Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Stolen.Data in Roaming/dclogs gefunden.

Stolen.Data in Roaming/dclogs gefunden.


Log-Analyse und Auswertung: Stolen.Data in Roaming/dclogs gefunden.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 11.03.2014, 09:45   #1
kevindevin
 
Stolen.Data in Roaming/dclogs gefunden. - Standard

Stolen.Data in Roaming/dclogs gefunden.


Malwarebytes hat heute diese Stolen.Data gefunden.
Dort waren alle Informationen erhalten, die ich Sonntags eingetippt habe! (Dort war ich das letzte mal Online)
Das hat Malwarebytes unter Flash-Scan gefunden.
Aber sonst hat Kaspersky und Malwarebytes keine .exe gefunden, die so was Mitloggt!?
FUD Crypter? Oder doch schon Clean?

Ich bedauere, das Kaspersky nicht in der Lage ist, so was zu Detecten

Könnt ihr Helfen, mein System wieder sauber zu bekommen? Danke!

Alt 11.03.2014, 10:14   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Stolen.Data in Roaming/dclogs gefunden. - Standard

Stolen.Data in Roaming/dclogs gefunden.


hi,

Logfile von MBAM?


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 11.03.2014, 10:18   #3
kevindevin
 
Stolen.Data in Roaming/dclogs gefunden. - Standard

Stolen.Data in Roaming/dclogs gefunden.



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2014
Ran by Kevin (administrator) on KEVIN-PC on 11-03-2014 10:17:26
Running from E:\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Core Temp\Core Temp.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Overwolf LTD) E:\Overwolf\Overwolf.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
(techPowerUp (www.techpowerup.com)) E:\GPU-Z\GPU-Z.exe
(Valve Corporation) E:\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\klwtblfs.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-23] (Microsoft Corporation)
HKU\S-1-5-21-270481221-3890311207-2788155686-1000\...\Run: [Overwolf] - E:\Overwolf\Overwolf.exe [37632 2014-02-16] (Overwolf LTD)

==================== Internet (Whitelisted) ====================

ProxyServer: 187.188.195.66:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEFC5E115CEFFCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} -  No File
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {724D43A0-0D85-11D4-9908-00400523E39A} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-03-01] ()
S4 MBAMScheduler; E:\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; E:\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S4 OverwolfUpdaterService; E:\Overwolf\OverwolfUpdater.exe [98560 2014-02-16] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-05] ()
S4 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [297984 2014-03-11] ()
S3 VsEtwService120; E:\Microsoft Visual Studio\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S4 LiveUpdateSvc; No ImagePath

