Chrome öffnet automatisch leere Tabs

AlGrande · 23.12.2014, 13:30

Es ist wieder beim Internet explorer

Trotzdem Danke für deine Hilfe

schrauber · 24.12.2014, 13:34

Jetzt ist in Chrome Ruhe, aber der IE öffnet wieder einen leeren Tab? Und es ist immer nur ein leerer Tab, also nix drin?

AlGrande · 26.12.2014, 17:27

Ja.

schrauber · 27.12.2014, 13:12

Langsam bin ich überfragt.

Wenn der leere Tab offen ist nicht schliessen. Dann:
FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.

AlGrande · 02.01.2015, 16:22

Vielleicht öffnet sich das wegen irgendwelchen Tastenkombinationen...

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2015
Ran by AlGrande (administrator) on Name on 02-01-2015 15:19:37
Running from C:\Users\AlGrande\Desktop
Loaded Profile: AlGrande (Available profiles: AlGrande)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(fabi.me) C:\Users\AlGrande\Desktop\SpeedAutoClicker.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_25\bin\java.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3614382932-3873046457-4280037768-1001\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27648 2014-07-17] ()
HKU\S-1-5-21-3614382932-3873046457-4280037768-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3614382932-3873046457-4280037768-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833024 2014-07-17] (ZONER software)
HKU\S-1-5-21-3614382932-3873046457-4280037768-1001\...\Run: [Speed AutoClicker] => C:\Users\AlGrande\Desktop\SpeedAutoClicker.exe [179200 2013-09-24] (fabi.me)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\S-1-5-21-3614382932-3873046457-4280037768-1001 -> {4489FA2C-DF78-43C4-B698-B5A40717CE5F} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-30]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-30]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-30]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-11-30]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-11-30]

Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://www.google.de/", "hxxp://orteil.dashnet.org/cookieclicker/", "hxxp://clickingbad.nullism.com/", "hxxp://pizzaclicker.efekt.sk/", "hxxp://choppin-wood.com/", "hxxp://icecreamstand.ca/", "hxxp://candyclicker.com/", "hxxp://drmeth.com/index.php#", "hxxp://gameoftor.com/", "hxxp://www.minethings.com/", "hxxp://dhmholley.co.uk/civclicker.html", "hxxp://joezeng.github.io/goomyclicker/", "hxxp://speed-warp.net/#", "hxxp://progressquest.com/play/roster.html", "hxxp://castle.chirpingmustard.com/castle.html", "hxxp://candies.aniwey.net/index.php?pass=b9nmv", "hxxp://goldenminer.org/", "hxxp://adarkroom.doublespeakgames.com/", "hxxp://www.digitalchestnut.com/merryclickmas/", "hxxp://www.bluemaskgames.com/NBB/NanoBotBuilder.html", "https://dripstat.com/game/", "hxxp://candybox2.net/?slot=1", "hxxp://www.clickerheroes.com/", "hxxp://bary12.github.io/Computed/", "hxxp://www.gamesbutler.com/game/20892/Idle_Web_Tycoon/", "hxxp://deathraygames.com/play-online/miniLD48/", "hxxp://playlapse.com/bitmine/", "hxxp://soulharvester.neocities.org/", "hxxp://www.shmoggo.com/resource-game/", "hxxp://cakeandturtles.nfshost.com/games/pixelPets.php"
CHR Profile: C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-30]
CHR Extension: (Google Docs) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-30]
CHR Extension: (Google Drive) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-30]
CHR Extension: (YouTube) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-30]
CHR Extension: (Google-Suche) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-30]
CHR Extension: (Google Tabellen) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-30]
CHR Extension: (Little Alchemy) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-11-30]
CHR Extension: (Secure Bookmarks) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocjgngiajhfiikjolfhcpiokgbinep [2014-11-30]
CHR Extension: (Google Wallet) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-30]
CHR Extension: (Google Mail) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-11-14] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2014-12-03] ()
S3 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [183112 2014-12-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-12-02] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-12-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3744256 2012-11-21] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-01] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2014-11-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2014-11-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-07] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-12-02] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 15:10 - 2015-01-02 15:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-02 15:10 - 2015-01-02 15:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-02 15:10 - 2015-01-02 15:10 - 00001413 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-02 15:10 - 2015-01-02 15:10 - 00001401 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-02 15:10 - 2015-01-02 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-02 15:10 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-01-02 15:09 - 2015-01-02 15:09 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\AlGrande\Downloads\spybot-2.4.exe
2015-01-02 15:08 - 2015-01-02 15:08 - 00017447 _____ () C:\Users\AlGrande\Desktop\Addition.txt
2015-01-02 15:06 - 2015-01-02 15:19 - 00018756 _____ () C:\Users\AlGrande\Desktop\FRST.txt
2015-01-02 15:06 - 2015-01-02 15:06 - 00000000 ____D () C:\Users\AlGrande\Desktop\FRST-OlderVersion
2014-12-24 11:35 - 2014-12-24 11:35 - 00000000 ____D () C:\Users\AlGrande\.ssh
2014-12-24 11:28 - 2014-12-24 11:28 - 00000000 ____D () C:\Users\AlGrande\Desktop\Neuer Ordner (3)
2014-12-24 11:26 - 2013-09-30 16:26 - 03050808 _____ () C:\WINDOWS\system32\pwNative.exe
2014-12-24 11:26 - 2013-09-30 16:26 - 00019152 ____N () C:\WINDOWS\system32\pwdrvio.sys
2014-12-24 11:26 - 2013-09-30 16:26 - 00012504 ____N () C:\WINDOWS\system32\pwdspio.sys
2014-12-24 11:25 - 2014-12-24 11:25 - 00001271 _____ () C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk
2014-12-24 11:25 - 2014-12-24 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 8.1.1
2014-12-24 11:25 - 2014-12-24 11:25 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-12-24 11:24 - 2014-12-24 11:24 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\AlGrande\Downloads\pwhe811.exe
2014-12-23 16:50 - 2014-12-23 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2014-12-23 16:50 - 2014-12-23 16:50 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2014-12-23 16:45 - 2014-12-23 17:37 - 00000000 ____D () C:\Users\AlGrande\Documents\Bandicam
2014-12-23 16:45 - 2014-12-23 16:45 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\BANDISOFT
2014-12-23 16:44 - 2014-12-23 16:50 - 00001010 _____ () C:\Users\AlGrande\Desktop\Bandicam.lnk
2014-12-23 16:44 - 2014-12-23 16:50 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-12-23 16:42 - 2014-12-23 16:42 - 09495760 _____ (Bandisoft) C:\Users\AlGrande\Downloads\bd740camsetup.exe
2014-12-16 18:37 - 2015-01-02 13:44 - 00000000 __RDO () C:\Users\AlGrande\OneDrive
2014-12-16 18:26 - 2014-12-16 18:26 - 00000075 __RSH () C:\WINDOWS\CT6STET.BIN
2014-12-16 18:26 - 2014-12-16 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion
2014-12-16 18:25 - 2014-12-16 18:25 - 00000000 ____D () C:\Users\Public\Documents\Reallusion
2014-12-16 18:25 - 2014-12-16 18:25 - 00000000 ____D () C:\Program Files (x86)\Reallusion
2014-12-16 18:24 - 2014-12-16 18:24 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\InstallShield
2014-12-16 18:23 - 2014-12-16 18:24 - 88188712 _____ (Macrovision Corporation) C:\Users\AlGrande\Downloads\crazytalk.exe
2014-12-16 18:12 - 2014-12-16 18:14 - 409542204 _____ () C:\Users\AlGrande\Downloads\CrazyTalk7.zip
2014-12-15 17:40 - 2014-12-15 17:38 - 02166272 _____ () C:\Users\AlGrande\Desktop\adwcleaner_4.105.exe
2014-12-15 17:38 - 2014-12-15 17:38 - 02166272 _____ () C:\Users\AlGrande\Downloads\adwcleaner_4.105.exe
2014-12-15 16:58 - 2014-12-15 16:58 - 00070290 _____ () C:\Users\AlGrande\Downloads\World Downloader [1.7.2] 20140118.zip
2014-12-15 16:56 - 2014-12-15 16:56 - 00085130 _____ () C:\Users\AlGrande\Downloads\TooManyItems-non-Forge-1.8.zip
2014-12-15 16:54 - 2014-12-15 16:54 - 00862484 _____ () C:\Users\AlGrande\Downloads\OptiFine_1.8.1_HD_U_B2.jar
2014-12-14 12:35 - 2014-12-14 12:35 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Maxthon Update
2014-12-14 12:35 - 2014-12-14 12:35 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Maxthon3
2014-12-14 12:35 - 2014-12-14 12:35 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2014-12-14 12:33 - 2014-12-14 12:33 - 41232800 _____ (Maxthon International ltd.) C:\Users\AlGrande\Downloads\mx4.4.3.4000.exe
2014-12-14 11:17 - 2014-12-14 11:21 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Apple Computer
2014-12-14 11:17 - 2014-12-14 11:17 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Apple Computer
2014-12-14 11:17 - 2014-12-14 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\Program Files\iTunes
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\Program Files\iPod
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-14 11:16 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-12-14 11:14 - 2014-12-14 11:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-14 11:14 - 2014-12-14 11:14 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-12-14 11:14 - 2014-12-14 11:14 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Apple
2014-12-14 11:14 - 2014-12-14 11:14 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-12-14 11:13 - 2014-12-14 11:14 - 15016222 _____ ( ) C:\Users\AlGrande\Downloads\ifunbox27_setup.exe
2014-12-14 11:13 - 2014-12-14 11:13 - 00000000 ____D () C:\Program Files\Bonjour
2014-12-14 11:13 - 2014-12-14 11:13 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-12-14 11:12 - 2014-12-14 11:14 - 00000000 ____D () C:\ProgramData\Apple
2014-12-14 11:10 - 2014-12-14 11:11 - 122418480 _____ (Apple Inc.) C:\Users\AlGrande\Downloads\iTunes64Setup.exe
2014-12-13 13:12 - 2014-12-13 13:12 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-11 15:08 - 2014-12-11 15:08 - 00386383 _____ (hxxp://magiclauncher.com) C:\Users\AlGrande\Desktop\MagicLauncher_1.2.5.exe
2014-12-11 14:42 - 2014-12-11 14:42 - 00000000 ___HD () C:\Users\AlGrande\AppData\Roaming\MSEmbed
2014-12-11 14:42 - 2014-12-11 14:42 - 00000000 ___HD () C:\Users\AlGrande\AppData\Roaming\.kbd
