FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 01
Ran by Bruno Woitke (administrator) on BRUNOWOITKE-PC on 26-01-2014 10:01:21
Running from C:\Users\Bruno Woitke\AppData\Local\Temp\6s1fkw6i.tmp
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\Users\Bruno Woitke\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apple_KbdMgr] - C:\Program Files\Boot Camp\Bootcamp.exe [741760 2011-06-29] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-25] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [EPSON SX125 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
MountPoints2: {c7d73c29-41f8-11e2-a3ac-3451c9f073a2} - G:\LaunchU3.exe -a
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => File Not Found
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28064DAE75CBCE01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10028&barid={2EB3139A-5F2B-11E2-B30A-3451C9F073A2}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.searchplusnetwork.com/?sp=st3&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119656&babsrc=SP_ss&mntrId=3EAF2654530AAE4E
SearchScopes: HKCU - {226E4D82-07F6-44AF-A13E-624E89A8787E} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=3eaf69970000000000002654530aae4e&toi=16095&r=209
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0CC91768-17B1-4F44-8D99-F916EA8CCE88}&mid=62651be1608c47d1a5d2e5188f149a51-003f5cbffa1e8d212e85183bcd3a0a8217f03ea3&lang=de&ds=tt014&pr=sa&d=2011-12-24 22:28:31&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKCU - {D9D2E472-C2FD-48F8-B29A-028C42606DAD} URL = hxxp://suche.aol.de/aol/search?s_it=tb50winamp&q={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10028&barid={2EB3139A-5F2B-11E2-B30A-3451C9F073A2}
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No File
BHO-x32: StumbleUpon - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\Bruno Woitke\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No File
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829
FF user.js: detected! => C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\user.js
FF Homepage: hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&SSPV=
FF SelectedSearchEngine: Conduit Search
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo! Toolbar - C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-01-23]
FF Extension: Speed Analysis 2 - C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\Extensions\speedanalysis02@SpeedAnalysis.com.xpi [2013-10-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-12-26]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-25]
FF HKCU\...\Firefox\Extensions: [specialsavings@superfish.com] - C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles/mwhfc4po.default\extensions\specialsavings@superfish.com
==================== Services (Whitelisted) =================
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224640 2011-06-29] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-25] (AVAST Software)
R2 hasplms; C:\Windows\system32\hasplms.exe [4883400 2011-10-18] (SafeNet Inc.)
R2 StumbleUponUpdater; C:\Users\Bruno Woitke\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-12-30] (Taiwan Shui Mu Chih Ching Technology Limited.)
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-01-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-25] ()
S3 dgderdrv; C:\Windows\SysWOW64\drivers\dgderdrv.sys [20032 2013-06-14] (Devguru Co., Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-09] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-01-25] (Duplex Secure Ltd.)
S3 tmbulk; C:\Windows\System32\Drivers\tmbulk.sys [77312 2011-01-12] (© Guillemot R&D, 2011. All rights reserved.)
S3 TmBusEn; C:\Windows\System32\DRIVERS\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation)
S3 TmFilter; C:\Windows\System32\DRIVERS\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation)
S3 TmHid; C:\Windows\System32\DRIVERS\TmHid.sys [24704 2011-01-26] (Guillemot Corporation)
U3 abfjjhdq; C:\Windows\System32\Drivers\abfjjhdq.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-25 14:39 - 2014-01-25 14:39 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2014-01-25 13:31 - 2014-01-25 13:31 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2014-01-25 13:15 - 2014-01-25 13:21 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\DAEMON Tools Lite
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2014-01-25 13:14 - 2014-01-25 13:15 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-25 13:05 - 2014-01-25 13:05 - 00000444 __RSH C:\Users\Bruno Woitke\ntuser.pol
2014-01-25 12:54 - 2014-01-25 13:15 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\OpenCandy
2014-01-25 10:24 - 2014-01-25 10:24 - 01977432 _____ C:\Users\Bruno Woitke\Downloads\winrar-x64-501.exe
2014-01-25 08:26 - 2014-01-25 08:26 - 00512784 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avastclear_9.0.2013.exe
2014-01-25 00:17 - 2014-01-25 00:17 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\AVAST Software
2014-01-25 00:16 - 2014-01-25 00:16 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 00:16 - 2014-01-25 00:16 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 00:16 - 2014-01-25 00:16 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-25 00:12 - 2014-01-25 00:15 - 126784568 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avast_internet_security_setup.exe
2014-01-25 00:12 - 2014-01-25 00:12 - 00001651 _____ C:\Users\Bruno Woitke\Downloads\License.avastlic
2014-01-25 00:06 - 2014-01-25 13:17 - 00431474 _____ C:\Windows\PFRO.log
2014-01-24 23:51 - 2014-01-26 08:54 - 00000392 _____ C:\Windows\setupact.log
2014-01-24 23:51 - 2014-01-24 23:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-24 19:38 - 2014-01-25 10:24 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-24 16:07 - 2014-01-25 00:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-24 14:47 - 2014-01-24 14:47 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\BrowserSafeguard
2014-01-24 14:39 - 2014-01-24 14:43 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2014-01-24 07:50 - 2014-01-24 07:51 - 00030496 _____ C:\Users\Bruno Woitke\Downloads\Addition.txt
2014-01-24 07:49 - 2014-01-24 07:49 - 00000000 ____D C:\FRST
2014-01-24 07:36 - 2014-01-24 07:36 - 02077696 _____ (Farbar) C:\Users\Bruno Woitke\Downloads\FRST64.exe
2014-01-23 16:35 - 2014-01-23 16:34 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 02434048 _____ C:\Users\Bruno Woitke\Downloads\msxml.msi
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Secunia PSI
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Malwarebytes
