Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Post vom Abuse Team

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.09.2013, 16:51   #1
inesa394
 
Post vom Abuse Team - Standard

Post vom Abuse Team



Hallo

Habe Post vom Abuse Team erhalten
mit folgenden Inhalt
------------------------------------------------------------------------------------------------
über Ihren Zugang wurden mittels direkter Einlieferung auf dem
entsprechenden Mailserver sogenannte "Spamtraps" - das sind Fallen für
infizierte Rechner und Spammer - per E-Mail angeschrieben. Aus den in
den Beschwerden enthaltenen Daten (IP-Adresse und exakter Zeitpunkt)
haben wir Ihren Zugang als Verursacher ermittelt:

| 217.252.219.61 Mi, 04.09.2013 14:20:12 MESZ Ermahnung

Wichtig: Die Spam-Mails wurden NICHT mit einem herkömmlichen E-Mail-
Programm versendet und haben auch nichts mit ihrem Postfach oder ihrer
E-Mail-Adresse bei t-online.de zu tun, sondern ausschließlich mit der
Einwahl. Die Zustellung erfolgte direkt über die Internet-Verbindung an
den für die Domain zuständigen Mailserver (MX).

Da ausgeschlossen werden kann, dass "Spamtraps" absichtlich
angeschrieben werden, ist davon auszugehen, dass sich auf Ihrem System
Schadsoftware befindet. Bitte prüfen Sie deshalb zu Ihrer eigenen
Sicherheit *alle* (!) Rechner in Ihrem Netzwerk.

Um die Chance zu erhöhen, auch weniger verbreitete Manipulationen zu
finden, empfehlen wir Ihnen darüberhinaus einige kostenlose Tools. Sie
müssen zwar nicht alle verwenden, sollten aber solange fortfahren, bis
Sie das Problem gefunden und beseitigt haben. Es ist zu beachten, dass
einige Schädlinge den Aufruf und Download vieler sicherheitsrelevanten
Seiten & Tools blockiert. Ggf. muss der Download daher von einem anderen
Rechner aus erfolgen. Lassen Sie sich nötigenfalls von einem Bekannten
helfen!

Zusätzlich zum üblichen Virenscanner kann das "Tool zum Entfernen
bösartiger Software" von Microsoft geladen und ausgeführt werden. Unter
hxxp://www.microsoft.com/germany/sicherheit/tools/malwareremove.mspx
finden Sie dieses zum Download vor.

Der Scanner von Malwarebytes unter hxxp://de.malwarebytes.org kann ggf.
weitere Schadsoftware aufspüren. (Wichtig: Nach der Installation von
Malwarebytes muss diese Software zunächst einmal aktualisiert werden!)

Deutschsprachig und auch recht einfach in der Anwendung sind die beiden
Varianten des DE-Cleaner, die Sie unter https://www.botfrei.de finden.
Wichtig: Lesen Sie bitte unbedingt die Hinweise zu den Anwendungen auf
der Seite und laden Sie vor der Benutzung bitte auch die Anleitungen
herunter!

Aber sobald eine Schadsoftware auf einem Rechner installiert ist, hängt
es mehr oder weniger nur noch vom Geschick des Programmierers der
Schadsoftware ab, ob sie von einer beliebigen Schutzsoftware, die auch
auf dem "infizierten" System läuft, überhaupt noch entdeckt werden kann.
Ganz besonders gilt dies für sogenannte Boot- und Rootkits: Diese können
sich selbst und weitere Schadsoftware auf dem Rechner für das System
unsichtbar machen. Eine Schutzsoftware, die auf dem infizierten System
läuft, hat dann in der Regel keine Chance. Speziell für diesen Zweck
wurde GMER konzipiert. Sie finden dieses kleine Programm unter
hxxp://www.gmer.net ("DOWNLOAD EXE"-Button unten auf der Seite). GMER
ist allerdings ein Tool für Spezialisten.
----------------------------------------------------------------------------------------------------
Ein erster suchlauf mit de.cleaner und Malwarebyte erbrachte erst mal keine ergebnisse
auch ein Quickscan mit GMER nicht.
Habe die software auf beiden Rechner in meinen Haus laufen lassen.
Ein automatischer email Versand erfolgt bei mir zu Hause
mit mehreren Ip-Kameras aber das kann es ja wohl nicht sein?
Kann mir jemand bitte jemand helfen damit der Unfug ein Ende hat.
Vielen Dank

Inesa

Alt 14.09.2013, 18:53   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Post vom Abuse Team - Standard

Post vom Abuse Team



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 14.09.2013, 19:44   #3
inesa394
 
Post vom Abuse Team - Standard

Post vom Abuse Team



Hallo

Hier meine logs a 2 Rechner
hoffe das hilft weiter.......

Danke
__________________
Angehängte Dateien
Dateityp: txt FRST2.txt (37,5 KB, 153x aufgerufen)
Dateityp: txt Addition2.txt (15,1 KB, 235x aufgerufen)
Dateityp: txt FRST.txt (74,1 KB, 151x aufgerufen)
Dateityp: txt Addition.txt (49,2 KB, 332x aufgerufen)

Geändert von inesa394 (14.09.2013 um 20:22 Uhr)

Alt 15.09.2013, 10:14   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Post vom Abuse Team - Standard

Post vom Abuse Team



Logs bitte in den Thread posten, zur Not aufteilen auf mehrere Posts. Und zunächst mal nur ein Rechner.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.09.2013, 12:16   #5
inesa394
 
Post vom Abuse Team - Standard

Post vom Abuse Team



ok hier nochmal die Logs plus Malwarebyte

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.14.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16686
mikelsoft :: MIKELSOFT-PC [Administrator]

Schutz: Aktiviert

14.09.2013 18:41:04
MBAM-log-2013-09-14 (19-06-05).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 271259
Laufzeit: 14 Minute(n), 

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 5
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Keine Aktion durchgeführt.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=ea63bed400000000000000ff652dc1f8) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 1
C:\Users\mikelsoft\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 2
C:\Users\mikelsoft\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\mikelsoft\AppData\Local\Temp\nswFC35.tmp (PUP.Optional.Somoto.A) -> Keine Aktion durchgeführt.

(Ende)
         
FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-09-2013 03
Ran by mikelsoft (administrator) on MIKELSOFT-PC on 15-09-2013 13:08:45
Running from G:\MyDownloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server Interface.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) G:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(CM&V Hackbart) C:\Program Files\DVBViewer\DVBVCtrl.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CM & V) C:\Program Files\DVBViewer\DVBVservice.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Acronis) C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
() G:\Deluge\deluge.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncclipboard.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [413464 2013-02-15] (Acronis)
HKLM\...\Run: [FileZilla Server Interface] - C:\Program Files\FileZilla Server\FileZilla Server Interface.exe [1044992 2012-02-26] (FileZilla Project)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [PowerDVD13Agent] - C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM\...\Run: [TrueImageMonitor.exe] - G:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM\...\Run: [AcronisTibMounterMonitor] - C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [DVBV Service Ctrl] - C:\Program Files\DVBViewer\DVBVCtrl.exe [87552 2012-04-11] (CM&V Hackbart)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKCU\...\Policies\Explorer: [NoDrives] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3DAEE641B587CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\..\Interfaces\{60DF89D1-1065-4913-84D6-E1ACCAE2CAD5}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\searchplugins\suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Forecastfox - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF Extension: Flagfox - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: WOT - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: DownloadHelper - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: canitbecheaper - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

