Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   TR/Zbotcitadel.a.434 Meldung (https://www.trojaner-board.de/145131-tr-zbotcitadel-a-434-meldung.html)

zuli 25.11.2013 10:23
TR/Zbotcitadel.a.434 Meldung
 
Hallo Zusammen,

nachdem ich einen Mail-Anhang (angebliche Rechnung, meines Handybetreibers) entpacken wollte, bekam ich von Avira die Meldung über den
TR/ZbotCitadel.a.434. Ich habe diesen nicht in Quarantäne verschoben.
Vielen Dank im Voraus für die Hilfe.
Habe mal einen FRST Scan laufen lassen.

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013
Ran by Christian (administrator) on CHRISTIAN on 25-11-2013 10:10:45
Running from C:\Users\Christian\Desktop
Windows 8.1 Pro with Media Center (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

MountPoints2: {27e4694a-300c-11e3-be66-806e6f6e6963} - "D:\Launcher.exe"
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.at/
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ts84cfab.default
FF DefaultSearchEngine: LEO Eng-Deu
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: hxxp://www.google.at
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\ts84cfab.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 AsrRamDisk; C:\Windows\System32\drivers\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132600 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [83160 2013-09-30] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-10-08] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-11-25] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-25 10:04 - 2013-11-25 10:10 - 00008387 _____ C:\Users\Christian\Desktop\FRST.txt
2013-11-25 10:04 - 2013-11-25 10:04 - 00000000 ____D C:\FRST
2013-11-25 10:02 - 2013-11-25 10:03 - 01958440 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2013-11-25 09:33 - 2013-11-25 09:33 - 00115398 _____ C:\Users\Christian\Desktop\OTL.Txt
2013-11-25 09:24 - 2013-11-25 09:24 - 00602112 _____ (OldTimer Tools) C:\Users\Christian\Desktop\OTL.exe
2013-11-16 07:26 - 2013-10-23 12:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-16 07:26 - 2013-10-23 12:21 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-16 07:26 - 2013-10-23 12:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-16 07:26 - 2013-10-23 06:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-16 07:26 - 2013-10-23 06:09 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-16 07:26 - 2013-10-23 06:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-16 07:26 - 2013-10-23 05:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-16 07:26 - 2013-10-23 05:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-16 07:26 - 2013-10-22 09:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-16 07:26 - 2013-10-22 09:18 - 00096088 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2013-11-16 07:26 - 2013-10-22 08:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-16 07:26 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-11-16 07:26 - 2013-10-22 06:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-16 07:26 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-11-16 07:26 - 2013-10-22 05:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-11-16 07:26 - 2013-10-22 04:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-16 07:26 - 2013-10-22 04:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-16 07:26 - 2013-10-22 03:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-11-16 07:26 - 2013-10-22 03:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-16 07:26 - 2013-10-22 03:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-16 07:26 - 2013-10-22 03:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-16 07:26 - 2013-10-22 02:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-16 07:26 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-11-16 07:26 - 2013-10-19 10:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-16 07:26 - 2013-10-19 09:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-16 07:26 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-11-16 07:26 - 2013-10-19 07:24 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-11-16 07:26 - 2013-10-19 05:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-16 07:26 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2013-11-16 07:26 - 2013-10-19 04:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-16 07:26 - 2013-10-19 04:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-16 07:26 - 2013-10-19 04:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-16 07:26 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-11-16 07:26 - 2013-10-17 16:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-16 07:26 - 2013-10-17 16:42 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcmde.dll
2013-11-16 07:26 - 2013-10-17 16:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-11-16 07:26 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-11-16 07:26 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-11-16 07:26 - 2013-10-16 10:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-16 07:26 - 2013-10-13 04:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-16 07:26 - 2013-10-13 03:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-16 07:26 - 2013-10-11 16:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-16 07:26 - 2013-10-11 15:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-11-16 07:26 - 2013-10-11 14:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-16 07:26 - 2013-10-11 14:04 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-11-16 07:26 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-11-16 07:26 - 2013-10-10 17:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-16 07:26 - 2013-10-10 17:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-16 07:26 - 2013-10-10 17:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-16 07:26 - 2013-10-10 17:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-16 07:26 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-11-16 07:26 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-11-16 07:26 - 2013-10-10 12:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-16 07:26 - 2013-10-10 12:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-16 07:26 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2013-11-16 07:26 - 2013-10-10 11:40 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-16 07:26 - 2013-10-10 11:19 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-16 07:26 - 2013-10-09 06:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-16 07:26 - 2013-10-08 12:07 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-11-16 07:26 - 2013-10-08 11:28 - 00523096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-16 07:26 - 2013-10-08 11:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-16 07:26 - 2013-10-08 07:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-16 07:26 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2013-11-16 07:26 - 2013-10-08 06:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-16 07:26 - 2013-10-08 06:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-16 07:26 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-11-16 07:26 - 2013-10-08 06:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-16 