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-23 12:15 - 2014-01-23 12:15 - 00000000 ____D C:\ProgramData\GridinSoft
2014-01-23 09:23 - 2014-01-23 09:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-23 09:22 - 2014-01-23 09:36 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-23 06:35 - 2014-01-23 06:35 - 01972945 _____ C:\Users\Bruno Woitke\Desktop\Definition Update für Windows Defender-Problembehandlung.webarchive
2014-01-21 16:57 - 2014-01-21 16:57 - 00000000 ____D C:\YOUR_XPLANE_ROOT_FOLDER
2014-01-20 12:09 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-20 12:09 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-20 12:09 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-01-20 12:09 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-20 12:09 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-20 12:09 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-20 12:09 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-20 12:09 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-20 12:09 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-20 12:09 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-20 12:09 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-20 12:09 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-20 12:09 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-20 12:09 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-20 12:09 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-20 12:09 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-20 12:09 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-20 12:09 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-20 12:09 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-20 12:09 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-20 12:09 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-20 12:09 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-20 12:09 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-20 12:09 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-20 12:09 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-16 20:47 - 2014-01-16 20:47 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 20:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-16 20:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-16 20:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-16 20:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-16 20:31 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 20:31 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 20:31 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-08 13:11 - 2014-01-08 16:56 - 00000000 ____D C:\Program Files (x86)\X-Plane 10
2013-12-30 10:41 - 2013-12-30 10:41 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-12-30 10:27 - 2014-01-26 09:57 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-12-30 10:27 - 2014-01-25 11:16 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\WinZipper
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Windows\system32\log
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\iSafe
2013-12-30 09:38 - 2013-12-30 09:39 - 00000000 ____D C:\ProgramData\VisualBee
2013-12-30 09:38 - 2013-12-30 09:38 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\emaze
2013-12-30 09:34 - 2014-01-23 14:11 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-30 09:34 - 2014-01-23 13:11 - 00000000 ____D C:\ProgramData\Updater
2013-12-30 09:34 - 2014-01-07 15:54 - 00000000 ____D C:\ProgramData\WPM
2013-12-28 18:37 - 2013-12-28 18:37 - 01911637 _____ C:\Users\Bruno Woitke\Desktop\Probleme Notenlesen Für Elise.webarchive
2013-12-28 17:22 - 2013-12-30 10:28 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Mobogenie
2013-12-28 17:22 - 2013-12-30 10:23 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\genienext
2013-12-28 17:22 - 2013-12-30 10:23 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\cache
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\Documents\Mobogenie
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\.android
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 _____ C:\Users\Bruno Woitke\daemonprocess.txt
2013-12-28 17:11 - 2013-12-28 17:28 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\systweak
==================== One Month Modified Files and Folders =======
2014-01-26 10:01 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-26 10:01 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-26 09:58 - 2012-04-18 13:38 - 01280516 _____ C:\Windows\WindowsUpdate.log
2014-01-26 09:57 - 2013-12-30 10:27 - 00000000 ____D C:\Program Files (x86)\WinZipper
2014-01-26 09:55 - 2012-02-18 15:46 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Skype
2014-01-26 08:54 - 2014-01-24 23:51 - 00000392 _____ C:\Windows\setupact.log
2014-01-26 08:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-25 15:03 - 2012-03-29 20:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 14:42 - 2012-03-25 10:57 - 00000073 _____ C:\Users\Bruno Woitke\AppData\Local\X-Plane_drm.prf
2014-01-25 14:39 - 2014-01-25 14:39 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2014-01-25 13:31 - 2014-01-25 13:31 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2014-01-25 13:21 - 2014-01-25 13:15 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\DAEMON Tools Lite
2014-01-25 13:19 - 2011-12-18 21:56 - 00000080 _____ C:\Users\Bruno Woitke\AppData\Local\X-Plane Installer.prf
2014-01-25 13:17 - 2014-01-25 00:06 - 00431474 _____ C:\Windows\PFRO.log
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2014-01-25 13:15 - 2014-01-25 13:14 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-25 13:15 - 2014-01-25 12:54 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\OpenCandy
2014-01-25 13:15 - 2011-12-31 12:42 - 00381440 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-01-25 13:05 - 2014-01-25 13:05 - 00000444 __RSH C:\Users\Bruno Woitke\ntuser.pol
2014-01-25 13:05 - 2011-12-18 16:36 - 00000000 ____D C:\Users\Bruno Woitke
2014-01-25 13:05 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2014-01-25 13:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2014-01-25 11:16 - 2013-12-30 10:27 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\WinZipper
2014-01-25 10:24 - 2014-01-25 10:24 - 01977432 _____ C:\Users\Bruno Woitke\Downloads\winrar-x64-501.exe
2014-01-25 10:24 - 2014-01-24 19:38 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-25 10:24 - 2013-03-01 07:42 - 00000000 ____D C:\Program Files\WinRAR
2014-01-25 08:26 - 2014-01-25 08:26 - 00512784 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avastclear_9.0.2013.exe