========================== Services (Whitelisted) =================

S3 AcronisAgent; C:\Program Files\Common Files\Acronis\Agent\agent.exe [1914768 2010-11-30] (Acronis)
R3 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [831360 2013-02-15] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3816440 2013-08-31] (Acronis)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-03-28] (Advanced Micro Devices, Inc.)
S3 BubbleUPnP Server; C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe [196608 2011-11-16] ()
R2 CLHNServiceForPowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-07-25] (CyberLink Corp.)
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-07-25] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-07-25] (CyberLink)
S3 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
S3 CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 DMS; C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe [4638352 2010-11-30] (Acronis)
R2 DVBVRecorder; C:\Program Files\DVBViewer\DVBVservice.exe [866944 2013-08-22] (CM & V)
R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [632320 2012-02-26] (FileZilla Project)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7094592 2013-03-20] (Acronis)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [3458952 2012-05-29] (RealVNC Ltd)
S3 w7Svc; C:\Program Files\webcam 7\wService.exe [5094200 2012-03-26] (Moonware Studios)
S3 wampapache; c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe [18432 2011-09-26] (Apache Software Foundation)
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [8177664 2012-04-19] ()
S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70824 2012-10-11] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [34984 2012-10-11] (Advanced Micro Devices)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [124504 2013-05-19] (SlySoft, Inc.)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 DDBaseNg; C:\Windows\System32\DRIVERS\DDBaseNg.sys [70144 2013-02-20] (Digital Devices GmbH)
R3 DDCapture; C:\Windows\System32\DRIVERS\DDCapture.sys [14848 2013-02-20] (Digital Devices GmbH)
R3 DDTuner; C:\Windows\System32\DRIVERS\DDTuner.sys [135424 2013-02-20] (Digital Devices GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-09-07] (Disc Soft Ltd)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys [121208 2012-06-20] (Cyberlink Corp.)
S3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [11985920 2006-08-11] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-04] (Duplex Secure Ltd.)
S3 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [888640 2013-08-31] (Acronis International GmbH)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-11-11] (TeamViewer GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2013-08-31] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2013-08-31] (Acronis)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2013-08-31] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2013-08-31] (Acronis International GmbH)
R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2011-08-18] (RealVNC Ltd.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-07-06] (CyberLink Corp.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [88312 2012-07-05] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\MIKELS~1\AppData\Local\Temp\catchme.sys [x]
S3 GPU-Z; \??\C:\Users\MIKELS~1\AppData\Local\Temp\GPU-Z.sys [x]
S3 usbcamcl; system32\DRIVERS\usbcamcl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-14 19:11 - 2013-09-14 19:59 - 00000000 ____D C:\Windows\erdnt
2013-09-14 19:10 - 2013-09-14 19:10 - 00000218 _____ C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2013-09-14 17:09 - 2013-09-14 17:09 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Malwarebytes
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:07 - 2013-09-14 17:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-14 17:07 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-13 12:43 - 2013-09-13 12:43 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Advanced
2013-09-13 12:43 - 2013-04-05 21:26 - 01679360 _____ C:\Windows\system32\ac3filter.acm.new
2013-09-13 12:40 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-09-11 23:00 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 23:00 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 23:00 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 23:00 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 23:00 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 21:50 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 21:50 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 21:50 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 21:50 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 21:50 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 21:50 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:50 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 21:50 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 15:06 - 2013-09-10 15:06 - 01380160 _____ (MPC-HC Team) C:\Windows\system32\VSFilter.dll
2013-09-07 20:00 - 2013-09-15 06:05 - 00003416 _____ C:\Windows\setupact.log
2013-09-07 20:00 - 2013-09-14 19:38 - 00004698 _____ C:\Windows\PFRO.log
2013-09-07 20:00 - 2013-09-07 20:00 - 00000000 _____ C:\Windows\setuperr.log
2013-09-07 19:59 - 2013-06-09 21:59 - 00216064 _____ C:\Windows\system32\gcapi_dll.dll
2013-09-07 19:54 - 2013-09-07 19:54 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-09-07 19:49 - 2013-09-07 19:50 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2013-08-31 11:21 - 2013-08-31 11:47 - 00000000 ___RD C:\acroldr
2013-08-31 11:13 - 2013-08-31 11:13 - 00888640 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00736192 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00234752 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00130488 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00085280 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00081184 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\Users\Public\Desktop\True Image 2013.lnk
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\ProgramData\Desktop\True Image 2013.lnk
2013-08-31 10:57 - 2013-08-31 11:02 - 00001024 _____ C:\Windows\system32\AutoPartNt.let
2013-08-31 10:57 - 2013-08-31 10:57 - 02088288 _____ (Acronis) C:\Windows\system32\AutoPartNt.exe
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Program Files\Daum
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\ProgramData\Documents\hdsky.ini
2013-08-21 20:35 - 2013-08-26 00:58 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\XBMC
2013-08-21 20:33 - 2013-08-21 20:33 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2013-08-19 17:01 - 2013-08-19 17:01 - 00000000 ____D C:\Users\mikelsoft\.dvdcss
2013-08-19 01:45 - 2013-08-19 01:45 - 00330264 _____ (Intel Corporation) C:\Windows\system32\Drivers\IaStor.sys
2013-08-18 00:15 - 2013-08-18 00:17 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-09-15 13:08 - 2013-09-15 13:08 - 00000000 ____D C:\FRST
2013-09-15 12:41 - 2012-06-28 15:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-15 08:21 - 2009-07-14 06:34 - 00022048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-15 08:21 - 2009-07-14 06:34 - 00022048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-15 08:16 - 2011-12-25 18:53 - 01074634 _____ C:\Windows\WindowsUpdate.log
2013-09-15 06:13 - 2011-12-25 19:01 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-15 06:05 - 2013-09-07 20:00 - 00003416 _____ C:\Windows\setupact.log
2013-09-15 06:05 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-15 06:03 - 2011-12-30 19:44 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\deluge
2013-09-15 06:01 - 2013-09-15 05:50 - 00000626 _____ C:\DelFix.txt
2013-09-15 06:00 - 2013-09-14 20:00 - 00000000 ____D C:\Windows\ERUNT
2013-09-14 21:05 - 2011-12-25 20:30 - 00000000 ____D C:\Program Files\ESET
2013-09-14 19:59 - 2013-09-14 19:11 - 00000000 ____D C:\Windows\erdnt
2013-09-14 19:57 - 2013-09-14 19:56 - 00000000 ____D C:\AdwCleaner
2013-09-14 19:50 - 2012-02-11 16:45 - 00000000 ____D C:\Program Files\GTK2-Runtime
2013-09-14 19:48 - 2013-09-14 19:48 - 00000000 ____D C:\Program Files\Deluge
2013-09-14 19:48 - 2011-12-30 19:57 - 00000941 _____ C:\Users\Public\Desktop\Deluge.lnk
2013-09-14 19:48 - 2011-12-30 19:57 - 00000941 _____ C:\ProgramData\Desktop\Deluge.lnk
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\NetworkService
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\LocalService
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\HomeGroupUser$
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\Agent
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\Acronis
2013-09-14 19:42 - 2012-10-01 16:41 - 00000000 ____D C:\Users\SYSTEM
2013-09-14 19:42 - 2012-10-01 16:41 - 00000000 ____D C:\Users\Gast
2013-09-14 19:42 - 2012-10-01 16:41 - 00000000 ____D C:\Users\Administrator
2013-09-14 19:42 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-09-14 19:42 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-09-14 19:39 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-09-14 19:38 - 2013-09-07 20:00 - 00004698 _____ C:\Windows\PFRO.log
2013-09-14 19:10 - 2013-09-14 19:10 - 00000218 _____ C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2013-09-14 17:09 - 2013-09-14 17:09 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Malwarebytes
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:08 - 2013-09-14 17:07 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-14 16:49 - 2013-05-27 11:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-13 12:46 - 2013-08-09 13:52 - 00001124 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-13 12:46 - 2013-08-09 13:52 - 00001124 _____ C:\ProgramData\Desktop\TeamViewer 8.lnk
2013-09-13 12:43 - 2013-09-13 12:43 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Advanced
2013-09-13 12:43 - 2013-06-28 15:16 - 00000000 ____D C:\ProgramData\Advanced
2013-09-13 12:39 - 2013-01-06 18:53 - 00002074 _____ C:\Windows\epplauncher.mif
2013-09-12 00:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-11 23:47 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-11 23:40 - 2011-12-25 18:41 - 00000000 ____D C:\Windows\Panther
2013-09-11 23:00 - 2013-07-13 13:06 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 22:54 - 2011-12-25 19:12 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 22:10 - 2009-07-14 06:33 - 00267760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 22:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-11 22:07 - 2013-03-23 13:05 - 00000000 ____D C:\Program Files\BubbleUPnP Server
2013-09-10 22:41 - 2012-06-28 15:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-10 22:41 - 2011-12-25 19:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-10 15:06 - 2013-09-10 15:06 - 01380160 _____ (MPC-HC Team) C:\Windows\system32\VSFilter.dll
2013-09-08 11:24 - 2013-05-17 17:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\AIMP3
2013-09-07 22:23 - 2011-12-26 00:03 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Media Player Classic
2013-09-07 20:03 - 2011-12-25 19:29 - 00000000 ____D C:\Program Files\CCleaner
2013-09-07 20:00 - 2013-09-07 20:00 - 00000000 _____ C:\Windows\setuperr.log
2013-09-07 19:57 - 2011-12-25 19:29 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-07 19:57 - 2011-12-25 19:29 - 00000969 _____ C:\ProgramData\Desktop\CCleaner.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-09-07 19:50 - 2013-09-07 19:49 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2013-09-07 19:50 - 2013-01-16 23:30 - 00001799 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-09-07 19:50 - 2013-01-16 23:30 - 00001799 _____ C:\ProgramData\Desktop\Recuva.lnk
2013-09-07 19:50 - 2013-01-16 23:30 - 00000000 ____D C:\Program Files\Recuva
2013-09-07 19:50 - 2011-12-25 19:46 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\FileZilla
2013-09-07 12:14 - 2012-09-05 17:06 - 00016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-09-01 13:09 - 2011-12-25 22:50 - 00000000 ____D C:\ProgramData\Acronis
2013-08-31 11:47 - 2013-08-31 11:21 - 00000000 ___RD C:\acroldr
2013-08-31 11:16 - 2011-12-25 22:50 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Acronis
2013-08-31 11:15 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Acronis
2013-08-31 11:13 - 2013-08-31 11:13 - 00888640 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00736192 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00234752 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00130488 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00085280 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00081184 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2013-08-31 11:13 - 2011-12-25 22:52 - 00158496 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2013-08-31 11:13 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Common Files\Acronis
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\Users\Public\Desktop\True Image 2013.lnk
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\ProgramData\Desktop\True Image 2013.lnk
2013-08-31 11:02 - 2013-08-31 10:57 - 00001024 _____ C:\Windows\system32\AutoPartNt.let
2013-08-31 10:57 - 2013-08-31 10:57 - 02088288 _____ (Acronis) C:\Windows\system32\AutoPartNt.exe
2013-08-31 06:46 - 2012-06-27 18:49 - 00000000 ____D C:\Program Files\JDownloader
2013-08-30 23:34 - 2011-12-30 15:44 - 00000000 ____D C:\Program Files\XBMC
2013-08-26 11:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-08-26 00:58 - 2013-08-21 20:35 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\XBMC
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Program Files\Daum
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\ProgramData\Documents\hdsky.ini
2013-08-24 19:33 - 2013-07-21 14:27 - 00000000 ____D C:\Program Files\DVBViewer
2013-08-22 12:45 - 2012-01-05 22:12 - 00000589 _____ C:\Users\mikelsoft\Desktop\WampServer.lnk
2013-08-22 12:45 - 2012-01-05 22:11 - 00000000 ____D C:\wamp
2013-08-22 12:34 - 2012-09-03 19:15 - 00000000 ____D C:\MediaServer
2013-08-21 20:33 - 2013-08-21 20:33 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2013-08-21 16:54 - 2012-01-05 20:41 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Notepad++
2013-08-19 17:01 - 2013-08-19 17:01 - 00000000 ____D C:\Users\mikelsoft\.dvdcss
2013-08-19 17:01 - 2011-12-25 18:54 - 00000000 ____D C:\Users\mikelsoft
2013-08-19 13:02 - 2011-12-25 22:42 - 00000000 ____D C:\ProgramData\PMS
2013-08-19 01:47 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-19 01:45 - 2013-08-19 01:45 - 00330264 _____ (Intel Corporation) C:\Windows\system32\Drivers\IaStor.sys
2013-08-19 00:29 - 2013-06-04 20:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-18 11:24 - 2011-12-25 19:50 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\vlc
2013-08-18 00:17 - 2013-08-18 00:15 - 00000000 ____D C:\Program Files\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\mikelsoft\AppData\Local\temp\gtk2-runtime-2.16.6-2010-05-12-ash.exe
C:\Users\mikelsoft\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 00:18

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-09-2013 03
Ran by mikelsoft at 2013-09-15 13:09:36
Running from G:\MyDownloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

