PUP.Conduit.Optional.A _Ordner nicht löschbar

Jonitas · 25.01.2014, 14:34

Liebes Trojaner-Board-Team,

ich konnte einen leeren Ordner "diving all" auf meinem Desktop nicht löschen. Da waren Fotos drin, die ich von einem Tauchurlaub von dem dortigen PC des Tauchclubs mitgebracht hatte.

Zudem wunderte ich mich mehr und mehr über meinen subjektiv langsamer werdenden Laptop. Ich habe Malwarebytes installiert und drüber laufen lassen. Der Schädling "HSS02.04-install-anchorfree.exe" wurde unter: Meine Dateien\Downloads gefunden. Diesen Schädling habe ich in Malwarebytes gelöscht. Bei wiederholtem Scannen mit Malwarebytes war er immer noch bzw. wieder da. Der Ordner "diving all" läßt sich nicht löschen und ist "leer" 1,57MB groß!

Wie kann ich dem Schädling endgültig den Gar aus machen und den Ordner löschen?

Vielen Dank für Eure Hilfe schon im Voraus!
Gruß JM

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:15 on 25/01/2014 (JM)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2014
Ran by JM (administrator) on ***** on 25-01-2014 13:20:27
Running from C:\Dokumente und Einstellungen\JM\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 6
Boot Mode: Normal


==================== Processes (Whitelisted) ===================

(AuthenTec, Inc) C:\Programme\TrueSuite\TrueSuite.Service.exe
(AuthenTec, Inc.) C:\Programme\Fingerprint Sensor\ATService.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TouchED\TouchED.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TNROTATE\TNROTATE.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\Wireless Hotkey\TosHKCW.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\ApMsgFwd.exe
(Atheros Communications, Inc.) C:\Programme\Atheros\ACU.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\ThpSrv.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\ApntEx.exe
(AuthenTec, Inc) C:\Programme\TrueSuite\TrueSuite.SysTray.exe
(AuthenTec, Inc.) C:\Programme\TrueSuite\TrueSuite.ClientAppLogonExe.exe
(shbox.de) C:\Programme\FreePDF_XP\fpassist.exe
() C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
() C:\WINDOWS\twain_32\Samsung\CLX6220\Scan2Pc.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\00THotkey.exe
(Apple Inc.) C:\Programme\iTunes\iTunesHelper.exe
(Anvisoft) C:\Programme\Anvisoft\Anvi Smart Defender\ASDTray.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Anvisoft) C:\Programme\Anvisoft\Anvi Smart Defender\ASDSrv.exe
(Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\ThpSrv.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TODDSrv.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Canon Inc.) C:\Programme\Canon\CAL\CALMAIN.exe
(Intel Corporation) C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Apple Inc.) C:\Programme\iPod\bin\iPodService.exe
(AuthenTec Inc.) C:\Programme\TrueSuite\TrueSuite.TouchControl.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Programme\Apoint2K\Apoint.exe [241664 2009-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TouchED] - C:\Programme\TOSHIBA\TouchED\TouchED.exe [118784 2005-09-01] (TOSHIBA Corporation)
HKLM\...\Run: [TNRotate] - %ProgramFiles%\TOSHIBA\TNRotate\TNRotate.exe
HKLM\...\Run: [SmoothView] - C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe [143360 2009-08-31] (TOSHIBA Corporation)
HKLM\...\Run: [TosHKCW.exe] - C:\Programme\TOSHIBA\Wireless Hotkey\TosHKCW.exe [225280 2009-07-02] (TOSHIBA CORPORATION)
HKLM\...\Run: [TUSBSleepChargeSrv] - %ProgramFiles%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
HKLM\...\Run: [DDWMon] - C:\Programme\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe [495616 2007-04-26] (TOSHIBA Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM\...\Run: [ITSecMng] - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
HKLM\...\Run: [ACU] - C:\Programme\Atheros\ACU.exe [471129 2009-10-07] (Atheros Communications, Inc.)
HKLM\...\Run: [ThpSrv] - C:\WINDOWS\system32\thpsrv /logon
HKLM\...\Run: [TosSENotify] - C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [TWebCamera] - C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-12-09] (TOSHIBA CORPORATION.)
HKLM\...\Run: [SystemTray] - C:\Programme\TrueSuite\TrueSuite.SysTray.exe [619256 2009-11-18] (AuthenTec, Inc)
HKLM\...\Run: [ClientAppLogon] - C:\Programme\TrueSuite\TrueSuite.ClientAppLogonExe.exe [306936 2009-11-18] (AuthenTec, Inc.)
HKLM\...\Run: [FreePDF Assistant] - C:\Programme\FreePDF_XP\fpassist.exe [310272 2005-05-27] (shbox.de)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Samsung PanelMgr] - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [614400 2009-11-26] ()
HKLM\...\Run: [SCX6220_Scan2Pc] - C:\WINDOWS\Twain_32\Samsung\CLX6220\Scan2pc.exe [2042368 2011-12-02] ()
HKLM\...\Run: [6220 Scan2PC] - C:\WINDOWS\Twain_32\Samsung\CLX6220\Scan2pc.exe [2042368 2011-12-02] ()
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [00THotkey] - C:\WINDOWS\system32\00THotkey.exe [253952 2009-06-17] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Programme\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM\...\Run: [Anvi Smart Defender] - C:\Programme\Anvisoft\Anvi Smart Defender\ASDTray.exe [1636536 2013-10-21] (Anvisoft)
Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
MountPoints2: {ed8c6bd8-12c5-11e0-abb2-0026b6de09ce} - E:\DPFMate.exe
HKU\Administrator\...\Run: [TOSHIBA Online Product Information] - C:\Programme\TOSHIBA\Toshiba Online Product Information\topi.exe
HKU\Administrator\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2006-06-01] (Nero AG)
HKU\Default User\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2006-06-01] (Nero AG)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} URL = hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}
SearchScopes: HKCU - {c99fdc39-a1ae-4b24-8d71-e5274f8d7c54} URL = hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Mozilla\Firefox\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab\SafeBrowser\S-1-5-21-1583877156-3090797743-3329591833-1005\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/MycameraPlugin - C:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Anti-Banner - C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2011-08-07]
FF Extension: Modul zur Link-Untersuchung - C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2011-08-07]
FF Extension: TrueSuite Website Log On - C:\Programme\Mozilla Firefox\extensions\websitelogon_toolbar@truesuite.com [2010-07-06]
FF Extension: Skype extension for Firefox - C:\Programme\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2010-07-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff [2002-09-28]
FF HKLM\...\Firefox\Extensions:  - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-09-07]

Chrome: 
=======
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\DOKUME~1\JM\LOKALE~1\Temp\YontooLayers.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-08-14]

========================== Services (Whitelisted) =================

R2 ACS; C:\WINDOWS\system32\acs.exe [499797 2009-10-07] (Atheros)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
R2 asdsrv; C:\Programme\Anvisoft\Anvi Smart Defender\ASDSrv.exe [742584 2013-10-21] (Anvisoft)
R2 ATService; C:\Programme\Fingerprint Sensor\atservice.exe [2034936 2009-11-16] (AuthenTec, Inc.)
R2 AVP; C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-20] (Kaspersky Lab ZAO)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
R2 CCALib8; C:\Programme\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.)
R2 CFSvcs; C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2005-01-17] (TOSHIBA CORPORATION)
R2 FPLService; C:\Programme\TrueSuite\TrueSuite.Service.exe [108280 2009-11-18] (AuthenTec, Inc)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2010-08-23] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2010-08-23] (Google Inc.)
R2 IAStorDataMgrSvc; C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336 2009-10-02] (Intel Corporation)
S3 IDriverT; c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [800768 2006-05-30] (Nero AG)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553440 2012-12-12] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre6\bin\jqs.exe [152984 2002-09-28] (Sun Microsystems, Inc.)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S4 Tmesrv; C:\Programme\TOSHIBA\TME3\Tmesrv31.exe [118784 2009-11-20] (TOSHIBA)
R2 TNaviSrv; C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2009-11-12] (TOSHIBA Corporation)
R2 TOSHIBA Bluetooth Service; C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [148848 2009-10-21] (TOSHIBA CORPORATION)
R3 TOSHIBA HDD SSD Alert Service; C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-11-05] (TOSHIBA Corporation)
S2 UNS; C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation)
S2 LMS; C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [x]

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1585728 2009-09-30] (Atheros Communications, Inc.)
R1 asdrm; C:\Windows\System32\DRIVERS\asdrm.sys [16208 2013-10-15] (Anvisoft)
R2 asdrs; C:\WINDOWS\system32\DRIVERS\asdrs.sys [22864 2013-10-15] (Anvisoft)
R1 asdws; C:\Windows\System32\DRIVERS\asdws.sys [14160 2013-10-15] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k5132.sys [160424 2009-09-23] (Intel Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2005-10-28] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2005-10-28] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2005-10-28] (HP)
R3 IFXTPM; C:\Windows\System32\DRIVERS\IFXTPM.SYS [44800 2007-12-18] (Infineon Technologies AG)
R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [102656 2006-05-30] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [29568 2006-05-30] (Nero AG)
U1 InCDrec; C:\Windows\System32\Drivers\InCDrec.sys [9984 2006-05-30] (Nero AG)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [33792 2006-05-30] (Nero AG)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-11-07] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [573536 2013-12-23] (Kaspersky Lab ZAO)
R3 klim5; C:\Windows\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24160 2013-10-20] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [24672 2013-10-20] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2013-12-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-25] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 Netdevio; C:\Windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 NVHDA; C:\Windows\System32\drivers\nvhda32.sys [57576 2009-10-12] (NVIDIA Corporation)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-07-28] (REDC)
R2 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2009-11-20] (The OpenVPN Project)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-05-25] (AnchorFree Inc)
R2 tdudf; C:\Windows\System32\DRIVERS\tdudf.sys [105856 2007-03-26] (TOSHIBA Corporation)
R1 TMEI3E; C:\Windows\System32\Drivers\TMEI3E.SYS [5888 2004-06-16] (Toshiba Corporation)
R2 trudf; C:\Windows\System32\DRIVERS\trudf.sys [134016 2007-02-19] (TOSHIBA Corporation)
R3 WSIMD; C:\Windows\System32\DRIVERS\wsimd.sys [58208 2009-03-16] (Atheros Communications, Inc.)
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [x]
S4 IntelIde; No ImagePath
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [93280 2013-06-08] (Kaspersky Lab ZAO)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-25 13:20 - 2014-01-25 13:21 - 00026209 _____ C:\Dokumente und Einstellungen\JM\Desktop\FRST.txt
2014-01-25 13:17 - 2014-01-25 13:17 - 00000000 ____D C:\FRST
2014-01-25 13:16 - 2014-01-25 13:16 - 01222144 _____ (Farbar) C:\Dokumente und Einstellungen\JM\Desktop\FRST.exe
2014-01-25 13:15 - 2014-01-25 13:15 - 00000466 _____ C:\Dokumente und Einstellungen\JM\Desktop\defogger_disable.log
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 _____ C:\Dokumente und Einstellungen\JM\defogger_reenable
2014-01-25 13:10 - 2014-01-25 13:10 - 00050477 _____ C:\Dokumente und Einstellungen\JM\Desktop\Defogger.exe
2014-01-25 12:47 - 2014-01-25 12:47 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-25 12:33 - 2014-01-25 13:11 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\ADAC
2014-01-25 10:01 - 2014-01-25 10:01 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-23 21:08 - 2014-01-25 12:48 - 00005006 _____ C:\WINDOWS\setupapi.log
2014-01-23 17:27 - 2014-01-23 17:27 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2014-01-23 17:26 - 00000756 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-27 09:05 - 2013-12-27 14:46 - 01163264 _____ C:\WINDOWS\system32\㩣摜歯浵湥整甠摮攠湩瑳汥畬杮湥慜汬甠敳獲慜睮湥畤杮摳瑡湥歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤

==================== One Month Modified Files and Folders =======

2014-01-25 13:21 - 2014-01-25 13:20 - 00026209 _____ C:\Dokumente und Einstellungen\JM\Desktop\FRST.txt
2014-01-25 13:17 - 2014-01-25 13:17 - 00000000 ____D C:\FRST
2014-01-25 13:16 - 2014-01-25 13:16 - 01222144 _____ (Farbar) C:\Dokumente und Einstellungen\JM\Desktop\FRST.exe
2014-01-25 13:16 - 2010-07-06 10:21 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
2014-01-25 13:15 - 2014-01-25 13:15 - 00000466 _____ C:\Dokumente und Einstellungen\JM\Desktop\defogger_disable.log
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 _____ C:\Dokumente und Einstellungen\JM\defogger_reenable
2014-01-25 13:15 - 2010-07-05 19:28 - 00000000 ____D C:\Dokumente und Einstellungen\JM
2014-01-25 13:12 - 2002-09-28 02:17 - 00000315 _____ C:\WINDOWS\wiadebug.log
2014-01-25 13:11 - 2014-01-25 12:33 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\ADAC
2014-01-25 13:10 - 2014-01-25 13:10 - 00050477 _____ C:\Dokumente und Einstellungen\JM\Desktop\Defogger.exe
2014-01-25 12:48 - 2014-01-23 21:08 - 00005006 _____ C:\WINDOWS\setupapi.log
2014-01-25 12:48 - 2002-09-28 03:13 - 00000000 ____D C:\WINDOWS\Help
2014-01-25 12:48 - 2002-09-28 01:19 - 01497440 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-25 12:47 - 2014-01-25 12:47 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-25 12:46 - 2010-08-23 15:51 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-25 12:20 - 2010-07-06 15:54 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Kündigung O2
2014-01-25 12:14 - 2013-12-23 22:08 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Desktop\diving all
2014-01-25 12:08 - 2010-07-06 19:00 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2014-01-25 10:01 - 2014-01-25 10:01 - 00040776 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-01-25 09:54 - 2010-08-23 15:51 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-25 09:54 - 2009-12-16 09:20 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-25 09:54 - 2002-09-28 02:17 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-25 09:54 - 2002-09-28 01:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-23 21:25 - 2013-09-07 08:14 - 00268218 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
2014-01-23 21:25 - 2010-07-05 19:28 - 00000300 ___SH C:\Dokumente und Einstellungen\JM\ntuser.ini
2014-01-23 21:25 - 2010-07-05 16:56 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
2014-01-23 21:25 - 2002-09-28 01:22 - 00032530 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-23 21:02 - 2013-09-07 16:27 - 00268218 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1583877156-3090797743-3329591833-1005-0.dat
2014-01-23 17:27 - 2014-01-23 17:27 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2014-01-23 17:26 - 00000756 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2002-09-28 02:16 - 00000000 ___RD C:\Programme
2014-01-23 17:26 - 2002-09-28 02:16 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-01-12 12:01 - 2010-11-30 15:52 - 00000000 ___RD C:\Dokumente und Einstellungen\JM\Eigene Dateien\Eigene Bilder
2014-01-11 10:16 - 2010-07-06 11:11 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\FreePDF
2014-01-09 17:02 - 2010-07-06 10:04 - 00102912 _____ C:\Dokumente und Einstellungen\JM\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-05 11:29 - 2011-09-11 09:34 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Haus Eybacherstrasse 5
2014-01-04 14:10 - 2010-07-06 15:59 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Pau Verschiedene
2014-01-04 12:53 - 2002-09-28 02:16 - 01246892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-31 17:13 - 2010-07-06 06:51 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-12-27 14:46 - 2013-12-27 09:05 - 01163264 _____ C:\WINDOWS\system32\㩣摜歯浵湥整甠摮攠湩瑳汥畬杮湥慜汬甠敳獲慜睮湥畤杮摳瑡湥歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2009-12-16 09:20] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2009-12-16 09:20] - [2008-04-14 13:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\rpcss.dll
[2009-12-16 09:20] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2009-12-16 09:20] - [2008-04-14 13:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2014
Ran by JM at 2014-01-25 13:21:23
Running from C:\Dokumente und Einstellungen\JM\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Internet Security (Disabled - Up to date) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security (Disabled) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