2014-01-25 00:31 - 2014-01-24 16:07 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-25 00:17 - 2014-01-25 00:17 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\AVAST Software
2014-01-25 00:16 - 2014-01-25 00:16 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 00:16 - 2014-01-25 00:16 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 00:16 - 2014-01-25 00:16 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-25 00:15 - 2014-01-25 00:12 - 126784568 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avast_internet_security_setup.exe
2014-01-25 00:15 - 2011-12-18 21:27 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-25 00:12 - 2014-01-25 00:12 - 00001651 _____ C:\Users\Bruno Woitke\Downloads\License.avastlic
2014-01-24 23:51 - 2014-01-24 23:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-24 23:47 - 2011-12-18 16:25 - 00000000 ____D C:\Windows\Panther
2014-01-24 23:37 - 2013-11-17 16:28 - 00001912 _____ C:\Windows\epplauncher.mif
2014-01-24 22:25 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-24 21:33 - 2012-11-21 09:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-24 18:48 - 2013-12-26 12:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-24 16:31 - 2012-11-24 14:52 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2014-01-24 16:13 - 2011-12-18 21:29 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2014-01-24 16:01 - 2011-12-21 19:25 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Google
2014-01-24 16:01 - 2011-12-21 19:25 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-24 15:42 - 2011-12-19 20:04 - 00000000 ____D C:\Users\Public\Documents\Avast Rechnung
2014-01-24 14:48 - 2013-10-26 11:17 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-24 14:48 - 2011-12-18 16:36 - 00000000 ___RD C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 14:47 - 2014-01-24 14:47 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\BrowserSafeguard
2014-01-24 14:43 - 2014-01-24 14:39 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2014-01-24 12:50 - 2012-09-26 18:30 - 00000000 ____D C:\Program Files (x86)\DIABASS5
2014-01-24 07:51 - 2014-01-24 07:50 - 00030496 _____ C:\Users\Bruno Woitke\Downloads\Addition.txt
2014-01-24 07:49 - 2014-01-24 07:49 - 00000000 ____D C:\FRST
2014-01-24 07:36 - 2014-01-24 07:36 - 02077696 _____ (Farbar) C:\Users\Bruno Woitke\Downloads\FRST64.exe
2014-01-23 16:38 - 2012-09-14 10:25 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2014-01-23 16:35 - 2012-03-29 20:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-23 16:35 - 2012-03-29 20:00 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-23 16:35 - 2011-12-18 23:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-23 16:34 - 2014-01-23 16:35 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 02434048 _____ C:\Users\Bruno Woitke\Downloads\msxml.msi
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 16:34 - 2011-12-20 16:28 - 00000000 ____D C:\Program Files\Java
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Secunia PSI
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-23 14:11 - 2013-12-30 09:34 - 00000000 ____D C:\ProgramData\RHelpers
2014-01-23 13:11 - 2013-12-30 09:34 - 00000000 ____D C:\ProgramData\Updater
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Malwarebytes
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-23 12:15 - 2014-01-23 12:15 - 00000000 ____D C:\ProgramData\GridinSoft
2014-01-23 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-23 09:36 - 2014-01-23 09:22 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-23 09:23 - 2014-01-23 09:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-23 06:58 - 2011-04-12 08:43 - 00713556 _____ C:\Windows\system32\perfh007.dat
2014-01-23 06:58 - 2011-04-12 08:43 - 00155492 _____ C:\Windows\system32\perfc007.dat
2014-01-23 06:58 - 2009-07-14 06:13 - 01658748 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-23 06:35 - 2014-01-23 06:35 - 01972945 _____ C:\Users\Bruno Woitke\Desktop\Definition Update für Windows Defender-Problembehandlung.webarchive
2014-01-21 16:57 - 2014-01-21 16:57 - 00000000 ____D C:\YOUR_XPLANE_ROOT_FOLDER
2014-01-21 13:49 - 2011-12-18 23:03 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Adobe
2014-01-20 12:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-20 11:57 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-16 20:52 - 2009-07-14 05:45 - 00419352 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 20:50 - 2013-10-26 10:56 - 00000000 ____D C:\ProgramData\Oracle
2014-01-16 20:47 - 2014-01-16 20:47 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 20:47 - 2013-06-25 11:45 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-16 20:36 - 2013-07-26 15:06 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 20:36 - 2011-12-27 18:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 20:34 - 2011-12-18 18:05 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-08 16:56 - 2014-01-08 13:11 - 00000000 ____D C:\Program Files (x86)\X-Plane 10
2014-01-08 12:40 - 2012-02-17 18:04 - 00000147 _____ C:\Users\Bruno Woitke\AppData\Local\x-plane_install_10.txt
2014-01-07 15:54 - 2013-12-30 09:34 - 00000000 ____D C:\ProgramData\WPM
2014-01-07 12:23 - 2013-11-23 18:04 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-30 13:38 - 2011-12-18 22:46 - 00139816 ____H C:\Windows\SysWOW64\mlfcache.dat
2013-12-30 13:01 - 2013-03-27 10:54 - 00001641 _____ C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-30 10:41 - 2013-12-30 10:41 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-12-30 10:28 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Mobogenie
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Windows\system32\log
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\iSafe
2013-12-30 10:23 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\genienext
2013-12-30 10:23 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\cache
2013-12-30 09:39 - 2013-12-30 09:38 - 00000000 ____D C:\ProgramData\VisualBee
2013-12-30 09:38 - 2013-12-30 09:38 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\emaze
2013-12-30 09:34 - 2011-12-18 20:48 - 00108904 _____ C:\Users\Bruno Woitke\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-28 18:37 - 2013-12-28 18:37 - 01911637 _____ C:\Users\Bruno Woitke\Desktop\Probleme Notenlesen Für Elise.webarchive
2013-12-28 17:28 - 2013-12-28 17:11 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\systweak
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\Documents\Mobogenie
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\.android