2014-12-11 12:12 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 12:12 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 12:12 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 12:12 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 12:00 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-11 12:00 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-11 12:00 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 12:00 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 12:00 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 12:00 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 12:00 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 12:00 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 12:00 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 12:00 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 12:00 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 12:00 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 12:00 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 12:00 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 12:00 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 12:00 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 12:00 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 12:00 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 12:00 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 12:00 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 12:00 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 12:00 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 12:00 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 12:00 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 12:00 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 12:00 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 12:00 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 12:00 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 12:00 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 12:00 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 12:00 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 12:00 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 12:00 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 12:00 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 12:00 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 12:00 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 12:00 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 12:00 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 12:00 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 12:00 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 12:00 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 12:00 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 12:00 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 12:00 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 12:00 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 16:25 - 2014-12-10 16:25 - 00000000 ____D () C:\Users\AlGrande\Desktop\Neuer Ordner
2014-12-10 14:07 - 2014-12-10 14:07 - 00001881 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-12-10 14:07 - 2014-12-10 14:07 - 00001825 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-12-10 14:06 - 2014-12-10 14:11 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-12-10 14:06 - 2014-12-10 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-12-10 14:06 - 2014-12-10 14:06 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-12-10 14:04 - 2014-12-10 14:04 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Bluestacks
2014-12-09 14:34 - 2014-12-09 14:34 - 00000000 ____D () C:\Users\AlGrande\Documents\Incomedia
2014-12-09 14:28 - 2014-12-09 14:36 - 00000000 ____D () C:\Program Files (x86)\WebSite X5 v11 - Home
2014-12-09 14:28 - 2014-12-09 14:28 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Incomedia
2014-12-09 14:25 - 2014-12-09 14:26 - 103683456 _____ (Incomedia s.r.l. ) C:\Users\AlGrande\Downloads\wsx5_home_hmchip912de.exe
2014-12-09 14:24 - 2014-12-09 14:25 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\concept design
2014-12-09 14:24 - 2014-12-09 14:24 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design
2014-12-09 14:24 - 2014-12-09 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\concept design
2014-12-09 14:24 - 2014-12-09 14:24 - 00000000 ____D () C:\Program Files (x86)\concept design
2014-12-09 14:23 - 2014-12-09 14:23 - 05023872 _____ (concept/design GmbH ) C:\Users\AlGrande\Downloads\chip_otv10_setup.exe
2014-12-08 17:11 - 2014-12-09 14:36 - 00000000 ____D () C:\Users\AlGrande\Desktop\Server 1.8 Spigot
2014-12-08 17:01 - 2014-12-08 17:01 - 00000000 ____D () C:\Users\AlGrande\.m2
2014-12-08 16:59 - 2014-12-08 16:59 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-08 16:59 - 2014-12-08 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-12-08 16:58 - 2014-12-08 16:59 - 00000000 ____D () C:\Program Files\Java
2014-12-08 16:56 - 2014-12-08 16:56 - 00001140 _____ () C:\Users\Public\Desktop\Git Bash.lnk
2014-12-08 16:56 - 2014-12-08 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-12-08 16:56 - 2014-12-08 16:56 - 00000000 ____D () C:\Program Files (x86)\Git
2014-12-07 17:03 - 2014-12-13 14:01 - 00000275 _____ () C:\AdwCleanerDebug.txt
2014-12-07 17:03 - 2014-12-07 17:03 - 02153472 _____ () C:\Users\AlGrande\Downloads\AdwCleaner_4.104.exe
2014-12-07 14:35 - 2014-12-07 14:37 - 00068096 ___SH () C:\Users\AlGrande\Downloads\Thumbs.db
2014-12-06 17:35 - 2014-12-06 17:35 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-12-06 13:40 - 2015-01-02 15:06 - 02123264 _____ (Farbar) C:\Users\AlGrande\Desktop\FRST64.exe
2014-12-06 13:31 - 2015-01-02 13:45 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D61B58A8-E970-42CF-A31D-5E5037C85BB4}
2014-12-06 13:31 - 2014-12-06 13:31 - 00000000 __SHD () C:\Users\AlGrande\AppData\Local\EmieUserList
2014-12-06 13:31 - 2014-12-06 13:31 - 00000000 __SHD () C:\Users\AlGrande\AppData\Local\EmieSiteList
2014-12-06 13:31 - 2014-12-06 13:31 - 00000000 __SHD () C:\Users\AlGrande\AppData\Local\EmieBrowserModeList
2014-12-06 13:28 - 2014-12-06 13:28 - 00000000 ____D () C:\Users\AlGrande\Downloads\Neuer Ordner
2014-12-06 13:27 - 2014-12-06 13:27 - 00000000 ___HD () C:\Users\AlGrande\Desktop\.updtmp
2014-12-05 15:54 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-12-05 15:54 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-12-05 15:54 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-12-05 15:54 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-12-05 15:54 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-12-05 15:54 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-12-05 15:54 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-12-05 15:54 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-12-05 15:54 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2014-12-05 15:54 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2014-12-05 15:54 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2014-12-05 15:54 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2014-12-05 15:54 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2014-12-05 15:54 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2014-12-05 15:54 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2014-12-05 15:54 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2014-12-05 15:52 - 2014-12-05 15:54 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-12-05 15:52 - 2014-12-05 15:53 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-12-05 15:19 - 2014-12-22 13:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-05 15:19 - 2014-12-05 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-04 19:08 - 2014-12-07 14:30 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-04 19:08 - 2014-12-04 19:08 - 00001124 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-04 19:07 - 2014-12-04 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-04 19:07 - 2014-12-04 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-04 19:07 - 2014-12-04 19:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-04 19:07 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-04 19:07 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-04 19:07 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-04 12:58 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-12-04 12:58 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-12-04 12:56 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-12-04 12:56 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-12-04 12:56 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-12-04 12:56 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-12-04 12:56 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-12-04 12:56 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-12-04 12:56 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-12-04 12:56 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-12-04 12:56 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-12-04 12:56 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-12-04 12:56 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-12-04 12:56 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-12-04 12:56 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-12-04 12:56 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-12-04 12:56 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-12-04 12:56 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-12-04 12:56 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-12-04 12:56 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-12-04 12:56 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-12-04 12:56 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-12-04 12:56 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-12-04 12:56 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-12-04 