==================== Drivers (Whitelisted) ====================

R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-05] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-02-18] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [624224 2014-02-18] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-05] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 visctap0901; C:\Windows\System32\DRIVERS\visctap0901.sys [31744 2013-12-18] (The OpenVPN Project)
R3 ALSysIO; \??\C:\Users\Kevin\AppData\Local\Temp\ALSysIO64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
R3 GPU-Z; \??\C:\Users\Kevin\AppData\Local\Temp\GPU-Z.sys [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-11 10:17 - 2014-03-11 10:17 - 00000000 ____D () C:\FRST
2014-03-11 09:39 - 2014-03-11 09:45 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-11 09:38 - 2014-03-11 09:38 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-11 09:19 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-11 09:15 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-11 09:15 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-11 09:15 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-11 09:13 - 2014-03-11 09:13 - 00000000 ____D () C:\NVIDIA
2014-03-08 18:31 - 2014-03-08 18:31 - 00000000 ____D () C:\Windows\SysWOW64\r4
2014-03-08 09:34 - 2014-03-08 09:34 - 00001298 _____ () C:\Users\Kevin\Desktop\Event Viewer.lnk
2014-03-07 13:55 - 2014-03-11 09:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 13:55 - 2014-03-07 13:55 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-06 22:04 - 2014-03-06 22:04 - 00000810 _____ () C:\Users\Kevin\Desktop\Arma 3.lnk
2014-03-06 22:02 - 2014-03-06 22:02 - 00000202 _____ () C:\Users\Kevin\Desktop\Saints Row IV.url
2014-03-06 17:43 - 2014-03-06 17:43 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\OpenOffice
2014-03-06 17:42 - 2014-03-06 17:42 - 00001188 _____ () C:\Users\Kevin\Desktop\OpenOffice 4.0.1.lnk
2014-03-06 17:42 - 2014-03-06 17:42 - 00000000 ___SD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-03-06 17:42 - 2014-03-06 17:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-03-06 17:37 - 2014-03-06 17:37 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-03-06 17:34 - 2014-03-06 17:37 - 00000000 ____D () C:\ProgramData\EPSON
2014-03-06 17:34 - 2011-04-20 03:03 - 00120320 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMHLE.DLL
2014-03-06 17:34 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ID4BHLE.DLL
2014-03-06 17:34 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-03-05 17:24 - 2014-03-05 17:24 - 00002997 _____ () C:\Users\Kevin\Desktop\VPN Autoconnect.lnk
2014-03-04 16:20 - 2013-11-15 14:17 - 03894632 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-03-04 12:24 - 2010-04-02 20:04 - 02650112 _____ () C:\Users\Kevin\Desktop\SteamMover.exe
2014-03-04 12:15 - 2014-03-04 12:15 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Stefan_Jones
2014-03-04 11:27 - 2014-03-04 11:27 - 00000000 ____D () C:\Users\Kevin\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2014-03-04 11:15 - 2014-03-04 11:15 - 00000000 ____D () C:\Users\Kevin\Documents\OCCT
2014-03-01 17:08 - 2014-03-01 17:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\SoftwareUpdater
2014-03-01 14:42 - 2014-03-01 14:42 - 00000000 ____D () C:\Users\Kevin\Documents\TubeBox
2014-03-01 14:41 - 2014-03-11 09:28 - 00004160 _____ () C:\Windows\System32\Tasks\Software Updater Ui
2014-03-01 14:41 - 2014-03-01 15:01 - 00003306 _____ () C:\Windows\System32\Tasks\temp_Plus-HD-3.8-enabler
2014-03-01 14:41 - 2014-03-01 14:41 - 00003544 _____ () C:\Windows\System32\Tasks\Plus-HD-3.8-updater
2014-03-01 14:41 - 2014-03-01 14:41 - 00003500 _____ () C:\Windows\System32\Tasks\Plus-HD-3.8-codedownloader
2014-03-01 14:41 - 2014-03-01 14:41 - 00003398 _____ () C:\Windows\System32\Tasks\Plus-HD-3.8-enabler
2014-03-01 14:40 - 2014-03-11 09:28 - 00004208 _____ () C:\Windows\System32\Tasks\Software Updater
2014-03-01 14:40 - 2014-03-01 14:41 - 00000000 ____D () C:\Program Files (x86)\SoftwareUpdater
2014-03-01 14:37 - 2014-03-01 14:37 - 00000000 ____D () C:\Users\Kevin\AppData\Local\SearchProtect
2014-03-01 14:37 - 2014-03-01 14:37 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-01 14:34 - 2014-03-01 14:34 - 00000544 _____ () C:\Users\Public\Desktop\ClipGrab.lnk
2014-02-28 14:23 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-28 14:23 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-23 20:03 - 2014-02-23 20:03 - 00000000 ____D () C:\Users\Kevin\AppData\Local\LogMeIn
2014-02-23 20:03 - 2014-02-23 20:03 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-23 13:45 - 2014-02-23 13:50 - 00000000 ____D () C:\Users\Kevin\Documents\Cross Fire
2014-02-23 13:45 - 2014-02-23 13:45 - 00000000 ____D () C:\CFLog
2014-02-23 12:26 - 2014-02-23 12:26 - 00001397 _____ () C:\Users\Kevin\Desktop\Warface Launcher.lnk
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface Launcher
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 ____D () C:\Users\Kevin\AppData\Local\wf-launcher
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 ____D () C:\ProgramData\GFACE
2014-02-23 11:45 - 2014-02-23 11:45 - 00000000 ____D () C:\Users\Kevin\Documents\Podcasts
2014-02-23 11:40 - 2014-02-23 11:40 - 00000740 _____ () C:\Users\Kevin\Desktop\APB Reloaded.lnk
2014-02-23 11:39 - 2014-02-23 11:39 - 00000000 ____D () C:\Users\Kevin\Documents\Aufnahmen
2014-02-23 11:18 - 2014-02-23 11:18 - 00000000 ____D () C:\Program Files (x86)\GamersFirst
2014-02-21 20:01 - 2014-02-21 20:01 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-02-21 18:47 - 2014-03-01 13:32 - 00000780 _____ () C:\Users\Kevin\Documents\RS.txt
2014-02-21 17:41 - 2014-02-21 17:41 - 00000714 _____ () C:\Users\Kevin\Desktop\GTA - San Andreas.lnk
2014-02-18 20:17 - 2014-02-18 20:17 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-02-18 18:53 - 2014-02-18 18:53 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 18:51 - 2014-03-04 15:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-18 18:51 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-18 18:51 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-18 18:51 - 2014-03-04 15:35 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-18 18:51 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-18 18:51 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-18 18:02 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-18 18:02 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-14 21:36 - 2014-02-21 17:39 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Malwarebytes
