Trojaner-Board - Qv06 Virus

so ich hoffe ich hab das richtig gemacht und habe dasshier entdeckt

HR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=ST1000LM014-1EJ164_W380468FXXXXW380468F&ts=1375409709

will ja auch was lernen :>
gefunden habe ich dies nach der anleitung in der FRST

bringt uns das weiter? :dankeschoen:

----------------FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2013 01

Ran by Itaris at 2013-08-16 19:16:41

Running from C:\Users\Itaris\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Installed Programs =======================
 

   

Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.1)

Adobe AIR (x32 Version: 3.7.0.2090)

Adobe Creative Suite 6 Master Collection (x32 Version: 6)

Adobe Help Manager (x32 Version: 4.0.244)

Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)

Adobe Widget Browser (x32 Version: 2.0 Build 348)

Adobe Widget Browser (x32 Version: 2.0.348)

AMD Accelerated Video Transcoding (Version: 12.10.100.30328)

AMD Catalyst Install Manager (Version: 8.0.911.0)

AMD Drag and Drop Transcoding (Version: 2.00.0000)

AMD Media Foundation Decoders (Version: 1.0.80328.2204)

Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0)

avast! Free Antivirus (x32 Version: 8.0.1489.0)

bl (x32 Version: 1.0.0)

Catalyst Control Center - Branding (x32 Version: 1.00.0000)

Catalyst Control Center (x32 Version: 2013.0328.2218.38225)

Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225)

Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225)

Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225)

CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225)

CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225)

CCC Help Czech (x32 Version: 2013.0328.2217.38225)

CCC Help Danish (x32 Version: 2013.0328.2217.38225)

CCC Help Dutch (x32 Version: 2013.0328.2217.38225)

CCC Help English (x32 Version: 2013.0328.2217.38225)

CCC Help Finnish (x32 Version: 2013.0328.2217.38225)

CCC Help French (x32 Version: 2013.0328.2217.38225)

CCC Help German (x32 Version: 2013.0328.2217.38225)

CCC Help Greek (x32 Version: 2013.0328.2217.38225)

CCC Help Hungarian (x32 Version: 2013.0328.2217.38225)

CCC Help Italian (x32 Version: 2013.0328.2217.38225)

CCC Help Japanese (x32 Version: 2013.0328.2217.38225)

CCC Help Korean (x32 Version: 2013.0328.2217.38225)

CCC Help Norwegian (x32 Version: 2013.0328.2217.38225)

CCC Help Polish (x32 Version: 2013.0328.2217.38225)

CCC Help Portuguese (x32 Version: 2013.0328.2217.38225)

CCC Help Russian (x32 Version: 2013.0328.2217.38225)

CCC Help Spanish (x32 Version: 2013.0328.2217.38225)

CCC Help Swedish (x32 Version: 2013.0328.2217.38225)

CCC Help Thai (x32 Version: 2013.0328.2217.38225)

CCC Help Turkish (x32 Version: 2013.0328.2217.38225)

ccc-utility64 (Version: 2013.0328.2218.38225)

Combat-Gaming Network 3.5.5.1 (x32 Version: 3.5.5.1)

Dota 2 (x32)

ffdshow v1.2.4422 [2012-04-09] (x32 Version: 1.2.4422.0)

Google Chrome (x32 Version: 28.0.1500.95)

Google Update Helper (x32 Version: 1.3.21.153)

HDvid Codec V1 (x32 Version: 1.27.153.8)

HDVidCodec (x32 Version: 2.1 Build 26473)

Inhaltsmanager-Assistent für PlayStation(R) (x32 Version: 2.50.6733.38)

Intel(R) Control Center (x32 Version: 1.2.1.1007)

Intel(R) Management Engine Components (x32 Version: 8.0.4.1441)

Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006)

Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220)

Intel® Trusted Connect Service Client (Version: 1.23.605.1)

itech Gaming Software 8.46 (Version: 8.46.27)

Lion Transformation Pack (x32 Version: 1.0)

Logitech Gaming Software (Version: 8.45.88)

LogMeIn Hamachi (x32 Version: 2.1.0.374)

Microsoft .NET Framework 4.5 (Version: 4.5.50709)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)

Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)

NVIDIA PhysX (x32 Version: 9.12.1031)

OpenOffice 4.0.0 (x32 Version: 4.00.9702)

PDF Settings CS6 (x32 Version: 11.0)

ph (x32 Version: 1.0.0)

Rainmeter (x32 Version: 3.0 beta r2012)

Realtek Ethernet Controller Driver (x32 Version: 7.52.203.2012)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6602)

Skype™ 6.6 (x32 Version: 6.6.106)

Steam (x32 Version: 1.0.0.0)

swMSM (x32 Version: 12.0.0.1)

TeamSpeak 3 Client (Version: 3.0.11.1)

Virtual Audio Cable 4.10

WinRAR 4.20 (64-Bit) (Version: 4.20.0)
 

==================== Restore Points  =========================
 

13-08-2013 07:21:17 Windows Update

13-08-2013 12:54:52 Installed DirectX

13-08-2013 12:55:08 Installed Microsoft XNA Framework Redistributable 3.1

15-08-2013 00:41:25 Windows Update

15-08-2013 18:11:03 Installed DirectX

16-08-2013 16:28:54 Removed Skype Click to Call
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0F85DBAA-EE71-45E9-AD1A-FA1FBEE68282} - System32\Tasks\HDvid Codec V1-enabler => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-enabler.exe [2013-08-02] (installdaddy)

Task: {2438A788-1A2B-4075-9BE9-447BB3070151} - System32\Tasks\HDvid Codec V1-updater => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-updater.exe [2013-08-02] (installdaddy)

Task: {53780264-588B-46E2-A648-FD47D45861C0} - System32\Tasks\HDvid Codec V1-codedownloader => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-codedownloader.exe [2013-08-02] (installdaddy)

Task: {62D521D9-1903-47F5-B1AC-D65DFA49434F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-17] (Google Inc.)

Task: {8A6BBF5C-25EA-480C-8B96-DBF954D6D9C2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)

Task: {A1599284-AACC-4CED-BCE0-7E1F87DCCCB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-17] (Google Inc.)

Task: {A8E5AEE2-1DA1-44EB-BE29-9E4AA7119FDB} - System32\Tasks\AdobeAAMUpdater-1.0-Itaris-PC-Itaris => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)

Task: {BE81A10D-B95F-4593-B266-BD4E9D2756D6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)

Task: {E21C43B5-D8A1-43B5-A1A8-7454A319172B} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe No File

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HDvid Codec V1-codedownloader.job => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-codedownloader.exe

Task: C:\Windows\Tasks\HDvid Codec V1-enabler.job => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-enabler.exe

Task: C:\Windows\Tasks\HDvid Codec V1-updater.job => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-updater.exe
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (08/16/2013 10:17:54 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/15/2013 08:10:20 PM) (Source: Application Hang) (User: )

Description: The program SDTools.exe version 2.1.18.150 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 

Process ID: 84c
 

Start Time: 01ce99e29ff9afeb
 

Termination Time: 2
 

Application Path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exe
 

Report Id: f0e3f504-05d5-11e3-acc7-10bf48881547
 

Error: (08/15/2013 07:34:42 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/15/2013 00:00:48 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/14/2013 11:32:29 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/13/2013 05:26:22 PM) (Source: Application Error) (User: )

Description: Faulting application name: CMADownloader.exe, version: 2.50.6733.20, time stamp: 0x51b82861

Faulting module name: CMADownloader.exe, version: 2.50.6733.20, time stamp: 0x51b82861

Exception code: 0xc0000417

Fault offset: 0x000105e1

Faulting process id: 0x1974

Faulting application start time: 0xCMADownloader.exe0

Faulting application path: CMADownloader.exe1

Faulting module path: CMADownloader.exe2

Report Id: CMADownloader.exe3
 

Error: (08/13/2013 10:48:38 AM) (Source: Application Error) (User: )

Description: Faulting application name: eGdpSvc.exe, version: 1.0.0.2598, time stamp: 0x51f8b0ad

Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f

Exception code: 0xc0000005

Fault offset: 0x00039342

Faulting process id: 0x6e0

Faulting application start time: 0xeGdpSvc.exe0

Faulting application path: eGdpSvc.exe1

Faulting module path: eGdpSvc.exe2

Report Id: eGdpSvc.exe3
 

Error: (08/13/2013 09:05:52 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/12/2013 01:48:48 PM) (Source: Application Error) (User: )

Description: Windows cannot access the file  for one of the following reasons:

there is a problem with the network connection, the disk that the file is stored on, or the storage

drivers installed on this computer; or the disk is missing.

