Trojaner an Bord....

schrauber · 28.01.2014, 15:39

Frisches FRST log fehlt

bwoi · 30.01.2014, 09:39

[CODE]

[/CO
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Bruno Woitke (administrator) on BRUNOWOITKE-PC on 30-01-2014 09:36:59
Running from C:\Users\Bruno Woitke\AppData\Local\Temp\omd6lkoh.tmp
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apple_KbdMgr] - C:\Program Files\Boot Camp\Bootcamp.exe [741760 2011-06-29] (Apple Inc.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-25] (AVAST Software)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\9894c27f-ee7a-4924-9405-99686dd35c40.exe /check [181136 2014-01-30] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [EPSON SX125 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
MountPoints2: {c7d73c29-41f8-11e2-a3ac-3451c9f073a2} - G:\LaunchU3.exe -a
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28064DAE75CBCE01
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-12-26]
FF Extension: avast! Ad Blocker - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-25]

==================== Services (Whitelisted) =================

R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224640 2011-06-29] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-25] (AVAST Software)
R2 hasplms; C:\Windows\system32\hasplms.exe [4883400 2011-10-18] (SafeNet Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-01-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-25] ()
S3 dgderdrv; C:\Windows\SysWOW64\drivers\dgderdrv.sys [20032 2013-06-14] (Devguru Co., Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R1 MpKsl435dbe5c; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7FE93D0E-A651-414B-8519-27ADBBE9E2B6}\MpKsl435dbe5c.sys [46768 2014-01-30] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-09] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-01-25] (Duplex Secure Ltd.)
S3 tmbulk; C:\Windows\System32\Drivers\tmbulk.sys [77312 2011-01-12] (© Guillemot R&D, 2011. All rights reserved.)
S3 TmBusEn; C:\Windows\System32\DRIVERS\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation)
S3 TmFilter; C:\Windows\System32\DRIVERS\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation)
S3 TmHid; C:\Windows\System32\DRIVERS\TmHid.sys [24704 2011-01-26] (Guillemot Corporation)
U3 ate76ly5; C:\Windows\System32\Drivers\ate76ly5.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-27 22:06 - 2014-01-29 22:01 - 00000000 ____D C:\Users\Bruno Woitke\Desktop\FRST-OlderVersion
2014-01-27 15:01 - 2014-01-29 23:12 - 00001838 _____ C:\sc-cleaner.txt
2014-01-27 14:49 - 2014-01-27 14:49 - 00000000 ____D C:\Windows\ERUNT
2014-01-27 13:56 - 2014-01-27 13:56 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-01-27 11:55 - 2014-01-27 11:55 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Bruno Woitke\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-27 08:02 - 2014-01-27 11:45 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2014-01-27 08:02 - 2014-01-27 08:02 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-01-27 07:32 - 2014-01-27 07:32 - 00000000 _____ C:\autoexec.bat
2014-01-27 07:31 - 2014-01-27 07:38 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-26 17:37 - 2014-01-26 17:38 - 00000000 ____D C:\Program Files (x86)\Windows Live
2014-01-26 17:37 - 2014-01-26 17:37 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-26 17:37 - 2014-01-26 17:37 - 00000000 ____D C:\Program Files\Windows Live
2014-01-26 17:29 - 2014-01-26 17:29 - 00000363 _____ C:\Windows\DirectX.log
2014-01-26 17:28 - 2014-01-26 17:28 - 00002211 _____ C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 17:28 - 2014-01-26 17:28 - 00002088 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 17:28 - 2014-01-26 17:28 - 00002088 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 17:28 - 2014-01-26 17:28 - 00000000 ___RD C:\Users\Bruno Woitke\SkyDrive
2014-01-26 17:28 - 2014-01-26 17:28 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2014-01-26 17:28 - 2014-01-26 17:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 15:03 - 2014-01-27 21:41 - 00000000 ____D C:\AdwCleaner
2014-01-26 13:37 - 2014-01-26 13:37 - 00000000 ____D C:\Program Files\Microsoft Security Client
2014-01-26 13:37 - 2014-01-26 13:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2014-01-26 10:31 - 2014-01-27 15:57 - 00000000 ____D C:\Users\Bruno Woitke\Downloads\FRST
2014-01-26 10:30 - 2014-01-26 10:30 - 00042539 _____ C:\Windows\SysWOW64\FRST.txt
2014-01-25 14:39 - 2014-01-25 14:39 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2014-01-25 13:31 - 2014-01-25 13:31 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2014-01-25 13:15 - 2014-01-25 13:21 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\DAEMON Tools Lite
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2014-01-25 13:14 - 2014-01-25 13:15 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-25 13:05 - 2014-01-25 13:05 - 00000444 __RSH C:\Users\Bruno Woitke\ntuser.pol
2014-01-25 10:24 - 2014-01-25 10:24 - 01977432 _____ C:\Users\Bruno Woitke\Downloads\winrar-x64-501.exe
2014-01-25 08:26 - 2014-01-25 08:26 - 00512784 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avastclear_9.0.2013.exe
2014-01-25 00:17 - 2014-01-25 00:17 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\AVAST Software
2014-01-25 00:16 - 2014-01-25 00:16 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 00:16 - 2014-01-25 00:16 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 00:16 - 2014-01-25 00:16 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-25 00:12 - 2014-01-25 00:15 - 126784568 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avast_internet_security_setup.exe
2014-01-25 00:12 - 2014-01-25 00:12 - 00001651 _____ C:\Users\Bruno Woitke\Downloads\License.avastlic
2014-01-25 00:06 - 2014-01-27 13:02 - 00439784 _____ C:\Windows\PFRO.log
2014-01-24 23:51 - 2014-01-30 09:14 - 00001232 _____ C:\Windows\setupact.log
2014-01-24 23:51 - 2014-01-24 23:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-24 19:38 - 2014-01-25 10:24 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-24 16:07 - 2014-01-25 00:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-24 07:49 - 2014-01-30 09:36 - 00000000 ____D C:\FRST
2014-01-23 16:35 - 2014-01-23 16:34 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Secunia PSI
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Malwarebytes
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-23 12:15 - 2014-01-23 12:15 - 00000000 ____D C:\ProgramData\GridinSoft
2014-01-23 09:23 - 2014-01-23 09:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-23 09:22 - 2014-01-23 09:36 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-21 16:57 - 2014-01-21 16:57 - 00000000 ____D C:\YOUR_XPLANE_ROOT_FOLDER
2014-01-20 12:09 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-20 12:09 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-20 12:09 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-01-20 12:09 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-20 12:09 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-20 12:09 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-20 12:09 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-20 12:09 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-20 12:09 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-20 12:09 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-20 12:09 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-20 12:09 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-20 12:09 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-20 12:09 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-20 12:09 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-20 12:09 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-20 12:09 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-20 12:09 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-20 12:09 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-20 12:09 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-20 12:09 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-20 12:09 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-20 12:09 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-20 12:09 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-20 12:09 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-16 20:47 - 2014-01-16 20:47 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 20:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-16 20:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-16 20:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-16 20:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-16 20:31 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 20:31 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 20:31 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