2014-02-14 21:36 - 2014-02-21 17:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-14 21:36 - 2014-02-14 21:36 - 00000618 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-14 21:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-12 16:55 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 16:55 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 16:55 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 16:55 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 16:55 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 16:55 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 16:55 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 16:55 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 16:55 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 16:55 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 16:55 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 16:55 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 16:55 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 16:55 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 16:55 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 16:55 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 16:55 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 16:55 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 16:55 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 16:55 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 16:55 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 16:55 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 16:01 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-12 16:01 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-12 16:01 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-12 16:01 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-12 16:01 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-12 16:01 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-12 16:01 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-12 16:01 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-12 16:01 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-12 16:01 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-12 16:01 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-12 16:01 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-12 16:01 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-12 16:01 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-12 16:01 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-12 16:01 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-12 15:59 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 15:59 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 15:59 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 15:59 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 15:59 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 15:59 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 15:59 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 15:59 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 15:59 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 15:59 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 15:59 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 15:59 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 15:59 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 15:59 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 15:59 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 15:59 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 15:59 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 15:59 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 15:59 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 15:59 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 15:59 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 15:59 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 15:59 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 15:59 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 15:59 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 15:59 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 15:59 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 15:59 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 15:59 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 15:59 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 15:59 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 15:59 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 15:59 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 15:59 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 15:59 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 15:59 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 15:59 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 15:59 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 15:59 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 15:59 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 15:59 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 15:58 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-12 15:58 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-12 15:50 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 15:50 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 15:50 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 15:50 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 15:50 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 15:50 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-10 18:36 - 2014-03-09 20:03 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Arma 3
2014-02-10 15:31 - 2014-02-21 17:40 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\.technic
2014-02-10 15:30 - 2014-02-15 09:16 - 02346186 _____ () C:\Users\Kevin\Desktop\TechnicLauncher.exe
2014-02-09 15:02 - 2014-02-09 15:02 - 00004096 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-02-09 15:02 - 2014-02-09 15:02 - 00003492 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-02-09 13:52 - 2014-02-09 13:52 - 00000201 _____ () C:\Users\Kevin\Desktop\Arma Cold War Assault.url
2014-02-09 13:51 - 2014-02-09 13:51 - 00000199 _____ () C:\Users\Kevin\Desktop\Left 4 Dead 2.url
2014-02-09 13:50 - 2014-03-11 09:23 - 00000000 ____D () C:\Windows\pss
2014-02-09 11:58 - 2014-02-21 17:40 - 00000000 ____D () C:\Users\Kevin\Documents\Arma 3
2014-02-09 11:01 - 2014-02-09 11:01 - 00000000 ____D () C:\ProgramData\Bohemia Interactive