Windows closed the program Rainmeter because of this error.
 

Program: Rainmeter

File: 
 

The error value is listed in the Additional Data section.

User Action

1. Open the file again.

This situation might be a temporary problem that corrects itself when the program runs again.

2.

If the file still cannot be accessed and

        - It is on the network,

your network administrator should verify that there is not a problem with the network and that the server can be contacted.

        - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.

3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.

4. If the problem persists, restore the file from a backup copy.

5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for

further assistance.
 

Additional Data

Error value: 00000000

Disk type: 0
 

Error: (08/12/2013 01:48:48 PM) (Source: Application Error) (User: )

Description: Faulting application name: Rainmeter.exe, version: 3.0.0.2012, time stamp: 0x51e2ac6a

Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c92c

Exception code: 0xc0000096

Fault offset: 0x0000000000182948

Faulting process id: 0x147c

Faulting application start time: 0xRainmeter.exe0

Faulting application path: Rainmeter.exe1

Faulting module path: Rainmeter.exe2

Report Id: Rainmeter.exe3
 
 

System errors:

=============

Error: (08/16/2013 10:17:43 AM) (Source: Service Control Manager) (User: )

Description: The Wsys Service service hung on starting.
 

Error: (08/15/2013 07:34:27 PM) (Source: Service Control Manager) (User: )

Description: The Wsys Service service hung on starting.
 

Error: (08/15/2013 07:33:03 PM) (Source: EventLog) (User: )

Description: The previous system shutdown at 19:26:54 on ‎15.‎08.‎2013 was unexpected.
 

Error: (08/15/2013 00:00:34 PM) (Source: Service Control Manager) (User: )

Description: The avast! Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 

Error: (08/15/2013 00:00:30 PM) (Source: Service Control Manager) (User: )

Description: The Wsys Service service hung on starting.
 

Error: (08/14/2013 11:32:24 AM) (Source: Service Control Manager) (User: )

Description: The Wsys Service service hung on starting.
 

Error: (08/13/2013 10:48:38 AM) (Source: Service Control Manager) (User: )

Description: The Wsys Service service terminated unexpectedly.  It has done this 1 time(s).
 

Error: (08/13/2013 09:05:42 AM) (Source: Service Control Manager) (User: )

Description: The avast! Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 

Error: (08/13/2013 09:05:32 AM) (Source: Service Control Manager) (User: )

Description: The Wsys Service service hung on starting.
 

Error: (08/12/2013 00:53:29 PM) (Source: Service Control Manager) (User: )

Description: The avast! Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
 

Microsoft Office Sessions:

=========================

Error: (08/16/2013 10:17:54 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/15/2013 08:10:20 PM) (Source: Application Hang)(User: )

Description: SDTools.exe2.1.18.15084c01ce99e29ff9afeb2C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exef0e3f504-05d5-11e3-acc7-10bf48881547
 

Error: (08/15/2013 07:34:42 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/15/2013 00:00:48 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/14/2013 11:32:29 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/13/2013 05:26:22 PM) (Source: Application Error)(User: )

Description: CMADownloader.exe2.50.6733.2051b82861CMADownloader.exe2.50.6733.2051b82861c0000417000105e1197401ce9839765fa1bfC:\Program Files (x86)\Sony\Content Manager Assistant\CMADownloader.exeC:\Program Files (x86)\Sony\Content Manager Assistant\CMADownloader.exeb4d5f7dd-042c-11e3-922b-10bf48881547
 

Error: (08/13/2013 10:48:38 AM) (Source: Application Error)(User: )

Description: eGdpSvc.exe1.0.0.259851f8b0adole32.dll6.1.7601.175144ce7b96fc0000005000393426e001ce97f350361746C:\ProgramData\eSafe\eGdpSvc.exeC:\Windows\syswow64\ole32.dll2509a38c-03f5-11e3-922b-10bf48881547
 

Error: (08/13/2013 09:05:52 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (08/12/2013 01:48:48 PM) (Source: Application Error)(User: )

Description: Rainmeter000000000
 

Error: (08/12/2013 01:48:48 PM) (Source: Application Error)(User: )

Description: Rainmeter.exe3.0.0.201251e2ac6aole32.dll6.1.7601.175144ce7c92cc00000960000000000182948147c01ce974a98e96aa9C:\Program Files\Rainmeter\Rainmeter.exeC:\Windows\system32\ole32.dll25a719fe-0345-11e3-8958-10bf48881547
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 39%

Total physical RAM: 8145.48 MB

Available physical RAM: 4944.53 MB

Total Pagefile: 16289.15 MB

Available Pagefile: 12063.82 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:931.51 GB) (Free:816.32 GB) NTFS

Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive e: (Haupt) (Fixed) (Total:232.88 GB) (Free:56.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive f: (old) (Fixed) (Total:232.88 GB) (Free:75.65 GB) NTFS

Drive g: (Musik /filme) (Fixed) (Total:297.99 GB) (Free:33.15 GB) NTFS

Drive h: (Windows 7 Ultimate - 32 Bit (Aut) (CDROM) (Total:3.48 GB) (Free:0 GB) UDF
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A56A442F)

Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: E5CAE5CA)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: B732B732)

Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
 

========================================================

Disk: 3 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 2AFF8C51)

Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
 

==================== End Of Log ==================

--- --- ---

so :)

frst

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-08-2013 01

Ran by Itaris at 2013-08-16 22:19:21 Run:1

Running from C:\Users\Itaris\Desktop

Boot Mode: Normal

==============================================
 

Content of fixlist:

*****************

R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [301120 2013-08-16] (Wsys Co., Ltd.)

C:\ProgramData\eSafe\

*****************
 

WsysSvc => Service deleted successfully.

C:\ProgramData\eSafe\ => Moved successfully.
 
 

The system needs a manual reboot. 
 

==== End of Fixlog ====

------------------------------------------------------

JrtJRT Logfile:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.4.6 (08.15.2013:1)

OS: Windows 7 Ultimate x64

Ran by Itaris on 16.08.2013 at 22:22:59,43

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 

Successfully stopped: [Service] wsyssvc 

Successfully deleted: [Service] wsyssvc 
 
 
 

~~~ Registry Values
 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4001792419-3351727207-731353116-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.BHO

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.BHO.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.Sandbox

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.Sandbox.1

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311431162}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322432262}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355435562}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366436662}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344434462}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311431162}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322432262}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550355435562}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366436662}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344434462}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.BHO

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.BHO.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.Sandbox

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.Sandbox.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355435562}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366436662}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344434462}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311431162}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550355435562}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366436662}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440344434462}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
 
 
 

~~~ Files
 

Successfully deleted: [File] "C:\Windows\wininit.ini"

Successfully disinfected: [Shortcut] C:\Users\Itaris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

Successfully disinfected: [Shortcut] C:\Users\Itaris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

Successfully disinfected: [Shortcut] C:\Users\Itaris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

Successfully disinfected: [Shortcut] C:\Users\Itaris\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk

Successfully disinfected: [Shortcut] C:\Users\Itaris\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
 
