|
Alles rund um Windows: Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted ExpoolWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
22.12.2014, 17:51 | #1 |
| Problem: Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool Ich habe langsam ein schlechtes Gewissen und es tut mir unglaublich leid so viel hier zu Fragen. Aber jetzt ist keine Weihnachtszeit bei mir, nein. Es ist Bluescreenzeit. Und wir freuen uns alle ganz doll ... System ist nach wie vor in Samsung Chronos 7 Serie NP770Z5E Windows 8.1, keine SSD Platte, normale Platte. Seit ca einer Dreiviertelstunde würde ich das Teil am liebsten gegen die Wand klatschen. Mein Vater hat eben kaspersky runtergeladen und installiert ( er hat nicht wie ich ihm gesagt habe erst Avast deinstallieren ). Nachdem ich dann Kaspersky schließen wollte und avast deinstallieren wollte hat sich der gesamte laptop eingefroren. Sofort besagter Bluescreen 'DCP Watchdog Violation'. Gut laptop hat sich neu gestartet. Nachdem ich wieder avast deinstallieren wollte. Selbes Spiel. Laptop zwar nicht eingefroren aber Bluescreen. Startet sich neu, braucht eine halbe Ewigkeit ( vielleicht bin ich auch ungeduldig, wollen wir mal nicht anzweifeln ). Schwarzer Bildschirm, nicht hochgefahren. Nächster bluescreen. 'Driver Corrupted Expool'. Wieder ewigkeiten. Schwarzer Bildschirm. Wieder bluescreen. Wieder 'DCP Watchdog Violation' Jetzt ist er endlich wieder oben ich mag GRADE aber nichts machen weil ich befürchte sofort wieder einen Bluescreen zu bekommen. ICH vermute dass es an beiden Virenprogramm liegt da der Fehler ist dann aufgetreten ist. NE Stunde vor dem Problem wurde noch Java installiert in Chrome. Mein erstes Ziel wäre jetzt avast endlich runter zu schmeißen aber ich vermute ich werde direkt wieder mit einem Bluescreen beschenkt und habe Angst mir alles zu zerschießen was ich grade nicht wirklich brauchen kann da ich über Neujahr dringend mit dem Laptop arbeiten muss. Wie soll ich vorgehen? Was sagen mir diese Bluescreens? Muss ich sorge haben? Ich würde auch gerne alle Treiber updaten ( habe ich eigentlich vor kurzen aber heißt ja nichts ) nur ich habe wie gesagt angst vor weiteren abstürzen und möchte eigentlich erst Avast runter haben. Oder doch erst Treiber updaten? Ich muss dazu sagen ich habe in der ganzen Zeit noch nie einen einzigen Bluescreen mit dem Laptop gehabt. Weder vor noch nach dem Austausch des Mainboards. Ganz liebe Grüße |
22.12.2014, 18:34 | #2 | |
| Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool Anleitung / Hilfe Hi und Willkommen
__________________Zitat:
Erstelle bitte das Logfile der Bluesreens wie hier beschrieben: Windows Bluescreen Absturz analysieren und beheben - so geht's - Anleitungen Das kriegen wir schon hin
__________________ |
22.12.2014, 18:49 | #3 |
| Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool Details Hallo Seven,
__________________danke für die schnelle Antwort. Ich habe mir BlueScreenView runtergeladen, allerdings hat er darin keine Minidump Files. So wie es scheint ist auch der Minidump File Ordner unter C/Windows wenn ich die Dateigröße betrachte leer. Ich habe halt vorher den 'Automatischen Neustart durchführen' noch aktiviert und erst jetzt nachdem ich deine Anleitung bekommen habe, deaktiviert. Liegt das vielleicht daran? Avast ist mittlerweile zum Glück deinstalliert und alles sieht tutti aus, was natürlich absolut nichts heißt zudem wäre es ja ziemlich seltsam wenn sich BlueScreen Probleme selbst heilen würden. |
22.12.2014, 23:42 | #4 |
| Lösung: Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool Zeigt WhoCrashed - Download - Filepony vielleicht etwas an? Kannst du mal schauen, ob bei Dir das erstellen von Dumps eingeschaltet ist? Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ - Seven Das TB unterstützen |
23.12.2014, 16:39 | #5 |
| Wie Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool Hallo Seven, nein WhoCrashed hat auch nichts gefunden. :/ edit./ Hups, ja man sollte es auch vom Desktop aus laufen lassen. Sorry, hier nochmal neu. Weiß zwar nicht ob es einen Unterschied macht, aber egal. FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01 Ran by Julia Katharina (administrator) on JULIA on 23-12-2014 16:50:43 Running from C:\Users\Julia Katharina\Desktop Loaded Profile: Julia Katharina (Available profiles: Julia Katharina) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (Spotify Ltd) C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Config.Msi\565b5.rbf (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Julia Katharina\AppData\Roaming\Spotify\spotify.exe () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1389936 2014-07-18] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Spotify Web Helper] => C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd) HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google) HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [GoogleChromeAutoLaunch_700797C5FD25A9D44CE34EF536B76C0F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.) HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Spotify] => C:\Users\Julia Katharina\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd) HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2043904 2014-09-29] (RemoteMouse.net) HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com SearchScopes: HKU\S-1-5-21-2027014631-3366834958-3693072843-1001 -> DefaultScope {8ED0DBFC-D795-412D-8AD0-7A2B30B7B09B} URL = SearchScopes: HKU\S-1-5-21-2027014631-3366834958-3693072843-1001 -> {8ED0DBFC-D795-412D-8AD0-7A2B30B7B09B} URL = BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll () FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com () FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com () FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF user.js: detected! => C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\user.js FF Extension: YouTube Unblocker - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-11] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-12-11] FF Extension: YouTube High Definition - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-11-11] FF Extension: {bae321f3-cea8-4cea-a66e-995c74d96824} - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{bae321f3-cea8-4cea-a66e-995c74d96824}.xpi [2014-11-11] FF Extension: Adblock Plus - C:\Users\Julia Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\m40jld03.