==================== One Month Modified Files and Folders =======

2014-03-11 10:17 - 2014-03-11 10:17 - 00000000 ____D () C:\FRST
2014-03-11 10:15 - 2013-12-23 13:18 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Skype
2014-03-11 09:45 - 2014-03-11 09:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-11 09:38 - 2014-03-11 09:38 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-11 09:31 - 2009-07-14 05:45 - 00019040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-11 09:31 - 2009-07-14 05:45 - 00019040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-11 09:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-11 09:30 - 2013-12-23 18:37 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-03-11 09:30 - 2013-12-23 18:37 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-03-11 09:30 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-11 09:28 - 2014-03-01 14:41 - 00004160 _____ () C:\Windows\System32\Tasks\Software Updater Ui
2014-03-11 09:28 - 2014-03-01 14:40 - 00004208 _____ () C:\Windows\System32\Tasks\Software Updater
2014-03-11 09:27 - 2013-12-23 10:01 - 01852116 _____ () C:\Windows\WindowsUpdate.log
2014-03-11 09:25 - 2014-01-05 20:08 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-11 09:24 - 2014-03-07 13:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-11 09:24 - 2014-01-25 16:28 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Overwolf
2014-03-11 09:24 - 2014-01-18 20:43 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-11 09:24 - 2013-12-26 16:02 - 00025419 _____ () C:\Windows\setupact.log
2014-03-11 09:24 - 2013-12-25 11:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-11 09:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-11 09:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-03-11 09:23 - 2014-02-09 13:50 - 00000000 ____D () C:\Windows\pss
2014-03-11 09:23 - 2013-12-23 10:01 - 00000000 ___RD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-11 09:19 - 2013-12-25 11:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-11 09:13 - 2014-03-11 09:13 - 00000000 ____D () C:\NVIDIA
2014-03-11 09:11 - 2013-12-23 13:12 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\TS3Client
2014-03-11 09:04 - 2013-12-23 12:47 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-11 09:04 - 2013-12-23 10:19 - 00000000 ____D () C:\Program Files\Intel
2014-03-11 08:51 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-09 20:03 - 2014-02-10 18:36 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Arma 3
2014-03-09 13:16 - 2014-01-22 18:46 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\.minecraft
2014-03-09 12:46 - 2014-02-01 09:14 - 00000600 _____ () C:\Users\Kevin\AppData\Local\PUTTY.RND
2014-03-09 11:53 - 2013-12-23 22:13 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-09 11:44 - 2013-12-23 13:37 - 00000000 ____D () C:\ProgramData\Origin
2014-03-09 09:21 - 2013-12-23 22:13 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-03-09 09:05 - 2013-12-23 12:19 - 00037550 _____ () C:\Windows\PFRO.log
2014-03-08 18:31 - 2014-03-08 18:31 - 00000000 ____D () C:\Windows\SysWOW64\r4
2014-03-08 09:34 - 2014-03-08 09:34 - 00001298 _____ () C:\Users\Kevin\Desktop\Event Viewer.lnk
2014-03-08 09:32 - 2013-12-29 18:16 - 00000000 ____D () C:\Program Files (x86)\PowerISO
2014-03-07 13:55 - 2014-03-07 13:55 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-07 13:55 - 2013-12-23 10:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-07 13:55 - 2013-12-23 10:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-07 13:53 - 2009-07-14 05:45 - 00294712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-06 22:04 - 2014-03-06 22:04 - 00000810 _____ () C:\Users\Kevin\Desktop\Arma 3.lnk
2014-03-06 22:02 - 2014-03-06 22:02 - 00000202 _____ () C:\Users\Kevin\Desktop\Saints Row IV.url
2014-03-06 18:33 - 2014-01-28 17:26 - 00064024 _____ () C:\Users\Kevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-06 17:43 - 2014-03-06 17:43 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\OpenOffice
2014-03-06 17:42 - 2014-03-06 17:42 - 00001188 _____ () C:\Users\Kevin\Desktop\OpenOffice 4.0.1.lnk
2014-03-06 17:42 - 2014-03-06 17:42 - 00000000 ___SD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-03-06 17:42 - 2014-03-06 17:42 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-03-06 17:37 - 2014-03-06 17:37 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-03-06 17:37 - 2014-03-06 17:34 - 00000000 ____D () C:\ProgramData\EPSON
2014-03-05 17:24 - 2014-03-05 17:24 - 00002997 _____ () C:\Users\Kevin\Desktop\VPN Autoconnect.lnk
2014-03-05 15:31 - 2013-12-29 04:57 - 00000814 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-03-05 15:31 - 2013-12-23 22:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-05 15:30 - 2013-12-23 15:51 - 00276709 _____ () C:\Windows\DirectX.log
2014-03-04 15:35 - 2014-03-11 09:15 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-11 09:15 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 15:35 - 2014-03-11 09:15 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 15:35 - 2014-02-18 18:51 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2014-02-18 18:51 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2014-02-18 18:51 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-02-18 18:51 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2013-12-25 11:26 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 15:35 - 2013-12-25 11:26 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2013-12-25 11:26 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2013-12-25 11:26 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 15:35 - 2013-12-25 11:26 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 15:35 - 2013-10-27 09:12 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 14:06 - 2013-12-25 11:27 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 14:06 - 2013-12-25 11:27 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 14:05 - 2013-12-25 11:27 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 14:05 - 2013-12-25 11:27 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 14:05 - 2013-12-25 11:27 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 14:05 - 2013-12-25 11:27 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 14:05 - 2013-12-25 11:16 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 12:32 - 2014-03-11 09:19 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-04 12:15 - 2014-03-04 12:15 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Stefan_Jones