2014-01-30 09:36 - 2014-01-24 07:49 - 00000000 ____D C:\FRST
2014-01-30 09:22 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-30 09:22 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-30 09:18 - 2012-04-18 13:38 - 01606607 _____ C:\Windows\WindowsUpdate.log
2014-01-30 09:15 - 2012-02-18 15:46 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Skype
2014-01-30 09:14 - 2014-01-24 23:51 - 00001232 _____ C:\Windows\setupact.log
2014-01-30 09:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-29 23:12 - 2014-01-27 15:01 - 00001838 _____ C:\sc-cleaner.txt
2014-01-29 23:03 - 2012-03-29 20:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-29 22:01 - 2014-01-27 22:06 - 00000000 ____D C:\Users\Bruno Woitke\Desktop\FRST-OlderVersion
2014-01-29 21:59 - 2011-12-20 21:12 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Windows Live
2014-01-27 22:26 - 2012-03-04 09:20 - 00000000 ____D C:\Program Files (x86)\Samsung
2014-01-27 22:26 - 2011-12-18 16:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-27 21:41 - 2014-01-26 15:03 - 00000000 ____D C:\AdwCleaner
2014-01-27 16:41 - 2013-10-02 20:55 - 00000000 ____D C:\Users\Bruno Woitke\Documents\samsung
2014-01-27 15:58 - 2011-12-18 16:36 - 00000000 ____D C:\Users\Bruno Woitke
2014-01-27 15:57 - 2014-01-26 10:31 - 00000000 ____D C:\Users\Bruno Woitke\Downloads\FRST
2014-01-27 14:49 - 2014-01-27 14:49 - 00000000 ____D C:\Windows\ERUNT
2014-01-27 13:56 - 2014-01-27 13:56 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-01-27 13:02 - 2014-01-25 00:06 - 00439784 _____ C:\Windows\PFRO.log
2014-01-27 11:55 - 2014-01-27 11:55 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Bruno Woitke\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-27 11:45 - 2014-01-27 08:02 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2014-01-27 08:02 - 2014-01-27 08:02 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-01-27 07:38 - 2014-01-27 07:31 - 00000000 ____D C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-01-27 07:32 - 2014-01-27 07:32 - 00000000 _____ C:\autoexec.bat
2014-01-26 17:38 - 2014-01-26 17:37 - 00000000 ____D C:\Program Files (x86)\Windows Live
2014-01-26 17:37 - 2014-01-26 17:37 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-26 17:37 - 2014-01-26 17:37 - 00000000 ____D C:\Program Files\Windows Live
2014-01-26 17:37 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-26 17:29 - 2014-01-26 17:29 - 00000363 _____ C:\Windows\DirectX.log
2014-01-26 17:28 - 2014-01-26 17:28 - 00002211 _____ C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 17:28 - 2014-01-26 17:28 - 00002088 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 17:28 - 2014-01-26 17:28 - 00002088 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2014-01-26 17:28 - 2014-01-26 17:28 - 00000000 ___RD C:\Users\Bruno Woitke\SkyDrive
2014-01-26 17:28 - 2014-01-26 17:28 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2014-01-26 17:28 - 2014-01-26 17:28 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive
2014-01-26 15:07 - 2013-03-27 10:54 - 00001017 _____ C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-26 14:37 - 2012-03-25 10:57 - 00000073 _____ C:\Users\Bruno Woitke\AppData\Local\X-Plane_drm.prf
2014-01-26 13:37 - 2014-01-26 13:37 - 00000000 ____D C:\Program Files\Microsoft Security Client
2014-01-26 13:37 - 2014-01-26 13:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2014-01-26 13:37 - 2013-11-17 16:28 - 00001912 _____ C:\Windows\epplauncher.mif
2014-01-26 10:30 - 2014-01-26 10:30 - 00042539 _____ C:\Windows\SysWOW64\FRST.txt
2014-01-25 14:39 - 2014-01-25 14:39 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2014-01-25 13:31 - 2014-01-25 13:31 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2014-01-25 13:21 - 2014-01-25 13:15 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\DAEMON Tools Lite
2014-01-25 13:19 - 2011-12-18 21:56 - 00000080 _____ C:\Users\Bruno Woitke\AppData\Local\X-Plane Installer.prf
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2014-01-25 13:15 - 2014-01-25 13:14 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-25 13:15 - 2011-12-31 12:42 - 00381440 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-01-25 13:05 - 2014-01-25 13:05 - 00000444 __RSH C:\Users\Bruno Woitke\ntuser.pol
2014-01-25 13:05 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2014-01-25 13:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2014-01-25 10:24 - 2014-01-25 10:24 - 01977432 _____ C:\Users\Bruno Woitke\Downloads\winrar-x64-501.exe