µTorrent (Version: 3.1.2)
7-Zip 9.27 alpha
Acronis Disk Director 11 Advanced Bootable Media Builder (Version: 11.0.12077)
Acronis Disk Director 11 Advanced* Agent (Version: 11.0.12077)
Acronis Disk Director 11 Advanced*Management*Console (Version: 11.0.12077)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
AIMP3 (Version: v3.51.1288, 07.08.2013)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2013.0328.2218.38225)
AMD Media Foundation Decoders (Version: 1.0.80328.2203)
AMD VISION Engine Control Center (Version: 2013.0328.2218.38225)
AnyDVD (Version: 7.2.0.0)
Bonjour (Version: 2.0.0.36)
Bonjour-Druckdienste (Version: 2.0.0.36)
BubbleUPnP Server
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225)
CCC Help Czech (Version: 2013.0328.2217.38225)
CCC Help Danish (Version: 2013.0328.2217.38225)
CCC Help Dutch (Version: 2013.0328.2217.38225)
CCC Help English (Version: 2013.0328.2217.38225)
CCC Help Finnish (Version: 2013.0328.2217.38225)
CCC Help French (Version: 2013.0328.2217.38225)
CCC Help German (Version: 2013.0328.2217.38225)
CCC Help Greek (Version: 2013.0328.2217.38225)
CCC Help Hungarian (Version: 2013.0328.2217.38225)
CCC Help Italian (Version: 2013.0328.2217.38225)
CCC Help Japanese (Version: 2013.0328.2217.38225)
CCC Help Korean (Version: 2013.0328.2217.38225)
CCC Help Norwegian (Version: 2013.0328.2217.38225)
CCC Help Polish (Version: 2013.0328.2217.38225)
CCC Help Portuguese (Version: 2013.0328.2217.38225)
CCC Help Russian (Version: 2013.0328.2217.38225)
CCC Help Spanish (Version: 2013.0328.2217.38225)
CCC Help Swedish (Version: 2013.0328.2217.38225)
CCC Help Thai (Version: 2013.0328.2217.38225)
CCC Help Turkish (Version: 2013.0328.2217.38225)
ccc-utility (Version: 2013.0328.2218.38225)
CCleaner (Version: 4.05)
CMD Prompt Here as Administrator PowerToy for Windows Vista v1.0.2 (Uninstall only) (Version: 1.0.2)
CMD Prompt Here PowerToy v1.0.3 (Uninstall only) (Version: 1.0.3)
CyberLink PowerDVD 12 (Version: 12.0.1905.56)
CyberLink PowerDVD 13 (Version: 13.0.3105.58)
DAEMON Tools Lite (Version: 4.47.1.0337)
Daum PotPlayer 1.5.39036
Deluge 1.3.3
Digital Devices DVB Driver 2.4.2.70 (Version: 2.4.2.70)
DVBViewer Pro (Version: 5.2.7)
DVBViewer Recording Properties (Beta) (Version: 2.0.0.0)
DVBViewer Recording Service (Version: 1.26.0)
ESET Online Scanner v3
FileHippo.com Update Checker
FileZilla Client 3.7.3 (Version: 3.7.3)
FileZilla Server (Version: beta 0.9.41)
Foxit Reader (Version: 6.0.6.722)
GTK2-Runtime (Version: 2.16.6-2010-05-12-ash)
Hama MX Pro II Webcam (Version: 5.7.8.202)
HDD Regenerator (Version: 20.11.0011)
ImgBurn (Version: 2.5.8.0)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 38 (Version: 6.0.380)
JDownloader 0.9 (Version: 0.9)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Media Control  6.0.8
MediaInfo 0.7.64 (Version: 0.7.64)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MKVcleaver (Version: 6.0.2)
MKVToolNix 6.2.0 (Version: 6.2.0)
Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MPC-HC 1.6.8 (Version: 1.6.8.7417)
MySQL Tools for 5.0 (Version: 5.0.17)
No-IP DUC (Version: 3.0.4)
Notepad++ (Version: 6.4.5)
Picasa 3 (Version: 3.9)
PlayReady PC Runtime x86 (Version: 1.3.0)
PS3 Media Server (Version: 1.90.1)
Recuva (Version: 1.48)
Screenshot Captor 2.101.02
Shark007 Advanced Codecs (Version: 4.2.6)
TeamViewer 8 (Version: 8.0.20935)
TechPowerUp GPU-Z
TeraCopy 2.27
True Image 2013 (Version: 16.0.6514)
True Image 2013 Plus Pack (Version: 16.0.6514)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
VLC media player 2.0.8 (Version: 2.0.8)
VNC Mirror Driver 1.8.0 (Version: 1.8.0)
VNC Printer Driver 1.8.0 (Version: 1.8.0)
VNC Server 5.0.0 (Version: 5.0.0)
VNC Viewer 5.0.0 (Version: 5.0.0)
WampServer 2.4
webcam 7 (Version: 0.9.9.43)
Winamp (Version: 5.7 Beta)
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
XBMC

==================== Restore Points  =========================

15-09-2013 04:00:57 Ende der Bereinigung

==================== Hosts content: ==========================

2012-01-04 17:21 - 2013-09-14 19:39 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0D9B5D92-3A22-486D-A887-3AA21597CF27} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {1DA5A2AF-BB8E-436B-B95F-6CA45CFE41EE} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {297C8A11-7D5F-4D06-93E0-B0D1F775F768} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {650E4F84-26C4-4D60-85C3-8C9A3B7BCA77} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10] (Adobe Systems Incorporated)
Task: {C64D0B95-293A-429E-BEEE-1629179AADFD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {D46D9F9C-6EB3-4041-86F6-65F91AAF99EA} - System32\Tasks\{7BBE25DE-2E1E-4A56-8485-6F1A4F73D77E} => C:\Program Files\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe [2012-07-25] (CyberLink Corp.)
Task: {DD654313-CDE6-4B42-A576-53E96248F099} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2009-07-14 02:07 - 2009-07-14 03:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2013-03-28 00:53 - 2013-03-28 00:53 - 02670136 _____ (Acronis) G:\Programme\Acronis\TrueImageHome\tishell.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2013-03-27 22:36 - 2013-03-27 22:36 - 00021312 _____ () G:\Programme\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2012-09-04 17:17 - 2011-10-26 17:41 - 00325120 _____ () C:\Program Files\TeraCopy\TeraCopy.dll
2013-03-28 00:54 - 2013-03-28 00:54 - 00141632 _____ (Acronis) G:\Programme\Acronis\TrueImageHome\versions_page.dll
2012-09-04 17:17 - 2011-10-26 17:41 - 00305664 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2013-09-07 19:59 - 2013-04-06 13:38 - 00197080 _____ (Foxit Corporation) C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2013-05-17 17:11 - 2013-08-09 13:56 - 00286720 _____ (AIMP DevTeam) C:\Program Files\AIMP3\Modules\aimp_menu32.dll
2013-08-04 17:39 - 2013-07-05 07:24 - 00861960 _____ () C:\Program Files\CyberLink\PowerDVD13\common\UNO\UNO.dll
2013-08-04 17:39 - 2013-05-02 02:06 - 02113536 _____ (Python Software Foundation) C:\Program Files\CyberLink\PowerDVD13\Common\koan\python25.dll
2013-08-04 17:36 - 2013-05-02 02:06 - 00081920 _____ () C:\Program Files\CyberLink\PowerDVD13\Common\koan\_ctypes.pyd
2013-08-04 17:37 - 2013-05-02 02:06 - 00053248 _____ () C:\Program Files\CyberLink\PowerDVD13\Common\Koan\_socket.pyd
2013-08-04 17:37 - 2013-05-02 02:06 - 00655360 _____ () C:\Program Files\CyberLink\PowerDVD13\Common\Koan\_ssl.pyd
2013-02-10 16:52 - 2003-01-29 16:37 - 01015808 _____ (X10 Wireless Technology, Inc.) C:\Program Files\Common Files\X10\Common\x10net.dll
2013-08-04 17:38 - 2013-07-05 07:24 - 00043272 _____ () C:\Program Files\CyberLink\PowerDVD13\Kernel\DHProcedure\DHProcedure.dll
2013-03-27 18:53 - 2013-03-27 18:53 - 00121152 _____ (Acronis) G:\Programme\Acronis\TrueImageHome\afcdpapi.dll
2013-01-23 16:09 - 2013-01-23 16:09 - 00399680 _____ (Acronis) C:\Program Files\Common Files\Acronis\SnapAPI\snapapi.dll
2013-03-28 00:37 - 2013-03-28 00:37 - 13627872 _____ () G:\Programme\Acronis\TrueImageHome\ti_managers.dll
2013-03-27 21:31 - 2013-03-27 21:31 - 00028480 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\thread_pool.dll
2013-03-27 21:33 - 2013-03-27 21:33 - 00289088 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\libssl10.dll
2013-03-27 21:23 - 2013-04-06 01:21 - 01323008 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\libcrypto10.dll
2013-03-28 00:32 - 2013-03-28 00:32 - 00076096 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\rpc_client.dll
2013-03-20 19:31 - 2013-03-20 19:31 - 00280896 _____ (Acronis) C:\Program Files\Common Files\Acronis\Home\sync_agent_api.dll
2013-03-14 17:51 - 2013-03-14 17:51 - 03566664 _____ (Acronis International GmbH) C:\Program Files\Common Files\Acronis\TrueImageHome\tdrpapi.dll
2013-01-10 13:31 - 2013-01-10 13:31 - 00342488 _____ (Acronis) C:\Program Files\Common Files\Acronis\TibMounter\tib_mounter.dll
2013-01-10 13:45 - 2013-01-10 13:45 - 01752600 _____ (Acronis) C:\Program Files\Common Files\Acronis\TibMounter\fox.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files\Common Files\Acronis\TibMounter\icudt38.dll
2013-01-10 13:41 - 2013-01-10 13:41 - 00034840 _____ (Acronis) C:\Program Files\Common Files\Acronis\TibMounter\thread_pool.dll
2013-03-28 22:29 - 2013-03-28 22:29 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-11-21 23:24 - 2009-10-26 17:24 - 02149888 _____ (Python Software Foundation) G:\Deluge\python26.dll
2012-11-22 00:50 - 2009-10-26 17:25 - 00040448 _____ () G:\Deluge\_socket.pyd
2012-11-22 00:50 - 2009-10-26 17:25 - 00645120 _____ () G:\Deluge\_ssl.pyd
2012-11-22 00:37 - 2009-10-06 07:15 - 00096256 _____ () G:\Deluge\win32api.pyd
2012-11-21 23:24 - 2009-10-06 07:15 - 00110592 _____ () G:\Deluge\pywintypes26.dll
2012-11-21 19:15 - 2011-04-09 18:58 - 00058368 _____ () G:\Deluge\glib._glib.pyd
2012-11-21 19:45 - 2012-02-09 09:43 - 01242929 _____ (The GLib developer community) G:\Deluge\libglib-2.0-0.dll
2012-11-21 19:26 - 2012-02-09 09:43 - 00152489 _____ (Free Software Foundation) G:\Deluge\intl.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00044287 _____ (The GLib developer community) G:\Deluge\libgthread-2.0-0.dll
2012-11-21 19:15 - 2011-04-09 18:58 - 00113152 _____ () G:\Deluge\gobject._gobject.pyd
2012-11-21 19:45 - 2012-02-09 09:43 - 00341594 _____ (The GLib developer community) G:\Deluge\libgobject-2.0-0.dll
2012-11-22 00:47 - 2009-01-02 22:20 - 00019968 _____ () G:\Deluge\zope.interface._zope_interface_coptimizations.pyd
2012-11-22 00:29 - 2010-03-04 03:11 - 00007168 _____ () G:\Deluge\twisted.python._initgroups.pyd
2012-11-21 23:16 - 2009-05-13 01:28 - 00010240 _____ () G:\Deluge\OpenSSL.rand.pyd
2012-11-21 19:45 - 2007-03-09 19:23 - 00490496 _____ (The OpenSSL Project, hxxp://www.openssl.org/) G:\Deluge\LIBEAY32.dll
2012-11-21 23:16 - 2009-05-13 01:28 - 00047616 _____ () G:\Deluge\OpenSSL.crypto.pyd
2012-11-21 23:16 - 2009-05-13 01:28 - 00040960 _____ () G:\Deluge\OpenSSL.SSL.pyd
2012-11-21 23:48 - 2007-03-09 19:26 - 00088064 _____ (The OpenSSL Project, hxxp://www.openssl.org/) G:\Deluge\SSLEAY32.dll
2012-11-22 00:50 - 2009-10-26 17:25 - 00073728 _____ () G:\Deluge\_ctypes.pyd
2012-11-22 00:50 - 2009-10-26 17:27 - 00311808 _____ () G:\Deluge\_hashlib.pyd
2012-11-22 00:37 - 2009-10-06 07:15 - 00036352 _____ () G:\Deluge\win32process.pyd
2012-11-21 23:38 - 2009-10-26 17:27 - 00011776 _____ () G:\Deluge\select.pyd
2012-11-21 19:16 - 2011-04-09 19:00 - 01882624 _____ () G:\Deluge\gtk._gtk.pyd
2012-11-21 19:45 - 2012-02-09 09:43 - 01294335 _____ () G:\Deluge\libcairo-2.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00279059 _____ () G:\Deluge\libfontconfig-1.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00143096 _____ () G:\Deluge\libexpat-1.dll
2012-11-21 19:13 - 2012-02-09 09:43 - 00538324 _____ () G:\Deluge\freetype6.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00230529 _____ () G:\Deluge\libpng14-14.dll
2012-11-22 00:47 - 2012-02-09 09:43 - 00100352 _____ () G:\Deluge\zlib1.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00932373 _____ (The GTK developer community) G:\Deluge\libgdk-win32-2.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00285194 _____ (The GTK developer community) G:\Deluge\libgdk_pixbuf-2.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 01222182 _____ (The GLib developer community) G:\Deluge\libgio-2.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00036986 _____ (The GLib developer community) G:\Deluge\libgmodule-2.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00333729 _____ (Red Hat Software) G:\Deluge\libpango-1.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00104729 _____ (Red Hat Software) G:\Deluge\libpangocairo-1.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00815421 _____ (Red Hat Software) G:\Deluge\libpangoft2-1.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 00108945 _____ (Red Hat Software) G:\Deluge\libpangowin32-1.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 04939820 _____ (The GTK developer community) G:\Deluge\libgtk-win32-2.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:42 - 00163476 _____ (Sun Microsystems Inc.) G:\Deluge\libatk-1.0-0.dll
2012-11-21 18:21 - 2010-11-03 06:34 - 00069632 _____ () G:\Deluge\cairo._cairo.pyd
2012-11-21 19:15 - 2011-04-09 18:58 - 00263168 _____ () G:\Deluge\gio._gio.pyd
2012-11-21 23:17 - 2011-04-09 19:01 - 00111616 _____ () G:\Deluge\pango.pyd
2012-11-21 18:13 - 2011-04-09 19:01 - 00208384 _____ () G:\Deluge\atk.pyd
2012-11-21 23:17 - 2011-04-09 19:01 - 00017920 _____ () G:\Deluge\pangocairo.pyd
2012-11-21 19:16 - 2011-04-09 19:01 - 00018944 _____ () G:\Deluge\gtk.glade.pyd
2012-11-21 19:45 - 2012-02-09 09:43 - 00168833 _____ () G:\Deluge\libglade-2.0-0.dll
2012-11-21 19:45 - 2012-02-09 09:43 - 01225225 _____ () G:\Deluge\libxml2-2.dll
2012-11-22 00:29 - 2010-03-04 03:11 - 00008192 _____ () G:\Deluge\twisted.protocols._c_urlarg.pyd
2012-11-21 19:45 - 2012-02-09 09:43 - 00100255 _____ () G:\Deluge\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2012-11-22 00:37 - 2009-10-06 07:15 - 00017920 _____ () G:\Deluge\win32event.pyd
2012-11-21 19:45 - 2012-02-22 11:43 - 01949184 _____ () G:\Deluge\libtorrent.pyd
2012-11-22 00:37 - 2009-10-06 07:15 - 00111104 _____ () G:\Deluge\win32file.pyd
2013-03-27 22:36 - 2013-03-27 22:36 - 00726360 _____ (Acronis) G:\Programme\Acronis\TrueImageHome\ti_managers_proxy.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\ProgramData\Temp:B755D674