2014-03-04 12:12 - 2013-12-23 13:52 - 00000904 _____ () C:\Users\Public\Desktop\SimCity™.lnk
2014-03-04 12:09 - 2013-12-29 04:57 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-04 11:27 - 2014-03-04 11:27 - 00000000 ____D () C:\Users\Kevin\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2014-03-04 11:15 - 2014-03-04 11:15 - 00000000 ____D () C:\Users\Kevin\Documents\OCCT
2014-03-03 07:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-01 17:08 - 2014-03-01 17:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\SoftwareUpdater
2014-03-01 15:01 - 2014-03-01 14:41 - 00003306 _____ () C:\Windows\System32\Tasks\temp_Plus-HD-3.8-enabler
2014-03-01 14:42 - 2014-03-01 14:42 - 00000000 ____D () C:\Users\Kevin\Documents\TubeBox
2014-03-01 14:41 - 2014-03-01 14:41 - 00003544 _____ () C:\Windows\System32\Tasks\Plus-HD-3.8-updater
2014-03-01 14:41 - 2014-03-01 14:41 - 00003500 _____ () C:\Windows\System32\Tasks\Plus-HD-3.8-codedownloader
2014-03-01 14:41 - 2014-03-01 14:41 - 00003398 _____ () C:\Windows\System32\Tasks\Plus-HD-3.8-enabler
2014-03-01 14:41 - 2014-03-01 14:40 - 00000000 ____D () C:\Program Files (x86)\SoftwareUpdater
2014-03-01 14:40 - 2013-12-29 04:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-01 14:37 - 2014-03-01 14:37 - 00000000 ____D () C:\Users\Kevin\AppData\Local\SearchProtect
2014-03-01 14:37 - 2014-03-01 14:37 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-03-01 14:34 - 2014-03-01 14:34 - 00000544 _____ () C:\Users\Public\Desktop\ClipGrab.lnk
2014-03-01 14:12 - 2013-12-23 13:11 - 00000000 ____D () C:\Users\Kevin\AppData\Local\TeamSpeak 3 Client
2014-03-01 13:32 - 2014-02-21 18:47 - 00000780 _____ () C:\Users\Kevin\Documents\RS.txt
2014-03-01 12:54 - 2014-01-02 16:56 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\FileZilla
2014-02-24 17:42 - 2014-02-08 21:18 - 00000000 ____D () C:\Users\Kevin\Documents\My RoboForm Data
2014-02-23 20:03 - 2014-02-23 20:03 - 00000000 ____D () C:\Users\Kevin\AppData\Local\LogMeIn
2014-02-23 20:03 - 2014-02-23 20:03 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-23 13:50 - 2014-02-23 13:45 - 00000000 ____D () C:\Users\Kevin\Documents\Cross Fire
2014-02-23 13:45 - 2014-02-23 13:45 - 00000000 ____D () C:\CFLog
2014-02-23 13:43 - 2014-01-18 22:11 - 00001031 _____ () C:\Users\Kevin\Desktop\DEP.bat
2014-02-23 12:26 - 2014-02-23 12:26 - 00001397 _____ () C:\Users\Kevin\Desktop\Warface Launcher.lnk
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface Launcher
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 ____D () C:\Users\Kevin\AppData\Local\wf-launcher
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 ____D () C:\ProgramData\GFACE
2014-02-23 11:45 - 2014-02-23 11:45 - 00000000 ____D () C:\Users\Kevin\Documents\Podcasts
2014-02-23 11:40 - 2014-02-23 11:40 - 00000740 _____ () C:\Users\Kevin\Desktop\APB Reloaded.lnk
2014-02-23 11:39 - 2014-02-23 11:39 - 00000000 ____D () C:\Users\Kevin\Documents\Aufnahmen
2014-02-23 11:37 - 2013-12-29 14:18 - 00000294 _____ () C:\Users\Kevin\Desktop\EEA Löschen.bat
2014-02-23 11:18 - 2014-02-23 11:18 - 00000000 ____D () C:\Program Files (x86)\GamersFirst
2014-02-21 20:01 - 2014-02-21 20:01 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2014-02-21 19:57 - 2014-01-03 15:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-02-21 17:41 - 2014-02-21 17:41 - 00000714 _____ () C:\Users\Kevin\Desktop\GTA - San Andreas.lnk
2014-02-21 17:40 - 2014-02-10 15:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\.technic
2014-02-21 17:40 - 2014-02-09 11:58 - 00000000 ____D () C:\Users\Kevin\Documents\Arma 3
2014-02-21 17:40 - 2013-12-25 10:20 - 00000000 ____D () C:\Users\Kevin\Documents\DayZ
2014-02-21 17:40 - 2013-12-23 15:40 - 00000000 ____D () C:\Users\Kevin\Documents\Assassin's Creed IV Black Flag
2014-02-21 17:40 - 2013-12-23 10:49 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-02-21 17:40 - 2013-12-23 10:49 - 00000000 ____D () C:\Windows\system32\Macromed
2014-02-21 17:40 - 2013-12-23 10:01 - 00000000 ____D () C:\Users\Kevin
2014-02-21 17:40 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2014-02-21 17:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-21 17:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2014-02-21 17:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2014-02-21 17:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-21 17:39 - 2014-02-14 21:36 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Malwarebytes
2014-02-21 17:39 - 2014-02-14 21:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-18 20:17 - 2014-02-18 20:17 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-02-18 20:17 - 2013-12-23 16:17 - 00000000 ____D () C:\Users\Kevin\Documents\GTA San Andreas User Files
2014-02-18 18:53 - 2014-02-18 18:53 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-18 18:18 - 2014-01-05 20:08 - 00624224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-02-18 18:18 - 2014-01-05 20:08 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-02-18 18:18 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2014-02-18 17:59 - 2009-07-14 06:08 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-15 09:16 - 2014-02-10 15:30 - 02346186 _____ () C:\Users\Kevin\Desktop\TechnicLauncher.exe
2014-02-14 21:36 - 2014-02-14 21:36 - 00000618 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-13 16:48 - 2013-12-23 16:16 - 00000791 _____ () C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk
2014-02-12 16:57 - 2013-12-23 10:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 16:56 - 2013-12-23 12:38 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 16:56 - 2013-12-23 10:48 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-09 15:02 - 2014-02-09 15:02 - 00004096 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-02-09 15:02 - 2014-02-09 15:02 - 00003492 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-02-09 13:52 - 2014-02-09 13:52 - 00000201 _____ () C:\Users\Kevin\Desktop\Arma Cold War Assault.url
2014-02-09 13:51 - 2014-02-09 13:51 - 00000199 _____ () C:\Users\Kevin\Desktop\Left 4 Dead 2.url
2014-02-09 13:45 - 2014-02-08 23:57 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-02-09 13:40 - 2014-01-01 17:05 - 00000200 _____ () C:\Users\Kevin\Desktop\Garry's Mod.url
2014-02-09 12:07 - 2013-12-29 22:38 - 00000212 _____ () C:\Users\Kevin\Desktop\Super Monday Night Combat.url
2014-02-09 11:01 - 2014-02-09 11:01 - 00000000 ____D () C:\ProgramData\Bohemia Interactive
2014-02-09 00:13 - 2014-02-08 10:31 - 00000000 ____D () C:\Windows\system32\appmgmt

Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Kevin\AppData\Local\Temp\Extreme Memory Editor v2.exe
C:\Users\Kevin\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Kevin\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Kevin\AppData\Local\Temp\nvStInst.exe
C:\Users\Kevin\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 14:03

==================== End Of Log ============================
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2014
Ran by Kevin at 2014-03-11 10:17:39
Running from E:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.3.2.559664 - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
ClipGrab 3.3.0.4 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Kevin Mühler)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Druckerdeinstallation für EPSON SX235 Series (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Infestation Survivor Stories version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - OP Productions LLC)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (HKLM-x32\...\{31e4d2a5-b246-4c2d-a7fb-aee157c26b02}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
MTA:SA v1.3.4 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.4 - Multi Theft Auto)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.6 (HKLM\...\{DC65DFD8-E175-4A85-948A-42965853B2E8}) (Version: 4.3.6 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{FE8E927E-8099-4C6B-A337-1CAB00E213C7}) (Version: 0.50.310 - Overwolf)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Monday Night Combat (HKLM-x32\...\Steam App 104700) (Version:  - Uber Entertainment)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VPNAutoconnect (HKLM-x32\...\{8E557F21-99AE-440D-8058-CD8CB3302E13}) (Version: 1.15 - globalip)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points  =========================

04-03-2014 11:09:03 DirectX wurde installiert
04-03-2014 11:11:14 DirectX wurde installiert
04-03-2014 19:51:19 Windows Update
05-03-2014 14:30:27 DirectX wurde installiert
05-03-2014 16:24:16 Installed VPNAutoconnect
06-03-2014 16:35:02 Gerätetreiber-Paketinstallation: EPSON Drucker
06-03-2014 16:41:57 OpenOffice 4.0.1 wird installiert
11-03-2014 08:04:22 Windows Update
11-03-2014 08:19:41 DirectX wurde installiert

==================== Hosts content: ==========================

2014-03-08 09:33 - 2014-03-08 09:33 - 00000020 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost 