2014-01-25 10:24 - 2014-01-24 19:38 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-25 10:24 - 2013-03-01 07:42 - 00000000 ____D C:\Program Files\WinRAR
2014-01-25 08:26 - 2014-01-25 08:26 - 00512784 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avastclear_9.0.2013.exe
2014-01-25 00:31 - 2014-01-24 16:07 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-25 00:17 - 2014-01-25 00:17 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\AVAST Software
2014-01-25 00:16 - 2014-01-25 00:16 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 00:16 - 2014-01-25 00:16 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 00:16 - 2014-01-25 00:16 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-25 00:15 - 2014-01-25 00:12 - 126784568 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avast_internet_security_setup.exe
2014-01-25 00:15 - 2011-12-18 21:27 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-25 00:12 - 2014-01-25 00:12 - 00001651 _____ C:\Users\Bruno Woitke\Downloads\License.avastlic
2014-01-24 23:51 - 2014-01-24 23:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-24 23:47 - 2011-12-18 16:25 - 00000000 ____D C:\Windows\Panther
2014-01-24 21:33 - 2012-11-21 09:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-24 18:48 - 2013-12-26 12:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-24 16:13 - 2011-12-18 21:29 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2014-01-24 16:01 - 2011-12-21 19:25 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Google
2014-01-24 16:01 - 2011-12-21 19:25 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-24 15:42 - 2011-12-19 20:04 - 00000000 ____D C:\Users\Public\Documents\Avast Rechnung
2014-01-24 14:48 - 2011-12-18 16:36 - 00000000 ___RD C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 12:50 - 2012-09-26 18:30 - 00000000 ____D C:\Program Files (x86)\DIABASS5
2014-01-23 16:38 - 2012-09-14 10:25 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2014-01-23 16:35 - 2012-03-29 20:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-23 16:35 - 2012-03-29 20:00 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-23 16:35 - 2011-12-18 23:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-23 16:34 - 2014-01-23 16:35 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 16:34 - 2011-12-20 16:28 - 00000000 ____D C:\Program Files\Java
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Secunia PSI
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-23 13:11 - 2013-12-30 09:34 - 00000000 ____D C:\ProgramData\Updater
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Malwarebytes
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-23 12:15 - 2014-01-23 12:15 - 00000000 ____D C:\ProgramData\GridinSoft
2014-01-23 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-23 09:36 - 2014-01-23 09:22 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-23 09:23 - 2014-01-23 09:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-23 06:58 - 2011-04-12 08:43 - 00713556 _____ C:\Windows\system32\perfh007.dat
2014-01-23 06:58 - 2011-04-12 08:43 - 00155492 _____ C:\Windows\system32\perfc007.dat
2014-01-23 06:58 - 2009-07-14 06:13 - 01658748 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-21 16:57 - 2014-01-21 16:57 - 00000000 ____D C:\YOUR_XPLANE_ROOT_FOLDER
2014-01-21 13:49 - 2011-12-18 23:03 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Adobe
2014-01-20 12:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-20 11:57 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-16 20:52 - 2009-07-14 05:45 - 00419352 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 20:50 - 2013-10-26 10:56 - 00000000 ____D C:\ProgramData\Oracle
2014-01-16 20:47 - 2014-01-16 20:47 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 20:47 - 2013-06-25 11:45 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-16 20:36 - 2013-07-26 15:06 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 20:36 - 2011-12-27 18:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 20:34 - 2011-12-18 18:05 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-08 12:40 - 2012-02-17 18:04 - 00000147 _____ C:\Users\Bruno Woitke\AppData\Local\x-plane_install_10.txt
2014-01-07 12:23 - 2013-11-23 18:04 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