 
 

~~~ Folders
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 16.08.2013 at 22:26:18,22

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

Code:

Zoek.exe Version 4.0.0.4 Updated 10-August-2013

Tool run by Itaris on 16.08.2013 at 22:52:29,90.

Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Itaris\Downloads\zoek (1).exe     [Quick Scan] [Auto Clean]
 

==== System Restore Info ======================
 

16.08.2013 22:56:16 Zoek.exe System Restore Point Created Succesfully.
 

==== Deleting CLSID Registry Keys ======================
 
 

==== Deleting CLSID Registry Values ======================
 
 

==== Deleting Services ======================
 
 

==== Deleting Files \ Folders ======================
 

"C:\Users\Itaris\Downloads\codec_pack_306758_ch.exe" deleted

"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted

"C:\Program Files (x86)\Common Files\337" deleted

"C:\Program Files (x86)\hdvidcodec.com" deleted

"C:\Users\Itaris\AppData\Roaming\eIntaller" deleted

"C:\ProgramData\Package Cache" deleted

"C:\Users\Itaris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com" deleted
 

==== Files Recently Created / Modified ======================
 

====== C:\Windows ====

2013-07-26 05:20:16        EB011A3D4B53B6F09F851EB1D1E03E93        2768896        ----a-w-        C:\Windows\explorer.exe

2013-07-26 05:20:16        CF2E5761A86E64620C514CBD70CC9820        576000        ----a-w-        C:\Windows\regedit.exe

2013-07-26 05:19:53        04810EC57CBBDD1F047C8217B9F6C092        118845        ----a-w-        C:\Windows\Flurry.scr

2013-07-19 15:12:02        59A56044F9E68FCD8056FAAAEAAAA615        8089        ----a-w-        C:\Windows\w7dse.reg

2013-07-19 15:12:02        09E20C70FD5C56210BB7C308ED10E021        8107        ----a-w-        C:\Windows\w7dsd.reg

2013-07-17 21:47:24        127AA81343A7C6F665C22CB1293B0A90        67072        ----a-w-        C:\Windows\splwow64.exe

====== C:\Users\Itaris\AppData\Local\Temp ====

2013-08-16 13:20:34        D41D8CD98F00B204E9800998ECF8427E        0        ----a-w-        C:\Users\Itaris\AppData\Local\Temp\SHSetup.exe

====== C:\Windows\SysWOW64 =====

2013-08-15 18:13:01        91B4AAD4412BB223B466F3DFB43E86DA        452440        ----a-w-        C:\Windows\SysWOW64\d3dx10_40.dll

2013-08-15 18:13:01        3384134EEB8F223178C2EB8323003EC0        2036576        ----a-w-        C:\Windows\SysWOW64\D3DCompiler_40.dll

2013-08-15 18:12:59        EEA5E428CE63804F9B12D21C97B5968F        4379984        ----a-w-        C:\Windows\SysWOW64\D3DX9_40.dll

2013-08-15 00:43:46        C9BFFA62DFBF0317AECE707B39C4BF25        391168        ----a-w-        C:\Windows\SysWOW64\ieui.dll

2013-08-15 00:43:46        A484F9DB744849C0B32DD1CE73A94F62        2706432        ----a-w-        C:\Windows\SysWOW64\mshtml.tlb

2013-08-15 00:43:45        D0E0086BA353C379DCFE8624E8B8F17A        2048512        ----a-w-        C:\Windows\SysWOW64\iertutil.dll

2013-08-15 00:43:45        BC90EED56A5C77168A8D6F0C4221D7CB        71680        ----a-w-        C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-15 00:43:45        AF6A6C16ACAD816B48714AE7A4082D89        61440        ----a-w-        C:\Windows\SysWOW64\iesetup.dll

2013-08-15 00:43:45        8A5BD908D421BEE82941EF8ABD8B4F09        33280        ----a-w-        C:\Windows\SysWOW64\iernonce.dll

2013-08-15 00:43:45        37730C04B543536D971B3F157415EFF5        109056        ----a-w-        C:\Windows\SysWOW64\iesysprep.dll

2013-08-15 00:43:44        45C118A1E03182365CB568F99B81A473        493056        ----a-w-        C:\Windows\SysWOW64\msfeeds.dll

2013-08-15 00:43:44        1C83426A51AD83B5E788B6CF143B48D8        690688        ----a-w-        C:\Windows\SysWOW64\jscript.dll

2013-08-15 00:43:43        AC8C3591D536D1CCB62EDCBEA88140B3        2877440        ----a-w-        C:\Windows\SysWOW64\jscript9.dll

2013-08-15 00:43:43        059FC59F97A6220C46A612A9470A00B3        1141248        ----a-w-        C:\Windows\SysWOW64\urlmon.dll

2013-08-15 00:43:42        DAA3903F06116AE9EE7AC1D1B93684A4        1767936        ----a-w-        C:\Windows\SysWOW64\wininet.dll

2013-08-15 00:43:42        49EB7DE3A1CCCE9D0873DE9114810113        39936        ----a-w-        C:\Windows\SysWOW64\jsproxy.dll

2013-08-15 00:43:41        E9BCB6728DD04412BF87F03DB00DE1CF        13761024        ----a-w-        C:\Windows\SysWOW64\ieframe.dll

2013-08-15 00:43:38        E631B408882F8320739F6E0CAF444397        14329344        ----a-w-        C:\Windows\SysWOW64\mshtml.dll

2013-08-14 09:40:24        AE8EB083B050E17A7D6EB5E28AECDDD6        1166848        ----a-w-        C:\Windows\SysWOW64\crypt32.dll

2013-08-14 09:40:24        7CA1BECEA5DE2643ADDAD32670E7A4C9        140288        ----a-w-        C:\Windows\SysWOW64\cryptsvc.dll

2013-08-14 09:40:24        7B851A8018B1EA00A69707A390004884        103936        ----a-w-        C:\Windows\SysWOW64\cryptnet.dll

2013-08-14 09:40:24        68EAAEDF0365168B804E8728368FA946        175104        ----a-w-        C:\Windows\SysWOW64\wintrust.dll

2013-08-14 09:40:20        D5E18BA95F9E7D787D25EF07AC68603E        2048        ----a-w-        C:\Windows\SysWOW64\tzres.dll

2013-08-14 09:40:18        4DC999CED9429939D75682EBD7D48901        663552        ----a-w-        C:\Windows\SysWOW64\rpcrt4.dll

2013-08-14 09:40:18        0805487A6036A9F9C4E7AF7FEF835529        1620992        ----a-w-        C:\Windows\SysWOW64\WMVDECOD.DLL

2013-08-14 09:40:17        9FA7BF625122CCAC90FCD307174D8CF3        3913664        ----a-w-        C:\Windows\SysWOW64\ntoskrnl.exe

2013-08-14 09:40:16        DD5F17D44E9966E7EA447AE8C4D12D6C        3968960        ----a-w-        C:\Windows\SysWOW64\ntkrnlpa.exe

2013-08-14 09:40:16        528D298F9914C558EA7A9809BE598E65        1292192        ----a-w-        C:\Windows\SysWOW64\ntdll.dll

2013-08-14 09:40:15        D313AE69128A75367AA36E15522931F6        7680        ----a-w-        C:\Windows\SysWOW64\instnm.exe

2013-08-14 09:40:15        CFEEF3185342ADEAE1E77A017052565B        2048        ----a-w-        C:\Windows\SysWOW64\user.exe

2013-08-14 09:40:15        77F5D2CB80697EB96C45E79A869A6FAC        14336        ----a-w-        C:\Windows\SysWOW64\ntvdm64.dll

2013-08-14 09:40:15        4E77948A7BD16BA5724EC79C60176B03        5120        ----a-w-        C:\Windows\SysWOW64\wow32.dll

2013-08-14 09:40:15        3EED15C223E139C3A28B458800E52BF3        25600        ----a-w-        C:\Windows\SysWOW64\setup16.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-08-15 18:13:01        862586AD4B1355F7DCDE111EE0AAF350        519000        ----a-w-        C:\Windows\Sysnative\d3dx10_40.dll

2013-08-15 18:13:01        37309B833480DC69FDE7DB68F9B8BC20        2605920        ----a-w-        C:\Windows\Sysnative\D3DCompiler_40.dll

2013-08-15 18:12:59        29A79F0B607FAF5722D7BAF2485F632A        5631312        ----a-w-        C:\Windows\Sysnative\D3DX9_40.dll

2013-08-15 00:43:46        69F5E016A98CE1908DB08382F2ACF882        526336        ----a-w-        C:\Windows\Sysnative\ieui.dll