07:26 - 2013-10-08 05:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-16 07:26 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2013-11-16 07:26 - 2013-10-07 08:21 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-16 07:26 - 2013-10-07 08:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-16 07:26 - 2013-10-07 03:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-16 07:26 - 2013-10-05 16:25 - 00371032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-11-16 07:26 - 2013-10-05 16:25 - 00057176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-16 07:26 - 2013-10-05 15:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-16 07:26 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2013-11-16 07:26 - 2013-10-05 12:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-16 07:26 - 2013-10-05 10:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-16 07:26 - 2013-10-05 10:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-16 07:26 - 2013-10-05 10:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-16 07:26 - 2013-10-05 09:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-16 07:26 - 2013-10-05 09:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-16 07:26 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2013-11-16 07:26 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll
2013-11-16 07:26 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-11-16 07:26 - 2013-10-05 09:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-16 07:26 - 2013-10-05 08:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-16 07:26 - 2013-10-05 08:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-16 07:26 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-16 07:26 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-11-16 07:26 - 2013-10-04 09:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-16 07:26 - 2013-09-19 06:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-16 07:26 - 2013-09-17 10:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-16 07:26 - 2013-09-17 10:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-16 07:26 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-11-16 07:26 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-11-16 07:26 - 2013-09-17 05:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-16 07:26 - 2013-09-14 15:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-16 07:26 - 2013-09-14 15:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-16 07:26 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2013-11-16 07:26 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2013-11-16 07:26 - 2013-09-14 11:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-16 07:26 - 2013-09-14 10:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-16 07:26 - 2013-09-13 09:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-16 07:26 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe
2013-11-16 07:26 - 2013-09-12 09:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-16 07:26 - 2013-09-12 09:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-16 07:26 - 2013-09-12 09:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-16 07:26 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2013-11-16 07:26 - 2013-09-12 08:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-16 07:26 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2013-11-16 07:26 - 2013-09-12 08:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-16 07:26 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2013-11-16 07:26 - 2013-09-12 08:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-16 07:26 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2013-11-16 07:26 - 2013-09-11 13:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-16 07:26 - 2013-09-10 06:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-16 07:26 - 2013-09-10 05:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-16 07:26 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2013-11-16 07:23 - 2013-11-05 21:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-16 07:23 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-16 07:23 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-16 07:23 - 2013-11-05 17:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-16 07:23 - 2013-11-05 15:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-16 07:23 - 2013-11-05 15:29 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-16 07:23 - 2013-10-10 12:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-16 07:23 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2013-11-16 07:23 - 2013-10-10 11:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-16 07:23 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2013-11-15 20:11 - 2013-11-15 20:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 22:35 - 2013-10-19 09:08 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-13 22:35 - 2013-10-19 07:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-11-13 22:35 - 2013-10-19 07:02 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-13 22:35 - 2013-10-19 06:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-13 22:35 - 2013-10-19 06:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-13 22:35 - 2013-10-19 06:10 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-13 22:35 - 2013-10-19 05:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-11-13 22:35 - 2013-10-19 05:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-11-13 22:35 - 2013-10-19 05:37 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-13 22:35 - 2013-10-19 05:31 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-13 22:35 - 2013-10-19 04:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-11-13 22:35 - 2013-10-19 04:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-11-13 22:35 - 2013-10-19 04:53 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-13 22:35 - 2013-10-19 04:23 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-13 22:35 - 2013-10-19 04:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-11-13 22:35 - 2013-10-19 04:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-11-13 22:35 - 2013-10-13 03:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-13 22:35 - 2013-10-12 22:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-13 22:35 - 2013-10-12 22:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-13 22:35 - 2013-10-05 15:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-13 22:35 - 2013-10-05 09:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-11-13 22:34 - 2013-11-13 22:34 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-11-13 22:34 - 2013-11-13 22:34 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-11-13 22:34 - 2013-10-16 16:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-13 22:34 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-11-08 19:26 - 2013-11-09 01:14 - 00000000 ____D C:\Users\Christian\AppData\Roaming\TS3Client
2013-11-08 19:26 - 2013-11-08 19:26 - 00000816 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-11-08 19:25 - 2013-11-08 19:25 - 32520760 _____ (TeamSpeak Systems GmbH) C:\Users\Christian\Downloads\TeamSpeak3-Client-win64-3.0.13.1.exe