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-11] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-11] FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-22] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-22] FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-22] FF HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-11] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] FF Extension: No Name - content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com [Not Found] FF Extension: No Name - virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com [Not Found] FF Extension: No Name - online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com [Not Found] Chrome: ======= CHR Profile: C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-12] CHR Extension: (HD for YouTube™) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-11-12] CHR Extension: (Google Docs) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-12] CHR Extension: (Google Drive) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-12] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-12] CHR Extension: (YouTube) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-12] CHR Extension: (Google-Suche) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-12] CHR Extension: (Google Tabellen) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-12] CHR Extension: (AdBlock) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-12] CHR Extension: (Google Wallet) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-12] CHR Extension: (YouTube Unblocker) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-11-14] CHR Extension: (Google Mail) - C:\Users\Julia Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-12] CHR HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] () R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd) R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [150536 2014-12-22] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [247480 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [799944 2014-12-22] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [68616 2014-12-22] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [77512 2014-12-22] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation) R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider) S1 KLIM6; \SystemRoot\system32\DRIVERS\klim6.sys [X] U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-23 16:50 - 2014-12-23 16:50 - 00027123 _____ () C:\Users\Julia Katharina\Desktop\FRST.txt 2014-12-23 16:22 - 2014-12-23 16:23 - 00058765 _____ () C:\Users\Julia Katharina\Downloads\FRST.txt 2014-12-23 16:22 - 2014-12-23 16:23 - 00032839 _____ () C:\Users\Julia Katharina\Downloads\Addition.txt 2014-12-23 16:21 - 2014-12-23 16:50 - 00000000 ____D () C:\FRST 2014-12-23 16:19 - 2014-12-23 16:21 - 02122240 _____ (Farbar) C:\Users\Julia Katharina\Desktop\FRST64.exe 2014-12-23 16:19 - 2014-12-23 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed 2014-12-23 16:19 - 2014-12-23 16:19 - 00000000 ____D () C:\Program Files\WhoCrashed 2014-12-23 16:17 - 2014-12-23 16:18 - 02668480 _____ (Resplendence Software Projects Sp. ) C:\Users\Julia Katharina\Downloads\whocrashedSetup.exe 2014-12-22 19:06 - 2014-12-22 19:06 - 00001122 _____ () C:\Users\Julia Katharina\Desktop\EVEREST Home Edition.lnk 2014-12-22 19:06 - 2014-12-22 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2014-12-22 19:05 - 2014-12-22 19:05 - 00000000 ____D () C:\Program Files (x86)\Lavalys 2014-12-22 19:04 - 2014-12-22 19:05 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Julia Katharina\Downloads\everesthome220.exe 2014-12-22 19:03 - 2014-12-22 19:03 - 00001045 _____ () C:\Users\Public\Desktop\EaseUS Data Recovery Wizard 8.5.lnk 2014-12-22 19:03 - 2014-12-22 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 8.5 2014-12-22 19:03 - 2014-12-22 19:03 - 00000000 ____D () C:\Program Files\EaseUS 2014-12-22 18:55 - 2014-12-22 18:56 - 10561416 _____ (EaseUS ) C:\Users\Julia Katharina\Downloads\drw85_free.exe 2014-12-22 18:52 - 2014-12-22 18:56 - 28598072 _____ (TuneUp Software) C:\Users\Julia Katharina\Downloads\TuneUpUtilities2014_34de-DE.exe 2014-12-22 18:43 - 2014-12-22 18:43 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView 2014-12-22 18:43 - 2014-12-22 18:43 - 00000000 ____D () C:\Program Files (x86)\NirSoft 2014-12-22 18:42 - 2014-12-22 18:42 - 00141480 _____ () C:\Users\Julia Katharina\Downloads\bluescreenview_152setup.exe 2014-12-22 18:35 - 2014-12-22 18:35 - 00010240 _____ () C:\Users\Julia Katharina\Downloads\test_10k.bin 2014-12-22 17:55 - 2014-12-22 17:58 - 17086240 _____ (IObit) C:\Users\Julia Katharina\Downloads\iobituninstaller41.exe 2014-12-22 17:46 - 2014-12-22 17:46 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-16-46-02.039-AvastVBoxSVC.exe-2436.log 2014-12-22 17:23 - 2014-12-22 17:24 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-16-23-51.053-AvastVBoxSVC.exe-3508.log 2014-12-22 17:09 - 2014-12-22 17:10 - 00000197 _____ () C:\WINDOWS\system32\2014-12-22-16-09-12.054-AvastVBoxSVC.exe-3452.log 2014-12-22 17:01 - 2014-12-22 18:14 - 00000000 ____D () C:\WINDOWS\Minidump 2014-12-22 16:52 - 2014-12-22 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2014-12-22 16:52 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2014-12-22 16:51 - 2014-12-23 16:30 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-12-22 16:51 - 2014-12-22 16:51 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-12-22 16:50 - 2014-08-12 18:32 - 00247480 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klhk.sys 2014-12-22 16:47 - 2014-12-22 16:47 - 00000000 ____D () C:\ProgramData\Sun 2014-12-22 16:47 - 2014-12-22 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-22 16:47 - 2014-12-22 16:46 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-12-22 16:46 - 2014-12-22 16:46 - 00000000 ____D () C:\ProgramData\Oracle 2014-12-22 16:46 - 2014-12-22 16:46 - 00000000 ____D () C:\Program Files (x86)\Java 2014-12-22 16:42 - 2014-12-22 16:42 - 00638888 _____ (Oracle Corporation) C:\Users\Julia