2013-08-15 00:43:46        3A2FD42F11CD325A4ACAFE7FB0EEA83A        2706432        ----a-w-        C:\Windows\Sysnative\mshtml.tlb

2013-08-15 00:43:45        D8CC9A20C517A54678363C4C77B930A4        136704        ----a-w-        C:\Windows\Sysnative\iesysprep.dll

2013-08-15 00:43:45        963B29E0EFB20D66436214DB7C43D7F7        67072        ----a-w-        C:\Windows\Sysnative\iesetup.dll

2013-08-15 00:43:45        6C8BDC9F16943D626DFE8A987BCCFD20        51712        ----a-w-        C:\Windows\Sysnative\ie4uinit.exe

2013-08-15 00:43:45        65546D87F7A78AB31841A536456CB94D        2647040        ----a-w-        C:\Windows\Sysnative\iertutil.dll

2013-08-15 00:43:45        622C7C8D39609FCEACE3508715D48C7F        39936        ----a-w-        C:\Windows\Sysnative\iernonce.dll

2013-08-15 00:43:45        28C2F8C7DBE11AA3DA041D35F4E59481        89600        ----a-w-        C:\Windows\Sysnative\RegisterIEPKEYs.exe

2013-08-15 00:43:44        8C12653BEA781902AA60E4A855A55D5C        603136        ----a-w-        C:\Windows\Sysnative\msfeeds.dll

2013-08-15 00:43:44        5A7FA01EEC393A3E0D0F3EBAA1FD959E        3958784        ----a-w-        C:\Windows\Sysnative\jscript9.dll

2013-08-15 00:43:44        16FE878530FDFC9AB08B7FFC32335958        855552        ----a-w-        C:\Windows\Sysnative\jscript.dll

2013-08-15 00:43:43        289C5E0A386E7B6CA9539D66D15E22CC        1365504        ----a-w-        C:\Windows\Sysnative\urlmon.dll

2013-08-15 00:43:42        AC155DD9BD1E6D3B740826A4D1C68AAE        2241024        ----a-w-        C:\Windows\Sysnative\wininet.dll

2013-08-15 00:43:42        04DE09B1E287F6DC5C7FD655B6E84AB9        53760        ----a-w-        C:\Windows\Sysnative\jsproxy.dll

2013-08-15 00:43:40        396889142BD839DB8A055A0BE0AD2F79        19239424        ----a-w-        C:\Windows\Sysnative\mshtml.dll

2013-08-14 09:40:24        A6B726DCA228F7878E38368A1BDC68BE        139776        ----a-w-        C:\Windows\Sysnative\cryptnet.dll

2013-08-14 09:40:24        959041D7014C97133D859B45BCA0FC58        224256        ----a-w-        C:\Windows\Sysnative\wintrust.dll

2013-08-14 09:40:24        6B400F211BEE880A37A1ED0368776BF4        184320        ----a-w-        C:\Windows\Sysnative\cryptsvc.dll

2013-08-14 09:40:24        287998A9BA0140ABB59792CDEB2F8483        1472512        ----a-w-        C:\Windows\Sysnative\crypt32.dll

2013-08-14 09:40:20        B3CA3253009D26666F5BCB16E77D2618        2048        ----a-w-        C:\Windows\Sysnative\tzres.dll

2013-08-14 09:40:18        D29200AB0B37B7293C6942EAF755295E        1888768        ----a-w-        C:\Windows\Sysnative\WMVDECOD.DLL

2013-08-14 09:40:18        26036E228D2467DE6975AD819C22C043        1217024        ----a-w-        C:\Windows\Sysnative\rpcrt4.dll

2013-08-14 09:40:16        D6180FBBADA79BC28E5FD8187EBE7F64        243712        ----a-w-        C:\Windows\Sysnative\wow64.dll

2013-08-14 09:40:16        C19DCA1024135D5485E25AB1047F77BC        5550528        ----a-w-        C:\Windows\Sysnative\ntoskrnl.exe

2013-08-14 09:40:16        8E45DD84F8F786B2DB94AD95225B9246        1732032        ----a-w-        C:\Windows\Sysnative\ntdll.dll

====== C:\Windows\Sysnative\drivers =====

2013-08-14 09:40:14        DB74544B75566C974815E79A62433F29        1910208        ----a-w-        C:\Windows\Sysnative\drivers\tcpip.sys

2013-08-14 09:40:14        4CE278FC9671BA81A138D70823FCAA09        39936        ----a-w-        C:\Windows\Sysnative\drivers\tssecsrv.sys

2013-08-01 17:04:17        E86C64478D9A90D62255FE9EB0150C6E        175        ----a-w-        C:\Windows\Sysnative\drivers\aswVmm.sys.sum

2013-08-01 17:04:17        A5F29AC2F0ADE8B995B49D7350CE3AC0        175        ----a-w-        C:\Windows\Sysnative\drivers\aswSP.sys.sum

2013-08-01 17:04:17        2E83D2621E87C493AB45DC6655BA77D4        175        ----a-w-        C:\Windows\Sysnative\drivers\aswSnx.sys.sum

2013-07-29 08:11:47        D41D8CD98F00B204E9800998ECF8427E        0        ---ha-w-        C:\Windows\Sysnative\drivers\Msft_Kernel_SaiK1713_01009.Wdf

2013-07-28 18:17:28        F4C086E8E5AA8489E3476BCD40F7542D        10224        ------w-        C:\Windows\Sysnative\drivers\cdr4_xp.sys

2013-07-28 18:17:28        C8EBA97A3C9B64282E8A57E909F1B390        10224        ------w-        C:\Windows\Sysnative\drivers\cdralw2k.sys

2013-07-28 18:17:28        BC08F7F3C53CBEE68670ED1314E290FD        56208        ------w-        C:\Windows\Sysnative\drivers\PxHlpa64.sys

2013-07-25 16:08:35        D41D8CD98F00B204E9800998ECF8427E        0        ---ha-w-        C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_09_00.Wdf

2013-07-22 12:38:32        D41D8CD98F00B204E9800998ECF8427E        0        ---ha-w-        C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2013-07-21 19:03:13        932C05033053ADA2404FD836C9AB2C70        66728        ----a-w-        C:\Windows\Sysnative\drivers\vrtaucbl.sys

2013-07-17 21:54:20        D41D8CD98F00B204E9800998ECF8427E        0        ---ha-w-        C:\Windows\Sysnative\drivers\Msft_Kernel_dc3d_01011.Wdf

2013-07-17 21:54:19        D41D8CD98F00B204E9800998ECF8427E        0        ---ha-w-        C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf

2013-07-17 21:53:40        AEA0A67275CFBA0E463E00C6E9A1DDAE        54376        ----a-w-        C:\Windows\Sysnative\drivers\WdfLdr.sys

2013-07-17 21:53:40        933222B19FF3E7EA5F65517EA1F7D57E        3        ----a-w-        C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2013-07-17 21:53:40        442783E2CB0DA19873B7A63833FF4CB4        785512        ----a-w-        C:\Windows\Sysnative\drivers\Wdf01000.sys

2013-07-17 21:53:15        EF4469AB69EB15E5D3754E6AEAFBCD3D        29696        ----a-w-        C:\Windows\Sysnative\drivers\terminpt.sys

2013-07-17 21:53:15        AD64450A4ABE076F5CB34CC08EEACB07        30208        ----a-w-        C:\Windows\Sysnative\drivers\TsUsbGD.sys

2013-07-17 21:53:15        313F68E1A3E6345A4F47A36B07062F34        19456        ----a-w-        C:\Windows\Sysnative\drivers\rdpvideominiport.sys

2013-07-17 21:53:15        17C6B51CBCCDED95B3CC14E22791F85E        57856        ----a-w-        C:\Windows\Sysnative\drivers\TsUsbFlt.sys

2013-07-17 21:51:39        DDA4CAF29D8C0A297F886BFE561E6659        198656        ----a-w-        C:\Windows\Sysnative\drivers\WUDFRd.sys

2013-07-17 21:51:39        AB886378EEB55C6C75B4F2D14B6C869F        87040        ----a-w-        C:\Windows\Sysnative\drivers\WUDFPf.sys

2013-07-17 21:51:39        933222B19FF3E7EA5F65517EA1F7D57E        3        ----a-w-        C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2013-07-17 21:49:50        D41D8CD98F00B204E9800998ECF8427E        0        ---ha-w-        C:\Windows\Sysnative\drivers\Msft_Kernel_dc3d_01009.Wdf

2013-07-17 21:49:08        AAFCB52FE0037207FB6FBEA070D25EFE        458712        ----a-w-        C:\Windows\Sysnative\drivers\cng.sys

2013-07-17 21:49:08        7EFB9333E4ECCE6AE4AE9D777D9E553E        154480        ----a-w-        C:\Windows\Sysnative\drivers\ksecpkg.sys