2013-11-07 13:23 - 2013-11-07 16:20 - 00000000 ____D C:\Users\Christian\AppData\Local\SCE
2013-11-07 13:23 - 2013-11-07 13:23 - 00001422 _____ C:\Users\Christian\Desktop\DC Universe Online PSG.lnk
2013-11-07 13:23 - 2013-11-07 13:23 - 00001422 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online PSG.lnk
2013-11-07 13:23 - 2013-11-07 13:23 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2013-11-07 13:22 - 2013-11-07 13:22 - 21925099 _____ C:\Users\Christian\Downloads\DCUO_PSG_setup.exe
2013-11-05 15:26 - 2013-11-05 15:26 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-11-04 20:11 - 2013-11-04 20:11 - 00002039 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-11-04 20:11 - 2013-11-04 20:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-04 20:10 - 2013-11-04 20:11 - 00000000 ____D C:\ProgramData\Adobe
2013-11-04 12:36 - 2013-11-04 12:36 - 00000000 ____D C:\Users\Christian\AppData\Roaming\DisneyInteractiveStudios
2013-11-04 12:27 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2013-11-04 12:27 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2013-11-04 12:27 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2013-11-04 12:27 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2013-11-04 12:27 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2013-11-04 12:27 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2013-11-04 12:27 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2013-11-04 12:27 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2013-11-04 12:27 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2013-11-04 12:27 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2013-11-04 12:27 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2013-11-04 12:27 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2013-11-04 12:27 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2013-11-04 12:27 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2013-11-04 12:27 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2013-11-04 12:27 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2013-11-04 12:27 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2013-11-04 12:27 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2013-11-04 12:27 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2013-11-04 12:27 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2013-11-04 12:27 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2013-11-04 12:27 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2013-11-04 12:27 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2013-11-04 12:27 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2013-11-04 12:27 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2013-11-04 12:27 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2013-11-04 12:27 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2013-11-04 12:27 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2013-11-04 12:27 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2013-11-04 12:27 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2013-11-04 12:27 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2013-11-04 12:27 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2013-11-04 12:27 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2013-11-04 12:27 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2013-11-04 12:27 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2013-11-04 12:27 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2013-11-04 12:27 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2013-11-04 12:27 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2013-11-04 12:27 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2013-11-04 12:27 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2013-11-04 12:27 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2013-11-04 12:27 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2013-11-04 12:27 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2013-11-04 12:27 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2013-11-04 12:27 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2013-11-04 12:27 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2013-11-04 12:27 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2013-11-04 12:27 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2013-11-04 12:27 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2013-11-04 12:27 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2013-11-04 12:27 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2013-11-04 12:27 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2013-11-04 12:27 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2013-11-04 12:27 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2013-11-04 12:27 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2013-11-04 12:27 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2013-11-04 12:27 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2013-11-04 12:27 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2013-11-04 12:27 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2013-11-04 12:27 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2013-11-04 12:27 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2013-11-04 12:27 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2013-11-04 12:27 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2013-11-04 12:27 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2013-10-29 09:42 - 2013-10-29 09:42 - 00001795 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Program Files\iTunes
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Program Files\iPod
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-29 09:18 - 2013-10-23 12:01 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-10-29 09:18 - 2013-10-23 09:59 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-10-28 13:08 - 2013-10-28 13:08 - 00001878 _____ C:\Users\Public\Desktop\Data Migration.lnk
2013-10-28 12:42 - 2013-10-28 12:42 - 00000000 ____D C:\ProgramData\ATI
2013-10-28 12:39 - 2013-10-28 12:39 - 12043631 _____ C:\Users\Christian\Downloads\Samsung_Data_Migration_v251_Setup.zip
2013-10-28 12:39 - 2013-10-28 12:39 - 00001245 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2013-10-28 12:38 - 2013-10-28 13:08 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-10-28 12:38 - 2013-10-28 12:38 - 00000000 ____D C:\ProgramData\Samsung
2013-10-28 12:37 - 2013-10-28 12:37 - 00000000 ____D C:\Users\Christian\AppData\Roaming\library_dir
2013-10-28 12:36 - 2013-10-28 12:40 - 00000000 ____D C:\Program Files (x86)\Raptr
2013-10-28 12:36 - 2013-10-28 12:36 - 00061335 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310281236357018.log
2013-10-28 12:36 - 2013-10-28 12:36 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-28 12:34 - 2013-10-28 12:36 - 00000000 ____D C:\Program Files\ATI Technologies
2013-10-28 12:31 - 2013-10-28 12:31 - 00060544 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310281231428462.log
2013-10-28 12:27 - 2013-10-28 12:30 - 252689624 _____ (AMD Inc.) C:\Users\Christian\Downloads\AMD_Catalyst_13.11_BetaV6.exe
2013-10-26 19:03 - 2013-11-25 06:33 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp

==================== One Month Modified Files and Folders =======

2013-11-25 10:10 - 2013-11-25 10:04 - 00008387 _____ C:\Users\Christian\Desktop\FRST.txt
2013-11-25 10:04 - 2013-11-25 10:04 - 00000000 ____D C:\FRST
2013-11-25 10:03 - 2013-11-25 10:02 - 01958440 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2013-11-25 10:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-11-25 09:57 - 2013-10-18 07:11 - 01146060 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-25 09:33 - 2013-11-25 09:33 - 00115398 _____ C:\Users\Christian\Desktop\OTL.Txt
2013-11-25 09:24 - 2013-11-25 09:24 - 00602112 _____ (OldTimer Tools) C:\Users\Christian\Desktop\OTL.exe
2013-11-25 08:42 - 2013-10-12 16:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-25 08:42 - 2013-10-08 15:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-25 06:37 - 2013-09-30 05:14 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-25 06:37 - 2013-09-30 04:58 - 00765378 _____ C:\WINDOWS\system32\perfh007.dat
2013-11-25 06:37 - 2013-09-30 04:58 - 00159696 _____ C:\WINDOWS\system32\perfc007.dat
2013-11-25 06:36 - 2013-10-18 07:19 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9220F76-4E39-4A63-A3D2-4B3C85C214C3}
2013-11-25 06:36 - 2013-10-18 07:17 - 00000000 __RDO C:\Users\Christian\SkyDrive
2013-11-25 06:33 - 2013-10-26 19:03 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2013-11-25 06:33 - 2013-10-08 14:46 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2013-11-25 06:33 - 2013-09-29 20:05 - 00024128 _____ C:\WINDOWS\PFRO.log
2013-11-25 06:33 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-24 22:16 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2013-11-23 15:10 - 2013-10-08 12:34 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2644511551-1930223723-4090980507-1001
2013-11-23 15:03 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-11-21 08:21 - 2013-10-08 17:41 - 00000000 ____D C:\Users\Christian\AppData\Local\Adobe
2013-11-16 17:15 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-11-16 15:15 - 2013-10-08 12:27 - 00000000 ___RD C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-16 15:15 - 2013-10-08 12:27 - 00000000 ___RD C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-16 15:14 - 2013-08-22 15:44 - 00346616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-11-16 13:06 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-11-16 13:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-16 13:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\migwiz
2013-11-16 13:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-15 20:11 - 2013-11-15 20:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 12:50 - 2013-10-08 12:46 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-11-14 12:50 - 2013-10-08 12:46 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-11-14 12:15 - 2013-10-08 12:26 - 00000000 ____D C:\Users\Christian\AppData\Local\Packages
2013-11-14 07:07 - 2013-10-08 12:40 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-14 07:07 - 2013-10-08 12:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-13 22:34 - 2013-11-13 22:34 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-11-13 22:34 - 2013-11-13 22:34 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-11-13 08:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-11-13 08:38 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2013-11-09 01:14 - 2013-11-08 19:26 - 00000000 ____D C:\Users\Christian\AppData\Roaming\TS3Client
2013-11-08 19:26 - 2013-11-08 19:26 - 00000816 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2013-11-08 19:25 - 2013-11-08 19:25 - 32520760 _____ (TeamSpeak Systems GmbH) C:\Users\Christian\Downloads\TeamSpeak3-Client-win64-3.0.13.1.exe
2013-11-07 16:20 - 2013-11-07 13:23 - 00000000 ____D C:\Users\Christian\AppData\Local\SCE
2013-11-07 16:20 - 2013-10-13 11:22 - 00000000 ____D C:\Users\Christian\Documents\My Games
2013-11-07 13:23 - 2013-11-07 13:23 - 00001422 _____ C:\Users\Christian\Desktop\DC Universe Online PSG.lnk
2013-11-07 13:23 - 2013-11-07 13:23 - 00001422 _____ C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online PSG.lnk