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 _____ C:\Users\Bruno Woitke\daemonprocess.txt
Some content of TEMP:
====================
C:\Users\Bruno Woitke\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\Installer_Windows.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nsaA02.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nsaE744.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nskC15.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nskE957.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nspECB1.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\SHSetup.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\SpeedAnalysisSetup.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite18043.dll
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite50149.dll
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite74442.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-23 10:08
==================== End Of Log ============================
--- --- ---
--- --- ---
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 01
Ran by Bruno Woitke (administrator) on BRUNOWOITKE-PC on 26-01-2014 10:01:21
Running from C:\Users\Bruno Woitke\AppData\Local\Temp\6s1fkw6i.tmp
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\Users\Bruno Woitke\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apple_KbdMgr] - C:\Program Files\Boot Camp\Bootcamp.exe [741760 2011-06-29] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-25] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [EPSON SX125 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
MountPoints2: {c7d73c29-41f8-11e2-a3ac-3451c9f073a2} - G:\LaunchU3.exe -a
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => File Not Found
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28064DAE75CBCE01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10028&barid={2EB3139A-5F2B-11E2-B30A-3451C9F073A2}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.searchplusnetwork.com/?sp=st3&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119656&babsrc=SP_ss&mntrId=3EAF2654530AAE4E
SearchScopes: HKCU - {226E4D82-07F6-44AF-A13E-624E89A8787E} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=3eaf69970000000000002654530aae4e&toi=16095&r=209
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0CC91768-17B1-4F44-8D99-F916EA8CCE88}&mid=62651be1608c47d1a5d2e5188f149a51-003f5cbffa1e8d212e85183bcd3a0a8217f03ea3&lang=de&ds=tt014&pr=sa&d=2011-12-24 22:28:31&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKCU - {D9D2E472-C2FD-48F8-B29A-028C42606DAD} URL = hxxp://suche.aol.de/aol/search?s_it=tb50winamp&q={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10028&barid={2EB3139A-5F2B-11E2-B30A-3451C9F073A2}
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No File
BHO-x32: StumbleUpon - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\Bruno Woitke\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No File
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829
FF user.js: detected! => C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\user.js
FF Homepage: hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&SSPV=
FF SelectedSearchEngine: Conduit Search
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo! Toolbar - C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-01-23]
FF Extension: Speed Analysis 2 - C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\Extensions\speedanalysis02@SpeedAnalysis.com.xpi [2013-10-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-12-26]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-25]
FF HKCU\...\Firefox\Extensions: [specialsavings@superfish.com] - C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles/mwhfc4po.default\extensions\specialsavings@superfish.com
==================== Services (Whitelisted) =================
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224640 2011-06-29] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-25] (AVAST Software)
R2 hasplms; C:\Windows\system32\hasplms.exe [4883400 2011-10-18] (SafeNet Inc.)
R2 StumbleUponUpdater; C:\Users\Bruno Woitke\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-12-30] (Taiwan Shui Mu Chih Ching Technology Limited.)
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-01-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-25] ()
S3 dgderdrv; C:\Windows\SysWOW64\drivers\dgderdrv.sys [20032 2013-06-14] (Devguru Co., Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-09] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-01-25] (Duplex Secure Ltd.)
S3 tmbulk; C:\Windows\System32\Drivers\tmbulk.sys [77312 2011-01-12] (© Guillemot R&D, 2011. All rights reserved.)
S3 TmBusEn; C:\Windows\System32\DRIVERS\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation)
S3 TmFilter; C:\Windows\System32\DRIVERS\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation)
S3 TmHid; C:\Windows\System32\DRIVERS\TmHid.sys [24704 2011-01-26] (Guillemot Corporation)
U3 abfjjhdq; C:\Windows\System32\Drivers\abfjjhdq.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-25 14:39 - 2014-01-25 14:39 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2014-01-25 13:31 - 2014-01-25 13:31 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2014-01-25 13:15 - 2014-01-25 13:21 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\DAEMON Tools Lite
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2014-01-25 13:14 - 2014-01-25 13:15 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-25 13:05 - 2014-01-25 13:05 - 00000444 __RSH C:\Users\Bruno Woitke\ntuser.pol
2014-01-25 12:54 - 2014-01-25 13:15 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\OpenCandy
2014-01-25 10:24 - 2014-01-25 10:24 - 01977432 _____ C:\Users\Bruno Woitke\Downloads\winrar-x64-501.exe
2014-01-25 08:26 - 2014-01-25 08:26 - 00512784 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avastclear_9.0.2013.exe
2014-01-25 00:17 - 2014-01-25 00:17 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\AVAST Software
2014-01-25 00:16 - 2014-01-25 00:16 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 00:16 - 2014-01-25 00:16 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 00:16 - 2014-01-25 00:16 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-25 00:12 - 2014-01-25 00:15 - 126784568 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avast_internet_security_setup.exe
2014-01-25 00:12 - 2014-01-25 00:12 - 00001651 _____ C:\Users\Bruno Woitke\Downloads\License.avastlic
2014-01-25 00:06 - 2014-01-25 13:17 - 00431474 _____ C:\Windows\PFRO.log
2014-01-24 23:51 - 2014-01-26 08:54 - 00000392 _____ C:\Windows\setupact.log