2013-07-17 21:49:06        1B16D0BD9841794A6E0CDE0CEF744ABC        45568        ----a-w-        C:\Windows\Sysnative\drivers\tcpipreg.sys

2013-07-17 21:48:58        760E38053BF56E501D562B70AD796B88        950128        ----a-w-        C:\Windows\Sysnative\drivers\ndis.sys

2013-07-17 21:48:58        0E01641D96889BDEB22DE12D30575B08        41472        ----a-w-        C:\Windows\Sysnative\drivers\RNDISMP.sys

2013-07-17 21:48:57        9BBD8B5855BC6578957F82341F9CDE5A        27520        ----a-w-        C:\Windows\Sysnative\drivers\Diskdump.sys

2013-07-17 21:48:29        8F6322049018354F45F05A2FD2D4E5E0        223752        ----a-w-        C:\Windows\Sysnative\drivers\fvevol.sys

2013-07-17 21:25:46        6BD9295CC032DD3077C671FCCF579A7B        23408        ----a-w-        C:\Windows\Sysnative\drivers\fs_rec.sys

2013-07-17 21:24:05        92B3172E8C14C1444682F510843A9988        19968        ----a-w-        C:\Windows\Sysnative\drivers\usb8023.sys

2013-07-17 21:23:39        B98F8C6E31CD07B2E6F71F7F648E38C0        1656680        ----a-w-        C:\Windows\Sysnative\drivers\ntfs.sys

2013-07-17 21:23:37        D711B3C1D5F42C0C2415687BE09FC163        288768        ----a-w-        C:\Windows\Sysnative\drivers\mrxsmb10.sys

2013-07-17 21:23:37        A5D9106A73DC88564C825D317CAC68AC        158208        ----a-w-        C:\Windows\Sysnative\drivers\mrxsmb.sys

2013-07-17 21:23:37        9423E9D355C8D303E76B8CFBD8A5C30C        128000        ----a-w-        C:\Windows\Sysnative\drivers\mrxsmb20.sys

2013-07-17 21:23:30        AF2E16242AA723F68F461B6EAE2EAD3D        983400        ----a-w-        C:\Windows\Sysnative\drivers\dxgkrnl.sys

2013-07-17 21:23:30        1F04CFB79DD5FB7694468CE3FB3DCC31        265064        ----a-w-        C:\Windows\Sysnative\drivers\dxgmms1.sys

2013-07-17 21:23:23        E61608AA35E98999AF9AAEEEA6114B0A        210944        ----a-w-        C:\Windows\Sysnative\drivers\rdpwd.sys

2013-07-17 21:23:22        B4ADEBBF5E3677CCE9651E0F01F7CC28        410112        ----a-w-        C:\Windows\Sysnative\drivers\srv2.sys

2013-07-17 21:23:22        7942B7AC3FF598F8A1736D51ADAF04E8        376688        ----a-w-        C:\Windows\Sysnative\drivers\netio.sys

2013-07-17 21:23:22        441FBA48BFF01FDB9D5969EBC1838F0B        467456        ----a-w-        C:\Windows\Sysnative\drivers\srv.sys

2013-07-17 21:23:22        41C67E4205C606A103DEC8651D0B6FE6        288088        ----a-w-        C:\Windows\Sysnative\drivers\FWPKCLNT.SYS

2013-07-17 21:23:22        27E461F0BE5BFF5FC737328F749538C3        168448        ----a-w-        C:\Windows\Sysnative\drivers\srvnet.sys

2013-07-17 21:23:21        97A7070AEA4C058B6418519E869A63B4        95600        ----a-w-        C:\Windows\Sysnative\drivers\ksecdd.sys

2013-07-17 21:23:21        1C7857B62DE5994A75B054A9FD4C3825        498688        ----a-w-        C:\Windows\Sysnative\drivers\afd.sys

2013-07-17 21:23:15        E9766131EEADE40A27DC27D2D68FBA9C        75120        ----a-w-        C:\Windows\Sysnative\drivers\partmgr.sys

2013-07-17 21:20:23        6C02A83164F5CC0A262F4199F0871CF5        90624        ----a-w-        C:\Windows\Sysnative\drivers\bowser.sys

====== C:\Windows\Tasks ======

2013-08-15 18:04:49        --------        d-----w-        C:\Windows\Sysnative\Tasks\Safer-Networking

2013-08-02 02:14:53        9CDC86ECADA5520AF48F9D04340C22C1        1214        ----a-w-        C:\Windows\Tasks\HDvid Codec V1-updater.job

2013-08-02 02:14:53        427BECF39269D7E3D200549DD7DD4F31        4244        ----a-w-        C:\Windows\Sysnative\Tasks\HDvid Codec V1-updater

2013-08-02 02:14:51        F0BCCE9D8D58820BB78ECBE22B34ACA3        1118        ----a-w-        C:\Windows\Tasks\HDvid Codec V1-enabler.job

2013-08-02 02:14:51        795C5CC3D5211DB1B10054E392EC4FDD        4148        ----a-w-        C:\Windows\Sysnative\Tasks\HDvid Codec V1-enabler

2013-08-02 02:14:50        D15F423384763D75D3D771D8C6283797        4238        ----a-w-        C:\Windows\Sysnative\Tasks\HDvid Codec V1-codedownloader

2013-08-02 02:14:50        A5651766FFEDF36B9CE0820C37BCD840        1208        ----a-w-        C:\Windows\Tasks\HDvid Codec V1-codedownloader.job

2013-07-28 21:15:50        59B495032BC85652C52347E10874FA8D        3506        ----a-w-        C:\Windows\Sysnative\Tasks\AdobeAAMUpdater-1.0-Itaris-PC-Itaris

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-07-28 18:15:03        --------        d-----w-        C:\Program Files\Adobe

2013-07-28 18:14:54        --------        d-----w-        C:\Program Files\Common Files\Adobe

2013-07-21 19:03:13        --------        d-----w-        C:\Program Files\Virtual Audio Cable

2013-07-19 15:13:32        --------        d-----w-        C:\Program Files\Rainmeter

2013-07-18 17:01:58        --------        d-----w-        C:\Program Files\WinRAR

======= C:\Program Files (x86) =====

2013-08-15 18:04:39        --------        d-----w-        C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-08-13 12:55:16        --------        d-----w-        C:\Program Files (x86)\Microsoft XNA

2013-08-08 16:53:41        --------        d-----w-        C:\Program Files (x86)\Common Files\Steam

2013-08-06 22:40:36        --------        d-----w-        C:\Program Files (x86)\Sony

2013-08-05 18:43:25        --------        d-----w-        C:\Program Files (x86)\Combat-Gaming Network

2013-08-04 08:56:46        --------        d-----w-        C:\Program Files (x86)\OpenOffice 4

2013-08-02 02:15:34        --------        d-----w-        C:\Program Files (x86)\ffdshow

2013-08-02 02:14:40        --------        d-----w-        C:\Program Files (x86)\HDvid Codec V1

2013-07-28 18:17:28        --------        d-----w-        C:\Program Files (x86)\Common Files\Sonic Shared

2013-07-28 18:17:28        --------        d-----w-        C:\Program Files (x86)\Common Files\PX Storage Engine

2013-07-28 18:17:25        --------        d-----w-        C:\Program Files (x86)\My Company Name

2013-07-28 18:13:55        --------        d-----w-        C:\Program Files (x86)\Common Files\Adobe

2013-07-26 20:55:42        --------        d-----w-        C:\Program Files (x86)\NVIDIA Corporation

2013-07-26 05:19:53        --------        d-----w-        C:\Program Files (x86)\UX Pack

2013-07-18 17:09:34        --------        d-----w-        C:\Program Files (x86)\Common Files\Adobe AIR

2013-07-18 17:09:34        --------        d-----w-        C:\Program Files (x86)\Adobe

2013-07-18 15:43:40        --------        d-----w-        C:\Program Files (x86)\Common Files\Skype

2013-07-18 15:43:40        --------        d-----r-        C:\Program Files (x86)\Skype

2013-07-18 15:41:52        --------        d-----w-        C:\Program Files (x86)\Microsoft.NET

2013-07-17 21:13:05        --------        d-----w-        C:\Program Files (x86)\AMD

======= C: =====

2013-08-16 16:47:06        D2D5965BD9193A722829E7B59D9174B5        7044        ----a-w-        C:\AdwCleaner[R3].txt

2013-08-16 16:30:17        EFEFBAA1F3B1C22E017D383F6504E114        6984        ----a-w-        C:\AdwCleaner[R2].txt