==================== Scheduled Tasks (whitelisted) =============

Task: {09A9EB83-7016-4387-80EE-E4B249BE2279} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {494D50FF-9085-4483-B1E6-51A5FD74D2C4} - System32\Tasks\Plus-HD-3.8-enabler => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe <==== ATTENTION
Task: {4F992FBE-03CB-4915-8C02-C6E8A6887F81} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2014-03-01] ()
Task: {688F6759-5C8A-4499-A650-2FE4C97B940A} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-11-29] ()
Task: {68DA5221-7434-415A-9D72-F738B6795078} - System32\Tasks\UAC pass\PowerISO => C:\Users\Kevin\Desktop\PowerISO\PowerISO.exe
Task: {6977287B-1680-426E-8AA1-00F49CC461D1} - System32\Tasks\Core Temp Autostart Kevin => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {69D1749B-E077-4F82-8121-E4275D662314} - System32\Tasks\Plus-HD-3.8-firefoxinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe <==== ATTENTION
Task: {73915BD1-9B07-4B9D-ACFD-9BFAE9489FE5} - System32\Tasks\elevated_PowerISO_OSIrewoPpotkseDniveKsresUC => C:\Users\Kevin\Desktop\PowerISO\PowerISO.exe
Task: {88239E3E-DD94-4FCE-865A-2A321EA72700} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMJMNMOJMJNJHMHMOMCNJMNMKMNMCNLMMJKMLJCNGMIMKJGMCNGMJMNMMMKJMMHMOJOJIMKMHMJNJICMIMCNGMCNMMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMELKJJIGJBJJNKJCMJNNICMJNDJCMLJKJJNMJCMOMFMOMMMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {9D3913C3-5774-4861-9356-03905087C823} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-07] (Adobe Systems Incorporated)
Task: {A11D2DD0-AC38-46B4-8DCD-FAF8F3B09007} - System32\Tasks\Plus-HD-3.8-chromeinstaller => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe <==== ATTENTION
Task: {A32A936A-7975-45F6-AD25-DB975AFC07AC} - System32\Tasks\Plus-HD-3.8-codedownloader => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe <==== ATTENTION
Task: {CDCC0855-8D94-4FCC-BE70-C95A8340344C} - System32\Tasks\Plus-HD-3.8-updater => C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe <==== ATTENTION
Task: {D5E97239-B37A-42F6-81E4-654B27899D96} - System32\Tasks\temp_Plus-HD-3.8-enabler => C:\Users\Kevin\AppData\Local\Temp\nsz85E9.tmp\Plus-HD-3.8-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-12-25 11:27 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-23 19:01 - 2013-10-08 13:23 - 00890016 _____ () C:\Program Files\Core Temp\Core Temp.exe
2013-12-23 22:13 - 2014-03-05 15:31 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-25 02:22 - 2014-01-25 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-23 19:01 - 2013-12-23 19:01 - 00006144 _____ () C:\Users\Kevin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.7.gadget\CoreTempReader.dll
2013-12-23 19:01 - 2013-12-23 19:01 - 00008704 _____ () C:\Users\Kevin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.7.gadget\GetCoreTempInfoNET.dll
2013-12-23 19:01 - 2013-12-23 19:01 - 00007680 _____ () C:\Users\Kevin\AppData\Local\Microsoft\Windows Sidebar\Gadgets\CoreTempGadget2.7.gadget\SystemInfo.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2013-11-27 12:52 - 2013-11-27 12:52 - 00025600 _____ () E:\Overwolf\CoreAudioApi.dll
2014-02-09 11:44 - 2013-12-12 23:19 - 00142848 _____ () E:\Steam\libavresample-1.dll
2014-02-09 11:44 - 2013-11-05 02:12 - 00890592 _____ () E:\Steam\libavutil-52.dll
2014-02-09 11:44 - 2014-02-11 03:34 - 00751616 _____ () E:\Steam\SDL2.dll
2014-02-09 11:44 - 2014-02-25 22:57 - 01135296 _____ () E:\Steam\bin\chromehtml.DLL
2014-02-09 11:44 - 2014-01-11 00:33 - 20625832 _____ () E:\Steam\bin\libcef.dll
2014-02-09 11:44 - 2013-06-15 00:49 - 01100800 _____ () E:\Steam\bin\avcodec-53.dll
2014-02-09 11:44 - 2013-06-15 00:49 - 00124416 _____ () E:\Steam\bin\avutil-51.dll
2014-02-09 11:44 - 2013-06-15 00:49 - 00192000 _____ () E:\Steam\bin\avformat-53.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Kevin\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Kevin\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: SystemStoreService => 2
MSCONFIG\startupfolder: C:^Users^Kevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HMA Pro VPN 2.0.lnk => C:\Windows\pss\HMA Pro VPN 2.0.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Kevin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WindowsUpdate.com.url => C:\Windows\pss\WindowsUpdate.com.url.Startup
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RoboForm => "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