2014-01-24 23:51 - 2014-01-24 23:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-24 19:38 - 2014-01-25 10:24 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-24 16:07 - 2014-01-25 00:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-24 14:47 - 2014-01-24 14:47 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\BrowserSafeguard
2014-01-24 14:39 - 2014-01-24 14:43 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2014-01-24 07:50 - 2014-01-24 07:51 - 00030496 _____ C:\Users\Bruno Woitke\Downloads\Addition.txt
2014-01-24 07:49 - 2014-01-24 07:49 - 00000000 ____D C:\FRST
2014-01-24 07:36 - 2014-01-24 07:36 - 02077696 _____ (Farbar) C:\Users\Bruno Woitke\Downloads\FRST64.exe
2014-01-23 16:35 - 2014-01-23 16:34 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 02434048 _____ C:\Users\Bruno Woitke\Downloads\msxml.msi
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Secunia PSI
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Malwarebytes
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-23 12:15 - 2014-01-23 12:15 - 00000000 ____D C:\ProgramData\GridinSoft
2014-01-23 09:23 - 2014-01-23 09:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-23 09:22 - 2014-01-23 09:36 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-23 06:35 - 2014-01-23 06:35 - 01972945 _____ C:\Users\Bruno Woitke\Desktop\Definition Update für Windows Defender-Problembehandlung.webarchive
2014-01-21 16:57 - 2014-01-21 16:57 - 00000000 ____D C:\YOUR_XPLANE_ROOT_FOLDER
2014-01-20 12:09 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-20 12:09 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-20 12:09 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-01-20 12:09 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-20 12:09 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-20 12:09 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-20 12:09 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-20 12:09 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-20 12:09 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-20 12:09 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-20 12:09 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-20 12:09 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-20 12:09 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-20 12:09 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-20 12:09 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-20 12:09 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-20 12:09 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-20 12:09 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-20 12:09 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-20 12:09 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-20 12:09 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-20 12:09 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-20 12:09 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-20 12:09 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-20 12:09 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-16 20:47 - 2014-01-16 20:47 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 20:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-16 20:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-16 20:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-16 20:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-16 20:31 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 20:31 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 20:31 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-08 13:11 - 2014-01-08 16:56 - 00000000 ____D C:\Program Files (x86)\X-Plane 10
2013-12-30 10:41 - 2013-12-30 10:41 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-12-30 10:27 - 2014-01-26 09:57 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-12-30 10:27 - 2014-01-25 11:16 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\WinZipper
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Windows\system32\log
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\iSafe
2013-12-30 09:38 - 2013-12-30 09:39 - 00000000 ____D C:\ProgramData\VisualBee
2013-12-30 09:38 - 2013-12-30 09:38 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\emaze
2013-12-30 09:34 - 2014-01-23 14:11 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-30 09:34 - 2014-01-23 13:11 - 00000000 ____D C:\ProgramData\Updater
2013-12-30 09:34 - 2014-01-07 15:54 - 00000000 ____D C:\ProgramData\WPM
2013-12-28 18:37 - 2013-12-28 18:37 - 01911637 _____ C:\Users\Bruno Woitke\Desktop\Probleme Notenlesen Für Elise.webarchive
2013-12-28 17:22 - 2013-12-30 10:28 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Mobogenie
2013-12-28 17:22 - 2013-12-30 10:23 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\genienext
2013-12-28 17:22 - 2013-12-30 10:23 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\cache
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\Documents\Mobogenie
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\.android
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 _____ C:\Users\Bruno Woitke\daemonprocess.txt
2013-12-28 17:11 - 2013-12-28 17:28 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\systweak
==================== One Month Modified Files and Folders =======
2014-01-26 10:01 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-26 10:01 - 2009-07-14 05:45 - 00022096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-26 09:58 - 2012-04-18 13:38 - 01280516 _____ C:\Windows\WindowsUpdate.log
2014-01-26 09:57 - 2013-12-30 10:27 - 00000000 ____D C:\Program Files (x86)\WinZipper
2014-01-26 09:55 - 2012-02-18 15:46 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Skype
2014-01-26 08:54 - 2014-01-24 23:51 - 00000392 _____ C:\Windows\setupact.log
2014-01-26 08:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-25 15:03 - 2012-03-29 20:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 14:42 - 2012-03-25 10:57 - 00000073 _____ C:\Users\Bruno Woitke\AppData\Local\X-Plane_drm.prf
2014-01-25 14:39 - 2014-01-25 14:39 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2014-01-25 13:31 - 2014-01-25 13:31 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2014-01-25 13:21 - 2014-01-25 13:15 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\DAEMON Tools Lite
2014-01-25 13:19 - 2011-12-18 21:56 - 00000080 _____ C:\Users\Bruno Woitke\AppData\Local\X-Plane Installer.prf
2014-01-25 13:17 - 2014-01-25 00:06 - 00431474 _____ C:\Windows\PFRO.log
