech
2014-12-06 22:52 - 2013-01-17 08:43 - 00000206 _____ () C:\setup.log
2014-12-06 22:52 - 2013-01-17 08:18 - 00002787 _____ () C:\RHDSetup.log
2014-12-06 22:52 - 2013-01-17 08:18 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-12-06 22:50 - 2014-11-11 17:28 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-12-06 22:34 - 2013-01-17 08:20 - 00000000 ____D () C:\Program Files\Samsung
2014-12-06 22:29 - 2013-01-17 08:18 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-12-06 22:24 - 2013-01-17 08:41 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-12-06 22:24 - 2013-01-17 08:19 - 00000000 ____D () C:\ProgramData\Intel
2014-12-06 22:24 - 2013-01-17 08:19 - 00000000 ____D () C:\Program Files\Intel
2014-12-06 22:17 - 2013-01-17 08:41 - 00003936 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2014-12-06 22:17 - 2013-01-17 08:41 - 00003690 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2014-12-06 22:09 - 2013-01-17 08:47 - 00000000 ____D () C:\ProgramData\Samsung
2014-11-29 13:15 - 2013-01-17 08:48 - 00000000 ____D () C:\Users\EasySurvey
2014-11-29 13:15 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-26 20:59 - 2014-11-12 09:37 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Opera Software
2014-11-26 20:59 - 2014-11-12 09:37 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Opera Software

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-21 11:13

==================== End Of Log ============================
         
--- --- ---




ADDITION.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01
Ran by Julia Katharina at 2014-12-23 16:51:11
Running from C:\Users\Julia Katharina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.1.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.1.0.070 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
AMD Catalyst Install Manager (HKLM\...\{77A7CE43-5A1E-8282-931B-E0CC4C075793}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EaseUS Data Recovery Wizard 8.5 (HKLM\...\EaseUS Data Recovery Wizard 8.5_is1) (Version:  - EaseUS)
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{76D21FF6-B4B6-4BE1-A43D-AB01EA6A2B69}) (Version: 11.0.1 - Red Giant)
Effects Suite 64-bit (Version: 11.0.1 - Red Giant) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare X64 11.7.19.9_WHQL (HKLM\...\Elantech) (Version: 11.7.19.9 - ELAN Microelectronic Corp.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free Studio version 6.4.0.1122 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.0.1122 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Keying Suite 64-bit (HKLM-x32\...\InstallShield_{456BB962-D316-40BC-8949-4CEC32F2AA7A}) (Version: 11.0.2 - Red Giant)
Keying Suite 64-bit (Version: 11.0.2 - Red Giant) Hidden
LibreOffice 4.3.3.2 (HKLM-x32\...\{87C753BB-81E3-403B-BD87-6293F870B20B}) (Version: 4.3.3.2 - The Document Foundation)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant)
Magic Bullet Suite 64-bit (Version: 11.4.4 - Red Giant) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 1.4 - NewBlue)
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 2.4 - NewBlue)
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 2.4 - NewBlue)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
OEM Application Profile (HKLM-x32\...\{EE55B368-EBDF-98F3-CFE7-7CE4ADBC4553}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
osu! (HKLM-x32\...\{89f7a08e-cd9f-4ec4-86d7-ee81a2070ea0}) (Version: latest - ppy Pty Ltd)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7299 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.18 - Samsung Electronics CO., LTD.)
Remote Mouse version 2.56 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.56 - Remote Mouse)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.2000 - SRS Labs)
Support Center (HKLM\...\{3EB3E946-FB88-45C2-A19B-410D254657D9}) (Version: 2.1.20 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.6 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version: 12.1.1 - Red Giant)
Trapcode Suite 64-bit (Version: 12.1.1 - Red Giant) Hidden
User Guide (HKLM-x32\...\{66172F70-0BDE-4BAB-A973-E2E4EF501F6D}) (Version: 1.2.00 - Samsung Electronics CO., LTD.)
Vegas Pro 10.0 (64-bit) (HKLM\...\{C71D49C0-11F5-11E0-B8FB-0013D3D69929}) (Version: 10.0.470 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WhoCrashed 5.01 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2027014631-3366834958-3693072843-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