2013-08-16 16:30:03        F871B79F01F8688ECFBD34B23057DA08        6924        ----a-w-        C:\AdwCleaner[R1].txt

====== C:\Users\Itaris\AppData\Roaming ======

2013-08-15 18:04:02        --------        d-----w-        C:\users\Itaris\AppData\Local\Programs

2013-08-13 12:55:23        --------        d-----w-        C:\users\Itaris\AppData\Local\Cadenza

2013-08-04 09:00:44        --------        d-----w-        C:\users\Itaris\AppData\Roaming\OpenOffice

2013-08-02 02:14:37        --------        d-----w-        C:\users\Itaris\AppData\Roaming\Mozilla

2013-08-02 00:24:05        --------        d-----w-        C:\users\Itaris\AppData\Locallow\Adobe

2013-08-02 00:23:33        CA9B0BD72BE245BEF98277F7151A66EB        132        ----a-w-        C:\users\Itaris\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen

2013-08-02 00:10:42        97DF46BC89AFC10AA799EB1A0B0178EA        4113        ----a-w-        C:\users\Itaris\AppData\Local\recently-used.xbel

2013-07-29 15:58:47        --------        d-----w-        C:\users\Itaris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2013-07-28 21:12:35        --------        d-----w-        C:\users\Itaris\AppData\Roaming\PDAppFlex

2013-07-28 18:01:27        --------        d-----w-        C:\users\Itaris\AppData\Local\fontconfig

2013-07-28 18:01:23        --------        d-----w-        C:\users\Itaris\AppData\Local\gegl-0.2

2013-07-27 01:59:25        --------        d-----w-        C:\users\Itaris\AppData\Roaming\Soldat

2013-07-26 03:54:01        --------        d-----w-        C:\users\Itaris\AppData\Roaming\Leadertech

2013-07-22 12:42:40        --------        d-----w-        C:\users\Itaris\AppData\Roaming\Sony Corporation

2013-07-19 15:14:16        --------        d-----w-        C:\users\Itaris\AppData\Roaming\Rainmeter

2013-07-18 17:14:19        --------        d-----w-        C:\users\Itaris\AppData\Roaming\LolClient

2013-07-18 17:09:21        --------        d-----w-        C:\users\Itaris\AppData\Local\Adobe

2013-07-18 17:02:00        --------        d-----w-        C:\users\Itaris\AppData\Roaming\WinRAR

2013-07-18 17:02:00        --------        d-----w-        C:\users\Itaris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-07-18 15:43:42        --------        d-----w-        C:\users\Itaris\AppData\Roaming\Skype

2013-07-18 15:43:30        --------        d-----w-        C:\users\Itaris\AppData\Roaming\ATI

2013-07-18 15:43:30        --------        d-----w-        C:\users\Itaris\AppData\Local\ATI

2013-07-18 05:40:33        --------        d-----w-        C:\users\Itaris\AppData\Roaming\Adobe

2013-07-17 21:11:43        --------        d-----w-        C:\users\Itaris\AppData\Local\Downloaded Installations

2013-07-17 21:00:13        --------        d-----w-        C:\users\Itaris\AppData\Roaming\TERA

====== C:\Users\Itaris ======

2013-08-16 20:22:45        2DCB95E2E02C853A968B6E1FCBDC1420        1159319        ----a-w-        C:\Users\Itaris\Downloads\JRT.exe

2013-08-16 17:14:33        4012F46196179C7B800F607F52DB7834        1575798        ----a-w-        C:\Users\Itaris\Desktop\FRST64.exe

2013-08-16 16:46:14        178A34E5554DCE485E1262DDF027960C        2237968        ----a-w-        C:\Users\Itaris\Downloads\tdsskiller.exe

2013-08-16 16:32:57        943236987A9346B8B9A5B649CD9059F2        700783        ----a-w-        C:\Users\Itaris\Downloads\dds+ (1).exe

2013-08-16 16:28:40        F265E08A4A53E0FAFF655BF04C490F0C        666633        ----a-w-        C:\Users\Itaris\Downloads\adwcleaner.exe

2013-08-16 16:26:47        943236987A9346B8B9A5B649CD9059F2        700783        ------r-        C:\Users\Itaris\Downloads\dds+.exe

2013-08-16 13:20:24        244C5C48F2EA54AFB29AE990ADCD1DEF        726464        ----a-w-        C:\Users\Itaris\Downloads\SpyHunter-Installer.exe

2013-08-16 11:31:23        EFEB95F45EB7430D72D302D998EA3A14        7837712        ----a-w-        C:\Users\Itaris\Downloads\Range_MMO7_SD7_0_20_0_64Bit_Drivers (1).exe

2013-08-15 18:04:48        --------        d-----w-        C:\ProgramData\Spybot - Search & Destroy

2013-08-15 18:00:42        5E20685E0AD4D5797719BF31B8B5F912        36364784        ----a-w-        C:\Users\Itaris\Downloads\spybotsd-2.1.20-SR1.exe

2013-08-13 18:48:56        --------        d-----w-        C:\ProgramData\Electronic Arts

2013-08-09 15:57:19        864892D1791A33E066F1D6A61D0A3FED        7876512        ----a-w-        C:\Users\Itaris\Downloads\Shockwave_Installer_Slim.exe

2013-08-08 16:53:14        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2013-08-08 05:13:06        --------        d-----w-        C:\ProgramData\PopCap Games

2013-08-05 15:56:36        8F24783B930CA3D727CED96C07C3AC1F        2361543055        ----a-w-        C:\Users\Itaris\Downloads\setup.exe

2013-08-04 08:56:57        --------        d-s---w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0

2013-08-04 08:44:13        1249C1D256BBBC01FFD1F44A41389F75        162401424        ----a-w-        C:\Users\Itaris\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe

2013-08-02 02:15:35        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow

2013-08-02 00:09:19        --------        d-----w-        C:\Users\Itaris\.thumbnails

2013-07-28 18:27:59        --------        d-----w-        C:\ProgramData\regid.1986-12.com.adobe

2013-07-28 18:23:36        --------        d-----w-        C:\ProgramData\ALM

2013-07-28 18:21:03        --------        d-----w-        C:\Users\Itaris\Adobe Flash Builder 4.6

2013-07-28 18:18:54        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2

2013-07-28 18:15:14        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6

2013-07-28 18:01:24        --------        d-----w-        C:\Users\Itaris\.gimp-2.8

2013-07-27 17:19:59        --------        d-----w-        C:\ProgramData\Intenium

2013-07-21 19:03:13        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable

2013-07-18 17:09:36        --------        d-----w-        C:\ProgramData\Adobe

2013-07-18 17:02:00        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-07-18 15:43:40        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2013-07-18 15:43:39        --------        d-----w-        C:\ProgramData\Skype

2013-07-18 15:43:30        --------        d-----w-        C:\ProgramData\ATI

2013-07-17 20:59:51        --------        d-----w-        C:\ProgramData\TERA
 

====== C: exe-files ==

2013-08-16 20:22:45        2DCB95E2E02C853A968B6E1FCBDC1420        1159319        ----a-w-        C:\Users\Itaris\Downloads\JRT.exe

2013-08-16 20:17:22        D41D8CD98F00B204E9800998ECF8427E        0        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HS2F9PHX\FRST64[1].exe

2013-08-16 17:14:33        4012F46196179C7B800F607F52DB7834        1575798        ----a-w-        C:\Users\Itaris\Desktop\FRST64.exe

2013-08-16 16:46:14        178A34E5554DCE485E1262DDF027960C        2237968        ----a-w-        C:\Users\Itaris\Downloads\tdsskiller.exe