Katharina\Downloads\chromeinstall-8u25.exe 2014-12-22 16:12 - 2014-12-22 16:48 - 204166464 _____ () C:\Users\Julia Katharina\Downloads\kis15.0.1.415de_6844.exe 2014-12-21 22:05 - 2014-12-21 22:13 - 00325462 _____ () C:\Users\Julia Katharina\Desktop\TOP.aep 2014-12-21 21:10 - 2014-12-21 21:12 - 05855315 _____ () C:\Users\Julia Katharina\Desktop\TOP.wmv 2014-12-21 21:00 - 2014-12-21 21:00 - 00025496 _____ () C:\Users\Julia Katharina\Desktop\TOP.veg 2014-12-21 20:44 - 2014-12-21 20:44 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Neue Helvetica 2014-12-21 20:44 - 2014-12-21 20:44 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Helvetica World 2014-12-21 20:44 - 2014-12-21 20:44 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Helvetica 2014-12-21 19:46 - 2014-12-21 19:46 - 00013712 _____ () C:\Users\Julia Katharina\Downloads\Sony Vegas Coloring #9 [ Seaside ].veg 2014-12-21 19:45 - 2014-12-21 19:45 - 00013840 _____ () C:\Users\Julia Katharina\Downloads\Sony Vegas Coloring #11 [ Menschen sind wie Lieder ].veg 2014-12-21 19:39 - 2014-12-21 19:39 - 00001313 _____ () C:\Users\Julia Katharina\Documents\iste1.txt 2014-12-19 18:19 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2014-12-19 18:19 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2014-12-17 10:45 - 2014-12-17 11:01 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\DCIM 2014-12-11 15:38 - 2014-12-11 15:39 - 00000197 _____ () C:\WINDOWS\system32\2014-12-11-14-38-30.053-AvastVBoxSVC.exe-3624.log 2014-12-11 15:36 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-12-11 15:36 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-11 14:50 - 2014-12-11 14:51 - 09041655 _____ () C:\Users\Julia Katharina\Downloads\Screen Glitch - Free Stock Footage.mp4 2014-12-11 14:20 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll 2014-12-11 14:20 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll 2014-12-11 14:20 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2014-12-11 14:20 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2014-12-11 14:16 - 2014-12-11 14:17 - 10115550 _____ () C:\Users\Julia Katharina\Downloads\tuts.mov 2014-12-11 14:07 - 2014-12-11 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2014-12-11 14:07 - 2014-12-11 14:09 - 00000000 ____D () C:\Program Files\NewBlue 2014-12-11 14:07 - 2014-12-11 14:09 - 00000000 ____D () C:\Program Files (x86)\NewBlue 2014-12-11 14:00 - 2014-12-21 16:38 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\LooksBuilder 2014-12-11 13:35 - 2014-10-13 03:43 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2014-12-11 13:35 - 2014-10-13 03:43 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2014-12-11 13:35 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-12-11 13:35 - 2014-10-13 03:43 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-12-11 13:34 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-12-11 13:34 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-12-11 13:34 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-12-11 13:34 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-12-11 13:34 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-12-11 13:34 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-12-11 13:34 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-12-11 13:34 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-12-11 13:34 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-12-11 13:34 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-12-11 13:34 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2014-12-11 13:34 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-12-11 13:34 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-12-11 13:34 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-12-11 13:34 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-12-11 13:34 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2014-12-11 13:34 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-12-11 13:34 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2014-12-11 13:34 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-12-11 13:34 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-12-11 13:34 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-12-11 13:34 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-12-11 13:34 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-12-11 13:34 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-12-11 13:34 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2014-12-11 13:34 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-12-11 13:34 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-12-11 13:34 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2014-12-11 13:34 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-12-11 13:34 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2014-12-11 13:34 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-12-11 13:34 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-12-11 13:34 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-12-11 13:34 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-12-11 13:34 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-12-11 13:34 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-12-11 13:34 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-12-11 13:34 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-12-11 13:34 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-12-11 13:34 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2014-12-11 13:34 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2014-12-11 13:34 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-12-11 13:34 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-12-11 13:27 - 2014-12-11 14:06 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\musik 2014-12-11 13:21 - 2014-12-11 13:21 - 00000000 ____D () C:\Users\Public\Documents\Red Giant 2014-12-11 13:21 - 2014-12-11 13:21 - 00000000 ____D () C:\Users\Public\Documents\Knoll Software 2014-12-11 13:01 - 2014-12-11 13:01 - 00004234 _____ () C:\WINDOWS\System32\Tasks\Red Giant Link 2014-12-11 13:01 - 2014-12-11 13:01 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Red Giant Link 2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant 2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks 2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\Program Files\Magic Bullet Looks Vegas 2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\Program Files (x86)\Red Giant Link 2014-12-11 13:00 - 2014-12-11 13:00 - 00000000 ____D () C:\Program Files (x86)\LooksBuilder 2014-12-11 12:48 - 2014-12-11 13:21 - 00000000 ____D () C:\ProgramData\RedGiant 2014-12-11 12:45 - 2014-12-11 12:45 - 00000000 ____D () C:\ProgramData\REVisionEffects 2014-12-11 12:45 - 2014-12-11 12:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REVisionEffects 2014-12-11 12:25 - 2014-12-11 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2014-12-11 12:24 - 2014-12-11 12:25 - 05532869 _____ () C:\Users\Julia Katharina\Downloads\Headlock.rar 2014-12-11 12:23 - 2014-12-11 12:23 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2014-12-11 12:22 - 2014-12-11 12:25 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2014-12-11 12:22 - 2014-12-11 12:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-12-11 12:21 - 2014-12-11 12:26 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\DVDVideoSoft 2014-12-11 12:20 - 2014-12-11 12:20 - 03529352 _____ (DVDVideoSoft Ltd. ) C:\Users\Julia Katharina\Downloads\FreeStudio.exe 2014-12-09 20:42 - 2014-12-09 20:42 - 03981488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2014-12-07 17:19 - 2014-12-07 17:19 - 23573675 _____ () C:\Users\Julia Katharina\Downloads\discord part 7 (liaralia).wmv 2014-12-07 15:46 - 2014-12-07 15:46 - 00000968 _____ () C:\Users\Julia Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk 2014-12-07 15:44 - 2014-12-07 15:47 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\osu! 2014-12-07 15:44 - 2014-12-07 15:44 - 03160648 _____ (ppy) C:\Users\Julia Katharina\Downloads\osu!install.exe 2014-12-07 15:44 - 2014-12-07 15:44 - 00000000 ____D () C:\Users\Julia Katharina\Downloads\Localisation 2014-12-07 14:42 - 2014-12-07 14:42 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-12-06 23:21 - 2014-12-06 23:24 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-22-21-15.091-AvastVBoxSVC.exe-4460.log 2014-12-06 23:14 - 2014-12-06 23:14 - 00003434 _____ () C:\WINDOWS\System32\Tasks\Settings 2014-12-06 23:13 - 2014-12-06 23:14 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-22-13-45.088-AvastVBoxSVC.exe-3968.log 2014-12-06 23:13 - 2014-12-06 23:13 - 00001216 _____ () C:\Users\Julia Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk 2014-12-06 22:51 - 2014-12-06 22:51 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-12-06 22:49 - 2014-07-07 19:55 - 00000008 _____ () C:\WINDOWS\system32\Drivers\rtkhdaud.dat 2014-12-06 22:48 - 2014-07-21 21:28 - 04016216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2014-12-06 22:48 - 2014-07-21 13:52 - 01279373 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2014-12-06 22:48 - 2014-07-07 14:07 - 02860760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2014-12-06 22:48 - 2014-07-04 11:07 - 01024728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2014-12-06 22:48 - 2014-06-17 13:32 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2014-12-06 22:48 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2014-12-06 22:48 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll 2014-12-06 22:48 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2014-12-06 22:48 - 2014-02-06 11:28 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat 2014-12-06 22:48 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2014-12-06 22:47 - 2014-07-18 18:10 - 02810736 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2014-12-06 22:47 - 2014-07-18 14:22 - 00955096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2014-12-06 22:47 - 2014-07-16 14:36 - 67245056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2014-12-06 22:47 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2014-12-06 22:47 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll 2014-12-06 22:47 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll 2014-12-06 22:47 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll 2014-12-06 22:47 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2014-12-06 22:47 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2014-12-06 22:47 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2014-12-06 22:47 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2014-12-06 22:47 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2014-12-06 22:47 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2014-12-06 22:47 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll 2014-12-06 22:47 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll 2014-12-06 22:39 - 2014-12-06 22:39 - 00000000 ____D () C:\Program Files\DIFX 2014-12-06 22:36 - 2014-12-06 22:36 - 00003126 _____ () C:\WINDOWS\System32\Tasks\advRecovery 2014-12-06 22:29 - 2014-12-22 18:03 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Skype 2014-12-06 22:29 - 2014-12-22 17:49 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-12-06 22:29 - 2014-12-22 17:48 - 00000000 ____D () C:\ProgramData\Skype 2014-12-06 22:29 - 2014-12-06 22:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda 2014-12-06 22:29 - 2014-12-06 22:29 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Skype 2014-12-06 22:29 - 2014-12-06 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-12-06 22:29 - 2013-04-25 18:12 - 09889352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtsUVStoricon.dll 2014-12-06 22:27 - 2013-07-26 15:07 - 00827096 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys 2014-12-06 22:27 - 2013-07-26 15:07 - 00074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll 2014-12-06 22:26 - 2014-12-06 22:26 - 01806364 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2014-12-06 22:25 - 2014-12-06 22:25 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Intel Corporation 2014-12-06 22:25 - 2013-07-24 14:57 - 00022832 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys 2014-12-06 22:24 - 2014-12-06 22:25 - 01548384 _____ (Skype Technologies S.A.) C:\Users\Julia Katharina\Downloads\SkypeSetup.exe 2014-12-06 22:24 - 2014-12-06 22:24 - 00000000 ____D () C:\WINDOWS\RSTLog 2014-12-06 22:14 - 2014-12-06 