==================== Faulty Device Manager Devices =============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 8077.52 MB
Available physical RAM: 5486.23 MB
Total Pagefile: 16153.21 MB
Available Pagefile: 13237.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:72.42 GB) NTFS
Drive d: () (Fixed) (Total:111.79 GB) (Free:65.29 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:787.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A691AEE4)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 424891AA)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 98AB5D29)
Partition 1: (Active) - (Size=100 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End Of Log ============================
__________________
Alt 12.03.2014, 09:20   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Stolen.Data in Roaming/dclogs gefunden. - Standard

Stolen.Data in Roaming/dclogs gefunden.


Logfile von MBAM?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Stolen.Data in Roaming/dclogs gefunden.
crypter, erhalte, erhalten, gefunde, heulen, heute, informationen, kaspersky, kaspersky und malwarebytes, malwarebytes, online, sauber, sonntags, stolen.data, system


« Logfile Auswertung der Anleitung | Eventuell weiterhin Wajam.A? »


Ähnliche Themen: Stolen.Data in Roaming/dclogs gefunden.


  1. stolen.data gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (13)
  2. Stolen.data
    Plagegeister aller Art und deren Bekämpfung - 20.07.2014 (13)
  3. WinXp Trojan.Agent/Gen-Reputation Stolen.Data Trojan.Agent/Gen-DunDun Win32/Spy.Banker.YPK trojan
    Log-Analyse und Auswertung - 29.10.2013 (7)
  4. Stolen.Data in Quarantäne gestellt, was soll ich jetzt tun?
    Log-Analyse und Auswertung - 16.05.2013 (7)
  5. stolen.data virus system 32 xmldm kann nicht entfernt werden
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (23)
  6. Wie schlimm ist diese Meldung? C:\WINDOWS\system32\xmldm\serial.dbg (Stolen.Data) -> Keine Aktion durchgeführt.
    Log-Analyse und Auswertung - 03.03.2013 (13)
  7. Worm.Dorkbot ; Malware.Trace ; Stolen.Data was ist damit zu tun?
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (3)
  8. Trojan.Banker, Trojan.Agent, Stolen.Data, Malware.Trace, was nun?
    Log-Analyse und Auswertung - 07.10.2012 (1)
  9. von acroiehelpe.dll jetzt zu C:\WINDOWS\system32\xmldm (Stolen.Data)
    Plagegeister aller Art und deren Bekämpfung - 21.04.2012 (26)
  10. Stolen.Data in D:\WINDOWS\System32\xmldm
    Log-Analyse und Auswertung - 29.03.2012 (5)
  11. mehrere Trojaner (Spy Banker, Stolen Data, Malware Gen/Trace, Trojan Passwords, Zbot)
    Log-Analyse und Auswertung - 20.12.2011 (21)
  12. Virus stolen.data system32 xmldm spy.banker
    Log-Analyse und Auswertung - 30.11.2011 (51)
  13. Mehrere Hundert infizierte Dateien - Stolen Data
    Plagegeister aller Art und deren Bekämpfung - 27.10.2011 (20)
  14. Stolen.Data False Positive oder Malware?
    Log-Analyse und Auswertung - 15.09.2011 (29)
  15. stolen.data richtig entfernt? bzw. weitere Viren/Trojaner auf system?
    Plagegeister aller Art und deren Bekämpfung - 07.08.2011 (23)
  16. malware bytes meldet immer wieder "stolen data"
    Log-Analyse und Auswertung - 29.04.2011 (2)
  17. mein pc ist mit viren übersat ! Trojan.Banker, Stolen.Data , Hijack.Userlnit
    Log-Analyse und Auswertung - 12.11.2010 (21)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Stolen.Data in Roaming/dclogs gefunden. - Malwarebytes hat heute diese Stolen.Data gefunden. Dort waren alle Informationen erhalten, die ich Sonntags eingetippt habe! (Dort war ich das letzte mal Online) Das hat Malwarebytes unter Flash-Scan gefunden. Aber - Stolen.Data in Roaming/dclogs gefunden....
Archiv
Du betrachtest: Stolen.Data in Roaming/dclogs gefunden. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131