==================== Installed Programs ======================

Adobe Flash Player 10 Plugin (Version: 10.1.53.64 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (Version: 9.0.28.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.2) - Deutsch (Version: 10.1.2 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (Version:  - )
AFPL Ghostscript Fonts (Version:  - )
AiO_Scan_CDA (Version: 51.0.230.000 - Hewlett-Packard) Hidden
ALPS Touch Pad Driver (Version: 7.5.303.213 - ALPS ELECTRIC CO., LTD.)
Anvi Smart Defender 1.9.3 (Version: 1.9.3 - Anvisoft)
Apple Application Support (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Utility (Version:  - Atheros)
Atheros Driver Installation Program (Version: 5.0 - Atheros)
AuthenTec TrueSuite (Version: 3.0.1.42 - AuthenTec, Inc.)
Bluetooth Stack for Windows by Toshiba (Version: v7.10.01(T) - TOSHIBA CORPORATION)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Canon Camera Access Library (Version: 8.5.0.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.3.9 - Canon Inc.)
Canon iP2600 series (Version:  - )
Canon MOV Decoder (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (Version: 1.3.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.4.0.8 - Canon Inc.)
Canon Utilities CameraWindow (Version: 7.4.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (Version: 8.1.0.11 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (Version: 1.0.0.11 - Canon Inc.)
Canon Utilities MyCamera (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities ZoomBrowser EX (Version: 6.5.0.14 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.3.0.4 - Canon Inc.)
CCleaner (Version: 2.33 - Piriform)
Deinstallationsprogamm für TOSHIBA Mobile Extension3 (Version:  - ) Hidden
FreePDF XP (Remove only) (Version:  - )
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
iDRS(tm) OCR Software by I.R.I.S (Version: 1.00.13.00 - Samsung Electronics Co., Ltd.)
Image Resizer Powertoy for Windows XP (Version: 1.00.0001 - Microsoft Corporation)
Intel(R) Graphics Media Accelerator Driver (Version: 6.14.10.5179 - Intel Corporation)
Intel(R) Management Engine Components (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (Version: 14.5 - Intel)
Intel(R) Rapid Storage Technology (Version: 9.5.0.1037 - Intel Corporation)
iTunes (Version: 11.0.1.12 - Apple Inc.)
Java(TM) 6 Update 14 (Version: 6.0.140 - Sun Microsystems, Inc.)
Kaspersky Internet Security 2012 (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (Version: 12.0.0.374 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Standard Edition 2003 (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (German) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
MobileMe Control Panel (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 17.0.1 (x86 de) (Version: 17.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
Nero 7 Essentials (Version: 7.01.4237 - Nero AG)
NVIDIA Drivers (Version: 1.10 - NVIDIA Corporation)
OpenVPN Tap Adapter 9.0 (Version:  - )
PVS 2.000 (Vollversion) (Version:  - )
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickTime (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (Version: 5.10.0.5972 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (Version:  - )
RICOH R5U230 Media Driver ver.2.07.03.02 (Version: 2.07.03.02 - RICOH)
Scan (Version: 6.0.0.0 - Hewlett-Packard) Hidden
Skype™ 3.5 (Version: 3.5.229 - Skype Technologies S.A.)
TOSHIBA 180 Degrees Rotation Utility (Version: 1.2.0.0 - TOSHIBA Corporation)
TOSHIBA 180 Degrees Rotation Utility (Version: 1.2.0.0 - TOSHIBA Corporation) Hidden
TOSHIBA Assist (Version:  - )
TOSHIBA Benutzerhandbücher (Version: 7.52 - TOSHIBA)
TOSHIBA ConfigFree (Version: 5.90.17 - )
TOSHIBA Controls (Version: v3.37.4310 - TOSHIBA Corporation)
TOSHIBA Controls (Version: v3.37.4310 - TOSHIBA Corporation) Hidden
TOSHIBA Dienstprogramme (Version: 4.30.24 - TOSHIBA)
TOSHIBA Direct Disc Writer (Version: 1.1.0.0b - TOSHIBA Corporation)
TOSHIBA Disc Creator (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA Display Devices Change Utility (Version:  - )
TOSHIBA DVD PLAYER (Version: 2.50.1.05-A - TOSHIBA Corporation)
TOSHIBA HDD Protection (Version: 2.3.0.0 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.0.4 - TOSHIBA Corporation) Hidden
TOSHIBA Hotkey Utility for Display Devices (Version:  - )
TOSHIBA Mobile Extension3 (Version: 3.91.00.XP - TOSHIBA)
TOSHIBA Password Utility (Version: 2.01.10 - TOSHIBA) Hidden
TOSHIBA Passwort-Utility (Version: 2.01.10 - TOSHIBA)
TOSHIBA PC Diagnostic Tool (Version: 3.2.15 - TOSHIBA) Hidden
TOSHIBA PC-Diagnose-Tool (Version: 3.2.15 - TOSHIBA)
TOSHIBA Power Saver (Version: 7.13.04 - )
TOSHIBA Power Saver (Version: 7.13.04 - ) Hidden
TOSHIBA Sicherheits-Assistent (Version: 1.2.1 - TOSHIBA)
TOSHIBA Touchpad Ein/Aus Utility V2.5.1.0 (Version: 2.5.1.0 - TOSHIBA)
TOSHIBA USB Sleep and Charge Utility (Version: 1.3.2.0 - TOSHIBA Corporation)
TOSHIBA Utilities (Version: 4.30.24 - TOSHIBA) Hidden
TOSHIBA Web Camera Application (Version: 1.1.2.8 - TOSHIBA Corporation)
TOSHIBA Zoom-Dienstprogramm (Version: 2.0.0.25 - TOSHIBA)
TSOL Pro 4.5 (Version: TSOL Pro 4.5 - Dr. Valentin EnergieSoftware GmbH)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Valentin Meteo Data 1.0.26 (Version:  - Dr. Valentin EnergieSoftware GmbH)
VizadooCAD  2.3 start (Version:  - )
VLC media player 1.1.4 (Version: 1.1.4 - VideoLAN)
Wartung Samsung CLX-6220 Series (Version:  - Samsung Electronics Co.,Ltd)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 10 (Version:  - )
WinRAR (Version:  - )
Wireless Hotkey (Version: 3.0.0.9 - TOSHIBA)
XML Paper Specification Shared Components Language Pack 1.0 (Version:  - Microsoft Corporation) Hidden

==================== Restore Points  =========================

07-09-2013 07:07:31 First Restore Point
15-09-2013 06:36:23 Systemprüfpunkt
20-10-2013 07:56:24 Systemprüfpunkt
02-11-2013 10:44:55 Systemprüfpunkt
09-11-2013 12:44:17 Systemprüfpunkt
12-11-2013 09:30:17 Systemprüfpunkt
24-12-2013 09:16:46 Systemprüfpunkt
27-12-2013 09:52:52 Systemprüfpunkt
02-01-2014 09:00:42 Systemprüfpunkt
04-01-2014 11:51:41 Systemprüfpunkt
19-01-2014 10:46:37 Systemprüfpunkt
23-01-2014 16:53:48 Systemprüfpunkt
25-01-2014 10:27:16 Systemprüfpunkt

==================== Hosts content: ==========================

2009-12-16 09:20 - 2012-03-16 09:27 - 00000923 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Registrierungserinnerung 1.job => C:\WINDOWS\system32\OOBE\oobebaln.exe
Task: C:\WINDOWS\Tasks\Registrierungserinnerung 2.job => C:\WINDOWS\system32\OOBE\oobebaln.exe

==================== Loaded Modules (whitelisted) =============

2010-07-06 11:11 - 2005-01-06 17:33 - 00116224 _____ () C:\WINDOWS\system32\redmonnt.dll
2012-12-19 18:49 - 2009-05-29 01:33 - 00026624 _____ () C:\WINDOWS\system32\ssy2cl3.dll
2013-01-07 10:25 - 2009-05-29 18:37 - 00026624 _____ () C:\WINDOWS\system32\ssy2ml3.dll
2012-12-19 18:49 - 2009-11-25 11:56 - 00495616 _____ () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\ssy2cdu.dll
2012-01-03 14:10 - 2012-01-03 14:10 - 00301056 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
2011-01-11 05:17 - 2010-03-15 11:28 - 00141824 _____ () C:\Programme\WinRAR\rarext.dll
2009-12-16 09:20 - 2008-04-14 13:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2012-12-19 18:25 - 2009-08-14 08:53 - 01384520 _____ () C:\WINDOWS\Twain_32\Samsung\CLX6220\ssole.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
2013-10-15 04:06 - 2013-10-15 04:06 - 00785128 _____ () C:\Programme\Anvisoft\Anvi Smart Defender\sqlite3.dll
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2010-07-05 16:45 - 2009-10-02 12:18 - 00058880 _____ () C:\Programme\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2009-11-05 08:14 - 2009-11-05 08:14 - 00079192 _____ () C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2012-12-20 09:36 - 2012-11-29 09:26 - 02397152 _____ () C:\Programme\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/12/2014 11:42:45 AM) (Source: Application Hang) (User: )
Description: Stillstehende Anwendung explorer.exe, Version 6.0.2900.5512, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (01/12/2014 11:41:06 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes Modul comctl32.dll, Version 6.0.2900.5512, Fehleradresse 0x0006d6b0.
Das medienspezifische Ereignis für [explorer.exe!ws!] wird verarbeitet.

Error: (01/12/2014 11:38:37 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung drwtsn32.exe, Version 5.1.2600.0, fehlgeschlagenes Modul dbghelp.dll, Version 5.1.2600.5512, Fehleradresse 0x0001295d.
Das medienspezifische Ereignis für [drwtsn32.exe!ws!] wird verarbeitet.

Error: (01/12/2014 11:38:09 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes Modul comctl32.dll, Version 6.0.2900.5512, Fehleradresse 0x0006d6b0.
Das medienspezifische Ereignis für [explorer.exe!ws!] wird verarbeitet.

Error: (12/23/2013 09:08:11 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung applemobilebackup.exe, Version 17.1140.1.4, fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x0001a81f.
Das medienspezifische Ereignis für [applemobilebackup.exe!ws!] wird verarbeitet.

Error: (12/23/2013 08:09:42 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Produkt: Google Earth -- Fehler 1406.Wert  konnte nicht unter den Schlüssel \Software\Classes\Google Earth.kmzfile\shell\Open\command geschrieben werden.  Systemfehler .  Überprüfen Sie, ob Sie ausreichende Zugriffsrechte auf diesen Schlüssel besitzen, oder setzen Sie sich mit Ihrem Supportpersonal in Verbindung.

Error: (10/20/2013 08:14:05 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1704. An installation for Kaspersky Internet Security is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?

Error: (07/20/2013 07:56:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31203

Error: (07/20/2013 07:56:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31203

Error: (07/20/2013 07:56:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/25/2014 00:48:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Automatische Updates" wurde mit folgendem Fehler beendet: 
%%2147942405

Error: (01/25/2014 09:55:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/25/2014 09:55:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management & Security Application User Notification Service" ist vom Dienst "Intel(R) Management and Security Application Local Management Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (01/25/2014 09:55:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/25/2014 09:55:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/23/2014 09:06:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/23/2014 09:03:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management & Security Application User Notification Service" ist vom Dienst "Intel(R) Management and Security Application Local Management Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (01/23/2014 09:03:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/23/2014 09:03:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/23/2014 05:20:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (01/29/2013 09:41:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11154 seconds with 3660 seconds of active time.  This session ended with a crash.

Error: (04/06/2011 07:49:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 190 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/31/2011 10:53:40 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6281 seconds with 4140 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 2928.35 MB
Available physical RAM: 1626.54 MB
Total Pagefile: 4808.27 MB
Available Pagefile: 3397.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1978.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:8.1 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: DD451EAB)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Code:

ATTFilter

GMER 2.1.19355 - hxxp://www.gmer.net
Rootkit scan 2014-01-25 14:07:54
Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB3O 298,09GB
Running: gmer.exe; Driver: C:\DOKUME~1\JM\LOKALE~1\Temp\kxtdypow.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwAdjustPrivilegesToken [0x94DC2A16]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwConnectPort [0x94D72EC4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwCreateProcess [0x94DC46D6]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwCreateProcessEx [0x94DC49BE]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwCreateSection [0x94DC5A74]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwCreateThread [0x94DC4FB0]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwDebugActiveProcess [0x94DC4576]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwDeleteKey [0x94D707EE]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwDeleteValueKey [0x94D71FD6]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwDeviceIoControlFile [0x94D633BA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwDuplicateObject [0x94DC2B58]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwEnumerateKey [0x94D717E2]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwEnumerateValueKey [0x94D72176]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwLoadDriver [0x94DC2684]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwLoadKey [0x94D71326]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwLoadKey2 [0x94D7157E]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwMapViewOfSection [0x94DC582C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwOpenProcess [0x94DC40B2]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwOpenSection [0x94DC5CA4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwOpenThread [0x94DC4CAA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwQueryKey [0x94D70622]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwQueryMultipleValueKey [0x94D71DE4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwQueryValueKey [0x94D71BD8]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwQueueApcThread [0x94DC56E0]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwRenameKey [0x94D70902]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwReplaceKey [0x94D70F74]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwRequestWaitReplyPort [0x94D730CA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwRestoreKey [0x94D7117A]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwResumeThread [0x94DC53FC]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSaveKey [0x94D70AA6]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSaveKeyEx [0x94D70C3C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSaveMergedKeys [0x94D70DD8]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSecureConnectPort [0x94D72FC4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSetContextThread [0x94DC5562]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSetInformationToken [0x94D637D4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSetSystemInformation [0x94DC29BC]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSetValueKey [0x94D719A2]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSuspendProcess [0x94DC42BA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSuspendThread [0x94DC529E]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwSystemDebugControl [0x94D637E6]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwTerminateProcess [0x94DC441C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwTerminateThread [0x94DC4EAA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwUnmapViewOfSection [0x94DC5DAC]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys                                              ZwWriteVirtualMemory [0x94DC5B36]

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwCallbackReturn + 2D48                                               805045E4 12 Bytes  [84, 26, DC, 94, 26, 13, D7, ...]
.text           ntkrnlpa.exe!ZwCallbackReturn + 2EFC                                               80504798 20 Bytes  [FC, 53, DC, 94, A6, 0A, D7, ...]
.text           ntkrnlpa.exe!ZwCallbackReturn + 2FB8                                               80504854 12 Bytes  [BA, 42, DC, 94, 9E, 52, DC, ...]
.text           C:\WINDOWS\system32\drivers\tos_sps32.sys                                          section is writeable [0xB96F4480, 0x3C939, 0xE8000020]
.dsrt           C:\WINDOWS\system32\drivers\tos_sps32.sys                                          unknown last section [0xB9735900, 0x3CA, 0x48000040]

---- User code sections - GMER 2.1 ----

.text           C:\Programme\Mozilla Firefox\firefox.exe[2512] ntdll.dll!LdrLoadDll                7C9263C3 5 Bytes  JMP 01604470 C:\Programme\Mozilla Firefox\xul.dll
.text           C:\Programme\Mozilla Firefox\firefox.exe[2512] kernel32.dll!lstrlenW + 43          7C809AEC 7 Bytes  JMP 0185047C C:\Programme\Mozilla Firefox\xul.dll
.text           C:\Programme\Mozilla Firefox\firefox.exe[2512] kernel32.dll!MapViewOfFileEx + 6A   7C80B9A0 7 Bytes  JMP 01850459 C:\Programme\Mozilla Firefox\xul.dll
.text           C:\Programme\Mozilla Firefox\firefox.exe[2512] kernel32.dll!ValidateLocale + B130  7C844958 7 Bytes  JMP 0160F972 C:\Programme\Mozilla Firefox\xul.dll
.text           C:\Programme\Mozilla Firefox\firefox.exe[2512] GDI32.dll!SetDIBitsToDevice + 20A   77EF9E14 7 Bytes  JMP 018503DA C:\Programme\Mozilla Firefox\xul.dll

---- Devices - GMER 2.1 ----

Device                                                                                             Ntfs.sys
Device                                                                                             Udfs.SYS

AttachedDevice  \Driver\Tcpip \Device\Ip                                                           kltdi.sys
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                          kltdi.sys
AttachedDevice  \Driver\Tcpip \Device\Udp                                                          kltdi.sys
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                        kltdi.sys

Device                                                                                             mrxsmb.sys
Device                                                                                             InCDFs.sys

---- EOF - GMER 2.1 ----

--- --- ---

schrauber · 25.01.2014, 14:55

hi,

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Jonitas · 25.01.2014, 16:07

Hallo schrauber,

danke für Deine schnelle Antwort!