Some content of TEMP:
====================
C:\Users\Bruno Woitke\AppData\Local\Temp\AdwCleaner.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\Installer_Windows.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\Quarantine.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\SHSetup.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn[1].exe
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite18043.dll
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite50149.dll
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite74442.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-23 10:08

==================== End Of Log ============================

--- --- ---
DE]

Hatte ich vergessen ..
Gruß Bruno

schrauber · 31.01.2014, 08:00

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

bwoi · 31.01.2014, 14:14

Hallo,
nachdem ich jetzt den ESET Scanner beobachte muß ich festellen, daß er nach dem Scan auf C jetzt auf E meinen i Mac scannt.

Was soll das bringen, ESET hat dort doch nichts zu suchen ist doch ein seperates System von Mac OS X und dauert überdies sehr lange !

Auf C hatte er gleich zu Beginn des Scanvorgangs ein Resultat : a variant of Win32/Adware Yontoo B application gefunden...!

Vorher hatte ich weder mit dem bezahlten - Antivirus Avast, noch mit dem Microsoft Essentials einen negativen Befund !

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
avast! Internet Security        
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Java 7 Update 51  
  Adobe Flash Player 12.0.0.43 Flash Player out of Date!  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (26.0) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
avast! Internet Security        
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Java 7 Update 51  
  Adobe Flash Player 12.0.0.43 Flash Player out of Date!  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (26.0) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Hallo Schreiber,
ich habe nochmals mit Antivirus Avast und Essenstials erfolgreich geprüft, war also nichts bedrohliches mehr da, auch schon vor dem letzeten Security- San, den ESET hatte ich abgebrochen weil er meine Mac Festplatte belästigt hatte ! :-)

Doch nach Überlegung habe ich dieses ganze "Vista Unvollkommenheit" in die Tonne geschmissen, bin jetzt wieder auf meinem Mac OS X wo ich über 15 Jahre nicht ein einziges Problem hatte!

Dieses ständige reparieren, suchen von irgendwelchen Viren Trojanern usw mit vielen Tools, dafür habe ich keine Zeit und keine Nerven !

Danke aber trotzdem für die Erkenntnis bzgl. anderer PC Problematiken :-) !

schrauber · 01.02.2014, 11:07

28.01.2014, 15:39	#16
schrauber /// the machine /// TB-Ausbilder	Trojaner an Bord.... Frisches FRST log fehlt __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

01.02.2014, 11:07	#20
schrauber /// the machine /// TB-Ausbilder	Trojaner an Bord.... ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Trojaner an Bord....

Plagegeister aller Art und deren Bekämpfung: Trojaner an Bord....

Trojaner an Bord....

Trojaner an Bord....

Trojaner an Bord....

Trojaner an Bord....

Trojaner an Bord....

Ähnliche Themen: Trojaner an Bord....