12:56 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-12-04 12:56 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-12-04 12:56 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-12-04 12:56 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-12-04 12:56 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-12-04 12:56 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-12-04 12:56 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-12-04 12:56 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-12-04 12:54 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-12-04 12:54 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-12-04 12:54 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-12-04 12:54 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-12-04 12:54 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-12-04 12:54 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-12-04 12:54 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-12-04 12:54 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-12-04 12:52 - 2014-07-10 05:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-12-04 12:45 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-12-04 12:45 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-12-04 12:45 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-12-04 12:45 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-12-04 12:45 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-12-04 12:45 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-12-04 12:45 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-12-04 12:45 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-12-04 12:45 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-12-04 12:45 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-04 12:45 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-12-04 12:45 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-12-04 12:45 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-12-04 12:45 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-12-04 12:45 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-12-04 12:45 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-12-04 12:45 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-12-04 12:45 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-12-04 12:45 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-12-04 12:45 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-12-04 12:45 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-04 12:45 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-12-04 12:45 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-04 12:45 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-12-04 12:45 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-04 12:45 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-12-04 12:45 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-12-04 12:45 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-12-04 12:45 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-12-04 12:45 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-12-04 12:45 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-12-04 12:45 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-12-04 12:45 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-12-04 12:45 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-12-04 12:45 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-12-04 12:45 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-12-04 12:45 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-12-04 12:45 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-12-04 12:45 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-12-04 12:45 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-12-03 20:30 - 2014-12-03 20:50 - 00082039 _____ () C:\Users\AlGrande\Desktop\servers.dat
2014-12-03 19:35 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-12-03 19:35 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-12-03 19:35 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-12-03 19:35 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-12-03 19:28 - 2015-01-02 14:57 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Skype
2014-12-03 19:28 - 2014-12-04 13:28 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-12-03 19:28 - 2014-12-04 13:28 - 00000000 ____D () C:\ProgramData\Skype
2014-12-03 19:28 - 2014-12-04 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-03 19:28 - 2014-12-03 19:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-03 19:28 - 2014-12-03 19:28 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Skype
2014-12-03 19:18 - 2014-12-03 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-03 19:18 - 2014-12-03 19:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-03 15:20 - 2014-12-03 15:20 - 00000000 ____D () C:\Users\AlGrande\Documents\NFS Undercover
2014-12-03 15:19 - 2014-12-03 15:19 - 00183112 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-12-03 15:19 - 2014-12-03 15:19 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-03 15:19 - 2014-12-03 15:19 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\PunkBuster
2014-12-03 15:17 - 2014-12-03 15:17 - 00000000 __RHD () C:\Users\AlGrande\AppData\Roaming\SecuROM
2014-12-03 14:02 - 2014-12-03 14:02 - 00016554 _____ () C:\Users\AlGrande\Documents\et.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 15:19 - 2014-11-29 17:48 - 00000000 ____D () C:\FRST
2015-01-02 15:17 - 2014-05-10 14:29 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\.minecraft
2015-01-02 15:15 - 2014-11-30 16:51 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3614382932-3873046457-4280037768-1001
2015-01-02 14:50 - 2014-11-30 17:45 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-02 14:23 - 2014-12-02 14:32 - 01074762 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-02 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-02 13:59 - 2014-11-30 17:55 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-02 13:43 - 2014-11-30 17:45 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-02 13:40 - 2014-12-02 14:32 - 00000000 _____ () C:\WINDOWS\system32\Drivers\lvuvc.hs
2014-12-24 11:35 - 2014-12-02 14:39 - 00000000 ____D () C:\Users\AlGrande
2014-12-23 16:50 - 2014-12-02 18:49 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\CrashDumps
2014-12-22 14:09 - 2013-08-22 15:46 - 00289205 _____ () C:\WINDOWS\setupact.log
2014-12-22 13:04 - 2014-09-24 07:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-22 13:04 - 2014-09-24 06:43 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-22 13:04 - 2014-09-24 06:43 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-21 13:36 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 12:15 - 2014-10-23 16:56 - 00000000 ____D () C:\Users\AlGrande\Desktop\server 1.7.10
2014-12-18 13:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-18 12:50 - 2014-07-19 16:52 - 00000000 ____D () C:\Pylo
2014-12-17 14:53 - 2014-10-23 17:25 - 00000182 _____ () C:\Users\AlGrande\Desktop\Serverstart.bat
2014-12-16 18:39 - 2014-11-30 16:45 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Packages
2014-12-16 18:25 - 2014-12-01 16:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-16 14:25 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-15 17:41 - 2014-11-28 13:01 - 00000000 ____D () C:\AdwCleaner
2014-12-14 15:54 - 2014-09-23 22:06 - 00012886 _____ () C:\WINDOWS\PFRO.log
2014-12-13 13:51 - 2014-11-30 17:45 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-13 13:13 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-13 13:12 - 2014-09-24 08:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-13 13:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-13 13:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-13 13:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 15:23 - 2014-11-30 20:07 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-12 15:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-12 15:19 - 2014-11-30 20:06 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-10 14:08 - 2014-12-01 13:16 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-12-10 14:07 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-09 14:28 - 2014-12-02 14:32 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-07 17:06 - 2014-11-30 19:54 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\LogMeIn Hamachi
2014-12-07 15:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-07 14:28 - 2014-12-02 19:47 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Ximagic
2014-12-07 13:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-12-06 17:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-06 14:07 - 2014-12-02 17:42 - 00020480 ___SH () C:\Users\AlGrande\Desktop\Thumbs.db
2014-12-04 19:20 - 2014-12-02 14:32 - 00008201 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-12-04 18:51 - 2014-11-30 18:43 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Notepad++
2014-12-03 14:00 - 2014-11-30 17:47 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Microsoft Help
2014-12-03 13:22 - 2014-12-02 19:30 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\mehdiplugins
2014-12-03 12:49 - 2014-12-02 14:28 - 00000000 ___DC () C:\WINDOWS\Panther