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.25.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
JM :: JONAS [Administrator]

Schutz: Aktiviert

25.01.2014 15:11:24
mbam-log-2014-01-25 (15-11-24).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 241667
Laufzeit: 10 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Hallo schrauber,

hier der Text von AdwCleaner:

Code:

ATTFilter

# AdwCleaner v3.017 - Bericht erstellt am 25/01/2014 um 15:30:03
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzername : JM - *****
# Gestartet von : C:\Dokumente und Einstellungen\JM\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\hotspot shield
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
Ordner Gelöscht : C:\Programme\Yontoo
Ordner Gelöscht : C:\Dokumente und Einstellungen\JM\Lokale Einstellungen\Anwendungsdaten\Babylon
Ordner Gelöscht : C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Babylon
Ordner Gelöscht : C:\Dokumente und Einstellungen\JM\Anwendungsdaten\software4u
Datei Gelöscht : C:\Programme\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Mozilla\Firefox\Profiles\apfui9ut.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Programme\Software4u\iPhone Explorer\Software4u.IPhoneExplorer.exe]
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Tarma Installer
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browser ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v17.0.1 (de)

[ Datei : C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Mozilla\Firefox\Profiles\apfui9ut.default\prefs.js ]

Zeile gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Zeile gelöscht : user_pref("browser.search.order.1", "Search the web (Babylon)");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.babExt", "");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.babTrack", "affID=109794");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 22);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.hmpg", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.id", "c06e1d2500000000000000ff332c3bb4");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15361");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=109794&babsrc=adbartrp&mntrId=c06e1d2500000000000000ff332c3bb4&q=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 22);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.179:37:02");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.newTab", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.propectorlck", 65788549);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.179:37:02");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.hardId", "c06e1d2500000000000000ff332c3bb4");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.id", "c06e1d2500000000000000ff332c3bb4");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15480");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110819&babsrc=NT_ss&mntrId=c06e1d2500000000000000ff332c3bb4");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:30:52");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Zeile gelöscht : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,BestVideoDownloader,EzLooker,TwitTube,TopRelatedTopics,Buzzdock,");
Zeile gelöscht : user_pref("extentions.y2layers.installId", "2b1808c1-1541-4fbb-af2e-383f9b083604");
Zeile gelöscht : user_pref("extentions.y2layers.lastDnsTest", 371536);
Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=110819&babsrc=KW_ss&mntrId=c06e1d2500000000000000ff332c3bb4&q=");

-\\ Google Chrome v

[ Datei : C:\Dokumente und Einstellungen\JM\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[S0].txt - [9409 octets] - [25/01/2014 15:30:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9469 octets] ##########

Hallo schrauber,

hier das JRT.txt:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by JM on 25.01.2014 at 15:41:04,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\user.js





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.01.2014 at 16:01:38,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hallo schrauber,

hier nun das letzte frische FRST:

Bin ich nun "clean" ? Danke Dir!

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2014
Ran by JM (administrator) on JONAS on 25-01-2014 16:05:49
Running from C:\Dokumente und Einstellungen\JM\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 6
Boot Mode: Normal



==================== Processes (Whitelisted) ===================

(AuthenTec, Inc) C:\Programme\TrueSuite\TrueSuite.Service.exe
(AuthenTec, Inc.) C:\Programme\Fingerprint Sensor\ATService.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\Apoint.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TouchED\TouchED.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TNROTATE\TNROTATE.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\Wireless Hotkey\TosHKCW.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\ApMsgFwd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Atheros Communications, Inc.) C:\Programme\Atheros\ACU.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\ThpSrv.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\hidfind.exe
(AuthenTec, Inc) C:\Programme\TrueSuite\TrueSuite.SysTray.exe
(AuthenTec, Inc.) C:\Programme\TrueSuite\TrueSuite.ClientAppLogonExe.exe
(shbox.de) C:\Programme\FreePDF_XP\fpassist.exe
() C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
() C:\WINDOWS\twain_32\Samsung\CLX6220\Scan2Pc.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\00THotkey.exe
(Apple Inc.) C:\Programme\iTunes\iTunesHelper.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Anvisoft) C:\Programme\Anvisoft\Anvi Smart Defender\ASDSrv.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\ThpSrv.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TODDSrv.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Canon Inc.) C:\Programme\Canon\CAL\CALMAIN.exe
(Intel Corporation) C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Apple Inc.) C:\Programme\iPod\bin\iPodService.exe
(AuthenTec Inc.) C:\Programme\TrueSuite\TrueSuite.TouchControl.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Programme\Apoint2K\Apoint.exe [241664 2009-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TouchED] - C:\Programme\TOSHIBA\TouchED\TouchED.exe [118784 2005-09-01] (TOSHIBA Corporation)
HKLM\...\Run: [TNRotate] - %ProgramFiles%\TOSHIBA\TNRotate\TNRotate.exe
HKLM\...\Run: [SmoothView] - C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe [143360 2009-08-31] (TOSHIBA Corporation)
HKLM\...\Run: [TosHKCW.exe] - C:\Programme\TOSHIBA\Wireless Hotkey\TosHKCW.exe [225280 2009-07-02] (TOSHIBA CORPORATION)
HKLM\...\Run: [TUSBSleepChargeSrv] - %ProgramFiles%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
HKLM\...\Run: [DDWMon] - C:\Programme\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe [495616 2007-04-26] (TOSHIBA Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM\...\Run: [ITSecMng] - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
HKLM\...\Run: [ACU] - C:\Programme\Atheros\ACU.exe [471129 2009-10-07] (Atheros Communications, Inc.)
HKLM\...\Run: [ThpSrv] - C:\WINDOWS\system32\thpsrv /logon
HKLM\...\Run: [TosSENotify] - C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [TWebCamera] - C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-12-09] (TOSHIBA CORPORATION.)
HKLM\...\Run: [SystemTray] - C:\Programme\TrueSuite\TrueSuite.SysTray.exe [619256 2009-11-18] (AuthenTec, Inc)
HKLM\...\Run: [ClientAppLogon] - C:\Programme\TrueSuite\TrueSuite.ClientAppLogonExe.exe [306936 2009-11-18] (AuthenTec, Inc.)
HKLM\...\Run: [FreePDF Assistant] - C:\Programme\FreePDF_XP\fpassist.exe [310272 2005-05-27] (shbox.de)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Samsung PanelMgr] - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [614400 2009-11-26] ()
HKLM\...\Run: [SCX6220_Scan2Pc] - C:\WINDOWS\Twain_32\Samsung\CLX6220\Scan2pc.exe [2042368 2011-12-02] ()
HKLM\...\Run: [6220 Scan2PC] - C:\WINDOWS\Twain_32\Samsung\CLX6220\Scan2pc.exe [2042368 2011-12-02] ()
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [00THotkey] - C:\WINDOWS\system32\00THotkey.exe [253952 2009-06-17] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Programme\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM\...\Run: [Anvi Smart Defender] - C:\Programme\Anvisoft\Anvi Smart Defender\ASDTray.exe [1636536 2013-10-21] (Anvisoft)
Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
MountPoints2: {ed8c6bd8-12c5-11e0-abb2-0026b6de09ce} - E:\DPFMate.exe
HKU\Administrator\...\Run: [TOSHIBA Online Product Information] - C:\Programme\TOSHIBA\Toshiba Online Product Information\topi.exe
HKU\Administrator\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2006-06-01] (Nero AG)
HKU\Default User\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2006-06-01] (Nero AG)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Mozilla\Firefox\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab\SafeBrowser\S-1-5-21-1583877156-3090797743-3329591833-1005\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/MycameraPlugin - C:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Anti-Banner - C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2011-08-07]
FF Extension: Modul zur Link-Untersuchung - C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2011-08-07]
FF Extension: TrueSuite Website Log On - C:\Programme\Mozilla Firefox\extensions\websitelogon_toolbar@truesuite.com [2010-07-06]
FF Extension: Skype extension for Firefox - C:\Programme\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2010-07-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff [2002-09-28]
FF HKLM\...\Firefox\Extensions:  - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-09-07]

Chrome: 
=======
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-08-14]

========================== Services (Whitelisted) =================

R2 ACS; C:\WINDOWS\system32\acs.exe [499797 2009-10-07] (Atheros)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
R2 asdsrv; C:\Programme\Anvisoft\Anvi Smart Defender\ASDSrv.exe [742584 2013-10-21] (Anvisoft)
R2 ATService; C:\Programme\Fingerprint Sensor\atservice.exe [2034936 2009-11-16] (AuthenTec, Inc.)
R2 AVP; C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-20] (Kaspersky Lab ZAO)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
R2 CCALib8; C:\Programme\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.)
R2 CFSvcs; C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2005-01-17] (TOSHIBA CORPORATION)
R2 FPLService; C:\Programme\TrueSuite\TrueSuite.Service.exe [108280 2009-11-18] (AuthenTec, Inc)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2010-08-23] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2010-08-23] (Google Inc.)
R2 IAStorDataMgrSvc; C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336 2009-10-02] (Intel Corporation)
S3 IDriverT; c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [800768 2006-05-30] (Nero AG)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553440 2012-12-12] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre6\bin\jqs.exe [152984 2002-09-28] (Sun Microsystems, Inc.)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S4 Tmesrv; C:\Programme\TOSHIBA\TME3\Tmesrv31.exe [118784 2009-11-20] (TOSHIBA)
R2 TNaviSrv; C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2009-11-12] (TOSHIBA Corporation)
R2 TOSHIBA Bluetooth Service; C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [148848 2009-10-21] (TOSHIBA CORPORATION)
R3 TOSHIBA HDD SSD Alert Service; C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-11-05] (TOSHIBA Corporation)
S2 UNS; C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation)
S2 LMS; C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [x]

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1585728 2009-09-30] (Atheros Communications, Inc.)
R1 asdrm; C:\Windows\System32\DRIVERS\asdrm.sys [16208 2013-10-15] (Anvisoft)
R2 asdrs; C:\WINDOWS\system32\DRIVERS\asdrs.sys [22864 2013-10-15] (Anvisoft)
R1 asdws; C:\Windows\System32\DRIVERS\asdws.sys [14160 2013-10-15] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k5132.sys [160424 2009-09-23] (Intel Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2005-10-28] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2005-10-28] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2005-10-28] (HP)
R3 IFXTPM; C:\Windows\System32\DRIVERS\IFXTPM.SYS [44800 2007-12-18] (Infineon Technologies AG)
R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [102656 2006-05-30] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [29568 2006-05-30] (Nero AG)
U1 InCDrec; C:\Windows\System32\Drivers\InCDrec.sys [9984 2006-05-30] (Nero AG)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [33792 2006-05-30] (Nero AG)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-11-07] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [573536 2013-12-23] (Kaspersky Lab ZAO)
R3 klim5; C:\Windows\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24160 2013-10-20] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [24672 2013-10-20] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2013-12-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 Netdevio; C:\Windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 NVHDA; C:\Windows\System32\drivers\nvhda32.sys [57576 2009-10-12] (NVIDIA Corporation)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-07-28] (REDC)
R2 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2009-11-20] (The OpenVPN Project)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2011-05-25] (AnchorFree Inc)
R2 tdudf; C:\Windows\System32\DRIVERS\tdudf.sys [105856 2007-03-26] (TOSHIBA Corporation)
R1 TMEI3E; C:\Windows\System32\Drivers\TMEI3E.SYS [5888 2004-06-16] (Toshiba Corporation)
R2 trudf; C:\Windows\System32\DRIVERS\trudf.sys [134016 2007-02-19] (TOSHIBA Corporation)
R3 WSIMD; C:\Windows\System32\DRIVERS\wsimd.sys [58208 2009-03-16] (Atheros Communications, Inc.)
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [x]
S4 IntelIde; No ImagePath
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [93280 2013-06-08] (Kaspersky Lab ZAO)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-25 16:01 - 2014-01-25 16:01 - 00000640 _____ C:\Dokumente und Einstellungen\JM\Desktop\JRT.txt
2014-01-25 15:40 - 2014-01-25 15:40 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-25 15:39 - 2014-01-25 15:39 - 01037068 _____ (Thisisu) C:\Dokumente und Einstellungen\JM\Desktop\JRT.exe
2014-01-25 15:25 - 2014-01-25 15:30 - 00000000 ____D C:\AdwCleaner
2014-01-25 15:18 - 2014-01-25 15:18 - 01236282 _____ C:\Dokumente und Einstellungen\JM\Desktop\adwcleaner.exe
2014-01-25 15:17 - 2014-01-25 15:17 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Trojaner-Board
2014-01-25 14:07 - 2014-01-25 14:07 - 00008646 _____ C:\Dokumente und Einstellungen\JM\Desktop\Gmer.txt
2014-01-25 13:28 - 2014-01-21 21:56 - 00380416 _____ C:\Dokumente und Einstellungen\JM\Desktop\gmer.exe
2014-01-25 13:27 - 2014-01-25 13:27 - 00370971 _____ C:\Dokumente und Einstellungen\JM\Desktop\gmer_2.1.19355.zip
2014-01-25 13:21 - 2014-01-25 13:22 - 00021146 _____ C:\Dokumente und Einstellungen\JM\Desktop\Addition.txt
2014-01-25 13:20 - 2014-01-25 16:06 - 00025424 _____ C:\Dokumente und Einstellungen\JM\Desktop\FRST.txt
2014-01-25 13:17 - 2014-01-25 13:17 - 00000000 ____D C:\FRST
2014-01-25 13:16 - 2014-01-25 13:16 - 01222144 _____ (Farbar) C:\Dokumente und Einstellungen\JM\Desktop\FRST.exe
2014-01-25 13:15 - 2014-01-25 14:15 - 00000466 _____ C:\Dokumente und Einstellungen\JM\Desktop\defogger_disable.log
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 _____ C:\Dokumente und Einstellungen\JM\defogger_reenable
2014-01-25 13:10 - 2014-01-25 13:10 - 00050477 _____ C:\Dokumente und Einstellungen\JM\Desktop\Defogger.exe
2014-01-25 12:33 - 2014-01-25 13:11 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\ADAC
2014-01-23 21:08 - 2014-01-25 14:13 - 00005638 _____ C:\WINDOWS\setupapi.log
2014-01-23 17:27 - 2014-01-23 17:27 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2014-01-23 17:26 - 00000756 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-27 09:05 - 2013-12-27 14:46 - 01163264 _____ C:\WINDOWS\system32\㩣摜歯浵湥整甠摮攠湩瑳汥畬杮湥慜汬甠敳獲慜睮湥畤杮摳瑡湥歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤

==================== One Month Modified Files and Folders =======

2014-01-25 16:06 - 2014-01-25 13:20 - 00025424 _____ C:\Dokumente und Einstellungen\JM\Desktop\FRST.txt
2014-01-25 16:03 - 2010-07-06 10:21 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
2014-01-25 16:01 - 2014-01-25 16:01 - 00000640 _____ C:\Dokumente und Einstellungen\JM\Desktop\JRT.txt
2014-01-25 15:46 - 2010-08-23 15:51 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-25 15:40 - 2014-01-25 15:40 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-25 15:39 - 2014-01-25 15:39 - 01037068 _____ (Thisisu) C:\Dokumente und Einstellungen\JM\Desktop\JRT.exe
2014-01-25 15:39 - 2002-09-28 01:19 - 01748354 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-25 15:33 - 2002-09-28 02:17 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-25 15:33 - 2002-09-28 02:17 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-25 15:32 - 2010-08-23 15:51 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-25 15:32 - 2002-09-28 01:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-25 15:31 - 2013-09-07 08:14 - 00268218 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
2014-01-25 15:31 - 2010-07-05 19:28 - 00000300 ___SH C:\Dokumente und Einstellungen\JM\ntuser.ini
2014-01-25 15:31 - 2010-07-05 19:28 - 00000000 ____D C:\Dokumente und Einstellungen\JM
2014-01-25 15:31 - 2010-07-05 16:56 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
2014-01-25 15:31 - 2002-09-28 01:22 - 00032530 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-25 15:30 - 2014-01-25 15:25 - 00000000 ____D C:\AdwCleaner
2014-01-25 15:30 - 2002-09-28 02:16 - 00000000 ___RD C:\Programme
2014-01-25 15:25 - 2010-07-06 11:11 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\FreePDF
2014-01-25 15:18 - 2014-01-25 15:18 - 01236282 _____ C:\Dokumente und Einstellungen\JM\Desktop\adwcleaner.exe
2014-01-25 15:17 - 2014-01-25 15:17 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Trojaner-Board
2014-01-25 14:50 - 2013-09-07 16:27 - 00400924 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1583877156-3090797743-3329591833-1005-0.dat
2014-01-25 14:15 - 2014-01-25 13:15 - 00000466 _____ C:\Dokumente und Einstellungen\JM\Desktop\defogger_disable.log
2014-01-25 14:13 - 2014-01-23 21:08 - 00005638 _____ C:\WINDOWS\setupapi.log
2014-01-25 14:07 - 2014-01-25 14:07 - 00008646 _____ C:\Dokumente und Einstellungen\JM\Desktop\Gmer.txt
2014-01-25 13:27 - 2014-01-25 13:27 - 00370971 _____ C:\Dokumente und Einstellungen\JM\Desktop\gmer_2.1.19355.zip
2014-01-25 13:22 - 2014-01-25 13:21 - 00021146 _____ C:\Dokumente und Einstellungen\JM\Desktop\Addition.txt
2014-01-25 13:17 - 2014-01-25 13:17 - 00000000 ____D C:\FRST
2014-01-25 13:16 - 2014-01-25 13:16 - 01222144 _____ (Farbar) C:\Dokumente und Einstellungen\JM\Desktop\FRST.exe
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 _____ C:\Dokumente und Einstellungen\JM\defogger_reenable
2014-01-25 13:11 - 2014-01-25 12:33 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\ADAC
2014-01-25 13:10 - 2014-01-25 13:10 - 00050477 _____ C:\Dokumente und Einstellungen\JM\Desktop\Defogger.exe
2014-01-25 12:48 - 2002-09-28 03:13 - 00000000 ____D C:\WINDOWS\Help
2014-01-25 12:20 - 2010-07-06 15:54 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Kündigung O2
2014-01-25 12:14 - 2013-12-23 22:08 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Desktop\diving all
2014-01-25 12:08 - 2010-07-06 19:00 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2014-01-25 09:54 - 2009-12-16 09:20 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-23 17:27 - 2014-01-23 17:27 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2014-01-23 17:26 - 00000756 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2002-09-28 02:16 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-01-21 21:56 - 2014-01-25 13:28 - 00380416 _____ C:\Dokumente und Einstellungen\JM\Desktop\gmer.exe
2014-01-12 12:01 - 2010-11-30 15:52 - 00000000 ___RD C:\Dokumente und Einstellungen\JM\Eigene Dateien\Eigene Bilder
2014-01-09 17:02 - 2010-07-06 10:04 - 00102912 _____ C:\Dokumente und Einstellungen\JM\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-05 11:29 - 2011-09-11 09:34 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Haus Eybacherstrasse 5
2014-01-04 14:10 - 2010-07-06 15:59 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Pau Verschiedene
2014-01-04 12:53 - 2002-09-28 02:16 - 01246892 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-31 17:13 - 2010-07-06 06:51 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-12-27 14:46 - 2013-12-27 09:05 - 01163264 _____ C:\WINDOWS\system32\㩣摜歯浵湥整甠摮攠湩瑳汥畬杮湥慜汬甠敳獲慜睮湥畤杮摳瑡湥歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\JM\Lokale Einstellungen\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2009-12-16 09:20] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2009-12-16 09:20] - [2008-04-14 13:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\rpcss.dll
[2009-12-16 09:20] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2009-12-16 09:20] - [2008-04-14 13:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 26.01.2014, 07:34

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Jonitas · 26.01.2014, 20:24

Hallo schrauber,

nach 12 Stunden scan:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok

und hier vom Security Check:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.79  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 CCleaner     
 Java(TM) 6 Update 14  
 Java version out of Date! 
 Adobe Flash Player 9 Flash Player out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
  Adobe Flash Player 	10.1.53.64 Flash Player out of Date!  
 Adobe Reader 10.1.2 Adobe Reader out of Date!  
 Mozilla Firefox 17.0.1 Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Anvisoft Anvi Smart Defender ASDSrv.exe  
 Anvisoft Anvi Smart Defender ASDTray.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````

Hallo schrauber,

und zu guter letzt das FRST. Ich konnte den leeren Ordner schon löschen! Juhuuuu! Danke Dir!
Gruß Jonitas

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-01-2014 03
Ran by JM (administrator) on JONAS on 26-01-2014 20:23:08
Running from C:\Dokumente und Einstellungen\JM\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) ===================

(AuthenTec, Inc) C:\Programme\TrueSuite\TrueSuite.Service.exe
(AuthenTec, Inc.) C:\Programme\Fingerprint Sensor\ATService.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
(Atheros) C:\WINDOWS\system32\acs.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Anvisoft) C:\Programme\Anvisoft\Anvi Smart Defender\ASDSrv.exe
(Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
(Kaspersky Lab ZAO) C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\hidfind.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TNROTATE\TNROTATE.exe
(Alps Electric Co., Ltd.) C:\Programme\Apoint2K\ApntEx.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\Wireless Hotkey\TosHKCW.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Atheros Communications, Inc.) C:\Programme\Atheros\ACU.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\ThpSrv.exe
(AuthenTec, Inc) C:\Programme\TrueSuite\TrueSuite.SysTray.exe
(AuthenTec, Inc.) C:\Programme\TrueSuite\TrueSuite.ClientAppLogonExe.exe
(shbox.de) C:\Programme\FreePDF_XP\fpassist.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\ThpSrv.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TODDSrv.exe
() C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
(TOSHIBA CORPORATION) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
() C:\WINDOWS\twain_32\Samsung\CLX6220\Scan2Pc.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\00THotkey.exe
(Apple Inc.) C:\Programme\iTunes\iTunesHelper.exe
(Anvisoft) C:\Programme\Anvisoft\Anvi Smart Defender\ASDTray.exe
(Intel Corporation) C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(Canon Inc.) C:\Programme\Canon\CAL\CALMAIN.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(AuthenTec Inc.) C:\Programme\TrueSuite\TrueSuite.TouchControl.exe
(Apple Inc.) C:\Programme\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Programme\Apoint2K\Apoint.exe [241664 2009-09-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [TouchED] - C:\Programme\TOSHIBA\TouchED\TouchED.exe [118784 2005-09-01] (TOSHIBA Corporation)
HKLM\...\Run: [TNRotate] - C:\Programme\TOSHIBA\TNRotate\TNRotate.exe [607616 2008-06-12] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe [143360 2009-08-31] (TOSHIBA Corporation)
HKLM\...\Run: [TosHKCW.exe] - C:\Programme\TOSHIBA\Wireless Hotkey\TosHKCW.exe [225280 2009-07-02] (TOSHIBA CORPORATION)
HKLM\...\Run: [TUSBSleepChargeSrv] - C:\Programme\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [253312 2009-10-26] (TOSHIBA)
HKLM\...\Run: [DDWMon] - C:\Programme\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe [495616 2007-04-26] (TOSHIBA Corporation)
HKLM\...\Run: [IAStorIcon] - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM\...\Run: [ITSecMng] - C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM\...\Run: [ACU] - C:\Programme\Atheros\ACU.exe [471129 2009-10-07] (Atheros Communications, Inc.)
HKLM\...\Run: [ThpSrv] - C:\WINDOWS\system32\thpsrv /logon
HKLM\...\Run: [TosSENotify] - C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [TWebCamera] - C:\Programme\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-12-09] (TOSHIBA CORPORATION.)
HKLM\...\Run: [SystemTray] - C:\Programme\TrueSuite\TrueSuite.SysTray.exe [619256 2009-11-18] (AuthenTec, Inc)
HKLM\...\Run: [ClientAppLogon] - C:\Programme\TrueSuite\TrueSuite.ClientAppLogonExe.exe [306936 2009-11-18] (AuthenTec, Inc.)
HKLM\...\Run: [FreePDF Assistant] - C:\Programme\FreePDF_XP\fpassist.exe [310272 2005-05-27] (shbox.de)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [Samsung PanelMgr] - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [614400 2009-11-26] ()
HKLM\...\Run: [SCX6220_Scan2Pc] - C:\WINDOWS\Twain_32\Samsung\CLX6220\Scan2pc.exe [2042368 2011-12-02] ()
HKLM\...\Run: [6220 Scan2PC] - C:\WINDOWS\Twain_32\Samsung\CLX6220\Scan2pc.exe [2042368 2011-12-02] ()
HKLM\...\Run: [NWEReboot] - [x]
HKLM\...\Run: [00THotkey] - C:\WINDOWS\system32\00THotkey.exe [253952 2009-06-17] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Programme\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM\...\Run: [Anvi Smart Defender] - C:\Programme\Anvisoft\Anvi Smart Defender\ASDTray.exe [1636536 2013-10-21] (Anvisoft)
Winlogon\Notify\klogon: C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
MountPoints2: {ed8c6bd8-12c5-11e0-abb2-0026b6de09ce} - E:\DPFMate.exe
HKU\Administrator\...\Run: [TOSHIBA Online Product Information] - C:\Programme\TOSHIBA\Toshiba Online Product Information\topi.exe
HKU\Administrator\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2006-06-01] (Nero AG)
HKU\Default User\...\Run: [MSMSGS] - C:\Programme\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe [ 2006-06-01] (Nero AG)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Mozilla\Firefox\C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab\SafeBrowser\S-1-5-21-1583877156-3090797743-3329591833-1005\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/MycameraPlugin - C:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Anti-Banner - C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2011-08-07]
FF Extension: Modul zur Link-Untersuchung - C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2011-08-07]
FF Extension: TrueSuite Website Log On - C:\Programme\Mozilla Firefox\extensions\websitelogon_toolbar@truesuite.com [2010-07-06]
FF Extension: Skype extension for Firefox - C:\Programme\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2010-07-13]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff [2002-09-28]
FF HKLM\...\Firefox\Extensions:  - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-09-07]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-09-07]

Chrome: 
=======
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-08-14]

========================== Services (Whitelisted) =================

R2 ACS; C:\WINDOWS\system32\acs.exe [499797 2009-10-07] (Atheros)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
R2 asdsrv; C:\Programme\Anvisoft\Anvi Smart Defender\ASDSrv.exe [742584 2013-10-21] (Anvisoft)
R2 ATService; C:\Programme\Fingerprint Sensor\atservice.exe [2034936 2009-11-16] (AuthenTec, Inc.)
R2 AVP; C:\Programme\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-20] (Kaspersky Lab ZAO)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
R2 CCALib8; C:\Programme\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.)
R2 CFSvcs; C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2005-01-17] (TOSHIBA CORPORATION)
R2 FPLService; C:\Programme\TrueSuite\TrueSuite.Service.exe [108280 2009-11-18] (AuthenTec, Inc)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2010-08-23] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [136176 2010-08-23] (Google Inc.)
R2 IAStorDataMgrSvc; C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336 2009-10-02] (Intel Corporation)
S3 IDriverT; c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [800768 2006-05-30] (Nero AG)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553440 2012-12-12] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre6\bin\jqs.exe [152984 2002-09-28] (Sun Microsystems, Inc.)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
S4 Tmesrv; C:\Programme\TOSHIBA\TME3\Tmesrv31.exe [118784 2009-11-20] (TOSHIBA)
R2 TNaviSrv; C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2009-11-12] (TOSHIBA Corporation)
R2 TOSHIBA Bluetooth Service; C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [148848 2009-10-21] (TOSHIBA CORPORATION)
R3 TOSHIBA HDD SSD Alert Service; C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-11-05] (TOSHIBA Corporation)
S2 UNS; C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation)
S2 LMS; C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [x]