06-12-2014 18:47:39 Removed Vegas Pro 10.0 (64-bit)
11-12-2014 12:52:40 Installed Trapcode Suite 64-bit
19-12-2014 18:19:50 Windows Update
22-12-2014 17:52:07 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1D63BFC5-58FC-4985-AF00-1298B6C77136} - System32\Tasks\Opera scheduled Autoupdate 1417031848 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {33E5A254-FF6F-4EDF-A7C8-8EE9B0F061A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.)
Task: {6A93FA23-05DB-4421-8AF9-6F0AF5BB62F5} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {892E81A8-8BDD-4C78-AD73-2D2A77F4FCA9} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-11-12] (SEC)
Task: {9817CC61-ED33-47ED-A115-6EEE989C26C7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
Task: {C065C0C6-A44B-4F5B-B418-75FB44FF29C3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {CA15129A-1094-40C8-9A23-28DDCE305A24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.)
Task: {CB4846F5-B3D2-47DD-87C7-F9C8C0EB3766} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {DAC83684-33A8-4A0B-A7E8-FD9688313F5D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {DFC4AAEC-BF33-4ABC-9781-A2D9810BBCC6} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
Task: {E190DBC2-7FDA-48B7-9B50-E6DDD9D4557D} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2013-01-02] ()
Task: {E4DCB770-374D-4D9D-96AD-70468D7492FD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {F7A5F1B7-902B-46E1-B302-ACA51103C2C4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-05-09 17:58 - 2013-05-09 17:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2014-11-11 09:16 - 2014-12-11 13:22 - 00374840 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-11-29 16:39 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2014-12-06 22:14 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2013-03-07 12:53 - 2013-03-07 12:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 12:12 - 2011-08-15 12:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-15 12:15 - 2011-08-15 12:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 08:41 - 2011-08-17 08:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-17 08:48 - 2011-08-17 08:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 11:23 - 2011-08-15 11:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2013-03-07 12:55 - 2013-03-07 12:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 12:58 - 2013-03-07 12:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2013-03-07 12:54 - 2013-03-07 12:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 08:05 - 2011-07-19 08:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-15 12:17 - 2011-08-15 12:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-19 08:04 - 2011-07-19 08:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2014-12-19 16:57 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-19 16:57 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-19 16:57 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-19 16:57 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-11-11 09:16 - 2014-12-11 13:22 - 36966968 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\libcef.dll
2014-11-11 09:16 - 2014-12-11 13:22 - 00867896 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-11-11 09:16 - 2014-12-11 13:22 - 00886840 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-11-11 09:16 - 2014-12-11 13:22 - 00108600 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_700797C5FD25A9D44CE34EF536B76C0F"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "Skype"

========================= Accounts: ==========================

Administrator (S-1-5-21-2027014631-3366834958-3693072843-500 - Administrator - Disabled)
Gast (S-1-5-21-2027014631-3366834958-3693072843-501 - Limited - Disabled)
Julia Katharina (S-1-5-21-2027014631-3366834958-3693072843-1001 - Administrator - Enabled) => C:\Users\Julia Katharina

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/22/2014 06:31:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julia)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/22/2014 06:31:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1778

Startzeit: 01d01e0d0f03527f

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\wwahost.exe

Berichts-ID: 5684469f-8a00-11e4-be96-c8f733e8efb7

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (12/22/2014 06:31:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Julia)
Description: Die App „Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (12/21/2014 09:10:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vegas100.exe, Version: 10.0.0.470, Zeitstempel: 0x4d18eee3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0d6c
ID des fehlerhaften Prozesses: 0x4038
Startzeit der fehlerhaften Anwendung: 0xvegas100.exe0
Pfad der fehlerhaften Anwendung: vegas100.exe1
Pfad des fehlerhaften Moduls: vegas100.exe2
Berichtskennung: vegas100.exe3
Vollständiger Name des fehlerhaften Pakets: vegas100.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vegas100.exe5

Error: (12/21/2014 08:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe Premiere Pro.exe, Version: 8.1.0.81, Zeitstempel: 0x5426694c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003fd4b
ID des fehlerhaften Prozesses: 0x3724
Startzeit der fehlerhaften Anwendung: 0xAdobe Premiere Pro.exe0
Pfad der fehlerhaften Anwendung: Adobe Premiere Pro.exe1
Pfad des fehlerhaften Moduls: Adobe Premiere Pro.exe2
Berichtskennung: Adobe Premiere Pro.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe Premiere Pro.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe Premiere Pro.exe5

Error: (12/21/2014 08:57:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vegas100.exe, Version: 10.0.0.470, Zeitstempel: 0x4d18eee3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0d6c
ID des fehlerhaften Prozesses: 0x1188
Startzeit der fehlerhaften Anwendung: 0xvegas100.exe0
Pfad der fehlerhaften Anwendung: vegas100.exe1
Pfad des fehlerhaften Moduls: vegas100.exe2
Berichtskennung: vegas100.exe3
Vollständiger Name des fehlerhaften Pakets: vegas100.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vegas100.exe5

Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/21/2014 07:39:59 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4


System errors:
=============
Error: (12/23/2014 04:12:36 PM) (Source: DCOM) (EventID: 10010) (User: Julia)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/22/2014 07:13:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Lavalys EVEREST Kernel Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (12/22/2014 07:13:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Lavalys EVEREST Kernel Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (12/22/2014 06:37:44 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Ñonnection is not established

Error: (12/22/2014 06:37:44 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Ñonnection is not established

Error: (12/22/2014 06:37:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1

Error: (12/22/2014 06:37:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (12/22/2014 06:31:16 PM) (Source: DCOM) (EventID: 10016) (User: Julia)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JuliaJulia KatharinaS-1-5-21-2027014631-3366834958-3693072843-1001LocalHost (unter Verwendung von LRPC)Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbweS-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330