==================== Faulty Device Manager Devices =============

Name: AODDriver4.2
Description: AODDriver4.2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/15/2013 00:55:17 PM) (Source: VNC Server) (User: )
Description: SConnection: Assuming compatibility with version 3.3

Error: (09/15/2013 00:55:17 PM) (Source: VNC Server) (User: )
Description: SConnection: Client asked for invalid protocol version 3.4

Error: (09/15/2013 08:08:12 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (09/15/2013 07:10:51 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (09/15/2013 06:36:59 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/15/2013 06:36:59 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/15/2013 06:36:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/15/2013 06:36:47 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/15/2013 06:36:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/15/2013 06:04:20 AM) (Source: Bonjour Service) (User: )
Description: 456: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde vom Remotehost geschlossen.)


System errors:
=============
Error: (09/15/2013 01:00:22 PM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/15/2013 00:59:22 PM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/15/2013 00:58:22 PM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/15/2013 00:12:27 PM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/15/2013 00:11:27 PM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/15/2013 00:10:27 PM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/15/2013 07:02:22 AM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/15/2013 07:01:22 AM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/15/2013 07:00:22 AM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (09/15/2013 06:46:21 AM) (Source: srv) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.


Microsoft Office Sessions:
=========================
Error: (09/15/2013 00:55:17 PM) (Source: VNC Server)(User: )
Description: SConnectionAssuming compatibility with version 3.3

Error: (09/15/2013 00:55:17 PM) (Source: VNC Server)(User: )
Description: SConnectionClient asked for invalid protocol version 3.4

Error: (09/15/2013 08:08:12 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (09/15/2013 07:10:51 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (09/15/2013 06:36:59 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files\Acronis\BootableComponents\WinPE\Files\mms.exe

Error: (09/15/2013 06:36:59 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files\Acronis\BootableComponents\WinPE\Files\RecoveryExpert.exe

Error: (09/15/2013 06:36:58 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files\Acronis\BootableComponents\WinPE\Files\TrueImage.exe

Error: (09/15/2013 06:36:47 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files\Acronis\BootableComponents\WinPE\Files\DiskDirectorAdvancedService.exe

Error: (09/15/2013 06:36:42 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files\Acronis\BootableComponents\WinPE\Files\systeminfo.exe

Error: (09/15/2013 06:04:20 AM) (Source: Bonjour Service)(User: )
Description: 456: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde vom Remotehost geschlossen.)


==================== Memory info =========================== 

Percentage of memory in use: 38%
Total physical RAM: 3327.18 MB
Available physical RAM: 2059.13 MB
Total Pagefile: 6652.66 MB
Available Pagefile: 5291.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:78.83 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1397.26 GB) (Free:661.66 GB) NTFS
Drive g: (Volume) (Fixed) (Total:2794.39 GB) (Free:169.36 GB) NTFS
Drive h: (Volume) (Fixed) (Total:2794.39 GB) (Free:2569.45 GB) NTFS
Drive i: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 7EF8E762)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: D8682190)
Partition 1: (Not Active) - (Size=-698724909056) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 2795 GB) (Disk ID: B6DE571E)

Partition: GPT Partition Type
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 2795 GB) (Disk ID: B47E2868)

Partition: GPT Partition Type
==================== End Of Log ============================
         


Alt 15.09.2013, 15:56   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Post vom Abuse Team - Standard

Post vom Abuse Team



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Post vom Abuse Team

Alt 15.09.2013, 16:29   #7
inesa394
 
Post vom Abuse Team - Standard

Post vom Abuse Team



Meine Logs

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.003 - Bericht erstellt am 15/09/2013 um 17:20:09
# Updated 07/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : mikelsoft - MIKELSOFT-PC
# Gestartet von : C:\Users\mikelsoft\Desktop\AdwCleaner(1).exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\\invalidprefs.js
Datei Gefunden : C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\searchplugins\Askcom.xml
Datei Gefunden : C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\searchplugins\delta.xml
Datei Gefunden : C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\user.js
Ordner Gefunden C:\ProgramData\Babylon
Ordner Gefunden C:\Users\mikelsoft\AppData\LocalLow\delta

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\BI
Schlüssel Gefunden : HKCU\Software\e57d8dae669b845
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gefunden : HKLM\Software\PIP

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\prefs.js ]

Zeile gefunden : user_pref("extensions.delta.admin", false);
Zeile gefunden : user_pref("extensions.delta.aflt", "babsst");
Zeile gefunden : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gefunden : user_pref("extensions.delta.autoRvrt", "false");
Zeile gefunden : user_pref("extensions.delta.dfltLng", "en");
Zeile gefunden : user_pref("extensions.delta.excTlbr", false);
Zeile gefunden : user_pref("extensions.delta.id", "ea63bed400000000000000ff652dc1f8");
Zeile gefunden : user_pref("extensions.delta.instlDay", "15748");
Zeile gefunden : user_pref("extensions.delta.instlRef", "sst");
Zeile gefunden : user_pref("extensions.delta.newTab", false);
Zeile gefunden : user_pref("extensions.delta.prdct", "delta");
Zeile gefunden : user_pref("extensions.delta.prtnrId", "delta");
Zeile gefunden : user_pref("extensions.delta.rvrt", "false");
Zeile gefunden : user_pref("extensions.delta.smplGrp", "none");
Zeile gefunden : user_pref("extensions.delta.tlbrId", "base");
Zeile gefunden : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gefunden : user_pref("extensions.delta.vrsn", "1.8.10.0");
Zeile gefunden : user_pref("extensions.delta.vrsnTs", "1.8.10.011:12:47");
Zeile gefunden : user_pref("extensions.delta.vrsni", "1.8.10.0");
Zeile gefunden : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);