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2014-01-25 13:15 - 2014-01-25 13:14 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-25 13:15 - 2014-01-25 12:54 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\OpenCandy
2014-01-25 13:15 - 2011-12-31 12:42 - 00381440 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-01-25 13:05 - 2014-01-25 13:05 - 00000444 __RSH C:\Users\Bruno Woitke\ntuser.pol
2014-01-25 13:05 - 2011-12-18 16:36 - 00000000 ____D C:\Users\Bruno Woitke
2014-01-25 13:05 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2014-01-25 13:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2014-01-25 11:16 - 2013-12-30 10:27 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\WinZipper
2014-01-25 10:24 - 2014-01-25 10:24 - 01977432 _____ C:\Users\Bruno Woitke\Downloads\winrar-x64-501.exe
2014-01-25 10:24 - 2014-01-24 19:38 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-25 10:24 - 2013-03-01 07:42 - 00000000 ____D C:\Program Files\WinRAR
2014-01-25 08:26 - 2014-01-25 08:26 - 00512784 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avastclear_9.0.2013.exe
2014-01-25 00:31 - 2014-01-24 16:07 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-25 00:17 - 2014-01-25 00:17 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\AVAST Software
2014-01-25 00:16 - 2014-01-25 00:16 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 00:16 - 2014-01-25 00:16 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 00:16 - 2014-01-25 00:16 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-25 00:15 - 2014-01-25 00:12 - 126784568 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avast_internet_security_setup.exe
2014-01-25 00:15 - 2011-12-18 21:27 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-25 00:12 - 2014-01-25 00:12 - 00001651 _____ C:\Users\Bruno Woitke\Downloads\License.avastlic
2014-01-24 23:51 - 2014-01-24 23:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-24 23:47 - 2011-12-18 16:25 - 00000000 ____D C:\Windows\Panther
2014-01-24 23:37 - 2013-11-17 16:28 - 00001912 _____ C:\Windows\epplauncher.mif
2014-01-24 22:25 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-24 21:33 - 2012-11-21 09:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-24 18:48 - 2013-12-26 12:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-24 16:31 - 2012-11-24 14:52 - 00000000 ____D C:\Program Files (x86)\MyFree Codec
2014-01-24 16:13 - 2011-12-18 21:29 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2014-01-24 16:01 - 2011-12-21 19:25 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Google
2014-01-24 16:01 - 2011-12-21 19:25 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-24 15:42 - 2011-12-19 20:04 - 00000000 ____D C:\Users\Public\Documents\Avast Rechnung
2014-01-24 14:48 - 2013-10-26 11:17 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-24 14:48 - 2011-12-18 16:36 - 00000000 ___RD C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 14:47 - 2014-01-24 14:47 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\BrowserSafeguard
2014-01-24 14:43 - 2014-01-24 14:39 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2014-01-24 12:50 - 2012-09-26 18:30 - 00000000 ____D C:\Program Files (x86)\DIABASS5
2014-01-24 07:51 - 2014-01-24 07:50 - 00030496 _____ C:\Users\Bruno Woitke\Downloads\Addition.txt
2014-01-24 07:49 - 2014-01-24 07:49 - 00000000 ____D C:\FRST
2014-01-24 07:36 - 2014-01-24 07:36 - 02077696 _____ (Farbar) C:\Users\Bruno Woitke\Downloads\FRST64.exe
2014-01-23 16:38 - 2012-09-14 10:25 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2014-01-23 16:35 - 2012-03-29 20:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-23 16:35 - 2012-03-29 20:00 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-23 16:35 - 2011-12-18 23:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-23 16:34 - 2014-01-23 16:35 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 02434048 _____ C:\Users\Bruno Woitke\Downloads\msxml.msi
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 16:34 - 2011-12-20 16:28 - 00000000 ____D C:\Program Files\Java
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Secunia PSI
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-23 14:11 - 2013-12-30 09:34 - 00000000 ____D C:\ProgramData\RHelpers
2014-01-23 13:11 - 2013-12-30 09:34 - 00000000 ____D C:\ProgramData\Updater
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Malwarebytes
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-23 12:15 - 2014-01-23 12:15 - 00000000 ____D C:\ProgramData\GridinSoft
2014-01-23 10:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-23 09:36 - 2014-01-23 09:22 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-23 09:23 - 2014-01-23 09:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-23 06:58 - 2011-04-12 08:43 - 00713556 _____ C:\Windows\system32\perfh007.dat
2014-01-23 06:58 - 2011-04-12 08:43 - 00155492 _____ C:\Windows\system32\perfc007.dat
2014-01-23 06:58 - 2009-07-14 06:13 - 01658748 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-23 06:35 - 2014-01-23 06:35 - 01972945 _____ C:\Users\Bruno Woitke\Desktop\Definition Update für Windows Defender-Problembehandlung.webarchive
2014-01-21 16:57 - 2014-01-21 16:57 - 00000000 ____D C:\YOUR_XPLANE_ROOT_FOLDER
2014-01-21 13:49 - 2011-12-18 23:03 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Adobe
2014-01-20 12:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-20 11:57 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-16 20:52 - 2009-07-14 05:45 - 00419352 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 20:50 - 2013-10-26 10:56 - 00000000 ____D C:\ProgramData\Oracle
2014-01-16 20:47 - 2014-01-16 20:47 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 20:47 - 2013-06-25 11:45 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-16 20:36 - 2013-07-26 15:06 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 20:36 - 2011-12-27 18:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 20:34 - 2011-12-18 18:05 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-08 16:56 - 2014-01-08 13:11 - 00000000 ____D C:\Program Files (x86)\X-Plane 10
2014-01-08 12:40 - 2012-02-17 18:04 - 00000147 _____ C:\Users\Bruno Woitke\AppData\Local\x-plane_install_10.txt
2014-01-07 15:54 - 2013-12-30 09:34 - 00000000 ____D C:\ProgramData\WPM
2014-01-07 12:23 - 2013-11-23 18:04 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-30 13:38 - 2011-12-18 22:46 - 00139816 ____H C:\Windows\SysWOW64\mlfcache.dat
2013-12-30 13:01 - 2013-03-27 10:54 - 00001641 _____ C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-30 10:41 - 2013-12-30 10:41 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-12-30 10:28 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Mobogenie