2013-11-07 13:23 - 2013-11-07 13:23 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2013-11-07 13:22 - 2013-11-07 13:22 - 21925099 _____ C:\Users\Christian\Downloads\DCUO_PSG_setup.exe
2013-11-06 00:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-11-06 00:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-05 21:21 - 2013-11-16 07:23 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-05 19:51 - 2013-11-16 07:23 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-05 17:20 - 2013-11-16 07:23 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-05 17:11 - 2013-11-16 07:23 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-05 15:30 - 2013-11-16 07:23 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-05 15:29 - 2013-11-16 07:23 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-05 15:26 - 2013-11-05 15:26 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-11-04 20:11 - 2013-11-04 20:11 - 00002039 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-11-04 20:11 - 2013-11-04 20:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-11-04 20:11 - 2013-11-04 20:10 - 00000000 ____D C:\ProgramData\Adobe
2013-11-04 12:36 - 2013-11-04 12:36 - 00000000 ____D C:\Users\Christian\AppData\Roaming\DisneyInteractiveStudios
2013-10-29 09:42 - 2013-10-29 09:42 - 00001795 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Program Files\iTunes
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Program Files\iPod
2013-10-29 09:42 - 2013-10-29 09:42 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-28 13:08 - 2013-10-28 13:08 - 00001878 _____ C:\Users\Public\Desktop\Data Migration.lnk
2013-10-28 13:08 - 2013-10-28 12:38 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-10-28 13:08 - 2013-10-08 14:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-28 12:42 - 2013-10-28 12:42 - 00000000 ____D C:\ProgramData\ATI
2013-10-28 12:40 - 2013-10-28 12:36 - 00000000 ____D C:\Program Files (x86)\Raptr
2013-10-28 12:39 - 2013-10-28 12:39 - 12043631 _____ C:\Users\Christian\Downloads\Samsung_Data_Migration_v251_Setup.zip
2013-10-28 12:39 - 2013-10-28 12:39 - 00001245 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2013-10-28 12:38 - 2013-10-28 12:38 - 00000000 ____D C:\ProgramData\Samsung
2013-10-28 12:37 - 2013-10-28 12:37 - 00000000 ____D C:\Users\Christian\AppData\Roaming\library_dir
2013-10-28 12:36 - 2013-10-28 12:36 - 00061335 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310281236357018.log
2013-10-28 12:36 - 2013-10-28 12:36 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-28 12:36 - 2013-10-28 12:34 - 00000000 ____D C:\Program Files\ATI Technologies
2013-10-28 12:36 - 2013-10-08 13:47 - 00000000 ____D C:\ProgramData\AMD
2013-10-28 12:36 - 2013-10-08 13:46 - 00000000 ____D C:\AMD
2013-10-28 12:36 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-28 12:36 - 2013-08-22 15:46 - 00293639 _____ C:\WINDOWS\setupact.log
2013-10-28 12:31 - 2013-10-28 12:31 - 00060544 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310281231428462.log
2013-10-28 12:30 - 2013-10-28 12:27 - 252689624 _____ (AMD Inc.) C:\Users\Christian\Downloads\AMD_Catalyst_13.11_BetaV6.exe

Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\avgnt.exe
C:\Users\Christian\AppData\Local\Temp\raptrpatch.exe
C:\Users\Christian\AppData\Local\Temp\raptr_stub.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2013-11-16 07:26] - [2013-10-22 08:55] - 2328872 ____A (Microsoft Corporation) 63DC38C3E4564B2405D562855643ABA2

C:\Windows\SysWOW64\explorer.exe
[2013-11-16 07:26] - [2013-10-22 07:03] - 2065448 ____A (Microsoft Corporation) 1A0BC9598E4A58FC84570FFF5A108E58

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll
[2013-11-16 07:26] - [2013-10-22 03:38] - 1362944 ____A (Microsoft Corporation) C72456BFFE941714CF05B0AA0BEE5B45

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-25 06:47

==================== End Of Log ============================
--- --- ---

schrauber 25.11.2013 12:43
hi,

wurde der Inhalt des Zips nach entpacken ausgeführt?

zuli 25.11.2013 13:32
hi,

ich wollte entpacken, bekam aber sofort die Meldung, wurde also nicht weiter ausgeführt.

schrauber 26.11.2013 09:54
Dann ist alles gut :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:33 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131