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1585728 2009-09-30] (Atheros Communications, Inc.)
R1 asdrm; C:\WINDOWS\System32\DRIVERS\asdrm.sys [16208 2013-10-15] (Anvisoft)
R2 asdrs; C:\WINDOWS\system32\DRIVERS\asdrs.sys [22864 2013-10-15] (Anvisoft)
R1 asdws; C:\WINDOWS\System32\DRIVERS\asdws.sys [14160 2013-10-15] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 e1kexpress; C:\WINDOWS\System32\DRIVERS\e1k5132.sys [160424 2009-09-23] (Intel Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2005-10-28] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2005-10-28] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2005-10-28] (HP)
R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [44800 2007-12-18] (Infineon Technologies AG)
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [102656 2006-05-30] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [29568 2006-05-30] (Nero AG)
U1 InCDrec; C:\Windows\System32\Drivers\InCDrec.sys [9984 2006-05-30] (Nero AG)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [33792 2006-05-30] (Nero AG)
R0 KL1; C:\WINDOWS\System32\DRIVERS\kl1.sys [135776 2013-11-07] (Kaspersky Lab ZAO)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [573536 2013-12-23] (Kaspersky Lab ZAO)
R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [24160 2013-10-20] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2013-10-20] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [144992 2013-12-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 Netdevio; C:\WINDOWS\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [57576 2009-10-12] (NVIDIA Corporation)
R3 PGEffect; C:\WINDOWS\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
R2 risdpcie; C:\WINDOWS\System32\DRIVERS\risdpe86.sys [49152 2009-07-28] (REDC)
R2 rixdpcie; C:\WINDOWS\System32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [25984 2009-11-20] (The OpenVPN Project)
S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [32768 2011-05-25] (AnchorFree Inc)
R2 tdudf; C:\WINDOWS\System32\DRIVERS\tdudf.sys [105856 2007-03-26] (TOSHIBA Corporation)
R1 TMEI3E; C:\WINDOWS\System32\Drivers\TMEI3E.SYS [5888 2004-06-16] (Toshiba Corporation)
R2 trudf; C:\WINDOWS\System32\DRIVERS\trudf.sys [134016 2007-02-19] (TOSHIBA Corporation)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [58208 2009-03-16] (Atheros Communications, Inc.)
S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [x]
S4 IntelIde; No ImagePath
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [93280 2013-06-08] (Kaspersky Lab ZAO)
U1 WS2IFSL; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-26 20:23 - 2014-01-26 20:23 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Desktop\FRST-OlderVersion
2014-01-26 20:18 - 2014-01-26 20:18 - 00987425 _____ C:\Dokumente und Einstellungen\JM\Desktop\SecurityCheck.exe
2014-01-26 20:06 - 2014-01-26 20:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2345886$
2014-01-26 20:05 - 2014-01-26 20:05 - 00008359 _____ C:\WINDOWS\KB975558.log
2014-01-26 20:05 - 2014-01-26 20:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-01-26 20:05 - 2014-01-26 20:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB970430$
2014-01-26 20:02 - 2014-01-26 20:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974571$
2014-01-26 20:01 - 2014-01-26 20:01 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-26 19:27 - 2014-01-26 19:27 - 00219760 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2014-01-26 19:27 - 2014-01-26 19:27 - 00000000 __SHD C:\Dokumente und Einstellungen\JM\IETldCache
2014-01-26 18:42 - 2014-01-26 18:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2014-01-26 18:26 - 2014-01-26 18:31 - 00063793 _____ C:\WINDOWS\KB2898785-IE8.log
2014-01-26 18:21 - 2014-01-26 18:26 - 00065170 _____ C:\WINDOWS\KB2862772-IE8.log
2014-01-26 18:16 - 2014-01-26 18:21 - 00068679 _____ C:\WINDOWS\KB2744842-IE8.log
2014-01-26 18:15 - 2013-10-29 08:57 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-01-26 18:10 - 2014-01-26 18:15 - 00071665 _____ C:\WINDOWS\KB2618444-IE8.log
2014-01-26 18:07 - 2014-01-26 18:09 - 00062399 _____ C:\WINDOWS\KB2598845-IE8.log
2014-01-26 18:07 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2014-01-26 18:05 - 2014-01-26 18:07 - 00061721 _____ C:\WINDOWS\KB2467659.log
2014-01-26 18:05 - 2014-01-26 18:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2467659$
2014-01-26 18:01 - 2014-01-26 18:01 - 00000000 ____D C:\WINDOWS\ie8updates
2014-01-26 18:00 - 2014-01-26 18:04 - 00075952 _____ C:\WINDOWS\KB982381-IE8.log
2014-01-26 17:59 - 2013-10-29 08:57 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-01-26 17:59 - 2013-10-29 08:57 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-01-26 17:59 - 2013-10-29 08:57 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-01-26 17:59 - 2013-10-29 08:57 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-01-26 17:59 - 2013-10-29 08:57 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-01-26 17:59 - 2013-10-29 08:57 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-01-26 17:59 - 2013-10-29 08:57 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-01-26 17:58 - 2014-01-26 19:27 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-26 17:54 - 2014-01-26 17:59 - 00076469 _____ C:\WINDOWS\ie8.log
2014-01-26 17:54 - 2014-01-26 17:59 - 00000000 __HDC C:\WINDOWS\ie8
2014-01-26 17:46 - 2014-01-06 16:20 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-26 17:34 - 2014-01-26 18:31 - 00090888 _____ C:\WINDOWS\ie8_main.log
2014-01-26 17:06 - 2014-01-26 17:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2387149$
2014-01-26 17:05 - 2014-01-26 17:08 - 00039087 _____ C:\WINDOWS\KB2387149.log
2014-01-26 17:03 - 2014-01-26 17:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2712808$
2014-01-26 17:00 - 2014-01-26 17:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB960859$
2014-01-26 16:34 - 2014-01-26 16:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2479943$
2014-01-26 16:30 - 2014-01-26 16:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2659262$
2014-01-26 16:29 - 2014-01-26 16:32 - 00036324 _____ C:\WINDOWS\KB2659262.log
2014-01-26 16:27 - 2014-01-26 16:29 - 00035337 _____ C:\WINDOWS\KB2564958.log
2014-01-26 16:27 - 2014-01-26 16:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2564958$
2014-01-26 16:17 - 2014-01-26 16:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2478971$
2014-01-26 16:15 - 2014-01-26 16:21 - 00037395 _____ C:\WINDOWS\KB2478971.log
2014-01-26 15:59 - 2014-01-26 15:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2758857$
2014-01-26 15:56 - 2014-01-26 15:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-01-26 15:54 - 2014-01-26 15:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2014-01-26 15:53 - 2014-01-26 15:56 - 00034005 _____ C:\WINDOWS\KB2834886.log
2014-01-26 15:52 - 2014-01-26 15:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-01-26 15:50 - 2014-01-26 15:53 - 00036827 _____ C:\WINDOWS\KB2536276-v2.log
2014-01-26 15:49 - 2014-01-26 15:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2585542$
2014-01-26 15:47 - 2014-01-26 15:48 - 00032530 _____ C:\WINDOWS\KB923723.log
2014-01-26 15:47 - 2014-01-26 15:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB923723$
2014-01-26 15:44 - 2014-01-26 15:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2631813$
2014-01-26 15:41 - 2014-01-26 15:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2296011$
2014-01-26 15:39 - 2014-01-26 15:43 - 00033856 _____ C:\WINDOWS\KB2296011.log
2014-01-26 15:33 - 2014-01-26 15:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2691442$
2014-01-26 15:19 - 2014-01-26 15:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2014-01-26 15:15 - 2014-01-26 15:20 - 00033198 _____ C:\WINDOWS\KB2900986.log
2014-01-26 15:11 - 2014-01-26 15:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2115168$
2014-01-26 14:53 - 2014-01-26 14:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB955759$
2014-01-26 14:52 - 2014-01-26 14:57 - 00036387 _____ C:\WINDOWS\KB955759.log
2014-01-26 14:49 - 2014-01-26 20:08 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2014-01-26 14:49 - 2014-01-26 14:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2014-01-26 14:49 - 2014-01-26 14:49 - 00000000 ____D C:\WINDOWS\system32\KB905474
2014-01-26 14:18 - 2014-01-26 14:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-01-26 14:17 - 2014-01-26 14:20 - 00032564 _____ C:\WINDOWS\KB2378111.log
2014-01-26 14:15 - 2014-01-26 14:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974318$
2014-01-26 14:12 - 2014-01-26 14:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB969059$
2014-01-26 14:05 - 2014-01-26 14:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2443105$
2014-01-26 14:02 - 2014-01-26 14:10 - 00033015 _____ C:\WINDOWS\KB2443105.log
2014-01-26 13:58 - 2014-01-26 13:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2655992$
2014-01-26 13:17 - 2014-01-26 13:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2802968$
2014-01-26 13:10 - 2014-01-26 13:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2229593$
2014-01-26 13:08 - 2014-01-26 13:14 - 00032257 _____ C:\WINDOWS\KB2229593.log
2014-01-26 13:06 - 2014-01-26 13:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2481109$
2014-01-26 13:01 - 2014-01-26 13:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2014-01-26 12:56 - 2014-01-26 12:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975713$
2014-01-26 12:53 - 2014-01-26 12:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2598479$
2014-01-26 12:52 - 2014-01-26 12:54 - 00031892 _____ C:\WINDOWS\KB2598479.log
2014-01-26 12:50 - 2014-01-26 12:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898785$
2014-01-26 12:48 - 2014-01-26 12:49 - 00027968 _____ C:\WINDOWS\KB2686509.log
2014-01-26 12:48 - 2014-01-26 12:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2686509$
2014-01-26 12:46 - 2014-01-26 12:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982132$
2014-01-26 12:43 - 2014-01-26 12:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2014-01-26 12:41 - 2014-01-26 12:45 - 00026502 _____ C:\WINDOWS\KB2862335.log
2014-01-26 12:40 - 2014-01-26 12:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971657$
2014-01-26 12:29 - 2014-01-26 12:31 - 00028037 _____ C:\WINDOWS\KB978338.log
2014-01-26 12:29 - 2014-01-26 12:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978338$
2014-01-26 12:27 - 2014-01-26 20:06 - 00034246 _____ C:\WINDOWS\KB2345886.log
2014-01-26 12:27 - 2014-01-26 12:28 - 00025334 _____ C:\WINDOWS\KB954155.log
2014-01-26 12:27 - 2014-01-26 12:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-01-26 12:26 - 2009-09-11 15:17 - 00136192 ____N (Microsoft Corporation) C:\WINDOWS\system32\SET18.tmp
2014-01-26 12:25 - 2014-01-26 12:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2507938$
2014-01-26 12:23 - 2014-01-26 12:24 - 00023264 _____ C:\WINDOWS\KB2834904-v2.log
2014-01-26 12:23 - 2014-01-26 12:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-01-26 12:21 - 2014-01-26 12:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2780091$
2014-01-26 12:19 - 2014-01-26 12:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB972270$
2014-01-26 11:44 - 2014-01-26 11:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2014-01-26 11:23 - 2014-01-26 11:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974112$
2014-01-26 11:18 - 2014-01-26 11:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2014-01-26 11:16 - 2014-01-26 11:21 - 00024363 _____ C:\WINDOWS\KB2904266.log
2014-01-26 11:15 - 2014-01-26 11:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2347290$
2014-01-26 11:12 - 2014-01-26 11:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2014-01-26 11:09 - 2014-01-26 11:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2483185$
2014-01-26 10:46 - 2014-01-26 10:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979687$
2014-01-26 10:32 - 2014-01-26 10:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2014-01-26 10:30 - 2014-01-26 10:32 - 00025157 _____ C:\WINDOWS\KB973869.log
2014-01-26 10:30 - 2014-01-26 10:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973869$
2014-01-26 10:28 - 2014-01-26 10:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975025$
2014-01-26 10:26 - 2014-01-26 10:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2719985$
2014-01-26 10:24 - 2014-01-26 10:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2014-01-26 10:22 - 2014-01-26 10:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2592799$
2014-01-26 10:21 - 2014-01-26 10:23 - 00025174 _____ C:\WINDOWS\KB2592799.log
2014-01-26 10:20 - 2014-01-26 10:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975560$
2014-01-26 10:18 - 2014-01-26 10:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973507$
2014-01-26 10:15 - 2014-01-26 10:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2770660$
2014-01-26 10:13 - 2014-01-26 10:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB941569$
2014-01-26 10:08 - 2014-01-26 10:14 - 00028765 _____ C:\WINDOWS\KB941569.log
2014-01-26 10:06 - 2014-01-26 10:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2535512$
2014-01-26 10:05 - 2014-01-26 10:08 - 00024985 _____ C:\WINDOWS\KB2535512.log
2014-01-26 10:03 - 2014-01-26 10:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2014-01-26 09:49 - 2014-01-26 09:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2014-01-26 09:46 - 2014-01-26 09:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2014-01-26 09:42 - 2014-01-26 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2807986$
2014-01-26 09:40 - 2014-01-26 09:44 - 00023920 _____ C:\WINDOWS\KB2807986.log
2014-01-26 09:38 - 2014-01-26 09:40 - 00023268 _____ C:\WINDOWS\KB2570947.log
2014-01-26 09:38 - 2014-01-26 09:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2570947$
2014-01-26 09:11 - 2014-01-26 09:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2014-01-26 09:09 - 2014-01-26 09:12 - 00022345 _____ C:\WINDOWS\KB2868038.log
2014-01-26 09:07 - 2014-01-26 09:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2820917$
2014-01-26 09:06 - 2014-01-26 09:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2603381$
2014-01-26 09:05 - 2014-01-26 09:07 - 00022681 _____ C:\WINDOWS\KB2603381.log
2014-01-26 09:04 - 2014-01-26 09:05 - 00023470 _____ C:\WINDOWS\KB973904.log
2014-01-26 09:04 - 2014-01-26 09:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973904$
2014-01-26 09:03 - 2014-01-26 09:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2014-01-26 08:59 - 2014-01-26 08:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2757638$
2014-01-26 08:57 - 2014-01-26 14:20 - 00000912 _____ C:\WINDOWS\wmsetup.log
2014-01-26 08:55 - 2014-01-26 08:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-01-26 08:53 - 2014-01-26 08:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2419632$
2014-01-26 08:50 - 2014-01-26 08:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2508429$
2014-01-26 08:45 - 2014-01-26 08:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2653956$
2014-01-26 08:43 - 2014-01-26 08:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974392$
2014-01-26 08:41 - 2014-01-26 08:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2749655$
2014-01-26 08:38 - 2014-01-26 08:39 - 00008794 _____ C:\WINDOWS\KB976002-v5.log
2014-01-26 08:36 - 2014-01-26 08:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971029$
2014-01-26 08:35 - 2014-01-26 08:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2014-01-26 08:34 - 2014-01-26 08:35 - 00014643 _____ C:\WINDOWS\KB952069.log
2014-01-26 08:33 - 2014-01-26 08:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB977914$
2014-01-26 08:32 - 2014-01-26 08:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2014-01-26 08:31 - 2014-01-26 08:32 - 00015576 _____ C:\WINDOWS\KB2698365.log
2014-01-26 08:31 - 2014-01-26 08:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2698365$
2014-01-26 08:30 - 2014-01-26 08:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2619339$
2014-01-26 08:29 - 2014-01-26 08:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-01-26 08:27 - 2014-01-26 08:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2727528$
2014-01-26 08:26 - 2014-01-26 08:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979482$