Error: (12/22/2014 05:44:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F319F1B8-7587-4146-AF9C-0D6D77819BF1}

Error: (12/22/2014 05:43:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Bluetooth OBEX Service" wurde mit folgendem Fehler beendet: 
%%2147500053


Microsoft Office Sessions:
=========================
Error: (12/22/2014 06:31:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julia)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927142

Error: (12/22/2014 06:31:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17031177801d01e0d0f03527f4294967295C:\WINDOWS\system32\wwahost.exe5684469f-8a00-11e4-be96-c8f733e8efb7Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbweApp

Error: (12/22/2014 06:31:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Julia)
Description: Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App

Error: (12/21/2014 09:10:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vegas100.exe10.0.0.4704d18eee3ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c403801d01d589977b712C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exeC:\WINDOWS\SYSTEM32\ntdll.dll57e56871-894d-11e4-be8f-c8f733e8efb7

Error: (12/21/2014 08:59:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Adobe Premiere Pro.exe8.1.0.815426694cntdll.dll6.3.9600.1727853eebd22c0000005000000000003fd4b372401d01d585f35b872C:\Program Files\Adobe\Adobe Premiere Pro CC 2014\Adobe Premiere Pro.exeC:\WINDOWS\SYSTEM32\ntdll.dllcf9b5c22-894b-11e4-be8f-c8f733e8efb7

Error: (12/21/2014 08:57:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vegas100.exe10.0.0.4704d18eee3ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c118801d01d35cba18a67C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exeC:\WINDOWS\SYSTEM32\ntdll.dll8b276f98-894b-11e4-be8f-c8f733e8efb7

Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/21/2014 07:39:59 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4


CodeIntegrity Errors:
===================================
  Date: 2014-12-22 19:13:11.544
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\JULIAK~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-22 19:13:11.444
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3635QM CPU @ 2.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8078.79 MB
Available physical RAM: 5764.45 MB
Total Pagefile: 16270.8 MB
Available Pagefile: 12712.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:908.68 GB) (Free:737.53 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         


Geändert von liaralia (23.12.2014 um 16:55 Uhr)

Alt 23.12.2014, 17:47   #6
Seven
 
Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool - Standard

Wo Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool Lösung!



Bitte solange laufen lassen, bis keine Feher kommen:
http://www.trojaner-board.de/72874-s...eparieren.html

Ansonsten bitte bei nächstem Bluescreen das Log wie oben beschrieben machen
__________________
--> Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool

Antwort

Themen zu Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool
abstürze, abstürzen, bildschirm, bluescreens, brauche, dringend, driver, fehler, fehlercode 0xc0000005, fehlercode 0xc0000374, installiert, kaspersky, langsam, laptop, nichts, problem, programm, schließen, schwarzer bildschirm, treiber, update, updaten



Ähnliche Themen: Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool


  1. DPC-Watchdog-violation - Problem beim Hochfahren
    Alles rund um Windows - 25.08.2015 (2)
  2. Bluescreen - DPC Watchdog Violation
    Log-Analyse und Auswertung - 03.03.2015 (9)
  3. Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS
    Log-Analyse und Auswertung - 08.01.2015 (31)
  4. Windows Internet Watchdog entfernen
    Anleitungen, FAQs & Links - 02.10.2014 (2)
  5. Windows Web Watchdog entfernen
    Anleitungen, FAQs & Links - 02.10.2014 (2)
  6. Driver verifier detected violation, Deinstallation nicht möglich
    Alles rund um Windows - 03.08.2014 (3)
  7. DPC Watchdog Violation
    Log-Analyse und Auswertung - 14.06.2014 (14)
  8. Suspected of copyright violation and unauthorized access to the licensed software.
    Log-Analyse und Auswertung - 28.09.2012 (10)
  9. Was ist das? --> Watchdog.sys
    Alles rund um Windows - 21.10.2011 (4)
  10. watchdog.sys - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 19.06.2011 (27)
  11. Bei Youtube Video anschauen Bluescreen -watchdog.sys
    Plagegeister aller Art und deren Bekämpfung - 30.05.2011 (1)
  12. AP Manager - Copyright violation alert / Urheberrecht-Verletzung
    Anleitungen, FAQs & Links - 02.05.2010 (2)
  13. I-Q Manager - Copyright violation alert / Urheberrecht-Verletzung entfernen
    Anleitungen, FAQs & Links - 20.04.2010 (2)
  14. Acces violation
    Mülltonne - 11.12.2009 (0)
  15. Malformed container violation
    Plagegeister aller Art und deren Bekämpfung - 20.06.2007 (1)
  16. Access-Violation nach Trojaner-Entfernung
    Alles rund um Windows - 21.10.2005 (10)
  17. Access violation
    Archiv - 18.01.2003 (4)

Zum Thema Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool - Ich habe langsam ein schlechtes Gewissen und es tut mir unglaublich leid so viel hier zu Fragen. Aber jetzt ist keine Weihnachtszeit bei mir, nein. Es ist Bluescreenzeit. Und wir - Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool...
Archiv
Du betrachtest: Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.