Some content of TEMP:
====================
C:\Users\AlGrande\AppData\Local\Temp\bdcam_0.dll
C:\Users\AlGrande\AppData\Local\Temp\bdfilters.dll
C:\Users\AlGrande\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-20-g0b2ed13-b3108jnks.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Bukkit-a646500.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Spigot-1642.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Spigot-1649.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Spigot-b8f6402-a646500.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64.dll
C:\Users\AlGrande\AppData\Local\Temp\onOneWait.exe
C:\Users\AlGrande\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-21 13:27

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2015
Ran by AlGrande at 2015-01-02 15:20:00
Running from C:\Users\AlGrande\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{F4C71C2A-F068-8EEB-61AE-EA4707C57A1B}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.1.419 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
concept/design onlineTV 10 (HKLM-x32\...\{DCAB9AAC-1D1C-4B94-99B7-AA7D2617BD64}_is1) (Version: 10.6.0.0 - concept/design GmbH)
CrazyTalk v6.21 SE (HKLM-x32\...\{60CE924D-12CB-4A96-8B75-18F92CE1D585}) (Version: 6.21.2325.1 - Reallusion)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Git version 1.9.4-preview20140929 (HKLM-x32\...\Git_is1) (Version: 1.9.4-preview20140929 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.279 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.279 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.3.4000 - Maxthon International Limited)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_DE_is1) (Version: 16.0.1.8 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3614382932-3873046457-4280037768-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points  =========================