2014-01-26 08:25 - 2014-01-26 08:26 - 00013066 _____ C:\WINDOWS\KB981997.log
2014-01-26 08:25 - 2014-01-26 08:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB981997$
2014-01-26 08:24 - 2014-01-26 08:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973815$
2014-01-26 08:23 - 2014-01-26 08:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2813345$
2014-01-26 08:22 - 2014-01-26 08:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2509553$
2014-01-26 08:20 - 2014-01-26 08:20 - 02347384 _____ (ESET) C:\Dokumente und Einstellungen\JM\Desktop\esetsmartinstaller_enu.exe
2014-01-26 08:20 - 2014-01-26 08:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2676562$
2014-01-26 08:19 - 2014-01-26 08:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982665$
2014-01-26 08:17 - 2014-01-26 08:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2478960$
2014-01-26 08:16 - 2014-01-26 08:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2584146$
2014-01-25 18:36 - 2014-01-26 20:03 - 00017360 _____ C:\WINDOWS\KB974571.log
2014-01-25 18:35 - 2014-01-25 18:36 - 00016405 _____ C:\WINDOWS\KB977816.log
2014-01-25 18:35 - 2014-01-25 18:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB977816$
2014-01-25 18:34 - 2014-01-26 19:35 - 00008996 _____ C:\WINDOWS\spupdsvc.log
2014-01-25 18:34 - 2014-01-25 18:35 - 00011756 _____ C:\WINDOWS\KB978695.log
2014-01-25 18:34 - 2014-01-25 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-01-25 18:33 - 2014-01-25 18:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB929399$
2014-01-25 18:32 - 2014-01-25 18:34 - 00016777 _____ C:\WINDOWS\KB929399.log
2014-01-25 18:31 - 2014-01-25 18:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2506212$
2014-01-25 18:30 - 2014-01-25 18:32 - 00016846 _____ C:\WINDOWS\KB2506212.log
2014-01-25 18:29 - 2014-01-25 18:30 - 00015553 _____ C:\WINDOWS\KB978542.log
2014-01-25 18:29 - 2014-01-25 18:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978542$
2014-01-25 18:28 - 2014-01-25 18:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979309$
2014-01-25 18:26 - 2014-01-25 18:27 - 00016049 _____ C:\WINDOWS\KB2723135-v2.log
2014-01-25 18:26 - 2014-01-25 18:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-01-25 18:15 - 2014-01-25 18:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2014-01-25 18:02 - 2014-01-25 18:02 - 00315942 _____ C:\WINDOWS\msxml4-KB973688-deu.LOG
2014-01-25 17:19 - 2014-01-26 18:44 - 00069323 _____ C:\WINDOWS\KB2868626.log
2014-01-25 17:18 - 2014-01-26 17:05 - 00051777 _____ C:\WINDOWS\KB2712808.log
2014-01-25 17:17 - 2014-01-26 17:02 - 00051242 _____ C:\WINDOWS\KB960859.log
2014-01-25 17:16 - 2014-01-26 16:36 - 00051198 _____ C:\WINDOWS\KB2479943.log
2014-01-25 17:16 - 2014-01-26 16:00 - 00049141 _____ C:\WINDOWS\KB2758857.log
2014-01-25 17:15 - 2014-01-26 15:58 - 00048739 _____ C:\WINDOWS\KB2544893-v2.log
2014-01-25 17:15 - 2014-01-26 15:50 - 00049350 _____ C:\WINDOWS\KB2585542.log
2014-01-25 17:13 - 2014-01-26 15:46 - 00047987 _____ C:\WINDOWS\KB2631813.log
2014-01-25 17:12 - 2014-01-26 15:38 - 00048586 _____ C:\WINDOWS\KB2691442.log
2014-01-25 17:12 - 2014-01-25 17:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2393802$
2014-01-25 17:11 - 2014-01-26 15:15 - 00047445 _____ C:\WINDOWS\KB2115168.log
2014-01-25 17:11 - 2014-01-26 14:52 - 00044903 _____ C:\WINDOWS\KB2847311.log
2014-01-25 17:11 - 2014-01-25 17:14 - 00016277 _____ C:\WINDOWS\KB2393802.log
2014-01-25 17:11 - 2010-08-23 17:11 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2014-01-25 17:10 - 2014-01-25 17:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2620712$
2014-01-25 17:09 - 2014-01-26 14:14 - 00045393 _____ C:\WINDOWS\KB969059.log
2014-01-25 17:09 - 2014-01-25 17:11 - 00013874 _____ C:\WINDOWS\KB2620712.log
2014-01-25 17:08 - 2014-01-26 14:01 - 00045076 _____ C:\WINDOWS\KB2655992.log
2014-01-25 17:07 - 2014-01-26 14:17 - 00046121 _____ C:\WINDOWS\KB974318.log
2014-01-25 17:07 - 2014-01-26 13:19 - 00044009 _____ C:\WINDOWS\KB2802968.log
2014-01-25 17:07 - 2014-01-25 17:09 - 00013197 _____ C:\WINDOWS\KB2566454.log
2014-01-25 17:07 - 2014-01-25 17:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2566454$
2014-01-25 17:06 - 2014-01-26 13:04 - 00042268 _____ C:\WINDOWS\KB2898715.log
2014-01-25 17:06 - 2010-06-14 15:31 - 00744448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2014-01-25 17:05 - 2014-01-26 13:08 - 00044992 _____ C:\WINDOWS\KB2481109.log
2014-01-25 17:05 - 2014-01-26 12:58 - 00043054 _____ C:\WINDOWS\KB975713.log
2014-01-25 17:05 - 2014-01-25 17:07 - 00012848 _____ C:\WINDOWS\KB2661637.log
2014-01-25 17:05 - 2014-01-25 17:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2661637$
2014-01-25 17:03 - 2014-01-25 17:05 - 00010583 _____ C:\WINDOWS\KB2914368.log
2014-01-25 17:03 - 2014-01-25 17:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-25 17:03 - 2011-10-14 15:47 - 00178176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winmm.dll
2014-01-25 17:03 - 2011-10-14 15:47 - 00023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mciseq.dll
2014-01-25 17:02 - 2014-01-26 12:52 - 00041390 _____ C:\WINDOWS\KB2898785.log
2014-01-25 17:02 - 2014-01-26 12:47 - 00039460 _____ C:\WINDOWS\KB982132.log
2014-01-25 17:02 - 2013-07-03 03:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-01-25 17:01 - 2014-01-26 12:41 - 00038489 _____ C:\WINDOWS\KB971657.log
2014-01-25 17:01 - 2014-01-26 12:22 - 00038352 _____ C:\WINDOWS\KB2780091.log
2014-01-25 17:00 - 2014-01-26 12:27 - 00037969 _____ C:\WINDOWS\KB2507938.log
2014-01-25 17:00 - 2010-08-27 09:01 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\t2embed.dll
2014-01-25 17:00 - 2009-10-15 17:28 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fontsub.dll
2014-01-25 16:59 - 2014-01-26 11:46 - 00035144 _____ C:\WINDOWS\KB2845187.log
2014-01-25 16:58 - 2014-01-26 11:25 - 00036822 _____ C:\WINDOWS\KB974112.log
2014-01-25 16:58 - 2010-02-12 05:33 - 00100864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\6to4svc.dll
2014-01-25 16:57 - 2014-01-26 11:14 - 00034841 _____ C:\WINDOWS\KB2876217.log
2014-01-25 16:57 - 2014-01-26 11:12 - 00037603 _____ C:\WINDOWS\KB2483185.log
2014-01-25 16:56 - 2014-01-26 10:48 - 00036910 _____ C:\WINDOWS\KB979687.log
2014-01-25 16:56 - 2010-02-11 13:02 - 00226880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcpip6.sys
2014-01-25 16:56 - 2008-06-20 12:51 - 00361600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcpip.sys
2014-01-25 16:55 - 2014-01-26 10:34 - 00033675 _____ C:\WINDOWS\KB2864063.log
2014-01-25 16:55 - 2014-01-26 10:30 - 00035146 _____ C:\WINDOWS\KB975025.log
2014-01-25 16:55 - 2009-07-27 23:24 - 00128512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dhtmled.ocx
2014-01-25 16:54 - 2014-01-26 10:27 - 00035693 _____ C:\WINDOWS\KB2719985.log
2014-01-25 16:54 - 2014-01-26 10:25 - 00033358 _____ C:\WINDOWS\KB2862152.log
2014-01-25 16:53 - 2014-01-26 10:19 - 00034906 _____ C:\WINDOWS\KB973507.log
2014-01-25 16:52 - 2014-01-26 09:50 - 00031275 _____ C:\WINDOWS\KB2876331.log
2014-01-25 16:51 - 2014-01-26 09:48 - 00032405 _____ C:\WINDOWS\KB2859537.log
2014-01-25 16:51 - 2013-02-12 01:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2014-01-25 16:51 - 2013-02-12 01:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2014-01-25 16:51 - 2011-04-21 14:37 - 00105472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2014-01-25 16:50 - 2014-01-26 10:05 - 00032120 _____ C:\WINDOWS\KB2850869.log
2014-01-25 16:49 - 2014-01-26 09:09 - 00033072 _____ C:\WINDOWS\KB2820917.log
2014-01-25 16:49 - 2013-07-17 01:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-01-25 16:49 - 2013-07-17 01:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-01-25 16:49 - 2013-07-17 01:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-01-25 16:47 - 2014-01-26 09:04 - 00030253 _____ C:\WINDOWS\KB2893294.log
2014-01-25 16:46 - 2014-01-26 09:02 - 00032369 _____ C:\WINDOWS\KB2757638.log
2014-01-25 16:45 - 2014-01-26 08:52 - 00026899 _____ C:\WINDOWS\KB2508429.log
2014-01-25 16:44 - 2014-01-26 08:55 - 00033889 _____ C:\WINDOWS\KB2419632.log
2014-01-25 16:44 - 2014-01-26 08:46 - 00026056 _____ C:\WINDOWS\KB2653956.log
2014-01-25 16:43 - 2014-01-26 08:44 - 00025579 _____ C:\WINDOWS\KB974392.log
2014-01-25 16:43 - 2014-01-26 08:42 - 00025131 _____ C:\WINDOWS\KB2749655.log
2014-01-25 16:43 - 2014-01-26 08:36 - 00022054 _____ C:\WINDOWS\KB2893984.log
2014-01-25 16:43 - 2010-02-12 11:03 - 00293376 ____N (Microsoft Corporation) C:\WINDOWS\system32\browserchoice.exe
2014-01-25 16:42 - 2014-01-26 08:33 - 00021053 _____ C:\WINDOWS\KB2892075.log
2014-01-25 16:42 - 2012-05-28 19:16 - 00536576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2014-01-25 16:41 - 2014-01-26 08:38 - 00024635 _____ C:\WINDOWS\KB971029.log
2014-01-25 16:39 - 2014-01-26 08:34 - 00024969 _____ C:\WINDOWS\KB977914.log
2014-01-25 16:39 - 2014-01-25 16:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975467$
2014-01-25 16:37 - 2014-01-26 20:06 - 00051366 _____ C:\WINDOWS\updspapi.log
2014-01-25 16:35 - 2014-01-26 08:31 - 00021169 _____ C:\WINDOWS\KB2619339.log
2014-01-25 16:35 - 2014-01-25 16:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB968389$
2014-01-25 16:34 - 2014-01-26 08:29 - 00021804 _____ C:\WINDOWS\KB2705219-v2.log
2014-01-25 16:33 - 2014-01-26 08:28 - 00020099 _____ C:\WINDOWS\KB2727528.log
2014-01-25 16:32 - 2014-01-25 16:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2423089$
2014-01-25 16:31 - 2014-01-26 08:27 - 00019828 _____ C:\WINDOWS\KB979482.log
2014-01-25 16:31 - 2014-01-25 16:35 - 00007327 _____ C:\WINDOWS\KB2423089.log
2014-01-25 16:30 - 2010-06-18 14:36 - 03558912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
2014-01-25 16:28 - 2014-01-26 08:25 - 00019797 _____ C:\WINDOWS\KB973815.log
2014-01-25 16:28 - 2012-07-04 15:05 - 00139784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2014-01-25 16:27 - 2014-01-26 08:24 - 00021175 _____ C:\WINDOWS\KB2813345.log
2014-01-25 16:27 - 2014-01-26 08:20 - 00017484 _____ C:\WINDOWS\KB982665.log
2014-01-25 16:27 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-01-25 16:27 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2014-01-25 16:27 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-01-25 16:27 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-01-25 16:25 - 2014-01-26 08:22 - 00021911 _____ C:\WINDOWS\KB2676562.log
2014-01-25 16:24 - 2014-01-26 08:23 - 00020802 _____ C:\WINDOWS\KB2509553.log
2014-01-25 16:23 - 2009-09-04 22:03 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msasn1.dll
2014-01-25 16:23 - 2009-09-04 22:03 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET1A.tmp
2014-01-25 16:21 - 2013-07-04 08:33 - 02195840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2014-01-25 16:21 - 2013-07-04 08:33 - 02152448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2014-01-25 16:21 - 2013-07-04 08:33 - 02072448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2014-01-25 16:21 - 2013-07-04 08:33 - 02031104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2014-01-25 16:21 - 2010-12-09 16:15 - 00743936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntdll.dll
2014-01-25 16:20 - 2014-01-25 18:29 - 00019791 _____ C:\WINDOWS\KB979309.log
2014-01-25 16:20 - 2011-07-08 15:02 - 00010496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2014-01-25 16:19 - 2013-11-27 21:21 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2014-01-25 16:19 - 2012-01-11 20:06 - 00003072 ____N C:\WINDOWS\system32\iacenc.dll
2014-01-25 16:19 - 2012-01-11 20:06 - 00003072 ____C C:\WINDOWS\system32\dllcache\iacenc.dll
2014-01-25 16:17 - 2014-01-26 20:02 - 00037626 _____ C:\WINDOWS\KB975467.log
2014-01-25 16:17 - 2014-01-26 08:17 - 00015591 _____ C:\WINDOWS\KB2584146.log
2014-01-25 16:15 - 2014-01-26 20:15 - 00020248 _____ C:\WINDOWS\KB968389.log
2014-01-25 16:15 - 2010-10-11 15:59 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2014-01-25 16:09 - 2014-01-26 20:06 - 00827530 _____ C:\WINDOWS\iis6.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00766649 _____ C:\WINDOWS\FaxSetup.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00366544 _____ C:\WINDOWS\ocgen.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00349804 _____ C:\WINDOWS\tsoc.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00255179 _____ C:\WINDOWS\comsetup.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00234006 _____ C:\WINDOWS\msmqinst.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00154457 _____ C:\WINDOWS\ntdtcsetup.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00134292 _____ C:\WINDOWS\netfxocm.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00052700 _____ C:\WINDOWS\MedCtrOC.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00042408 _____ C:\WINDOWS\ocmsn.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00038564 _____ C:\WINDOWS\tabletoc.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00037572 _____ C:\WINDOWS\msgsocm.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00001374 _____ C:\WINDOWS\imsins.log
2014-01-25 16:09 - 2014-01-26 20:06 - 00001374 _____ C:\WINDOWS\imsins.BAK
2014-01-25 16:09 - 2014-01-25 16:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB898461$
2014-01-25 16:09 - 2014-01-25 16:09 - 00000000 ____D C:\WINDOWS\system32\PreInstall
2014-01-25 16:09 - 2014-01-25 16:09 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-25 16:09 - 2014-01-25 16:09 - 00000000 _____ C:\WINDOWS\setupact.log
2014-01-25 16:09 - 2009-01-07 18:20 - 00018464 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2014-01-25 16:08 - 2014-01-25 16:09 - 00006852 _____ C:\WINDOWS\KB898461.log
2014-01-25 16:01 - 2014-01-25 16:01 - 00000640 _____ C:\Dokumente und Einstellungen\JM\Desktop\JRT.txt
2014-01-25 15:40 - 2014-01-25 15:40 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-25 15:39 - 2014-01-25 15:39 - 01037068 _____ (Thisisu) C:\Dokumente und Einstellungen\JM\Desktop\JRT.exe
2014-01-25 15:39 - 2010-11-18 19:12 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isign32.dll
2014-01-25 15:38 - 2011-10-28 06:31 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\csrsrv.dll
2014-01-25 15:38 - 2011-10-10 15:22 - 00692736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcomm.dll
2014-01-25 15:38 - 2011-02-08 14:33 - 00978944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc42.dll
2014-01-25 15:38 - 2010-09-18 07:52 - 00954368 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40.dll
2014-01-25 15:38 - 2010-09-18 07:52 - 00953856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2014-01-25 15:25 - 2014-01-25 15:30 - 00000000 ____D C:\AdwCleaner
2014-01-25 15:18 - 2014-01-25 15:18 - 01236282 _____ C:\Dokumente und Einstellungen\JM\Desktop\adwcleaner.exe
2014-01-25 15:17 - 2014-01-25 15:17 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Trojaner-Board
2014-01-25 14:07 - 2014-01-25 14:07 - 00008646 _____ C:\Dokumente und Einstellungen\JM\Desktop\Gmer.txt
2014-01-25 13:28 - 2014-01-21 21:56 - 00380416 _____ C:\Dokumente und Einstellungen\JM\Desktop\gmer.exe
2014-01-25 13:27 - 2014-01-25 13:27 - 00370971 _____ C:\Dokumente und Einstellungen\JM\Desktop\gmer_2.1.19355.zip
2014-01-25 13:21 - 2014-01-25 13:22 - 00021146 _____ C:\Dokumente und Einstellungen\JM\Desktop\Addition.txt
2014-01-25 13:20 - 2014-01-26 20:23 - 00025055 _____ C:\Dokumente und Einstellungen\JM\Desktop\FRST.txt
2014-01-25 13:17 - 2014-01-26 20:23 - 00000000 ____D C:\FRST
2014-01-25 13:16 - 2014-01-26 20:23 - 01222656 _____ (Farbar) C:\Dokumente und Einstellungen\JM\Desktop\FRST.exe
2014-01-25 13:15 - 2014-01-25 14:15 - 00000466 _____ C:\Dokumente und Einstellungen\JM\Desktop\defogger_disable.log
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 _____ C:\Dokumente und Einstellungen\JM\defogger_reenable
2014-01-25 13:10 - 2014-01-25 13:10 - 00050477 _____ C:\Dokumente und Einstellungen\JM\Desktop\Defogger.exe
2014-01-25 12:33 - 2014-01-25 13:11 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\ADAC
2014-01-23 21:08 - 2014-01-26 19:34 - 00133262 _____ C:\WINDOWS\setupapi.log
2014-01-23 17:27 - 2014-01-23 17:27 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2014-01-23 17:26 - 00000756 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-27 09:05 - 2013-12-27 14:46 - 01163264 _____ C:\WINDOWS\system32\㩣摜歯浵湥整甠摮攠湩瑳汥畬杮湥慜汬甠敳獲慜睮湥畤杮摳瑡湥歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤

==================== One Month Modified Files and Folders =======

2014-01-26 20:24 - 2002-09-28 01:19 - 01278628 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-26 20:23 - 2014-01-26 20:23 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Desktop\FRST-OlderVersion
2014-01-26 20:23 - 2014-01-25 13:20 - 00025055 _____ C:\Dokumente und Einstellungen\JM\Desktop\FRST.txt
2014-01-26 20:23 - 2014-01-25 13:17 - 00000000 ____D C:\FRST
2014-01-26 20:23 - 2014-01-25 13:16 - 01222656 _____ (Farbar) C:\Dokumente und Einstellungen\JM\Desktop\FRST.exe
2014-01-26 20:18 - 2014-01-26 20:18 - 00987425 _____ C:\Dokumente und Einstellungen\JM\Desktop\SecurityCheck.exe
2014-01-26 20:17 - 2002-09-28 02:16 - 00000000 ___RD C:\Programme
2014-01-26 20:15 - 2014-01-25 16:15 - 00020248 _____ C:\WINDOWS\KB968389.log
2014-01-26 20:13 - 2002-09-28 01:23 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2014-01-26 20:08 - 2014-01-26 14:49 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2014-01-26 20:06 - 2014-01-26 20:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2345886$
2014-01-26 20:06 - 2014-01-26 12:27 - 00034246 _____ C:\WINDOWS\KB2345886.log
2014-01-26 20:06 - 2014-01-25 16:37 - 00051366 _____ C:\WINDOWS\updspapi.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00827530 _____ C:\WINDOWS\iis6.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00766649 _____ C:\WINDOWS\FaxSetup.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00366544 _____ C:\WINDOWS\ocgen.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00349804 _____ C:\WINDOWS\tsoc.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00255179 _____ C:\WINDOWS\comsetup.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00234006 _____ C:\WINDOWS\msmqinst.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00154457 _____ C:\WINDOWS\ntdtcsetup.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00134292 _____ C:\WINDOWS\netfxocm.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00052700 _____ C:\WINDOWS\MedCtrOC.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00042408 _____ C:\WINDOWS\ocmsn.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00038564 _____ C:\WINDOWS\tabletoc.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00037572 _____ C:\WINDOWS\msgsocm.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00001374 _____ C:\WINDOWS\imsins.log
2014-01-26 20:06 - 2014-01-25 16:09 - 00001374 _____ C:\WINDOWS\imsins.BAK
2014-01-26 20:05 - 2014-01-26 20:05 - 00008359 _____ C:\WINDOWS\KB975558.log
2014-01-26 20:05 - 2014-01-26 20:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-01-26 20:05 - 2014-01-26 20:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB970430$
2014-01-26 20:03 - 2014-01-25 18:36 - 00017360 _____ C:\WINDOWS\KB974571.log
2014-01-26 20:02 - 2014-01-26 20:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974571$
2014-01-26 20:02 - 2014-01-25 16:17 - 00037626 _____ C:\WINDOWS\KB975467.log
2014-01-26 20:01 - 2014-01-26 20:01 - 00000000 ____D C:\WINDOWS\LastGood
2014-01-26 19:46 - 2010-08-23 15:51 - 00001082 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-26 19:46 - 2010-08-23 15:51 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-26 19:44 - 2010-07-06 10:21 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
2014-01-26 19:35 - 2014-01-25 18:34 - 00008996 _____ C:\WINDOWS\spupdsvc.log
2014-01-26 19:34 - 2014-01-23 21:08 - 00133262 _____ C:\WINDOWS\setupapi.log
2014-01-26 19:30 - 2002-09-28 02:17 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-26 19:30 - 2002-09-28 02:17 - 00000050 _____ C:\WINDOWS\wiaservc.log
2014-01-26 19:27 - 2014-01-26 19:27 - 00219760 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
2014-01-26 19:27 - 2014-01-26 19:27 - 00000000 __SHD C:\Dokumente und Einstellungen\JM\IETldCache
2014-01-26 19:27 - 2014-01-26 17:58 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-26 19:27 - 2013-09-07 08:14 - 00268218 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
2014-01-26 19:27 - 2010-11-30 15:52 - 00000000 ___RD C:\Dokumente und Einstellungen\JM\Eigene Dateien\Eigene Bilder
2014-01-26 19:27 - 2010-08-23 09:54 - 00000783 _____ C:\Dokumente und Einstellungen\JM\Startmenü\Programme\Internet Explorer.lnk
2014-01-26 19:27 - 2010-07-06 15:42 - 00000000 ___RD C:\Dokumente und Einstellungen\JM\Eigene Dateien\Eigene Musik
2014-01-26 19:27 - 2010-07-05 19:28 - 00000300 ___SH C:\Dokumente und Einstellungen\JM\ntuser.ini
2014-01-26 19:27 - 2010-07-05 19:28 - 00000000 ___RD C:\Dokumente und Einstellungen\JM\Startmenü\Programme\Zubehör
2014-01-26 19:27 - 2010-07-05 19:28 - 00000000 ___RD C:\Dokumente und Einstellungen\JM\Startmenü\Programme
2014-01-26 19:27 - 2010-07-05 19:28 - 00000000 ____D C:\Dokumente und Einstellungen\JM
2014-01-26 19:27 - 2010-07-05 16:56 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
2014-01-26 19:27 - 2002-09-28 03:13 - 00000000 ____D C:\WINDOWS\system32\de-de
2014-01-26 19:27 - 2002-09-28 03:13 - 00000000 ____D C:\WINDOWS\Help
2014-01-26 19:27 - 2002-09-28 02:16 - 00265416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-26 19:27 - 2002-09-28 01:22 - 00032530 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-26 19:27 - 2002-09-28 01:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-26 18:50 - 2002-09-28 02:16 - 01245318 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-26 18:44 - 2014-01-25 17:19 - 00069323 _____ C:\WINDOWS\KB2868626.log
2014-01-26 18:42 - 2014-01-26 18:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2014-01-26 18:31 - 2014-01-26 18:26 - 00063793 _____ C:\WINDOWS\KB2898785-IE8.log
2014-01-26 18:31 - 2014-01-26 17:34 - 00090888 _____ C:\WINDOWS\ie8_main.log
2014-01-26 18:26 - 2014-01-26 18:21 - 00065170 _____ C:\WINDOWS\KB2862772-IE8.log
2014-01-26 18:21 - 2014-01-26 18:16 - 00068679 _____ C:\WINDOWS\KB2744842-IE8.log
2014-01-26 18:16 - 2002-09-28 01:51 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2014-01-26 18:15 - 2014-01-26 18:10 - 00071665 _____ C:\WINDOWS\KB2618444-IE8.log
2014-01-26 18:09 - 2014-01-26 18:07 - 00062399 _____ C:\WINDOWS\KB2598845-IE8.log
2014-01-26 18:07 - 2014-01-26 18:05 - 00061721 _____ C:\WINDOWS\KB2467659.log
2014-01-26 18:05 - 2014-01-26 18:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2467659$
2014-01-26 18:04 - 2014-01-26 18:00 - 00075952 _____ C:\WINDOWS\KB982381-IE8.log
2014-01-26 18:01 - 2014-01-26 18:01 - 00000000 ____D C:\WINDOWS\ie8updates
2014-01-26 17:59 - 2014-01-26 17:54 - 00076469 _____ C:\WINDOWS\ie8.log
2014-01-26 17:59 - 2014-01-26 17:54 - 00000000 __HDC C:\WINDOWS\ie8
2014-01-26 17:57 - 2002-09-28 03:13 - 00000000 ____D C:\WINDOWS\Media
2014-01-26 17:08 - 2014-01-26 17:05 - 00039087 _____ C:\WINDOWS\KB2387149.log
2014-01-26 17:06 - 2014-01-26 17:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2387149$
2014-01-26 17:05 - 2014-01-25 17:18 - 00051777 _____ C:\WINDOWS\KB2712808.log
2014-01-26 17:03 - 2014-01-26 17:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2712808$
2014-01-26 17:02 - 2014-01-25 17:17 - 00051242 _____ C:\WINDOWS\KB960859.log
2014-01-26 17:00 - 2014-01-26 17:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB960859$
2014-01-26 16:36 - 2014-01-25 17:16 - 00051198 _____ C:\WINDOWS\KB2479943.log
2014-01-26 16:34 - 2014-01-26 16:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2479943$
2014-01-26 16:32 - 2014-01-26 16:29 - 00036324 _____ C:\WINDOWS\KB2659262.log
2014-01-26 16:30 - 2014-01-26 16:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2659262$
2014-01-26 16:29 - 2014-01-26 16:27 - 00035337 _____ C:\WINDOWS\KB2564958.log
2014-01-26 16:27 - 2014-01-26 16:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2564958$
2014-01-26 16:21 - 2014-01-26 16:15 - 00037395 _____ C:\WINDOWS\KB2478971.log
2014-01-26 16:17 - 2014-01-26 16:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2478971$
2014-01-26 16:00 - 2014-01-25 17:16 - 00049141 _____ C:\WINDOWS\KB2758857.log
2014-01-26 15:59 - 2014-01-26 15:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2758857$
2014-01-26 15:58 - 2014-01-25 17:15 - 00048739 _____ C:\WINDOWS\KB2544893-v2.log
2014-01-26 15:56 - 2014-01-26 15:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-01-26 15:56 - 2014-01-26 15:53 - 00034005 _____ C:\WINDOWS\KB2834886.log
2014-01-26 15:54 - 2014-01-26 15:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2014-01-26 15:53 - 2014-01-26 15:50 - 00036827 _____ C:\WINDOWS\KB2536276-v2.log
2014-01-26 15:52 - 2014-01-26 15:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-01-26 15:50 - 2014-01-25 17:15 - 00049350 _____ C:\WINDOWS\KB2585542.log
2014-01-26 15:49 - 2014-01-26 15:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2585542$
2014-01-26 15:48 - 2014-01-26 15:47 - 00032530 _____ C:\WINDOWS\KB923723.log
2014-01-26 15:47 - 2014-01-26 15:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB923723$
2014-01-26 15:46 - 2014-01-25 17:13 - 00047987 _____ C:\WINDOWS\KB2631813.log
2014-01-26 15:44 - 2014-01-26 15:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2631813$
2014-01-26 15:43 - 2014-01-26 15:39 - 00033856 _____ C:\WINDOWS\KB2296011.log
2014-01-26 15:41 - 2014-01-26 15:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2296011$
2014-01-26 15:38 - 2014-01-25 17:12 - 00048586 _____ C:\WINDOWS\KB2691442.log
2014-01-26 15:33 - 2014-01-26 15:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2691442$
2014-01-26 15:20 - 2014-01-26 15:15 - 00033198 _____ C:\WINDOWS\KB2900986.log
2014-01-26 15:19 - 2014-01-26 15:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2014-01-26 15:15 - 2014-01-25 17:11 - 00047445 _____ C:\WINDOWS\KB2115168.log
2014-01-26 15:11 - 2014-01-26 15:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2115168$
2014-01-26 14:57 - 2014-01-26 14:52 - 00036387 _____ C:\WINDOWS\KB955759.log
2014-01-26 14:54 - 2014-01-26 14:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB955759$
2014-01-26 14:52 - 2014-01-25 17:11 - 00044903 _____ C:\WINDOWS\KB2847311.log
2014-01-26 14:49 - 2014-01-26 14:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2014-01-26 14:49 - 2014-01-26 14:49 - 00000000 ____D C:\WINDOWS\system32\KB905474
2014-01-26 14:20 - 2014-01-26 14:17 - 00032564 _____ C:\WINDOWS\KB2378111.log
2014-01-26 14:20 - 2014-01-26 08:57 - 00000912 _____ C:\WINDOWS\wmsetup.log
2014-01-26 14:18 - 2014-01-26 14:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-01-26 14:17 - 2014-01-25 17:07 - 00046121 _____ C:\WINDOWS\KB974318.log
2014-01-26 14:15 - 2014-01-26 14:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974318$
2014-01-26 14:14 - 2014-01-25 17:09 - 00045393 _____ C:\WINDOWS\KB969059.log
2014-01-26 14:12 - 2014-01-26 14:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB969059$
2014-01-26 14:10 - 2014-01-26 14:02 - 00033015 _____ C:\WINDOWS\KB2443105.log
2014-01-26 14:05 - 2014-01-26 14:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2443105$
2014-01-26 14:01 - 2014-01-25 17:08 - 00045076 _____ C:\WINDOWS\KB2655992.log
2014-01-26 13:58 - 2014-01-26 13:58 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2655992$
2014-01-26 13:19 - 2014-01-25 17:07 - 00044009 _____ C:\WINDOWS\KB2802968.log
2014-01-26 13:17 - 2014-01-26 13:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2802968$
2014-01-26 13:14 - 2014-01-26 13:08 - 00032257 _____ C:\WINDOWS\KB2229593.log
2014-01-26 13:10 - 2014-01-26 13:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2229593$
2014-01-26 13:08 - 2014-01-25 17:05 - 00044992 _____ C:\WINDOWS\KB2481109.log
2014-01-26 13:06 - 2014-01-26 13:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2481109$
2014-01-26 13:04 - 2014-01-25 17:06 - 00042268 _____ C:\WINDOWS\KB2898715.log
2014-01-26 13:01 - 2014-01-26 13:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2014-01-26 12:58 - 2014-01-25 17:05 - 00043054 _____ C:\WINDOWS\KB975713.log
2014-01-26 12:56 - 2014-01-26 12:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975713$
2014-01-26 12:54 - 2014-01-26 12:52 - 00031892 _____ C:\WINDOWS\KB2598479.log
2014-01-26 12:53 - 2014-01-26 12:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2598479$
2014-01-26 12:52 - 2014-01-25 17:02 - 00041390 _____ C:\WINDOWS\KB2898785.log
2014-01-26 12:50 - 2014-01-26 12:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898785$
2014-01-26 12:49 - 2014-01-26 12:48 - 00027968 _____ C:\WINDOWS\KB2686509.log
2014-01-26 12:48 - 2014-01-26 12:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2686509$
2014-01-26 12:47 - 2014-01-25 17:02 - 00039460 _____ C:\WINDOWS\KB982132.log
2014-01-26 12:46 - 2014-01-26 12:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982132$
2014-01-26 12:45 - 2014-01-26 12:41 - 00026502 _____ C:\WINDOWS\KB2862335.log
2014-01-26 12:43 - 2014-01-26 12:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2014-01-26 12:41 - 2014-01-25 17:01 - 00038489 _____ C:\WINDOWS\KB971657.log
2014-01-26 12:40 - 2014-01-26 12:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971657$
2014-01-26 12:31 - 2014-01-26 12:29 - 00028037 _____ C:\WINDOWS\KB978338.log
2014-01-26 12:29 - 2014-01-26 12:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978338$
2014-01-26 12:28 - 2014-01-26 12:27 - 00025334 _____ C:\WINDOWS\KB954155.log
2014-01-26 12:27 - 2014-01-26 12:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-01-26 12:27 - 2014-01-25 17:00 - 00037969 _____ C:\WINDOWS\KB2507938.log
2014-01-26 12:25 - 2014-01-26 12:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2507938$
2014-01-26 12:24 - 2014-01-26 12:23 - 00023264 _____ C:\WINDOWS\KB2834904-v2.log
2014-01-26 12:23 - 2014-01-26 12:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-01-26 12:22 - 2014-01-25 17:01 - 00038352 _____ C:\WINDOWS\KB2780091.log
2014-01-26 12:21 - 2014-01-26 12:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2780091$
2014-01-26 12:19 - 2014-01-26 12:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB972270$
2014-01-26 11:46 - 2014-01-25 16:59 - 00035144 _____ C:\WINDOWS\KB2845187.log
2014-01-26 11:44 - 2014-01-26 11:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2014-01-26 11:25 - 2014-01-25 16:58 - 00036822 _____ C:\WINDOWS\KB974112.log
2014-01-26 11:23 - 2014-01-26 11:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974112$
2014-01-26 11:21 - 2014-01-26 11:16 - 00024363 _____ C:\WINDOWS\KB2904266.log
2014-01-26 11:21 - 2002-09-28 01:56 - 00219692 _____ C:\WINDOWS\system32\TZLog.log
2014-01-26 11:18 - 2014-01-26 11:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2014-01-26 11:15 - 2014-01-26 11:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2347290$
2014-01-26 11:14 - 2014-01-25 16:57 - 00034841 _____ C:\WINDOWS\KB2876217.log
2014-01-26 11:12 - 2014-01-26 11:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2014-01-26 11:12 - 2014-01-25 16:57 - 00037603 _____ C:\WINDOWS\KB2483185.log
2014-01-26 11:09 - 2014-01-26 11:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2483185$
2014-01-26 10:48 - 2014-01-25 16:56 - 00036910 _____ C:\WINDOWS\KB979687.log
2014-01-26 10:46 - 2014-01-26 10:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979687$
2014-01-26 10:34 - 2014-01-25 16:55 - 00033675 _____ C:\WINDOWS\KB2864063.log