*************************

AdwCleaner[R0].txt - [3882 octets] - [15/09/2013 17:20:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3942 octets] ##########
         
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.004 - Bericht erstellt am 15/09/2013 um 17:20:27
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : mikelsoft - MIKELSOFT-PC
# Gestartet von : C:\Users\mikelsoft\Desktop\adwcleaner(2).exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v23.0.1 (de)

[ Datei : C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [4695 octets] - [15/09/2013 17:20:09]
AdwCleaner[S0].txt - [4087 octets] - [15/09/2013 17:20:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4815 octets] ##########
         
--- --- ---


Code:
ATTFilter
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Home Premium x86
Ran by mikelsoft on 15.09.2013 at 17:22:20,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.09.2013 at 17:24:07,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-09-2013 03
Ran by mikelsoft (administrator) on MIKELSOFT-PC on 15-09-2013 17:26:00
Running from C:\Users\mikelsoft\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server Interface.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) G:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(CM&V Hackbart) C:\Program Files\DVBViewer\DVBVCtrl.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CM & V) C:\Program Files\DVBViewer\DVBVservice.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Acronis) C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [413464 2013-02-15] (Acronis)
HKLM\...\Run: [FileZilla Server Interface] - C:\Program Files\FileZilla Server\FileZilla Server Interface.exe [1044992 2012-02-26] (FileZilla Project)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [PowerDVD13Agent] - C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM\...\Run: [TrueImageMonitor.exe] - G:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM\...\Run: [AcronisTibMounterMonitor] - C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [DVBV Service Ctrl] - C:\Program Files\DVBViewer\DVBVCtrl.exe [87552 2012-04-11] (CM&V Hackbart)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKCU\...\Policies\Explorer: [NoDrives] 0
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3DAEE641B587CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\..\Interfaces\{60DF89D1-1065-4913-84D6-E1ACCAE2CAD5}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\searchplugins\suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Forecastfox - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF Extension: Flagfox - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: WOT - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: DownloadHelper - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: canitbecheaper - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

========================== Services (Whitelisted) =================

S3 AcronisAgent; C:\Program Files\Common Files\Acronis\Agent\agent.exe [1914768 2010-11-30] (Acronis)
R3 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [831360 2013-02-15] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3816440 2013-08-31] (Acronis)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-03-28] (Advanced Micro Devices, Inc.)
S3 BubbleUPnP Server; C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe [196608 2011-11-16] ()
R2 CLHNServiceForPowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-07-25] (CyberLink Corp.)
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-07-25] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-07-25] (CyberLink)
S3 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
S3 CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 DMS; C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe [4638352 2010-11-30] (Acronis)
R2 DVBVRecorder; C:\Program Files\DVBViewer\DVBVservice.exe [866944 2013-08-22] (CM & V)
R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [632320 2012-02-26] (FileZilla Project)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7094592 2013-03-20] (Acronis)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [3458952 2012-05-29] (RealVNC Ltd)
S3 w7Svc; C:\Program Files\webcam 7\wService.exe [5094200 2012-03-26] (Moonware Studios)
S3 wampapache; c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe [18432 2011-09-26] (Apache Software Foundation)
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [8177664 2012-04-19] ()
S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70824 2012-10-11] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [34984 2012-10-11] (Advanced Micro Devices)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [124504 2013-05-19] (SlySoft, Inc.)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 DDBaseNg; C:\Windows\System32\DRIVERS\DDBaseNg.sys [70144 2013-02-20] (Digital Devices GmbH)
R3 DDCapture; C:\Windows\System32\DRIVERS\DDCapture.sys [14848 2013-02-20] (Digital Devices GmbH)
R3 DDTuner; C:\Windows\System32\DRIVERS\DDTuner.sys [135424 2013-02-20] (Digital Devices GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-09-07] (Disc Soft Ltd)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys [121208 2012-06-20] (Cyberlink Corp.)
S3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [11985920 2006-08-11] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-04] (Duplex Secure Ltd.)
S3 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [888640 2013-08-31] (Acronis International GmbH)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-11-11] (TeamViewer GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2013-08-31] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2013-08-31] (Acronis)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2013-08-31] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2013-08-31] (Acronis International GmbH)
R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2011-08-18] (RealVNC Ltd.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-07-06] (CyberLink Corp.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [88312 2012-07-05] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\MIKELS~1\AppData\Local\Temp\catchme.sys [x]
S3 GPU-Z; \??\C:\Users\MIKELS~1\AppData\Local\Temp\GPU-Z.sys [x]
S3 usbcamcl; system32\DRIVERS\usbcamcl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-15 17:20 - 2013-09-15 12:24 - 01084047 _____ (Farbar) C:\Users\mikelsoft\Desktop\FRST.exe
2013-09-15 17:19 - 2013-09-15 17:19 - 00000629 _____ C:\Users\mikelsoft\Desktop\JRT.txt
2013-09-15 17:09 - 2013-09-15 17:09 - 01039554 _____ C:\Users\mikelsoft\Desktop\adwcleaner(2).exe
2013-09-15 17:09 - 2013-09-15 17:09 - 01029675 _____ (Thisisu) C:\Users\mikelsoft\Desktop\JRT(1).exe
2013-09-15 15:52 - 2013-09-15 15:52 - 00000000 ____D C:\Windows\system32\oodag
2013-09-15 15:43 - 2013-09-15 17:15 - 00000168 _____ C:\Windows\setupact.log
2013-09-15 15:43 - 2013-09-15 15:43 - 00000000 _____ C:\Windows\setuperr.log
2013-09-15 13:08 - 2013-09-15 13:08 - 00000000 ____D C:\FRST
2013-09-15 05:50 - 2013-09-15 06:01 - 00000626 _____ C:\DelFix.txt
2013-09-14 20:00 - 2013-09-15 06:00 - 00000000 ____D C:\Windows\ERUNT
2013-09-14 19:56 - 2013-09-15 17:13 - 00000000 ____D C:\AdwCleaner
2013-09-14 19:48 - 2013-09-14 19:48 - 00000000 ____D C:\Program Files\Deluge
2013-09-14 19:11 - 2013-09-14 19:59 - 00000000 ____D C:\Windows\erdnt
2013-09-14 19:10 - 2013-09-14 19:10 - 00000218 _____ C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2013-09-14 17:09 - 2013-09-14 17:09 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Malwarebytes
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:07 - 2013-09-14 17:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-14 17:07 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-13 12:43 - 2013-09-13 12:43 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Advanced
2013-09-13 12:43 - 2013-04-05 21:26 - 01679360 _____ C:\Windows\system32\ac3filter.acm.new
2013-09-13 12:40 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-09-11 23:00 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 23:00 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 23:00 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 23:00 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 23:00 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 21:50 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 21:50 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 21:50 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 21:50 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 21:50 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 21:50 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:50 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 21:50 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 15:06 - 2013-09-10 15:06 - 01380160 _____ (MPC-HC Team) C:\Windows\system32\VSFilter.dll
2013-09-07 19:59 - 2013-06-09 21:59 - 00216064 _____ C:\Windows\system32\gcapi_dll.dll
2013-09-07 19:54 - 2013-09-07 19:54 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-09-07 19:49 - 2013-09-07 19:50 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2013-08-31 11:21 - 2013-08-31 11:47 - 00000000 ___RD C:\acroldr
2013-08-31 11:13 - 2013-08-31 11:13 - 00888640 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00736192 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00234752 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00130488 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00085280 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00081184 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\Users\Public\Desktop\True Image 2013.lnk
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\ProgramData\Desktop\True Image 2013.lnk
2013-08-31 10:57 - 2013-08-31 11:02 - 00001024 _____ C:\Windows\system32\AutoPartNt.let
2013-08-31 10:57 - 2013-08-31 10:57 - 02088288 _____ (Acronis) C:\Windows\system32\AutoPartNt.exe
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Program Files\Daum
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\ProgramData\Documents\hdsky.ini
2013-08-21 20:35 - 2013-08-26 00:58 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\XBMC
2013-08-21 20:33 - 2013-08-21 20:33 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2013-08-19 17:01 - 2013-08-19 17:01 - 00000000 ____D C:\Users\mikelsoft\.dvdcss
2013-08-19 01:45 - 2013-08-19 01:45 - 00330264 _____ (Intel Corporation) C:\Windows\system32\Drivers\IaStor.sys
2013-08-18 00:15 - 2013-08-18 00:17 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-09-15 17:19 - 2013-09-15 17:19 - 00000629 _____ C:\Users\mikelsoft\Desktop\JRT.txt
2013-09-15 17:15 - 2013-09-15 15:43 - 00000168 _____ C:\Windows\setupact.log
2013-09-15 17:15 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-15 17:14 - 2011-12-25 18:53 - 01079185 _____ C:\Windows\WindowsUpdate.log
2013-09-15 17:13 - 2013-09-14 19:56 - 00000000 ____D C:\AdwCleaner
2013-09-15 17:09 - 2013-09-15 17:09 - 01039554 _____ C:\Users\mikelsoft\Desktop\adwcleaner(2).exe
2013-09-15 17:09 - 2013-09-15 17:09 - 01029675 _____ (Thisisu) C:\Users\mikelsoft\Desktop\JRT(1).exe
2013-09-15 16:41 - 2012-06-28 15:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-15 15:52 - 2013-09-15 15:52 - 00000000 ____D C:\Windows\system32\oodag
2013-09-15 15:43 - 2013-09-15 15:43 - 00000000 _____ C:\Windows\setuperr.log
2013-09-15 15:22 - 2012-07-30 10:25 - 00002089 _____ C:\Users\Public\Desktop\MPC-HC.lnk
2013-09-15 15:22 - 2012-07-30 10:25 - 00002089 _____ C:\ProgramData\Desktop\MPC-HC.lnk
2013-09-15 15:22 - 2011-12-25 19:52 - 00000000 ____D C:\Program Files\Media Player Classic - Home Cinema
2013-09-15 14:58 - 2013-05-17 17:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\AIMP3
2013-09-15 14:58 - 2011-12-26 00:03 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Media Player Classic
2013-09-15 14:58 - 2011-12-25 18:41 - 00000000 ____D C:\Windows\Panther
2013-09-15 13:08 - 2013-09-15 13:08 - 00000000 ____D C:\FRST
2013-09-15 12:24 - 2013-09-15 17:20 - 01084047 _____ (Farbar) C:\Users\mikelsoft\Desktop\FRST.exe
2013-09-15 08:21 - 2009-07-14 06:34 - 00022048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-15 08:21 - 2009-07-14 06:34 - 00022048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-15 06:13 - 2011-12-25 19:01 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-15 06:03 - 2011-12-30 19:44 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\deluge
2013-09-15 06:01 - 2013-09-15 05:50 - 00000626 _____ C:\DelFix.txt
2013-09-15 06:00 - 2013-09-14 20:00 - 00000000 ____D C:\Windows\ERUNT
2013-09-14 21:05 - 2011-12-25 20:30 - 00000000 ____D C:\Program Files\ESET
2013-09-14 19:59 - 2013-09-14 19:11 - 00000000 ____D C:\Windows\erdnt
2013-09-14 19:50 - 2012-02-11 16:45 - 00000000 ____D C:\Program Files\GTK2-Runtime
2013-09-14 19:48 - 2013-09-14 19:48 - 00000000 ____D C:\Program Files\Deluge
2013-09-14 19:48 - 2011-12-30 19:57 - 00000941 _____ C:\Users\Public\Desktop\Deluge.lnk
2013-09-14 19:48 - 2011-12-30 19:57 - 00000941 _____ C:\ProgramData\Desktop\Deluge.lnk
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\NetworkService
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\LocalService
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\HomeGroupUser$
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\Agent
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\Acronis
2013-09-14 19:42 - 2012-10-01 16:41 - 00000000 ____D C:\Users\SYSTEM
2013-09-14 19:42 - 2012-10-01 16:41 - 00000000 ____D C:\Users\Gast
2013-09-14 19:42 - 2012-10-01 16:41 - 00000000 ____D C:\Users\Administrator
2013-09-14 19:42 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-09-14 19:42 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-09-14 19:39 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-09-14 19:10 - 2013-09-14 19:10 - 00000218 _____ C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2013-09-14 17:09 - 2013-09-14 17:09 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Malwarebytes
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:08 - 2013-09-14 17:07 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-14 16:49 - 2013-05-27 11:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-13 12:46 - 2013-08-09 13:52 - 00001124 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-13 12:46 - 2013-08-09 13:52 - 00001124 _____ C:\ProgramData\Desktop\TeamViewer 8.lnk
2013-09-13 12:43 - 2013-09-13 12:43 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Advanced
2013-09-13 12:43 - 2013-06-28 15:16 - 00000000 ____D C:\ProgramData\Advanced
2013-09-13 12:39 - 2013-01-06 18:53 - 00002074 _____ C:\Windows\epplauncher.mif
2013-09-12 00:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-11 23:47 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-11 23:00 - 2013-07-13 13:06 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 22:54 - 2011-12-25 19:12 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 22:10 - 2009-07-14 06:33 - 00267760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 22:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-11 22:07 - 2013-03-23 13:05 - 00000000 ____D C:\Program Files\BubbleUPnP Server
2013-09-10 22:41 - 2012-06-28 15:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-10 22:41 - 2011-12-25 19:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-10 15:06 - 2013-09-10 15:06 - 01380160 _____ (MPC-HC Team) C:\Windows\system32\VSFilter.dll
2013-09-07 20:03 - 2011-12-25 19:29 - 00000000 ____D C:\Program Files\CCleaner
2013-09-07 19:57 - 2011-12-25 19:29 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-07 19:57 - 2011-12-25 19:29 - 00000969 _____ C:\ProgramData\Desktop\CCleaner.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-09-07 19:50 - 2013-09-07 19:49 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2013-09-07 19:50 - 2013-01-16 23:30 - 00001799 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-09-07 19:50 - 2013-01-16 23:30 - 00001799 _____ C:\ProgramData\Desktop\Recuva.lnk
2013-09-07 19:50 - 2013-01-16 23:30 - 00000000 ____D C:\Program Files\Recuva
2013-09-07 19:50 - 2011-12-25 19:46 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\FileZilla
2013-09-07 12:14 - 2012-09-05 17:06 - 00016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-09-01 13:09 - 2011-12-25 22:50 - 00000000 ____D C:\ProgramData\Acronis
2013-08-31 11:47 - 2013-08-31 11:21 - 00000000 ___RD C:\acroldr
2013-08-31 11:16 - 2011-12-25 22:50 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Acronis
2013-08-31 11:15 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Acronis
2013-08-31 11:13 - 2013-08-31 11:13 - 00888640 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00736192 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00234752 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00130488 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00085280 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00081184 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2013-08-31 11:13 - 2011-12-25 22:52 - 00158496 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2013-08-31 11:13 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Common Files\Acronis
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\Users\Public\Desktop\True Image 2013.lnk
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\ProgramData\Desktop\True Image 2013.lnk
2013-08-31 11:02 - 2013-08-31 10:57 - 00001024 _____ C:\Windows\system32\AutoPartNt.let
2013-08-31 10:57 - 2013-08-31 10:57 - 02088288 _____ (Acronis) C:\Windows\system32\AutoPartNt.exe
2013-08-31 06:46 - 2012-06-27 18:49 - 00000000 ____D C:\Program Files\JDownloader
2013-08-30 23:34 - 2011-12-30 15:44 - 00000000 ____D C:\Program Files\XBMC
2013-08-26 11:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-08-26 00:58 - 2013-08-21 20:35 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\XBMC
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Program Files\Daum
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\ProgramData\Documents\hdsky.ini
2013-08-24 19:33 - 2013-07-21 14:27 - 00000000 ____D C:\Program Files\DVBViewer
2013-08-22 12:45 - 2012-01-05 22:12 - 00000589 _____ C:\Users\mikelsoft\Desktop\WampServer.lnk
2013-08-22 12:45 - 2012-01-05 22:11 - 00000000 ____D C:\wamp
2013-08-22 12:34 - 2012-09-03 19:15 - 00000000 ____D C:\MediaServer
2013-08-21 20:33 - 2013-08-21 20:33 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2013-08-21 16:54 - 2012-01-05 20:41 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Notepad++
2013-08-19 17:01 - 2013-08-19 17:01 - 00000000 ____D C:\Users\mikelsoft\.dvdcss
2013-08-19 17:01 - 2011-12-25 18:54 - 00000000 ____D C:\Users\mikelsoft
2013-08-19 13:02 - 2011-12-25 22:42 - 00000000 ____D C:\ProgramData\PMS
2013-08-19 01:47 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-19 01:45 - 2013-08-19 01:45 - 00330264 _____ (Intel Corporation) C:\Windows\system32\Drivers\IaStor.sys
2013-08-19 00:29 - 2013-06-04 20:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-18 11:24 - 2011-12-25 19:50 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\vlc
2013-08-18 00:17 - 2013-08-18 00:15 - 00000000 ____D C:\Program Files\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\mikelsoft\AppData\Local\temp\gtk2-runtime-2.16.6-2010-05-12-ash.exe
C:\Users\mikelsoft\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 00:18