02-12-2014 18:53:23 Installed Perfect Effects Free 9  
05-12-2014 15:53:57 DirectX wurde installiert
08-12-2014 16:56:41 Removed Java 8 Update 25 (64-bit)
12-12-2014 15:16:10 Windows Update
14-12-2014 11:14:32 Installed iTunes
16-12-2014 18:24:52 Installiert CrazyTalk
21-12-2014 13:27:45 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01FF0D32-E0C5-421D-95FC-E309B729F239} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-12-10] (Maxthon International ltd.)
Task: {718CDB32-8624-4F10-BCF6-26B0416126A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)
Task: {72B63425-600D-43FD-9C85-CE2BD60B76B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)
Task: {CD475793-C5FC-4794-B0BA-998F10CF4089} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-12-03 15:19 - 2014-12-03 15:19 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-23 13:37 - 2014-12-23 13:37 - 00310272 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\lwjgl64.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 00653832 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\avutil-ttv-51.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 00361103 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\swresample-ttv-0.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 00688161 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\libmp3lame-ttv.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 01127424 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\twitchsdk.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 00382464 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\OpenAL64.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2015-01-02 15:10 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-02 15:10 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-02 15:10 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-02 15:10 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\AlGrande\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"

========================= Accounts: ==========================

Administrator (S-1-5-21-3614382932-3873046457-4280037768-500 - Administrator - Disabled)
AlGrande (S-1-5-21-3614382932-3873046457-4280037768-1001 - Administrator - Enabled) => C:\Users\AlGrande
Gast (S-1-5-21-3614382932-3873046457-4280037768-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3614382932-3873046457-4280037768-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/26/2014 06:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14125

Error: (12/26/2014 06:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14125

Error: (12/26/2014 06:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/24/2014 11:07:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 59574984

Error: (12/24/2014 11:07:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 59574984

Error: (12/24/2014 11:07:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/23/2014 06:34:49 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (12/23/2014 06:34:47 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (12/23/2014 04:50:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bdcam.exe, Version: 1.9.1.419, Zeitstempel: 0x524a62ca
Name des fehlerhaften Moduls: bdcam.exe, Version: 1.9.1.419, Zeitstempel: 0x524a62ca
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00030588
ID des fehlerhaften Prozesses: 0x109c
Startzeit der fehlerhaften Anwendung: 0xbdcam.exe0
Pfad der fehlerhaften Anwendung: bdcam.exe1
Pfad des fehlerhaften Moduls: bdcam.exe2
Berichtskennung: bdcam.exe3
Vollständiger Name des fehlerhaften Pakets: bdcam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bdcam.exe5

Error: (12/23/2014 04:50:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bdcam.exe, Version: 1.9.1.419, Zeitstempel: 0x524a62ca
Name des fehlerhaften Moduls: bdcam.exe, Version: 1.9.1.419, Zeitstempel: 0x524a62ca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00030588
ID des fehlerhaften Prozesses: 0x109c
Startzeit der fehlerhaften Anwendung: 0xbdcam.exe0
Pfad der fehlerhaften Anwendung: bdcam.exe1
Pfad des fehlerhaften Moduls: bdcam.exe2
Berichtskennung: bdcam.exe3
Vollständiger Name des fehlerhaften Pakets: bdcam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bdcam.exe5


System errors:
=============
Error: (12/26/2014 06:05:36 PM) (Source: DCOM) (EventID: 10010) (User: Name)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (12/26/2014 06:00:57 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (12/18/2014 07:26:47 PM) (Source: DCOM) (EventID: 10010) (User: Name)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (12/17/2014 03:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Name)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (12/16/2014 06:12:50 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "Name2-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{37ED4FF8-3009-473C-A8ED-32A15B1BA263}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (12/16/2014 02:26:40 PM) (Source: DCOM) (EventID: 10016) (User: Name)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NameAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/16/2014 02:26:39 PM) (Source: DCOM) (EventID: 10016) (User: Name)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NameAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/16/2014 02:26:39 PM) (Source: DCOM) (EventID: 10016) (User: Name)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NameAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/16/2014 02:26:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (12/16/2014 02:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 43%
Total physical RAM: 8138.64 MB
Available physical RAM: 4610.91 MB
Total Pagefile: 10122.64 MB
Available Pagefile: 5080.85 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:416.93 GB) (Free:215.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:48.83 GB) (Free:47.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D98CD4DC)
Partition 1: (Active) - (Size=416.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 02.01.2015, 18:02

Möglich. Oder eben ne Funktionstaste, die so belegt ist.