2014-01-26 10:32 - 2014-01-26 10:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2014-01-26 10:32 - 2014-01-26 10:30 - 00025157 _____ C:\WINDOWS\KB973869.log
2014-01-26 10:30 - 2014-01-26 10:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973869$
2014-01-26 10:30 - 2014-01-25 16:55 - 00035146 _____ C:\WINDOWS\KB975025.log
2014-01-26 10:28 - 2014-01-26 10:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975025$
2014-01-26 10:27 - 2014-01-25 16:54 - 00035693 _____ C:\WINDOWS\KB2719985.log
2014-01-26 10:26 - 2014-01-26 10:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2719985$
2014-01-26 10:25 - 2014-01-25 16:54 - 00033358 _____ C:\WINDOWS\KB2862152.log
2014-01-26 10:24 - 2014-01-26 10:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2014-01-26 10:23 - 2014-01-26 10:21 - 00025174 _____ C:\WINDOWS\KB2592799.log
2014-01-26 10:22 - 2014-01-26 10:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2592799$
2014-01-26 10:20 - 2014-01-26 10:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975560$
2014-01-26 10:19 - 2014-01-25 16:53 - 00034906 _____ C:\WINDOWS\KB973507.log
2014-01-26 10:18 - 2014-01-26 10:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973507$
2014-01-26 10:15 - 2014-01-26 10:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2770660$
2014-01-26 10:14 - 2014-01-26 10:08 - 00028765 _____ C:\WINDOWS\KB941569.log
2014-01-26 10:13 - 2014-01-26 10:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB941569$
2014-01-26 10:08 - 2014-01-26 10:05 - 00024985 _____ C:\WINDOWS\KB2535512.log
2014-01-26 10:06 - 2014-01-26 10:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2535512$
2014-01-26 10:05 - 2014-01-25 16:50 - 00032120 _____ C:\WINDOWS\KB2850869.log
2014-01-26 10:03 - 2014-01-26 10:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2014-01-26 09:50 - 2014-01-25 16:52 - 00031275 _____ C:\WINDOWS\KB2876331.log
2014-01-26 09:49 - 2014-01-26 09:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2014-01-26 09:48 - 2014-01-25 16:51 - 00032405 _____ C:\WINDOWS\KB2859537.log
2014-01-26 09:46 - 2014-01-26 09:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2014-01-26 09:44 - 2014-01-26 09:40 - 00023920 _____ C:\WINDOWS\KB2807986.log
2014-01-26 09:42 - 2014-01-26 09:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2807986$
2014-01-26 09:40 - 2014-01-26 09:38 - 00023268 _____ C:\WINDOWS\KB2570947.log
2014-01-26 09:38 - 2014-01-26 09:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2570947$
2014-01-26 09:12 - 2014-01-26 09:09 - 00022345 _____ C:\WINDOWS\KB2868038.log
2014-01-26 09:11 - 2014-01-26 09:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2014-01-26 09:09 - 2014-01-25 16:49 - 00033072 _____ C:\WINDOWS\KB2820917.log
2014-01-26 09:08 - 2014-01-26 09:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2820917$
2014-01-26 09:07 - 2014-01-26 09:05 - 00022681 _____ C:\WINDOWS\KB2603381.log
2014-01-26 09:06 - 2014-01-26 09:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2603381$
2014-01-26 09:05 - 2014-01-26 09:04 - 00023470 _____ C:\WINDOWS\KB973904.log
2014-01-26 09:04 - 2014-01-26 09:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973904$
2014-01-26 09:04 - 2014-01-25 16:47 - 00030253 _____ C:\WINDOWS\KB2893294.log
2014-01-26 09:03 - 2014-01-26 09:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2014-01-26 09:02 - 2014-01-25 16:46 - 00032369 _____ C:\WINDOWS\KB2757638.log
2014-01-26 08:59 - 2014-01-26 08:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2757638$
2014-01-26 08:55 - 2014-01-26 08:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-01-26 08:55 - 2014-01-25 16:44 - 00033889 _____ C:\WINDOWS\KB2419632.log
2014-01-26 08:53 - 2014-01-26 08:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2419632$
2014-01-26 08:52 - 2014-01-25 16:45 - 00026899 _____ C:\WINDOWS\KB2508429.log
2014-01-26 08:50 - 2014-01-26 08:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2508429$
2014-01-26 08:49 - 2002-09-28 01:19 - 00000000 ____D C:\WINDOWS\system32\Restore
2014-01-26 08:46 - 2014-01-25 16:44 - 00026056 _____ C:\WINDOWS\KB2653956.log
2014-01-26 08:45 - 2014-01-26 08:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2653956$
2014-01-26 08:44 - 2014-01-25 16:43 - 00025579 _____ C:\WINDOWS\KB974392.log
2014-01-26 08:43 - 2014-01-26 08:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974392$
2014-01-26 08:42 - 2014-01-25 16:43 - 00025131 _____ C:\WINDOWS\KB2749655.log
2014-01-26 08:41 - 2014-01-26 08:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2749655$
2014-01-26 08:39 - 2014-01-26 08:38 - 00008794 _____ C:\WINDOWS\KB976002-v5.log
2014-01-26 08:38 - 2014-01-25 16:41 - 00024635 _____ C:\WINDOWS\KB971029.log
2014-01-26 08:37 - 2014-01-26 08:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971029$
2014-01-26 08:36 - 2014-01-25 16:43 - 00022054 _____ C:\WINDOWS\KB2893984.log
2014-01-26 08:35 - 2014-01-26 08:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2014-01-26 08:35 - 2014-01-26 08:34 - 00014643 _____ C:\WINDOWS\KB952069.log
2014-01-26 08:34 - 2014-01-25 16:39 - 00024969 _____ C:\WINDOWS\KB977914.log
2014-01-26 08:33 - 2014-01-26 08:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB977914$
2014-01-26 08:33 - 2014-01-25 16:42 - 00021053 _____ C:\WINDOWS\KB2892075.log
2014-01-26 08:32 - 2014-01-26 08:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2014-01-26 08:32 - 2014-01-26 08:31 - 00015576 _____ C:\WINDOWS\KB2698365.log
2014-01-26 08:31 - 2014-01-26 08:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2698365$
2014-01-26 08:31 - 2014-01-25 16:35 - 00021169 _____ C:\WINDOWS\KB2619339.log
2014-01-26 08:30 - 2014-01-26 08:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2619339$
2014-01-26 08:29 - 2014-01-26 08:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-01-26 08:29 - 2014-01-25 16:34 - 00021804 _____ C:\WINDOWS\KB2705219-v2.log
2014-01-26 08:28 - 2014-01-25 16:33 - 00020099 _____ C:\WINDOWS\KB2727528.log
2014-01-26 08:27 - 2014-01-26 08:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2727528$
2014-01-26 08:27 - 2014-01-25 16:31 - 00019828 _____ C:\WINDOWS\KB979482.log
2014-01-26 08:26 - 2014-01-26 08:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979482$
2014-01-26 08:26 - 2014-01-26 08:25 - 00013066 _____ C:\WINDOWS\KB981997.log
2014-01-26 08:26 - 2002-09-28 01:19 - 00000000 ____D C:\Programme\Movie Maker
2014-01-26 08:25 - 2014-01-26 08:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB981997$
2014-01-26 08:25 - 2014-01-25 16:28 - 00019797 _____ C:\WINDOWS\KB973815.log
2014-01-26 08:24 - 2014-01-26 08:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973815$
2014-01-26 08:24 - 2014-01-25 16:27 - 00021175 _____ C:\WINDOWS\KB2813345.log
2014-01-26 08:23 - 2014-01-26 08:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2813345$
2014-01-26 08:23 - 2014-01-25 16:24 - 00020802 _____ C:\WINDOWS\KB2509553.log
2014-01-26 08:22 - 2014-01-26 08:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2509553$
2014-01-26 08:22 - 2014-01-25 16:25 - 00021911 _____ C:\WINDOWS\KB2676562.log
2014-01-26 08:20 - 2014-01-26 08:20 - 02347384 _____ (ESET) C:\Dokumente und Einstellungen\JM\Desktop\esetsmartinstaller_enu.exe
2014-01-26 08:20 - 2014-01-26 08:20 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2676562$
2014-01-26 08:20 - 2014-01-25 16:27 - 00017484 _____ C:\WINDOWS\KB982665.log
2014-01-26 08:19 - 2014-01-26 08:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982665$
2014-01-26 08:17 - 2014-01-26 08:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2478960$
2014-01-26 08:17 - 2014-01-25 16:17 - 00015591 _____ C:\WINDOWS\KB2584146.log
2014-01-26 08:16 - 2014-01-26 08:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2584146$
2014-01-25 18:36 - 2014-01-25 18:35 - 00016405 _____ C:\WINDOWS\KB977816.log
2014-01-25 18:35 - 2014-01-25 18:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB977816$
2014-01-25 18:35 - 2014-01-25 18:34 - 00011756 _____ C:\WINDOWS\KB978695.log
2014-01-25 18:34 - 2014-01-25 18:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-01-25 18:34 - 2014-01-25 18:32 - 00016777 _____ C:\WINDOWS\KB929399.log
2014-01-25 18:33 - 2014-01-25 18:33 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB929399$
2014-01-25 18:32 - 2014-01-25 18:30 - 00016846 _____ C:\WINDOWS\KB2506212.log
2014-01-25 18:31 - 2014-01-25 18:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2506212$
2014-01-25 18:30 - 2014-01-25 18:29 - 00015553 _____ C:\WINDOWS\KB978542.log
2014-01-25 18:30 - 2002-09-28 01:19 - 00000000 ____D C:\Programme\Outlook Express
2014-01-25 18:29 - 2014-01-25 18:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978542$
2014-01-25 18:29 - 2014-01-25 16:20 - 00019791 _____ C:\WINDOWS\KB979309.log
2014-01-25 18:28 - 2014-01-25 18:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979309$
2014-01-25 18:27 - 2014-01-25 18:26 - 00016049 _____ C:\WINDOWS\KB2723135-v2.log
2014-01-25 18:26 - 2014-01-25 18:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-01-25 18:15 - 2014-01-25 18:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2014-01-25 18:04 - 2002-09-28 01:47 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2014-01-25 18:02 - 2014-01-25 18:02 - 00315942 _____ C:\WINDOWS\msxml4-KB973688-deu.LOG
2014-01-25 17:14 - 2014-01-25 17:11 - 00016277 _____ C:\WINDOWS\KB2393802.log
2014-01-25 17:12 - 2014-01-25 17:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2393802$
2014-01-25 17:11 - 2014-01-25 17:09 - 00013874 _____ C:\WINDOWS\KB2620712.log
2014-01-25 17:10 - 2014-01-25 17:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2620712$
2014-01-25 17:09 - 2014-01-25 17:07 - 00013197 _____ C:\WINDOWS\KB2566454.log
2014-01-25 17:07 - 2014-01-25 17:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2566454$
2014-01-25 17:07 - 2014-01-25 17:05 - 00012848 _____ C:\WINDOWS\KB2661637.log
2014-01-25 17:05 - 2014-01-25 17:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2661637$
2014-01-25 17:05 - 2014-01-25 17:03 - 00010583 _____ C:\WINDOWS\KB2914368.log
2014-01-25 17:03 - 2014-01-25 17:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-25 16:59 - 2002-09-28 02:16 - 00000000 __SHD C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Verlauf
2014-01-25 16:39 - 2014-01-25 16:39 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975467$
2014-01-25 16:35 - 2014-01-25 16:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB968389$
2014-01-25 16:35 - 2014-01-25 16:31 - 00007327 _____ C:\WINDOWS\KB2423089.log
2014-01-25 16:32 - 2014-01-25 16:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2423089$
2014-01-25 16:09 - 2014-01-25 16:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB898461$
2014-01-25 16:09 - 2014-01-25 16:09 - 00000000 ____D C:\WINDOWS\system32\PreInstall
2014-01-25 16:09 - 2014-01-25 16:09 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-25 16:09 - 2014-01-25 16:09 - 00000000 _____ C:\WINDOWS\setupact.log
2014-01-25 16:09 - 2014-01-25 16:08 - 00006852 _____ C:\WINDOWS\KB898461.log
2014-01-25 16:09 - 2013-09-07 16:27 - 00400924 _____ C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1583877156-3090797743-3329591833-1005-0.dat
2014-01-25 16:01 - 2014-01-25 16:01 - 00000640 _____ C:\Dokumente und Einstellungen\JM\Desktop\JRT.txt
2014-01-25 15:40 - 2014-01-25 15:40 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-25 15:39 - 2014-01-25 15:39 - 01037068 _____ (Thisisu) C:\Dokumente und Einstellungen\JM\Desktop\JRT.exe
2014-01-25 15:30 - 2014-01-25 15:25 - 00000000 ____D C:\AdwCleaner
2014-01-25 15:25 - 2010-07-06 11:11 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\FreePDF
2014-01-25 15:18 - 2014-01-25 15:18 - 01236282 _____ C:\Dokumente und Einstellungen\JM\Desktop\adwcleaner.exe
2014-01-25 15:17 - 2014-01-25 15:17 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Trojaner-Board
2014-01-25 14:15 - 2014-01-25 13:15 - 00000466 _____ C:\Dokumente und Einstellungen\JM\Desktop\defogger_disable.log
2014-01-25 14:12 - 2012-12-19 13:06 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Anvisoft
2014-01-25 14:07 - 2014-01-25 14:07 - 00008646 _____ C:\Dokumente und Einstellungen\JM\Desktop\Gmer.txt
2014-01-25 13:27 - 2014-01-25 13:27 - 00370971 _____ C:\Dokumente und Einstellungen\JM\Desktop\gmer_2.1.19355.zip
2014-01-25 13:22 - 2014-01-25 13:21 - 00021146 _____ C:\Dokumente und Einstellungen\JM\Desktop\Addition.txt
2014-01-25 13:15 - 2014-01-25 13:15 - 00000000 _____ C:\Dokumente und Einstellungen\JM\defogger_reenable
2014-01-25 13:11 - 2014-01-25 12:33 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\ADAC
2014-01-25 13:10 - 2014-01-25 13:10 - 00050477 _____ C:\Dokumente und Einstellungen\JM\Desktop\Defogger.exe
2014-01-25 12:20 - 2010-07-06 15:54 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Kündigung O2
2014-01-25 12:08 - 2010-07-06 19:00 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2014-01-25 09:54 - 2009-12-16 09:20 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-23 17:27 - 2014-01-23 17:27 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2014-01-23 17:26 - 00000756 _____ C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2014-01-23 17:26 - 2014-01-23 17:26 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-01-23 17:26 - 2002-09-28 02:16 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-01-21 21:56 - 2014-01-25 13:28 - 00380416 _____ C:\Dokumente und Einstellungen\JM\Desktop\gmer.exe
2014-01-09 17:02 - 2010-07-06 10:04 - 00102912 _____ C:\Dokumente und Einstellungen\JM\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-06 16:20 - 2014-01-26 17:46 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-05 11:29 - 2011-09-11 09:34 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Haus Eybacherstrasse 5
2014-01-04 14:10 - 2010-07-06 15:59 - 00000000 ____D C:\Dokumente und Einstellungen\JM\Eigene Dateien\Pau Verschiedene
2013-12-31 17:13 - 2010-07-06 06:51 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-12-27 14:46 - 2013-12-27 09:05 - 01163264 _____ C:\WINDOWS\system32\㩣摜歯浵湥整甠摮攠湩瑳汥畬杮湥慜汬甠敳獲慜睮湥畤杮摳瑡湥歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯⹹慤

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\JM\Lokale Einstellungen\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\Windows\System32\winlogon.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\Windows\System32\svchost.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\Windows\System32\services.exe
[2009-12-16 09:20] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\Windows\System32\User32.dll
[2009-12-16 09:20] - [2008-04-14 13:00] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\Windows\System32\userinit.exe
[2009-12-16 09:20] - [2008-04-14 13:00] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\Windows\System32\rpcss.dll
[2009-12-16 09:20] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2009-12-16 09:20] - [2008-04-14 13:00] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 27.01.2014, 15:57

Java, Flash, Adobe und Firefox updaten.

Fertig

Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

PUP.Conduit.Optional.A _Ordner nicht löschbar

Log-Analyse und Auswertung: PUP.Conduit.Optional.A _Ordner nicht löschbar