22:14 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2014-12-06 22:08 - 2014-12-06 22:08 - 22850288 _____ () C:\Users\Julia Katharina\Downloads\SWUpdate_2.2.1.0 (1).ZIP 2014-12-06 22:06 - 2014-12-06 22:07 - 22850288 _____ () C:\Users\Julia Katharina\Downloads\SWUpdate_2.2.1.0.ZIP 2014-12-06 21:43 - 2014-12-06 21:45 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-20-43-57.011-AvastVBoxSVC.exe-3880.log 2014-12-06 19:02 - 2014-12-06 19:02 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Publish Providers 2014-12-06 19:01 - 2014-12-06 19:01 - 00002552 _____ () C:\Users\Julia Katharina\Documents\Vegas Pro registrieren.htm 2014-12-06 18:58 - 2014-12-06 18:58 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Sony 2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\ProgramData\Sony 2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\Program Files\Sony 2014-12-06 18:53 - 2014-12-06 18:53 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-12-06 18:22 - 2014-12-06 19:02 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Sony 2014-12-06 11:12 - 2014-12-06 11:12 - 00000197 _____ () C:\WINDOWS\system32\2014-12-06-10-12-37.093-AvastVBoxSVC.exe-3628.log 2014-12-05 12:42 - 2014-12-05 12:42 - 00000247 _____ () C:\WINDOWS\system32\2014-12-05-11-42-30.066-aswFe.exe-6580.log 2014-12-05 12:34 - 2014-12-05 12:42 - 00000247 _____ () C:\WINDOWS\system32\2014-12-05-11-34-46.071-aswFe.exe-4272.log 2014-12-05 12:31 - 2014-12-05 12:34 - 00000247 _____ () C:\WINDOWS\system32\2014-12-05-11-31-23.002-aswFe.exe-4396.log 2014-12-05 12:31 - 2014-12-05 12:31 - 00000197 _____ () C:\WINDOWS\system32\2014-12-05-11-31-20.024-AvastVBoxSVC.exe-5212.log 2014-12-05 12:22 - 2014-12-05 12:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox 2014-12-05 12:22 - 2014-12-05 12:22 - 00000000 ____D () C:\WINDOWS\system32\vbox 2014-12-05 12:14 - 2014-12-05 12:14 - 00000000 __SHD () C:\found.003 2014-11-29 16:39 - 2014-11-29 16:39 - 00707224 _____ (Remote Mouse ) C:\Users\Julia Katharina\Downloads\RemoteMouse.exe 2014-11-29 16:39 - 2014-11-29 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse 2014-11-29 16:39 - 2014-11-29 16:39 - 00000000 ____D () C:\Program Files (x86)\Remote Mouse 2014-11-29 13:23 - 2014-11-29 13:23 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Dropbox 2014-11-29 13:09 - 2014-12-22 18:00 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-11-29 13:05 - 2014-11-29 13:07 - 131078000 _____ (AVAST Software) C:\Users\Julia Katharina\Downloads\avast_free_antivirus_setup.exe 2014-11-27 20:52 - 2014-11-27 20:52 - 00000000 __SHD () C:\found.002 2014-11-27 20:52 - 2014-11-27 20:52 - 00000000 __SHD () C:\found.001 2014-11-27 20:52 - 2014-11-27 20:52 - 00000000 __SHD () C:\found.000 2014-11-26 21:01 - 2014-11-26 21:01 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\AirMouse 2014-11-26 21:00 - 2014-12-11 13:03 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Downloaded Installations 2014-11-26 21:00 - 2014-11-26 21:00 - 10247768 _____ (RPA Tech, Inc ) C:\Users\Julia Katharina\Downloads\setup3.2.2.exe 2014-11-26 20:59 - 2014-12-19 16:49 - 00003846 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1417031848 2014-11-26 20:57 - 2014-12-19 16:49 - 00001057 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-11-26 20:55 - 2014-11-26 20:55 - 32532552 _____ (Opera Software) C:\Users\Julia Katharina\Downloads\Opera_26.0.1656.24_Setup.exe 2014-11-23 10:38 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-11-23 10:38 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-11-23 10:38 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2014-11-23 10:38 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-23 16:42 - 2014-11-11 15:17 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-12-23 16:25 - 2014-11-11 08:33 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Spotify 2014-12-23 16:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-12-22 21:53 - 2014-11-12 09:48 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-22 20:17 - 2014-11-10 11:01 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2027014631-3366834958-3693072843-1001 2014-12-22 18:56 - 2014-11-10 20:23 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-12-22 18:07 - 2013-01-17 08:47 - 00000000 ____D () C:\ProgramData\WinClon 2014-12-22 18:02 - 2014-11-12 09:49 - 00000000 ___RD () C:\Users\Julia Katharina\Google Drive 2014-12-22 18:01 - 2014-11-12 09:47 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-22 18:00 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-12-22 17:59 - 2014-11-11 17:34 - 00000000 ____D () C:\Users\Julia Katharina 2014-12-22 17:57 - 2014-08-20 18:04 - 00799944 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys 2014-12-22 17:57 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-12-22 17:57 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwtp.sys 2014-12-22 17:57 - 2014-07-25 13:13 - 00068616 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys 2014-12-22 17:50 - 2014-11-11 09:16 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Spotify 2014-12-22 17:48 - 2014-11-10 10:55 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Adobe 2014-12-22 17:01 - 2013-08-22 15:44 - 10514768 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-12-22 16:52 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-12-22 16:51 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP 2014-12-22 16:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-12-22 16:14 - 2014-11-10 20:34 - 00007620 _____ () C:\Users\Julia Katharina\AppData\Local\Resmon.ResmonCfg 2014-12-22 09:45 - 2014-11-12 17:16 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\vlc 2014-12-21 21:48 - 2014-11-12 16:54 - 00000414 _____ () C:\Users\Julia Katharina\Documents\DesignLibrary_Photoshop.log 2014-12-21 20:45 - 2014-09-24 07:17 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-21 20:45 - 2014-09-24 06:43 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat 2014-12-21 20:45 - 2014-09-24 06:43 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat 2014-12-21 16:36 - 2014-11-19 12:52 - 00000000 ____D () C:\Users\Julia Katharina\Desktop\Samsung_Quality_Report 2014-12-19 19:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-12-19 19:04 