2013-08-16 16:32:57        943236987A9346B8B9A5B649CD9059F2        700783        ----a-w-        C:\Users\Itaris\Downloads\dds+ (1).exe

2013-08-16 16:28:40        F265E08A4A53E0FAFF655BF04C490F0C        666633        ----a-w-        C:\Users\Itaris\Downloads\adwcleaner.exe

2013-08-16 16:26:47        943236987A9346B8B9A5B649CD9059F2        700783        ------r-        C:\Users\Itaris\Downloads\dds+.exe

2013-08-16 13:20:34        D41D8CD98F00B204E9800998ECF8427E        0        ----a-w-        C:\Users\Itaris\AppData\Local\Temp\SHSetup.exe

2013-08-16 13:20:24        244C5C48F2EA54AFB29AE990ADCD1DEF        726464        ----a-w-        C:\Users\Itaris\Downloads\SpyHunter-Installer.exe

2013-08-16 12:17:55        D41D8CD98F00B204E9800998ECF8427E        0        ----a-w-        C:\FRST\Quarantine\eSafe\temp_000.exe

2013-08-16 11:31:23        EFEB95F45EB7430D72D302D998EA3A14        7837712        ----a-w-        C:\Users\Itaris\Downloads\Range_MMO7_SD7_0_20_0_64Bit_Drivers (1).exe

2013-08-15 18:07:49        FEE1C90AF84E759CBBE45C0FA9B63012        254064        ----a-w-        C:\Program Files (x86)\Spybot - Search & Destroy 2\spybotsd2-translation-frx.exe

2013-08-15 18:07:47        0C68C4B59CEF048ADADCA4FC4EA6991A        17392        ----a-w-        C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDisableProxy.exe

2013-08-15 18:04:42        95AA9E165C7DE1B64A11E8B18E91E499        1817560        ----a-w-        C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

2013-08-15 18:00:42        5E20685E0AD4D5797719BF31B8B5F912        36364784        ----a-w-        C:\Users\Itaris\Downloads\spybotsd-2.1.20-SR1.exe

2013-08-15 00:43:45        BC90EED56A5C77168A8D6F0C4221D7CB        71680        ----a-w-        C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-15 00:43:45        6C8BDC9F16943D626DFE8A987BCCFD20        51712        ----a-w-        C:\Windows\System32\ie4uinit.exe

2013-08-15 00:43:45        28C2F8C7DBE11AA3DA041D35F4E59481        89600        ----a-w-        C:\Windows\System32\RegisterIEPKEYs.exe

2013-08-15 00:43:44        7BA1862B8A5698DC5FCFDFF3BC359DE9        770648        ----a-w-        C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-08-15 00:43:44        133CEF30905806A35606652D409EEEBA        775256        ----a-w-        C:\Program Files\Internet Explorer\iexplore.exe

2013-08-14 09:40:17        9FA7BF625122CCAC90FCD307174D8CF3        3913664        ----a-w-        C:\Windows\SysWOW64\ntoskrnl.exe

2013-08-14 09:40:16        DD5F17D44E9966E7EA447AE8C4D12D6C        3968960        ----a-w-        C:\Windows\SysWOW64\ntkrnlpa.exe

2013-08-14 09:40:16        C19DCA1024135D5485E25AB1047F77BC        5550528        ----a-w-        C:\Windows\System32\ntoskrnl.exe

2013-08-14 09:40:15        D313AE69128A75367AA36E15522931F6        7680        ----a-w-        C:\Windows\SysWOW64\instnm.exe

2013-08-14 09:40:15        CFEEF3185342ADEAE1E77A017052565B        2048        ----a-w-        C:\Windows\SysWOW64\user.exe

2013-08-14 09:40:15        3EED15C223E139C3A28B458800E52BF3        25600        ----a-w-        C:\Windows\SysWOW64\setup16.exe

=== C: other files ==

2013-08-16 13:05:28        F7C9CB06DA9AF75A07C732BD5777B071        19510        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04Q45YH9\3.5.7.22_3.5.7.23[1].zip

2013-08-15 18:56:31        0718882473BDC9C275869DB5C3294834        169043931        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.21_3.5.7.22[1].zip

2013-08-15 17:11:49        C629F11623F0E0CA6E198B6B4B2B5D94        544        ----a-w-        C:\$Recycle.Bin\S-1-5-21-4001792419-3351727207-731353116-1000\$I72F4Z0.crx

2013-08-15 17:11:01        039A052AA124284F3EECEA6315427F30        32026972        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZIESRF3Y\3.5.7.20_3.5.7.21[1].zip

2013-08-15 16:48:01        D9E9D934C8AAD83A5B2863F206F8DAEA        6165630        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZIESRF3Y\3.5.7.19_3.5.7.20[1].zip

2013-08-15 16:13:29        376FF5223B7184250DCD674731AF223B        19026403        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.18_3.5.7.19[1].zip

2013-08-15 16:13:27        33F0EA71132FDCEAABA58C20B40E0D24        666961        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.17_3.5.7.18[1].zip

2013-08-15 16:13:25        3AE91F7001720500CAA83273089DBB88        666961        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.16_3.5.7.17[1].zip

2013-08-15 07:01:02        98FE333AEA27B53C69D29B804B39B35C        134166        ----a-w-        C:\Users\Itaris\AppData\Local\Temp\jrt\misc.bat

2013-08-15 06:20:52        CA9339D4B7732913EE7399161A4981D1        10256        ----a-w-        C:\Users\Itaris\AppData\Local\Temp\jrt\JRT.bat

2013-08-15 06:20:34        EC45E46139A552BDBA23D3A79F5AD4AC        16143        ----a-w-        C:\Users\Itaris\AppData\Local\Temp\jrt\get.bat

2013-08-14 09:40:14        DB74544B75566C974815E79A62433F29        1910208        ----a-w-        C:\Windows\System32\drivers\tcpip.sys

2013-08-14 09:40:14        4CE278FC9671BA81A138D70823FCAA09        39936        ----a-w-        C:\Windows\System32\drivers\tssecsrv.sys

2013-08-14 06:08:02        C151B40412BE1367F567C768DF9FBF72        10973        ----a-w-        C:\Users\Itaris\AppData\Local\Temp\jrt\runvalues.bat

2013-08-12 16:22:16        43A419C981AE28DE5AEC202BBA2A5CF1        37079        ----a-w-        C:\Users\Itaris\AppData\Local\Temp\jrt\prelim.bat

2013-08-12 16:08:57        70E20B597F9C2D56AE939756CFD5773C        621352        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.15_3.5.7.16[1].zip

2013-08-12 16:08:56        C96D488134991D35C16CD715D2E02FC5        602719        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.14_3.5.7.15[1].zip

2013-08-12 15:26:37        BB6C23057829ACCDE75432881A4DB52A        1171710457        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.13_3.5.7.14[1].zip

2013-08-12 15:26:29        60C4538F95159974970999A932FB34FA        3500874        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.12_3.5.7.13[1].zip

2013-08-12 15:26:25        0B2EE5AA6A7C814675E1823F238AD3AB        1230570        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.11_3.5.7.12[1].zip

2013-08-12 15:26:22        F976369B8145BBA9154F45D956D7940F        1230570        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.10_3.5.7.11[1].zip

2013-08-12 15:26:19        FA68C4A2E5A6F936B3F1BFFB117B8D30        820179        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.9_3.5.7.10[1].zip

2013-08-12 15:26:16        8CBDCCE8A11B202E274C55E6DE0A4683        821047        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.8_3.5.7.9[1].zip

2013-08-12 15:26:13        FA68C4A2E5A6F936B3F1BFFB117B8D30        820179        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.7_3.5.7.8[1].zip

2013-08-12 15:25:42        D6A3B3EF9554F81DF54AB55FFF92C1C4        12562805        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.6_3.5.7.7[1].zip