Wie oft kommt das denn vor?

AlGrande · 03.01.2015, 16:43

Jede 20 minuten ungefähr

schrauber · 03.01.2015, 17:45

20 Minuten? welcher Browser ist es aktuell? Immer noch IE? Oder jetzt wieder ein anderer? Welcher Browser ist derzeit als Standardbrowser eingestellt?

AlGrande · 05.01.2015, 10:29

Gerade beim Internet Explorer. Als Standartbrowser habe ich Chrome.

schrauber · 05.01.2015, 13:30

Alles sehr merkwürdig.

Gewusst wie: Durchführen eines sauberen Neustarts in Windows

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.

AlGrande · 14.01.2015, 13:46

Also das Problem tritt nur dann auf wenn Minecraft geöffnet ist, was bei meinen Freunden allerdings nicht passiert

. Andere Dienste machen keine Probleme...

schrauber · 14.01.2015, 15:32

Minecraft neu installieren.

AlGrande · 21.01.2015, 15:31

Hat nichts gebracht. Bei meinem Freund ist das nicht so.

schrauber · 21.01.2015, 17:41

Also zaubern kann ich irgendwie nicht

.

Es öffnen sich ungewollt einfach leere Tabs abwechselnd in unterschiedlichen Browsern. Und das alles nur wenn Minecraft geöffnet ist. Korrekt?

Mach bitte mal frische FRST Logs wenn Minecraft Dingens offen ist.

AlGrande · 03.02.2015, 15:12

Ja!
Hier die Logs während das alles offen ist:
Was sind denn diese ganzen Windows Dateien bei One Month Created Files and Folders bei FRST.txt?
Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by AlGrande at 2015-01-30 17:13:33
Running from C:\Users\AlGrande\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{F4C71C2A-F068-8EEB-61AE-EA4707C57A1B}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.1.419 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.7.4101 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FDB8F715-FC8D-4C20-B614-E0361BB69A17}) (Version: 0.9.7.4101 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
concept/design onlineTV 10 (HKLM-x32\...\{DCAB9AAC-1D1C-4B94-99B7-AA7D2617BD64}_is1) (Version: 10.6.0.0 - concept/design GmbH)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Git version 1.9.4-preview20140929 (HKLM-x32\...\Git_is1) (Version: 1.9.4-preview20140929 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
MAGIX Burn routines (HKLM\...\{712D74A5-4C3D-41E6-A850-1696E54B28CD}) (Version: 11.0.0.237 - MAGIX AG)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 Premium (HKLM-x32\...\MAGIX_{00A8886C-FF3D-4B52-A95D-321735687B32}) (Version: 19.0.0.29 - MAGIX AG)
MAGIX Music Maker 2013 Premium (Version: 19.0.0.29 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Premium Update (Version: 19.0.7.61 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Studio (HKLM-x32\...\MAGIX_{58AF1918-E670-44DF-BE45-BF5014AF144C}) (Version: 19.0.0.12 - MAGIX AG)
MAGIX Music Studio (Version: 19.0.0.12 - MAGIX AG) Hidden
MAGIX Music Studio Update (Version: 19.0.1.22 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{341D13B7-3C84-4D68-90B7-1F4B6C2BCB21}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{DA6B1FF0-27E8-4272-8D06-37C53FCFD507}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.3.4000 - Maxthon International Limited)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Vita 2 (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita 2 Zusatzcontent (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Bass Machine (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Century Guitar (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Rock Drums (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita String Ensemble (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita World Percussion (Version: 1.0.0.0 - MAGIX AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_DE_is1) (Version: 16.0.1.8 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3614382932-3873046457-4280037768-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points  =========================

02-12-2014 18:53:23 Installed Perfect Effects Free 9  
05-12-2014 15:53:57 DirectX wurde installiert
08-12-2014 16:56:41 Removed Java 8 Update 25 (64-bit)
12-12-2014 15:16:10 Windows Update
14-12-2014 11:14:32 Installed iTunes
16-12-2014 18:24:52 Installiert CrazyTalk
21-12-2014 13:27:45 Windows Update
14-01-2015 14:49:04 Entfernt CrazyTalk
20-01-2015 16:05:34 Removed BlueStacks Notification Center
26-01-2015 12:05:27 Windows Update
30-01-2015 16:05:15 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-26 12:22 - 2015-01-26 12:23 - 00450983 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01FF0D32-E0C5-421D-95FC-E309B729F239} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-12-10] (Maxthon International ltd.)
Task: {258CA103-08EE-4E1C-BF8E-DF223462C899} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {718CDB32-8624-4F10-BCF6-26B0416126A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)
Task: {72B63425-600D-43FD-9C85-CE2BD60B76B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-12-03 15:19 - 2014-12-03 15:19 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-08 16:56 - 2014-09-30 00:15 - 00737986 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2015-01-30 16:20 - 2015-01-30 16:20 - 00310272 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-849774791466\lwjgl64.dll
2015-01-30 16:20 - 2015-01-30 16:20 - 00653832 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-849774791466\avutil-ttv-51.dll
2015-01-30 16:20 - 2015-01-30 16:20 - 00361103 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-849774791466\swresample-ttv-0.dll
2015-01-30 16:20 - 2015-01-30 16:20 - 00688161 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-849774791466\libmp3lame-ttv.dll
2015-01-30 16:20 - 2015-01-30 16:20 - 01127424 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-849774791466\twitchsdk.dll
2015-01-30 16:20 - 2015-01-30 16:20 - 00382464 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-849774791466\OpenAL64.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\AlGrande\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"