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-12-19 18:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-12-19 16:49 - 2014-11-12 09:37 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-12-11 15:26 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-12-11 15:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS 2014-12-11 15:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS 2014-12-11 15:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2014-12-11 14:37 - 2014-11-11 11:42 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-12-11 14:31 - 2014-11-11 11:42 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-12-11 13:21 - 2013-01-17 08:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-12-11 13:00 - 2014-11-12 10:26 - 00000000 ____D () C:\Program Files\Adobe 2014-12-09 20:42 - 2014-11-11 15:17 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-12-07 14:21 - 2014-11-12 13:30 - 00000000 ____D () C:\Users\Julia Katharina\Documents\Adobe 2014-12-06 23:13 - 2013-01-17 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2014-12-06 23:08 - 2014-11-11 17:27 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-12-06 23:08 - 2014-11-11 17:26 - 00000000 ____D () C:\Program Files\Elantech 2014-12-06 22:52 - 2013-01-17 08:43 - 00000206 _____ () C:\setup.log 2014-12-06 22:52 - 2013-01-17 08:18 - 00002787 _____ () C:\RHDSetup.log 2014-12-06 22:52 - 2013-01-17 08:18 - 00000000 ___HD () C:\Program Files (x86)\Temp 2014-12-06 22:50 - 2014-11-11 17:28 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-12-06 22:34 - 2013-01-17 08:20 - 00000000 ____D () C:\Program Files\Samsung 2014-12-06 22:29 - 2013-01-17 08:18 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-12-06 22:24 - 2013-01-17 08:41 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2014-12-06 22:24 - 2013-01-17 08:19 - 00000000 ____D () C:\ProgramData\Intel 2014-12-06 22:24 - 2013-01-17 08:19 - 00000000 ____D () C:\Program Files\Intel 2014-12-06 22:17 - 2013-01-17 08:41 - 00003936 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d 2014-12-06 22:17 - 2013-01-17 08:41 - 00003690 _____ () C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon 2014-12-06 22:09 - 2013-01-17 08:47 - 00000000 ____D () C:\ProgramData\Samsung 2014-11-29 13:15 - 2013-01-17 08:48 - 00000000 ____D () C:\Users\EasySurvey 2014-11-29 13:15 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated 2014-11-26 20:59 - 2014-11-12 09:37 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Roaming\Opera Software 2014-11-26 20:59 - 2014-11-12 09:37 - 00000000 ____D () C:\Users\Julia Katharina\AppData\Local\Opera Software Files to move or delete: ==================== C:\ProgramData\MakeMarkerFile.exe C:\Users\EasySurvey\EasySurvey.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-21 11:13 ==================== End Of Log ============================ ADDITION.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01 Ran by Julia Katharina at 2014-12-23 16:51:11 Running from C:\Users\Julia Katharina\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.1.1 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.0 - Adobe Systems Incorporated) Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.1.0.070 - Adobe Systems Incorporated) Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated) Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated) AMD Catalyst Install Manager (HKLM\...\{77A7CE43-5A1E-8282-931B-E0CC4C075793}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.) Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden EaseUS Data Recovery Wizard 8.5 (HKLM\...\EaseUS Data Recovery Wizard 8.5_is1) (Version: - EaseUS) Effects Suite 64-bit (HKLM-x32\...\InstallShield_{76D21FF6-B4B6-4BE1-A43D-AB01EA6A2B69}) (Version: 11.0.1 - Red Giant) Effects Suite 64-bit (Version: 11.0.1 - Red Giant) Hidden E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.) ETDWare X64 11.7.19.9_WHQL (HKLM\...\Elantech) (Version: 11.7.19.9 - ELAN Microelectronic Corp.) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Free Studio version 6.4.0.1122 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.0.1122 - DVDVideoSoft Ltd.) Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden Keying Suite 64-bit (HKLM-x32\...\InstallShield_{456BB962-D316-40BC-8949-4CEC32F2AA7A}) (Version: 11.0.2 - Red Giant) Keying Suite 64-bit (Version: 11.0.2 - Red Giant) Hidden LibreOffice 4.3.3.2 (HKLM-x32\...\{87C753BB-81E3-403B-BD87-6293F870B20B}) (Version: 4.3.3.2 - The Document Foundation) Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant) Magic Bullet Suite 64-bit (Version: 11.4.4 - Red Giant) Hidden Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla) Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla) NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 1.4 - NewBlue) NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 2.4 - NewBlue) NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 2.4 - NewBlue) NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - ) OEM Application Profile (HKLM-x32\...\{EE55B368-EBDF-98F3-CFE7-7CE4ADBC4553}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.) Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA) osu! (HKLM-x32\...\{89f7a08e-cd9f-4ec4-86d7-ee81a2070ea0}) (Version: latest - ppy Pty Ltd) PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden RE:Vision Effects Twixtor AE (HKLM\...\Twixtor AE 6.1.0_is1) (Version: 6.1.0 - Team V.R) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7299 - Realtek Semiconductor Corp.) Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.18 - Samsung Electronics CO., LTD.) Remote Mouse version 2.56 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.56 - Remote Mouse) S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB) SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.2000 - SRS Labs) Support Center (HKLM\...\{3EB3E946-FB88-45C2-A19B-410D254657D9}) (Version: 2.1.20 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.6 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.) Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{9528F9CB-29E3-4E33-8BAA-181B336E24F8}) (Version: 12.1.1 - Red Giant) Trapcode Suite 64-bit (Version: 12.1.1 - Red Giant) Hidden User Guide (HKLM-x32\...