2013-08-12 15:25:40        14F371BDBAC35453628BA0EB5DD871F4        628096        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.5_3.5.7.6[1].zip

2013-08-12 15:25:20        B0D0BF19E91B4BE0654AEE99CD3BEC94        9259400        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.4_3.5.7.5[1].zip

2013-08-12 15:25:18        CCD2F15AEACE5934EEF37BE7685E3017        667527        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.3_3.5.7.4[1].zip

2013-08-12 15:25:16        0D1934CB007E718F74E97E7BC374C5F8        628735        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.2_3.5.7.3[1].zip

2013-08-12 15:25:14        79C26023FA395C2993D27FA8BA90FEC1        628725        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.1_3.5.7.2[1].zip

2013-08-12 15:25:12        83F1219604BB29F9F607A44F151DEC82        602591        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.7.0_3.5.7.1[1].zip

2013-08-12 15:25:10        74A20C2648D3AE0A026F863F11E1CB2D        667441        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.6.9_3.5.7.0[1].zip

2013-08-12 15:25:08        BD8AB0E2961EF6547AA88D481C77A78C        667441        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.6.8_3.5.6.9[1].zip

2013-08-12 15:25:04        D01AA0C230E971D30ED4C8B1E57B91AC        1723715        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.6.7_3.5.6.8[1].zip

2013-08-12 15:25:02        A34CC5346BFAFCBEF655AE036FB41254        628737        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.6.6_3.5.6.7[1].zip

2013-08-12 15:25:00        786AE1DFA7D288A149E3CAE102D74F69        648849        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.6.5_3.5.6.6[1].zip

2013-08-12 15:24:58        786AE1DFA7D288A149E3CAE102D74F69        648849        ----a-w-        C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK\3.5.6.4_3.5.6.5[1].zip
 

==== Startup Registry Enabled ======================
 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
 

[HKEY_USERS\S-1-5-21-4001792419-3351727207-731353116-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Steam"="E:\Program Files (x86)\Steam\Steam.exe -silent"
 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"
 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"

"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"UX Launcher"="C:\Program Files (x86)\UX Pack\uxlaunch.exe"

"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Steam"="E:\Program Files (x86)\Steam\Steam.exe -silent"
 

==== Startup Registry Enabled x64 ======================
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
 

==== Startup Registry Disabled x64 ======================
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LogMeIn Hamachi Ui"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start"
 
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Inhaltsmanager-Assistent fr PlayStation(R).lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Inhaltsmanager-Assistent fr PlayStation(R).lnk"

"backup"="C:\\Windows\\pss\\Inhaltsmanager-Assistent fr PlayStation(R).lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~2\\Sony\\CONTEN~1\\CMA.exe "

"item"="Inhaltsmanager-Assistent fr PlayStation(R)"
 
 

==== Startup Folders ======================
 

2013-07-19 15:13:32        1730        ----a-w-        C:\users\Itaris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
 

==== Task Scheduler Jobs ======================
 

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17.07.2013 22:36]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [17.07.2013 22:36]

C:\Windows\tasks\HDvid Codec V1-codedownloader.job --a------ C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-codedownloader.exe [02.08.2013 04:14]

C:\Windows\tasks\HDvid Codec V1-enabler.job --a------ C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-enabler.exe [02.08.2013 04:14]

C:\Windows\tasks\HDvid Codec V1-updater.job --a------ C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-updater.exe [02.08.2013 04:14]
 

==== Firefox Extensions ======================
 

==== Firefox Plugins ======================
 
 

==== Chrome Look ======================
 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dnllcmllkjofnojidnaknldfehfhehoo - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx[]
 

Google Docs - Itaris - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Itaris - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Itaris - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Itaris - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

AdBlock - Itaris - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Gmail - Itaris - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
 

==== Set IE to Default ======================
 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="hxxp://www.google.com"

"Default_Page_URL"="hxxp://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="hxxp://www.google.com"

"Start Page"="hxxp://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="hxxp://www.google.com"

"Start Page"="hxxp://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found
 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="hxxp://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
 

==== All HKCU SearchScopes ======================
 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
 

==== Deleting Registry Keys ======================
 

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo deleted successfully
 

==== Empty IE Cache ======================
 

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK will be deleted at reboot

C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HS2F9PHX will be deleted at reboot
 

==== Empty FireFox Cache ======================
 

No FireFox Cache found
 

==== Empty Chrome Cache ======================
 

C:\users\Itaris\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 

==== Empty All Flash Cache ======================
 

Flash Cache Emptied Successfully
 

==== Empty All Java Cache ======================
 

No Java Cache Found
 

==== After Reboot ======================
 

==== Empty Temp Folders ======================
 

C:\Windows\Temp successfully emptied

C:\Users\Itaris\AppData\Local\Temp successfully emptied
 

==== Empty Recycle Bin ======================
 

C:\$RECYCLE.BIN successfully emptied
 

==== Deleting Files / Folders ======================
 

"C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72LE9GIK" not found

"C:\Users\Itaris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HS2F9PHX" not found
 

==== EOF on 16.08.2013 at 23:09:06,33 ======================

so das war alles hoffe ich :) sorry das es solange gedauert hat

zu den ordentlichen Deutsch.

Es gibt Leute die können trotz Täglichen üben nicht richtig Schreiben ich zähle leider auch zu diesen Personenkreis selbst wenn ich es besser machen will wird es nicht besser dafür entschuldige ich mich mit der Anmerkung.

Ich kann es einfach nicht besser.

Anbei das Zoek scheint irgendwas gemacht zu haben ich habe wieder google als startseite