========================= Accounts: ==========================

Administrator (S-1-5-21-3614382932-3873046457-4280037768-500 - Administrator - Disabled)
AlGrande (S-1-5-21-3614382932-3873046457-4280037768-1001 - Administrator - Enabled) => C:\Users\AlGrande
Gast (S-1-5-21-3614382932-3873046457-4280037768-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3614382932-3873046457-4280037768-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2015 05:05:30 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (01/28/2015 05:05:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15391

Error: (01/28/2015 05:05:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15391

Error: (01/28/2015 05:05:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/28/2015 05:05:24 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (01/28/2015 05:04:53 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (01/27/2015 03:16:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15563

Error: (01/27/2015 03:16:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15563

Error: (01/27/2015 03:16:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/27/2015 01:30:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 86053250


System errors:
=============
Error: (01/30/2015 04:09:52 PM) (Source: DCOM) (EventID: 10016) (User: NAME)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NAMEAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2015 04:09:52 PM) (Source: DCOM) (EventID: 10016) (User: NAME)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NAMEAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2015 04:09:52 PM) (Source: DCOM) (EventID: 10016) (User: NAME)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NAMEAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2015 04:09:51 PM) (Source: DCOM) (EventID: 10016) (User: NAME)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NAMEAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2015 04:09:51 PM) (Source: DCOM) (EventID: 10016) (User: NAME)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NAMEAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2015 04:09:51 PM) (Source: DCOM) (EventID: 10016) (User: NAME)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NAMEAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2015 04:09:50 PM) (Source: DCOM) (EventID: 10016) (User: NAME)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NAMEAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2015 04:09:50 PM) (Source: DCOM) (EventID: 10016) (User: NAME)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NAMEAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2015 04:09:49 PM) (Source: DCOM) (EventID: 10016) (User: NAME)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NAMEAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/30/2015 04:09:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 37%
Total physical RAM: 8138.64 MB
Available physical RAM: 5079.38 MB
Total Pagefile: 10570.64 MB
Available Pagefile: 6299.62 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:416.93 GB) (Free:187.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:48.83 GB) (Free:47.95 GB) NTFS
Drive e: () (Removable) (Total:30.16 GB) (Free:24.31 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D98CD4DC)
Partition 1: (Active) - (Size=416.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30.2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

FRST.txt:
Einfach viel zu lang. Deswegen hier hochgeladen: www.pastebin.com/gCtby7yh

24.12.2014, 13:34	#32
schrauber /// the machine /// TB-Ausbilder	Chrome öffnet automatisch leere Tabs Jetzt ist in Chrome Ruhe, aber der IE öffnet wieder einen leeren Tab? Und es ist immer nur ein leerer Tab, also nix drin? __________________ __________________

27.12.2014, 13:12	#34
schrauber /// the machine /// TB-Ausbilder	Chrome öffnet automatisch leere Tabs Langsam bin ich überfragt. Wenn der leere Tab offen ist nicht schliessen. Dann: FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

02.01.2015, 18:02	#36
schrauber /// the machine /// TB-Ausbilder	Chrome öffnet automatisch leere Tabs Möglich. Oder eben ne Funktionstaste, die so belegt ist. Wie oft kommt das denn vor? __________________ --> Chrome öffnet automatisch leere Tabs

03.01.2015, 17:45	#38
schrauber /// the machine /// TB-Ausbilder	Chrome öffnet automatisch leere Tabs 20 Minuten? welcher Browser ist es aktuell? Immer noch IE? Oder jetzt wieder ein anderer? Welcher Browser ist derzeit als Standardbrowser eingestellt? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

14.01.2015, 15:32	#42
schrauber /// the machine /// TB-Ausbilder	Chrome öffnet automatisch leere Tabs Minecraft neu installieren. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Chrome öffnet automatisch leere Tabs

Plagegeister aller Art und deren Bekämpfung: Chrome öffnet automatisch leere Tabs