\{66172F70-0BDE-4BAB-A973-E2E4EF501F6D}) (Version: 1.2.00 - Samsung Electronics CO., LTD.) Vegas Pro 10.0 (64-bit) (HKLM\...\{C71D49C0-11F5-11E0-B8FB-0013D3D69929}) (Version: 10.0.470 - Sony) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WhoCrashed 5.01 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.) WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2027014631-3366834958-3693072843-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 06-12-2014 18:47:39 Removed Vegas Pro 10.0 (64-bit) 11-12-2014 12:52:40 Installed Trapcode Suite 64-bit 19-12-2014 18:19:50 Windows Update 22-12-2014 17:52:07 avast! antivirus system restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1D63BFC5-58FC-4985-AF00-1298B6C77136} - System32\Tasks\Opera scheduled Autoupdate 1417031848 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software) Task: {33E5A254-FF6F-4EDF-A7C8-8EE9B0F061A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.) Task: {6A93FA23-05DB-4421-8AF9-6F0AF5BB62F5} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.) Task: {892E81A8-8BDD-4C78-AD73-2D2A77F4FCA9} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-11-12] (SEC) Task: {9817CC61-ED33-47ED-A115-6EEE989C26C7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation) Task: {C065C0C6-A44B-4F5B-B418-75FB44FF29C3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: {CA15129A-1094-40C8-9A23-28DDCE305A24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-12] (Google Inc.) Task: {CB4846F5-B3D2-47DD-87C7-F9C8C0EB3766} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: {DAC83684-33A8-4A0B-A7E8-FD9688313F5D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated) Task: {DFC4AAEC-BF33-4ABC-9781-A2D9810BBCC6} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.) Task: {E190DBC2-7FDA-48B7-9B50-E6DDD9D4557D} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [2013-01-02] () Task: {E4DCB770-374D-4D9D-96AD-70468D7492FD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04] (Adobe Systems Incorporated) Task: {F7A5F1B7-902B-46E1-B302-ACA51103C2C4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe 2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll 2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2013-05-09 17:58 - 2013-05-09 17:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe 2014-11-11 09:16 - 2014-12-11 13:22 - 00374840 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe 2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll 2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll 2014-11-29 16:39 - 2013-11-19 22:34 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll 2014-12-06 22:14 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2011-08-15 12:12 - 2011-08-15 12:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll 2013-03-07 12:53 - 2013-03-07 12:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll 2011-08-15 12:12 - 2011-08-15 12:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll 2011-08-15 12:15 - 2011-08-15 12:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll 2011-08-17 08:41 - 2011-08-17 08:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll 2011-08-17 08:48 - 2011-08-17 08:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll 2011-08-17 08:48 - 2011-08-17 08:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll 2011-08-15 11:23 - 2011-08-15 11:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll 2013-03-07 12:55 - 2013-03-07 12:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll 2013-03-07 12:58 - 2013-03-07 12:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll 2013-03-07 12:54 - 2013-03-07 12:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll 2011-07-19 08:05 - 2011-07-19 08:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll 2011-08-15 12:17 - 2011-08-15 12:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll 2011-07-19 08:04 - 2011-07-19 08:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll 2014-12-19 16:57 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll 2014-12-19 16:57 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll 2014-12-19 16:57 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-19 16:57 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll 2014-11-11 09:16 - 2014-12-11 13:22 - 36966968 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\libcef.dll 2014-11-11 09:16 - 2014-12-11 13:22 - 00867896 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\ffmpegsumo.dll 2014-11-11 09:16 - 2014-12-11 13:22 - 00886840 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\libglesv2.dll 2014-11-11 09:16 - 2014-12-11 13:22 - 00108600 _____ () C:\Users\Julia Katharina\AppData\Roaming\Spotify\Data\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "Norton Online Backup" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "AdobeBridge" HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_700797C5FD25A9D44CE34EF536B76C0F" HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2027014631-3366834958-3693072843-1001\...\StartupApproved\Run: => "Skype" ========================= Accounts: ========================== Administrator (S-1-5-21-2027014631-3366834958-3693072843-500 - Administrator - Disabled) Gast (S-1-5-21-2027014631-3366834958-3693072843-501 - Limited - Disabled) Julia Katharina (S-1-5-21-2027014631-3366834958-3693072843-1001 - Administrator - Enabled) => C:\Users\Julia Katharina ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/22/2014 06:31:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julia) Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (12/22/2014 06:31:21 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1778 Startzeit: 01d01e0d0f03527f Endzeit: 4294967295 Anwendungspfad: C:\WINDOWS\system32\wwahost.exe Berichts-ID: 5684469f-8a00-11e4-be96-c8f733e8efb7 Vollständiger Name des fehlerhaften Pakets: Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (12/22/2014 06:31:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Julia) Description: Die App „Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet. Error: (12/21/2014 09:10:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: vegas100.exe, Version: 10.0.0.470, Zeitstempel: 0x4d18eee3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000f0d6c ID des fehlerhaften Prozesses: 0x4038 Startzeit der fehlerhaften Anwendung: 0xvegas100.exe0 Pfad der fehlerhaften Anwendung: vegas100.exe1 Pfad des fehlerhaften Moduls: vegas100.exe2 Berichtskennung: vegas100.exe3 Vollständiger Name des fehlerhaften Pakets: vegas100.