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Windows\system32\log
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\iSafe
2013-12-30 10:23 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\genienext
2013-12-30 10:23 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\cache
2013-12-30 09:39 - 2013-12-30 09:38 - 00000000 ____D C:\ProgramData\VisualBee
2013-12-30 09:38 - 2013-12-30 09:38 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\emaze
2013-12-30 09:34 - 2011-12-18 20:48 - 00108904 _____ C:\Users\Bruno Woitke\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-28 18:37 - 2013-12-28 18:37 - 01911637 _____ C:\Users\Bruno Woitke\Desktop\Probleme Notenlesen Für Elise.webarchive
2013-12-28 17:28 - 2013-12-28 17:11 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\systweak
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\Documents\Mobogenie
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\.android
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 _____ C:\Users\Bruno Woitke\daemonprocess.txt
Some content of TEMP:
====================
C:\Users\Bruno Woitke\AppData\Local\Temp\BackupSetup.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\Installer_Windows.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nsaA02.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nsaE744.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nskC15.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nskE957.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\nspECB1.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\SHSetup.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\Softonic_chr_1-8-29-3_cn.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\SpeedAnalysisSetup.exe
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite18043.dll
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite50149.dll
C:\Users\Bruno Woitke\AppData\Local\Temp\System.Data.SQLite74442.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-23 10:08
==================== End Of Log ============================
--- --- ---
--- --- ---
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 01
Ran by Bruno Woitke (administrator) on BRUNOWOITKE-PC on 26-01-2014 10:01:21
Running from C:\Users\Bruno Woitke\AppData\Local\Temp\6s1fkw6i.tmp
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\System32\AppleOSSMgr.exe
(Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
() C:\Users\Bruno Woitke\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
(Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Apple_KbdMgr] - C:\Program Files\Boot Camp\Bootcamp.exe [741760 2011-06-29] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-25] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [EPSON SX125 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
MountPoints2: {c7d73c29-41f8-11e2-a3ac-3451c9f073a2} - G:\LaunchU3.exe -a
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => File Not Found
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28064DAE75CBCE01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
URLSearchHook: HKCU - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388392424&from=adks&uid=WDCXWD1001FALS-403AA0_WD-WCATR829158891588&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10028&barid={2EB3139A-5F2B-11E2-B30A-3451C9F073A2}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.searchplusnetwork.com/?sp=st3&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119656&babsrc=SP_ss&mntrId=3EAF2654530AAE4E
SearchScopes: HKCU - {226E4D82-07F6-44AF-A13E-624E89A8787E} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=3eaf69970000000000002654530aae4e&toi=16095&r=209
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={0CC91768-17B1-4F44-8D99-F916EA8CCE88}&mid=62651be1608c47d1a5d2e5188f149a51-003f5cbffa1e8d212e85183bcd3a0a8217f03ea3&lang=de&ds=tt014&pr=sa&d=2011-12-24 22:28:31&v=8.0.0.34&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1098640
SearchScopes: HKCU - {D9D2E472-C2FD-48F8-B29A-028C42606DAD} URL = hxxp://suche.aol.de/aol/search?s_it=tb50winamp&q={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10028&barid={2EB3139A-5F2B-11E2-B30A-3451C9F073A2}
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No File
BHO-x32: StumbleUpon - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\Bruno Woitke\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Searchcore Toolbar - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - No File
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829
FF user.js: detected! => C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\user.js
FF Homepage: hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP9B1FA831-7F1E-4CE6-ABA7-52EF3B662FC5&SSPV=
FF SelectedSearchEngine: Conduit Search
FF NewTab: about
:newtab
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Yahoo! Toolbar - C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-01-23]
FF Extension: Speed Analysis 2 - C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles\5ya9jzsl.default-1353517694829\Extensions\speedanalysis02@SpeedAnalysis.com.xpi [2013-10-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013-12-26]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\adblocker@avast.com.xpi [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-25]
FF HKCU\...\Firefox\Extensions: [specialsavings@superfish.com] - C:\Users\Bruno Woitke\AppData\Roaming\Mozilla\Firefox\Profiles/mwhfc4po.default\extensions\specialsavings@superfish.com
==================== Services (Whitelisted) =================
R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224640 2011-06-29] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-25] (AVAST Software)
R2 hasplms; C:\Windows\system32\hasplms.exe [4883400 2011-10-18] (SafeNet Inc.)
R2 StumbleUponUpdater; C:\Users\Bruno Woitke\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-12-30] (Taiwan Shui Mu Chih Ching Technology Limited.)
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-01-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-01-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-25] ()
S3 dgderdrv; C:\Windows\SysWOW64\drivers\dgderdrv.sys [20032 2013-06-14] (Devguru Co., Ltd)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-09-28] (SafeNet Inc.)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-09] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-01-25] (Duplex Secure Ltd.)
S3 tmbulk; C:\Windows\System32\Drivers\tmbulk.sys [77312 2011-01-12] (© Guillemot R&D, 2011. All rights reserved.)