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 15.09.2013, 20:11   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Post vom Abuse Team - Standard

Post vom Abuse Team




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.09.2013, 10:11   #9
inesa394
 
Post vom Abuse Team - Standard

Post vom Abuse Team



Oh das dauert aber jetzt habe mehrere Festplatten dort
verbaut und Rechner ist auch nicht der schnellste
HP Proliant AMD Neo

Meine Logs
Eset

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cbb3121ff2eea5429ce939e7fdb4788c
# engine=15132
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-15 03:43:54
# local_time=2013-09-15 05:43:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 4875324 130847825 0 0
# scanned=867130
# found=0
# cleaned=0
# scan_time=30983
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=cbb3121ff2eea5429ce939e7fdb4788c
# engine=15150
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-17 02:02:43
# local_time=2013-09-17 04:02:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 5042053 131014554 0 0
# scanned=1022581
# found=5
# cleaned=0
# scan_time=52419
sh=E9BE7F1EAF36789F40E996E76C3CE417BCAC6EEE ft=1 fh=3d1f89565fd1be2b vn="a variant of Win32/KeyLogger.iSafeKeylogger application" ac=I fn="G:\torrentq\download\Ecodsoft Keylogger v3.5.8 with keys [Eagerforcc]\ecodsoft-keylogger.exe"
         
Security Check

Code:
ATTFilter
Results of screen317's Security Check version 0.99.73  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 CCleaner     
 Java(TM) 6 Update 38  
 Java 7 Update 25  
 Adobe Flash Player 	11.8.800.168  
 Mozilla Firefox (23.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
und ein frisches FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-09-2013 03
Ran by mikelsoft (administrator) on MIKELSOFT-PC on 17-09-2013 14:24:05
Running from C:\Users\mikelsoft\Desktop
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server Interface.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe
(Acronis) G:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(CM&V Hackbart) C:\Program Files\DVBViewer\DVBVCtrl.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(FileZilla Project) C:\Program Files\FileZilla Server\FileZilla Server.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Acronis) C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe
(RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(CM & V) C:\Program Files\DVBViewer\DVBVservice.exe
() g:\Deluge\deluge.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [413464 2013-02-15] (Acronis)
HKLM\...\Run: [FileZilla Server Interface] - C:\Program Files\FileZilla Server\FileZilla Server Interface.exe [1044992 2012-02-26] (FileZilla Project)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [PowerDVD13Agent] - C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM\...\Run: [TrueImageMonitor.exe] - G:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM\...\Run: [AcronisTibMounterMonitor] - C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [DVBV Service Ctrl] - C:\Program Files\DVBViewer\DVBVCtrl.exe [87552 2012-04-11] (CM&V Hackbart)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKCU\...\Policies\Explorer: [NoDrives] 0
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3DAEE641B587CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{60DF89D1-1065-4913-84D6-E1ACCAE2CAD5}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\searchplugins\suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Forecastfox - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF Extension: Flagfox - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: WOT - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: DownloadHelper - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: canitbecheaper - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\canitbecheaper@trafficbroker.co.uk.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: No Name - C:\Users\mikelsoft\AppData\Roaming\Mozilla\Firefox\Profiles\sm15rvc6.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