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vegas100.exe5 Error: (12/21/2014 08:59:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Adobe Premiere Pro.exe, Version: 8.1.0.81, Zeitstempel: 0x5426694c Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000003fd4b ID des fehlerhaften Prozesses: 0x3724 Startzeit der fehlerhaften Anwendung: 0xAdobe Premiere Pro.exe0 Pfad der fehlerhaften Anwendung: Adobe Premiere Pro.exe1 Pfad des fehlerhaften Moduls: Adobe Premiere Pro.exe2 Berichtskennung: Adobe Premiere Pro.exe3 Vollständiger Name des fehlerhaften Pakets: Adobe Premiere Pro.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe Premiere Pro.exe5 Error: (12/21/2014 08:57:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: vegas100.exe, Version: 10.0.0.470, Zeitstempel: 0x4d18eee3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000f0d6c ID des fehlerhaften Prozesses: 0x1188 Startzeit der fehlerhaften Anwendung: 0xvegas100.exe0 Pfad der fehlerhaften Anwendung: vegas100.exe1 Pfad des fehlerhaften Moduls: vegas100.exe2 Berichtskennung: vegas100.exe3 Vollständiger Name des fehlerhaften Pakets: vegas100.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vegas100.exe5 Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (12/21/2014 07:39:59 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4 System errors: ============= Error: (12/23/2014 04:12:36 PM) (Source: DCOM) (EventID: 10010) (User: Julia) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (12/22/2014 07:13:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Lavalys EVEREST Kernel Driver" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (12/22/2014 07:13:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Lavalys EVEREST Kernel Driver" wurde aufgrund folgenden Fehlers nicht gestartet: %%577 Error: (12/22/2014 06:37:44 PM) (Source: KLIF) (EventID: 0) (User: ) Description: Ñonnection is not established Error: (12/22/2014 06:37:44 PM) (Source: KLIF) (EventID: 0) (User: ) Description: Ñonnection is not established Error: (12/22/2014 06:37:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: %%1 Error: (12/22/2014 06:37:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet: %%5 Error: (12/22/2014 06:31:16 PM) (Source: DCOM) (EventID: 10016) (User: Julia) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}JuliaJulia KatharinaS-1-5-21-2027014631-3366834958-3693072843-1001LocalHost (unter Verwendung von LRPC)Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbweS-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330 Error: (12/22/2014 05:44:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {F319F1B8-7587-4146-AF9C-0D6D77819BF1} Error: (12/22/2014 05:43:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Bluetooth OBEX Service" wurde mit folgendem Fehler beendet: %%2147500053 Microsoft Office Sessions: ========================= Error: (12/22/2014 06:31:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Julia) Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927142 Error: (12/22/2014 06:31:21 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.17031177801d01e0d0f03527f4294967295C:\WINDOWS\system32\wwahost.exe5684469f-8a00-11e4-be96-c8f733e8efb7Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbweApp Error: (12/22/2014 06:31:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Julia) Description: Microsoft.BingWeather_3.0.4.249_x64__8wekyb3d8bbwe+App Error: (12/21/2014 09:10:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: vegas100.exe10.0.0.4704d18eee3ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c403801d01d589977b712C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exeC:\WINDOWS\SYSTEM32\ntdll.dll57e56871-894d-11e4-be8f-c8f733e8efb7 Error: (12/21/2014 08:59:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Adobe Premiere Pro.exe8.1.0.815426694cntdll.dll6.3.9600.1727853eebd22c0000005000000000003fd4b372401d01d585f35b872C:\Program Files\Adobe\Adobe Premiere Pro CC 2014\Adobe Premiere Pro.exeC:\WINDOWS\SYSTEM32\ntdll.dllcf9b5c22-894b-11e4-be8f-c8f733e8efb7 Error: (12/21/2014 08:57:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: vegas100.exe10.0.0.4704d18eee3ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c118801d01d35cba18a67C:\Program Files\Sony\Vegas Pro 10.0\vegas100.exeC:\WINDOWS\SYSTEM32\ntdll.dll8b276f98-894b-11e4-be8f-c8f733e8efb7 Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (12/21/2014 07:39:59 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (12/21/2014 07:39:59 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4 CodeIntegrity Errors: =================================== Date: 2014-12-22 19:13:11.544 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\JULIAK~1\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-22 19:13:11.444 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3635QM CPU @ 2.40GHz Percentage of memory in use: 28% Total physical RAM: 8078.79 MB Available physical RAM: 5764.45 MB Total Pagefile: 16270.8 MB Available Pagefile: 12712.92 MB Total Virtual: 131072 MB Available Virtual: 131071.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:908.68 GB) (Free:737.53 GB) NTFS ==================== MBR & Partition Table ================== ==================== End Of Log ============================ Geändert von liaralia (23.12.2014 um 16:55 Uhr) |
23.12.2014, 17:47 | #6 |
| Wo Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool Lösung! Bitte solange laufen lassen, bis keine Feher kommen: http://www.trojaner-board.de/72874-s...eparieren.html Ansonsten bitte bei nächstem Bluescreen das Log wie oben beschrieben machen
__________________ --> Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool |
Themen zu Bluescreenzeit / DCP Watchdog Violation / Driver Corrupted Expool |
abstürze, abstürzen, bildschirm, bluescreens, brauche, dringend, driver, fehler, fehlercode 0xc0000005, fehlercode 0xc0000374, installiert, kaspersky, langsam, laptop, nichts, problem, programm, schließen, schwarzer bildschirm, treiber, update, updaten |