S3 TmBusEn; C:\Windows\System32\DRIVERS\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation)
S3 TmFilter; C:\Windows\System32\DRIVERS\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation)
S3 TmHid; C:\Windows\System32\DRIVERS\TmHid.sys [24704 2011-01-26] (Guillemot Corporation)
U3 abfjjhdq; C:\Windows\System32\Drivers\abfjjhdq.sys [0 ] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-25 14:39 - 2014-01-25 14:39 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2014-01-25 13:31 - 2014-01-25 13:31 - 00000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2014-01-25 13:15 - 2014-01-25 13:21 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\DAEMON Tools Lite
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2014-01-25 13:14 - 2014-01-25 13:15 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2014-01-25 13:05 - 2014-01-25 13:05 - 00000444 __RSH C:\Users\Bruno Woitke\ntuser.pol
2014-01-25 12:54 - 2014-01-25 13:15 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\OpenCandy
2014-01-25 10:24 - 2014-01-25 10:24 - 01977432 _____ C:\Users\Bruno Woitke\Downloads\winrar-x64-501.exe
2014-01-25 08:26 - 2014-01-25 08:26 - 00512784 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avastclear_9.0.2013.exe
2014-01-25 00:17 - 2014-01-25 00:17 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\AVAST Software
2014-01-25 00:16 - 2014-01-25 00:16 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 00:16 - 2014-01-25 00:16 - 00207904 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 00:16 - 2014-01-25 00:16 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-01-25 00:16 - 2014-01-25 00:16 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-25 00:12 - 2014-01-25 00:15 - 126784568 _____ (AVAST Software) C:\Users\Bruno Woitke\Downloads\avast_internet_security_setup.exe
2014-01-25 00:12 - 2014-01-25 00:12 - 00001651 _____ C:\Users\Bruno Woitke\Downloads\License.avastlic
2014-01-25 00:06 - 2014-01-25 13:17 - 00431474 _____ C:\Windows\PFRO.log
2014-01-24 23:51 - 2014-01-26 08:54 - 00000392 _____ C:\Windows\setupact.log
2014-01-24 23:51 - 2014-01-24 23:51 - 00000000 _____ C:\Windows\setuperr.log
2014-01-24 19:38 - 2014-01-25 10:24 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-24 16:07 - 2014-01-25 00:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-24 14:47 - 2014-01-24 14:47 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\BrowserSafeguard
2014-01-24 14:39 - 2014-01-24 14:43 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2014-01-24 07:50 - 2014-01-24 07:51 - 00030496 _____ C:\Users\Bruno Woitke\Downloads\Addition.txt
2014-01-24 07:49 - 2014-01-24 07:49 - 00000000 ____D C:\FRST
2014-01-24 07:36 - 2014-01-24 07:36 - 02077696 _____ (Farbar) C:\Users\Bruno Woitke\Downloads\FRST64.exe
2014-01-23 16:35 - 2014-01-23 16:34 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 02434048 _____ C:\Users\Bruno Woitke\Downloads\msxml.msi
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-23 16:34 - 2014-01-23 16:34 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Secunia PSI
2014-01-23 16:29 - 2014-01-23 16:29 - 00000000 ____D C:\Program Files (x86)\Secunia
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\Malwarebytes
2014-01-23 12:40 - 2014-01-23 12:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-23 12:15 - 2014-01-23 12:15 - 00000000 ____D C:\ProgramData\GridinSoft
2014-01-23 09:23 - 2014-01-23 09:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-23 09:22 - 2014-01-23 09:36 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-01-23 06:35 - 2014-01-23 06:35 - 01972945 _____ C:\Users\Bruno Woitke\Desktop\Definition Update für Windows Defender-Problembehandlung.webarchive
2014-01-21 16:57 - 2014-01-21 16:57 - 00000000 ____D C:\YOUR_XPLANE_ROOT_FOLDER
2014-01-20 12:09 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-01-20 12:09 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-01-20 12:09 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-01-20 12:09 - 2012-08-23 15:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-01-20 12:09 - 2012-08-23 14:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-01-20 12:09 - 2012-08-23 14:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-01-20 12:09 - 2012-08-23 14:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-01-20 12:09 - 2012-08-23 14:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-01-20 12:09 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-01-20 12:09 - 2012-08-23 14:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-01-20 12:09 - 2012-08-23 14:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-01-20 12:09 - 2012-08-23 14:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-01-20 12:09 - 2012-08-23 14:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-01-20 12:09 - 2012-08-23 13:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-20 12:09 - 2012-08-23 12:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-01-20 12:09 - 2012-08-23 12:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-01-20 12:09 - 2012-08-23 12:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-01-20 12:09 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-01-20 12:09 - 2012-08-23 11:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-20 12:09 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-01-20 12:09 - 2012-08-23 11:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-01-20 12:09 - 2012-08-23 11:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-01-20 12:09 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-01-20 12:09 - 2012-08-23 09:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-01-20 12:09 - 2012-08-23 09:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-16 20:47 - 2014-01-16 20:47 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 20:47 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-16 20:47 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-16 20:47 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-16 20:47 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-16 20:31 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 20:31 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 20:31 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 20:31 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-08 13:11 - 2014-01-08 16:56 - 00000000 ____D C:\Program Files (x86)\X-Plane 10
2013-12-30 10:41 - 2013-12-30 10:41 - 00000000 ____D C:\ProgramData\TubeDimmer
2013-12-30 10:27 - 2014-01-26 09:57 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-12-30 10:27 - 2014-01-25 11:16 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\WinZipper
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Windows\system32\log
2013-12-30 10:27 - 2013-12-30 10:27 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\iSafe
2013-12-30 09:38 - 2013-12-30 09:39 - 00000000 ____D C:\ProgramData\VisualBee
2013-12-30 09:38 - 2013-12-30 09:38 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\emaze
2013-12-30 09:34 - 2014-01-23 14:11 - 00000000 ____D C:\ProgramData\RHelpers
2013-12-30 09:34 - 2014-01-23 13:11 - 00000000 ____D C:\ProgramData\Updater
2013-12-30 09:34 - 2014-01-07 15:54 - 00000000 ____D C:\ProgramData\WPM
2013-12-28 18:37 - 2013-12-28 18:37 - 01911637 _____ C:\Users\Bruno Woitke\Desktop\Probleme Notenlesen Für Elise.webarchive
2013-12-28 17:22 - 2013-12-30 10:28 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\Mobogenie
2013-12-28 17:22 - 2013-12-30 10:23 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\genienext
2013-12-28 17:22 - 2013-12-30 10:23 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Local\cache
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\Documents\Mobogenie
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 ____D C:\Users\Bruno Woitke\.android
2013-12-28 17:22 - 2013-12-28 17:22 - 00000000 _____ C:\Users\Bruno Woitke\daemonprocess.txt
2013-12-28 17:11 - 2013-12-28 17:28 - 00000000 ____D C:\Users\Bruno Woitke\AppData\Roaming\systweak
Rest sende ich weil zu groß gewesen
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