========================== Services (Whitelisted) =================

S3 AcronisAgent; C:\Program Files\Common Files\Acronis\Agent\agent.exe [1914768 2010-11-30] (Acronis)
R3 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [831360 2013-02-15] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3816440 2013-08-31] (Acronis)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-03-28] (Advanced Micro Devices, Inc.)
S3 BubbleUPnP Server; C:\Program Files\BubbleUPnP Server\BubbleUPnPServer.exe [196608 2011-11-16] ()
R2 CLHNServiceForPowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-07-25] (CyberLink Corp.)
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-07-25] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-07-25] (CyberLink)
S3 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
S3 CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 DMS; C:\Program Files\Acronis\DiskDirectorAdvanced\mms.exe [4638352 2010-11-30] (Acronis)
R2 DVBVRecorder; C:\Program Files\DVBViewer\DVBVservice.exe [866944 2013-08-22] (CM & V)
R2 FileZilla Server; C:\Program Files\FileZilla Server\FileZilla Server.exe [632320 2012-02-26] (FileZilla Project)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7094592 2013-03-20] (Acronis)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [3458952 2012-05-29] (RealVNC Ltd)
S3 w7Svc; C:\Program Files\webcam 7\wService.exe [5094200 2012-03-26] (Moonware Studios)
S3 wampapache; c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe [18432 2011-09-26] (Apache Software Foundation)
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [8177664 2012-04-19] ()
S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480 2001-11-12] (X10)

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70824 2012-10-11] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [34984 2012-10-11] (Advanced Micro Devices)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [124504 2013-05-19] (SlySoft, Inc.)
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [48256 2012-04-09] (Advanced Micro Devices)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 DDBaseNg; C:\Windows\System32\DRIVERS\DDBaseNg.sys [70144 2013-02-20] (Digital Devices GmbH)
R3 DDCapture; C:\Windows\System32\DRIVERS\DDCapture.sys [14848 2013-02-20] (Digital Devices GmbH)
R3 DDTuner; C:\Windows\System32\DRIVERS\DDTuner.sys [135424 2013-02-20] (Digital Devices GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-09-07] (Disc Soft Ltd)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys [121208 2012-06-20] (Cyberlink Corp.)
S3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [11985920 2006-08-11] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-04] (Duplex Secure Ltd.)
S3 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [888640 2013-08-31] (Acronis International GmbH)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-11-11] (TeamViewer GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2013-08-31] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [130488 2013-08-31] (Acronis)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2013-08-31] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2013-08-31] (Acronis International GmbH)
R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2011-08-18] (RealVNC Ltd.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-07-06] (CyberLink Corp.)
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [88312 2012-07-05] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\MIKELS~1\AppData\Local\Temp\catchme.sys [x]
S3 GPU-Z; \??\C:\Users\MIKELS~1\AppData\Local\Temp\GPU-Z.sys [x]
S3 usbcamcl; system32\DRIVERS\usbcamcl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-17 12:42 - 2013-09-16 13:18 - 00891144 _____ C:\Users\mikelsoft\Desktop\SecurityCheck.exe
2013-09-16 14:48 - 2013-09-16 14:48 - 00000218 _____ C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2013-09-15 17:20 - 2013-09-15 12:24 - 01084047 _____ (Farbar) C:\Users\mikelsoft\Desktop\FRST.exe
2013-09-15 17:19 - 2013-09-15 17:19 - 00000629 _____ C:\Users\mikelsoft\Desktop\JRT.txt
2013-09-15 17:09 - 2013-09-15 17:09 - 01039554 _____ C:\Users\mikelsoft\Desktop\adwcleaner(2).exe
2013-09-15 17:09 - 2013-09-15 17:09 - 01029675 _____ (Thisisu) C:\Users\mikelsoft\Desktop\JRT(1).exe
2013-09-15 15:52 - 2013-09-15 15:52 - 00000000 ____D C:\Windows\system32\oodag
2013-09-15 15:43 - 2013-09-17 13:19 - 00000706 _____ C:\Windows\setupact.log
2013-09-15 15:43 - 2013-09-15 15:43 - 00000000 _____ C:\Windows\setuperr.log
2013-09-15 13:08 - 2013-09-15 13:08 - 00000000 ____D C:\FRST
2013-09-15 05:50 - 2013-09-15 06:01 - 00000626 _____ C:\DelFix.txt
2013-09-14 20:00 - 2013-09-15 06:00 - 00000000 ____D C:\Windows\ERUNT
2013-09-14 19:56 - 2013-09-15 17:13 - 00000000 ____D C:\AdwCleaner
2013-09-14 19:48 - 2013-09-14 19:48 - 00000000 ____D C:\Program Files\Deluge
2013-09-14 19:11 - 2013-09-14 19:59 - 00000000 ____D C:\Windows\erdnt
2013-09-14 17:09 - 2013-09-14 17:09 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Malwarebytes
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:07 - 2013-09-14 17:08 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-14 17:07 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-13 12:43 - 2013-09-13 12:43 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Advanced
2013-09-13 12:43 - 2013-04-05 21:26 - 01679360 _____ C:\Windows\system32\ac3filter.acm.new
2013-09-13 12:40 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-09-11 23:00 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 23:00 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 23:00 - 2013-08-10 05:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 23:00 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 23:00 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 23:00 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 21:50 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 21:50 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 21:50 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 21:50 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 21:50 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 21:50 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 21:50 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 21:50 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 21:50 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 15:06 - 2013-09-10 15:06 - 01380160 _____ (MPC-HC Team) C:\Windows\system32\VSFilter.dll
2013-09-07 19:59 - 2013-06-09 21:59 - 00216064 _____ C:\Windows\system32\gcapi_dll.dll
2013-09-07 19:54 - 2013-09-07 19:54 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-09-07 19:49 - 2013-09-07 19:50 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2013-08-31 11:13 - 2013-08-31 11:13 - 00888640 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00736192 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00234752 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00130488 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00085280 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00081184 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\Users\Public\Desktop\True Image 2013.lnk
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\ProgramData\Desktop\True Image 2013.lnk
2013-08-31 10:57 - 2013-08-31 11:02 - 00001024 _____ C:\Windows\system32\AutoPartNt.let
2013-08-31 10:57 - 2013-08-31 10:57 - 02088288 _____ (Acronis) C:\Windows\system32\AutoPartNt.exe
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Program Files\Daum
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\ProgramData\Documents\hdsky.ini
2013-08-21 20:35 - 2013-08-26 00:58 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\XBMC
2013-08-21 20:33 - 2013-08-21 20:33 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2013-08-19 17:01 - 2013-08-19 17:01 - 00000000 ____D C:\Users\mikelsoft\.dvdcss
2013-08-19 01:45 - 2013-08-19 01:45 - 00330264 _____ (Intel Corporation) C:\Windows\system32\Drivers\IaStor.sys
2013-08-18 00:15 - 2013-08-18 00:17 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-09-17 14:05 - 2011-12-25 20:04 - 00061768 _____ C:\Users\mikelsoft\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-17 14:04 - 2013-07-21 14:27 - 00000000 ____D C:\Program Files\DVBViewer
2013-09-17 13:41 - 2012-06-28 15:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-17 13:23 - 2009-07-14 06:34 - 00022048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-17 13:23 - 2009-07-14 06:34 - 00022048 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-17 13:19 - 2013-09-15 15:43 - 00000706 _____ C:\Windows\setupact.log
2013-09-17 13:19 - 2011-12-25 18:53 - 01160972 _____ C:\Windows\WindowsUpdate.log
2013-09-17 12:51 - 2013-07-21 14:27 - 00000981 _____ C:\Users\Public\Desktop\DVBViewer.lnk
2013-09-17 12:51 - 2013-07-21 14:27 - 00000981 _____ C:\ProgramData\Desktop\DVBViewer.lnk
2013-09-17 12:51 - 2011-12-25 19:01 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-17 12:44 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-17 11:56 - 2011-12-30 19:44 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\deluge
2013-09-16 15:18 - 2011-12-26 00:03 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Media Player Classic
2013-09-16 15:09 - 2011-12-25 18:54 - 00000000 ____D C:\Users\mikelsoft\AppData\Local\VirtualStore
2013-09-16 15:05 - 2013-06-28 15:16 - 00000000 ____D C:\ProgramData\Advanced
2013-09-16 14:48 - 2013-09-16 14:48 - 00000218 _____ C:\Users\mikelsoft\AppData\Local\recently-used.xbel
2013-09-16 14:48 - 2011-12-25 18:54 - 00000000 ____D C:\Users\mikelsoft
2013-09-16 14:47 - 2011-12-30 19:57 - 00000574 _____ C:\Users\Public\Desktop\Deluge.lnk
2013-09-16 14:47 - 2011-12-30 19:57 - 00000574 _____ C:\ProgramData\Desktop\Deluge.lnk
2013-09-16 14:18 - 2011-12-25 19:49 - 00000000 ____D C:\ProgramData\Win7codecs
2013-09-16 14:00 - 1658-05-12 09:38 - 00000000 ____D C:\systemtest
2013-09-16 13:58 - 2009-10-14 21:00 - 00000000 ____D C:\my download
2013-09-16 13:54 - 2011-12-25 19:00 - 00000000 ____D C:\download
2013-09-16 13:18 - 2013-09-17 12:42 - 00891144 _____ C:\Users\mikelsoft\Desktop\SecurityCheck.exe
2013-09-15 17:19 - 2013-09-15 17:19 - 00000629 _____ C:\Users\mikelsoft\Desktop\JRT.txt
2013-09-15 17:13 - 2013-09-14 19:56 - 00000000 ____D C:\AdwCleaner
2013-09-15 17:09 - 2013-09-15 17:09 - 01039554 _____ C:\Users\mikelsoft\Desktop\adwcleaner(2).exe
2013-09-15 17:09 - 2013-09-15 17:09 - 01029675 _____ (Thisisu) C:\Users\mikelsoft\Desktop\JRT(1).exe
2013-09-15 15:52 - 2013-09-15 15:52 - 00000000 ____D C:\Windows\system32\oodag
2013-09-15 15:43 - 2013-09-15 15:43 - 00000000 _____ C:\Windows\setuperr.log
2013-09-15 15:22 - 2012-07-30 10:25 - 00002089 _____ C:\Users\Public\Desktop\MPC-HC.lnk
2013-09-15 15:22 - 2012-07-30 10:25 - 00002089 _____ C:\ProgramData\Desktop\MPC-HC.lnk
2013-09-15 15:22 - 2011-12-25 19:52 - 00000000 ____D C:\Program Files\Media Player Classic - Home Cinema
2013-09-15 14:58 - 2013-05-17 17:12 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\AIMP3
2013-09-15 14:58 - 2011-12-25 18:41 - 00000000 ____D C:\Windows\Panther
2013-09-15 13:08 - 2013-09-15 13:08 - 00000000 ____D C:\FRST
2013-09-15 12:24 - 2013-09-15 17:20 - 01084047 _____ (Farbar) C:\Users\mikelsoft\Desktop\FRST.exe
2013-09-15 06:01 - 2013-09-15 05:50 - 00000626 _____ C:\DelFix.txt
2013-09-15 06:00 - 2013-09-14 20:00 - 00000000 ____D C:\Windows\ERUNT
2013-09-14 21:05 - 2011-12-25 20:30 - 00000000 ____D C:\Program Files\ESET
2013-09-14 19:59 - 2013-09-14 19:11 - 00000000 ____D C:\Windows\erdnt
2013-09-14 19:50 - 2012-02-11 16:45 - 00000000 ____D C:\Program Files\GTK2-Runtime
2013-09-14 19:48 - 2013-09-14 19:48 - 00000000 ____D C:\Program Files\Deluge
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\NetworkService
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\LocalService
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\HomeGroupUser$
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\Agent
2013-09-14 19:42 - 2012-10-01 17:01 - 00000000 ____D C:\Users\Acronis
2013-09-14 19:42 - 2012-10-01 16:41 - 00000000 ____D C:\Users\SYSTEM
2013-09-14 19:42 - 2012-10-01 16:41 - 00000000 ____D C:\Users\Gast
2013-09-14 19:42 - 2012-10-01 16:41 - 00000000 ____D C:\Users\Administrator
2013-09-14 19:42 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2013-09-14 19:42 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2013-09-14 19:39 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2013-09-14 17:09 - 2013-09-14 17:09 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Malwarebytes
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:08 - 2013-09-14 17:08 - 00001071 _____ C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-14 17:08 - 2013-09-14 17:07 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-14 16:49 - 2013-05-27 11:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-13 12:46 - 2013-08-09 13:52 - 00001124 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-09-13 12:46 - 2013-08-09 13:52 - 00001124 _____ C:\ProgramData\Desktop\TeamViewer 8.lnk
2013-09-13 12:43 - 2013-09-13 12:43 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Advanced
2013-09-13 12:39 - 2013-01-06 18:53 - 00002074 _____ C:\Windows\epplauncher.mif
2013-09-12 00:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-11 23:47 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-11 23:00 - 2013-07-13 13:06 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 22:54 - 2011-12-25 19:12 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 22:10 - 2009-07-14 06:33 - 00267760 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 22:09 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-11 22:07 - 2013-03-23 13:05 - 00000000 ____D C:\Program Files\BubbleUPnP Server
2013-09-10 22:41 - 2012-06-28 15:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-10 22:41 - 2011-12-25 19:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-10 15:06 - 2013-09-10 15:06 - 01380160 _____ (MPC-HC Team) C:\Windows\system32\VSFilter.dll
2013-09-07 20:03 - 2011-12-25 19:29 - 00000000 ____D C:\Program Files\CCleaner
2013-09-07 19:57 - 2011-12-25 19:29 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-07 19:57 - 2011-12-25 19:29 - 00000969 _____ C:\ProgramData\Desktop\CCleaner.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00243128 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00001900 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2013-09-07 19:54 - 2013-09-07 19:54 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-09-07 19:50 - 2013-09-07 19:49 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2013-09-07 19:50 - 2013-01-16 23:30 - 00001799 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-09-07 19:50 - 2013-01-16 23:30 - 00001799 _____ C:\ProgramData\Desktop\Recuva.lnk
2013-09-07 19:50 - 2013-01-16 23:30 - 00000000 ____D C:\Program Files\Recuva
2013-09-07 19:50 - 2011-12-25 19:46 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\FileZilla
2013-09-07 12:14 - 2012-09-05 17:06 - 00016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2013-09-01 13:09 - 2011-12-25 22:50 - 00000000 ____D C:\ProgramData\Acronis
2013-08-31 11:16 - 2011-12-25 22:50 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Acronis
2013-08-31 11:15 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Acronis
2013-08-31 11:13 - 2013-08-31 11:13 - 00888640 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tdrpman.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00736192 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00234752 _____ (Acronis) C:\Windows\system32\Drivers\afcdp.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00130488 _____ (Acronis) C:\Windows\system32\Drivers\tib_mounter.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00116000 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vididr.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00085280 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\vidsflt.sys
2013-08-31 11:13 - 2013-08-31 11:13 - 00081184 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2013-08-31 11:13 - 2011-12-25 22:52 - 00158496 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2013-08-31 11:13 - 2011-12-25 22:51 - 00000000 ____D C:\Program Files\Common Files\Acronis
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\Users\Public\Desktop\True Image 2013.lnk
2013-08-31 11:12 - 2013-08-31 11:12 - 00000866 _____ C:\ProgramData\Desktop\True Image 2013.lnk
2013-08-31 11:02 - 2013-08-31 10:57 - 00001024 _____ C:\Windows\system32\AutoPartNt.let
2013-08-31 10:57 - 2013-08-31 10:57 - 02088288 _____ (Acronis) C:\Windows\system32\AutoPartNt.exe
2013-08-31 06:46 - 2012-06-27 18:49 - 00000000 ____D C:\Program Files\JDownloader
2013-08-30 23:34 - 2011-12-30 15:44 - 00000000 ____D C:\Program Files\XBMC
2013-08-26 11:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-08-26 00:58 - 2013-08-21 20:35 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\XBMC
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
2013-08-25 14:38 - 2013-08-25 14:38 - 00000000 ____D C:\Program Files\Daum
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\Users\Public\Documents\hdsky.ini
2013-08-24 19:58 - 2013-08-24 19:58 - 00020819 _____ C:\ProgramData\Documents\hdsky.ini
2013-08-22 12:45 - 2012-01-05 22:12 - 00000589 _____ C:\Users\mikelsoft\Desktop\WampServer.lnk
2013-08-22 12:45 - 2012-01-05 22:11 - 00000000 ____D C:\wamp
2013-08-21 20:33 - 2013-08-21 20:33 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2013-08-21 16:54 - 2012-01-05 20:41 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\Notepad++
2013-08-19 17:01 - 2013-08-19 17:01 - 00000000 ____D C:\Users\mikelsoft\.dvdcss
2013-08-19 13:02 - 2011-12-25 22:42 - 00000000 ____D C:\ProgramData\PMS
2013-08-19 01:47 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-19 01:45 - 2013-08-19 01:45 - 00330264 _____ (Intel Corporation) C:\Windows\system32\Drivers\IaStor.sys
2013-08-19 00:29 - 2013-06-04 20:48 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-18 11:24 - 2011-12-25 19:50 - 00000000 ____D C:\Users\mikelsoft\AppData\Roaming\vlc
2013-08-18 00:17 - 2013-08-18 00:15 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 00:18

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

[/CODE]

wurde schon was gefunden was dem Spamversand entsprechen wurde ?

Danke

Hallo

Geht es noch weiter oder sind wir schon am Ende

cu

Alt 19.09.2013, 13:08   #10
inesa394
 
Post vom Abuse Team - Standard

Post vom Abuse Team



Hat man mich vergessen ???

Antwort

Themen zu Post vom Abuse Team
anwendung, anwendungen, download, e-mail, installation, mailserver, malwarebytes, microsoft, problem, prüfen, pup.optional.babylon.a, pup.optional.bprotector.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.somoto.a, pup.optional.startpage, rootkits, schutzsoftware, schädlinge, unbedingt, virenscanner, win32/keylogger, zugang



Ähnliche Themen: Post vom Abuse Team


  1. Email vom Abuse-Team der Telekom
    Plagegeister aller Art und deren Bekämpfung - 11.08.2015 (14)
  2. Bedep , Skinhole, Meldung Telekom Abuse Team
    Log-Analyse und Auswertung - 31.07.2015 (21)
  3. Brief von Telekom-Abuse-Team (Sinkhole)
    Log-Analyse und Auswertung - 01.07.2015 (7)
  4. Deutsche Telekom Abuse-Team - Infektion: generic
    Plagegeister aller Art und deren Bekämpfung - 25.04.2015 (19)
  5. Telekom Abuse Team, Infektion: generic
    Plagegeister aller Art und deren Bekämpfung - 01.03.2015 (13)
  6. Telekom Abuse Team - generic Trojaner/Virus
    Alles rund um Mac OSX & Linux - 20.02.2015 (9)
  7. Sicherheitswarnung Telekom Abuse Team
    Log-Analyse und Auswertung - 10.02.2015 (13)
  8. Telekom Abuse Team warnt vor Bedrohung.
    Plagegeister aller Art und deren Bekämpfung - 31.12.2014 (13)
  9. Sicherheitswarnung zum Internetzugang Abuse Team
    Plagegeister aller Art und deren Bekämpfung - 28.10.2014 (1)
  10. Sicherheitswarung Abuse Team
    Log-Analyse und Auswertung - 17.09.2013 (11)
  11. Brief von Telekom Abuse Team erhalten- Spamversand.
    Plagegeister aller Art und deren Bekämpfung - 06.07.2013 (18)
  12. Meldung vom web.de Abuse Team
    Log-Analyse und Auswertung - 21.02.2013 (13)
  13. Telekom Brief von Abuse-Team
    Plagegeister aller Art und deren Bekämpfung - 05.11.2012 (9)
  14. Telekom Brief (per Post) vom Abuse Team - PC 1
    Log-Analyse und Auswertung - 26.10.2012 (8)
  15. Web.de Abuse Team.....Heim PC auch betroffen?
    Plagegeister aller Art und deren Bekämpfung - 20.09.2012 (13)
  16. Mail von WEB.de Abuse Team...Echt oder Spam??
    Plagegeister aller Art und deren Bekämpfung - 17.09.2012 (13)
  17. Virus Warnung von web.de Abuse Team
    Plagegeister aller Art und deren Bekämpfung - 17.12.2010 (19)

Zum Thema Post vom Abuse Team - Hallo Habe Post vom Abuse Team erhalten mit folgenden Inhalt ------------------------------------------------------------------------------------------------ über Ihren Zugang wurden mittels direkter Einlieferung auf dem entsprechenden Mailserver sogenannte "Spamtraps" - das sind Fallen für infizierte - Post vom Abuse Team...
Archiv
Du betrachtest: Post vom Abuse Team auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.