silvi@

Zoek.exe Version 4.0.0.4 Updated 14-July-2013 Tool run by Eigenaar on di 16/07/2013 at 22:01:41,57. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected ==== System Restore Info ====================== 16/07/2013 22:03:56 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2936819213-1239530117-3455237631-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_USERS\S-1-5-21-2936819213-1239530117-3455237631-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCall.dll" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla.dll" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla2.dll" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla21.dll" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla31.exe" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla32.dll" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla33.dll" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla34.dll" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla37.dll" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseCustomCalla37.exe" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP\WiseData.ini" deleted "C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\Users\Eigenaar\AppData\Roaming\Babylon" deleted "C:\ProgramData\Babylon" deleted "C:\Users\Eigenaar\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\eSafe" deleted "C:\Users\Eigenaar\AppData\Roaming\Desk 365" deleted "C:\Program Files (x86)\Desk 365" deleted "C:\ProgramData\Tarma Installer" deleted "C:\Users\Eigenaar\AppData\Roaming\eIntaller" deleted "C:\Program Files (x86)\Desk 365" deleted "C:\Users\Eigenaar\AppData\Roaming\WinZipper" deleted "C:\Users\Eigenaar\AppData\Roaming\Desk 365" deleted "C:\Users\Eigenaar\AppData\Roaming\eIntaller" deleted "C:\Users\Eigenaar\AppData\Roaming\Babylon" deleted "C:\Users\Eigenaar\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\eSafe" deleted "C:\ProgramData\Tarma Installer" deleted "C:\ProgramData\Babylon" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted ==== Chrome Look ====================== Delta Toolbar - Eigenaar - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde ==== Chrome Fix ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="PAINTSHOPPROFORUM ? Aanmelden" "Default_Page_URL"="Qvo6.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="Qvo6.com" "Start Page"="Qvo6.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="Qvo6.com" "Start Page"="Qvo6.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="PAINTSHOPPROFORUM ? Aanmelden" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{32ABFA3F-38FC-4F5C-911E-D31EFBC996B4}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {32ABFA3F-38FC-4F5C-911E-D31EFBC996B4} Google Url="{searchTerms} - Google zoeken?}" {33BB0A4E-99AF-4226-BDF6-49120163DE86} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Reset Google Chrome ====================== C:\users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2936819213-1239530117-3455237631-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-2936819213-1239530117-3455237631-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Eigenaar\Desktop\Silvia's pc\Computer.lnk - C:\Users\Eigenaar\Desktop\Silvia's pc\Configuratiescherm.lnk - C:\Users\Eigenaar\Desktop\Silvia's pc\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prullenbak.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk - C:\Windows\Installer\{95140000-00AF-0413-0000-0000000FF1CE}\ppvwicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP250 series\Leesmij.lnk - C:\Program Files (x86)\CanonBJ\IJPrinter\Canon MP250 series\readme_Dutch.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /mn C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu\Leesmij-bestand bij Solution Menu.lnk - C:\Program Files (x86)\Canon\SolutionMenu\Readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu\Solution Menu verwijderen.lnk - C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe C:\Program Files (x86)\Canon\SolutionMenu\uninst.ini C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu\Solution Menu.lnk - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X5\Corel PaintShop Pro X5.lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X5\Restore Database.lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X5\ResetDB.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Graphics and Media Control Panel.lnk - C:\Windows\system32\GfxUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software\Jasc Animation Shop 3 verwijderen.lnk - C:\Windows\SysWOW64\msiexec.exe /x {7C4196CA-CA41-4F34-9C08-7724E7705D52} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software\Jasc Animation Shop 3.lnk - C:\Windows\Installer\{7C4196CA-CA41-4F34-9C08-7724E7705D52}\NewShortcut1_7C4196CACA414F349C087724E7705D52.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Base.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Calc.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Draw.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Impress.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Math.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Writer.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player\Official Home Page.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype voor bureaublad.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\rar.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\Winrar.hlp C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Anim.lnk - C:\Program Files (x86)\Jasc Software Inc\Animation Shop 3\Anim.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Corel PaintShop Pro X5.lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com ==== shortcuts After Repair ====================== C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = PAINTSHOPPROFORUM ? Aanmelden R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [uninstall C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64" O4 - Startup: Dropbox.lnk = Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @oem3.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 16/07/2013 at 22:06:53,79 ====================== Mag ik vragen waarom? Ik had dit kladblokje toch al opgestuurd en mijn startblad is weer oke dank zij jullie goede uitleg:top:

Kan iemand deze digibeet helpen? Pas een nieuwe pc en mijn startblad is al weg :embarassed:is nu besmet met Qv6 Invoegtoepassingen beheren - zoekmachine - staat Qv6 niet bij. Bij internetoptie - Algemeen - Tabblad om startpagina te maken staat de juiste site. DDS scan gedaan en deze kladblokjes zijn er uit gekomen. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.25.2 Run by Eigenaar at 13:34:09 on 2013-07-16 Microsoft Windows 8 6.2.9200.0.1252.32.1043.18.3770.1372 [GMT 2:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\viakaraokesrv.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\dashost.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\dwm.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\wwahost.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\wwahost.exe C:\Program Files (x86)\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe C:\Windows\system32\taskhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\ThumbnailExtractionHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.paintshopproforum.be/phpbb/search.php?search_id=newposts uDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 mWinlogon: Userinit = userinit.exe BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Rich Media Downloader: {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRunOnce: [uninstall C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" uRunOnce: [uninstall C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64" mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\Eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe IE: {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - TCP: NameServer = 192.168.1.1 TCP: Interfaces\{D324D438-4E23-4AA7-8145-46FC1FA994D6} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings x64-mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 x64-mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2013-7-9 27792] R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-7-9 760032] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\Drivers\viahduaa.sys [2013-7-9 2201744] R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2013-07-16 11:34:09 -------- d-----r- C:\Users\Eigenaar\Videos 2013-07-16 11:34:09 -------- d-----r- C:\Users\Eigenaar\Music 2013-07-16 11:24:19 -------- d-----w- C:\Program Files\Enigma Software Group 2013-07-16 11:23:49 -------- d-----w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP 2013-07-16 11:23:48 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-07-16 11:23:22 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{51435816-49A8-46A6-8104-B40E6E306CEA}\offreg.dll 2013-07-16 09:33:10 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{51435816-49A8-46A6-8104-B40E6E306CEA}\mpengine.dll 2013-07-15 14:29:06 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-07-15 09:32:57 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2013-07-14 12:26:46 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-07-13 09:18:51 -------- d-----r- C:\Plugins 2013-07-13 08:06:54 -------- d-----w- C:\Windows\System32\MRT 2013-07-13 07:48:39 -------- d-----w- C:\Windows\SysWow64\searchplugins 2013-07-13 07:48:39 -------- d-----w- C:\Windows\SysWow64\Extensions 2013-07-13 07:48:06 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Babylon 2013-07-13 07:48:06 -------- d-----w- C:\ProgramData\Babylon 2013-07-13 07:30:50 -------- d-----r- C:\Program Files (x86)\Skype 2013-07-13 07:30:49 93976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll 2013-07-13 07:30:25 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\TuneUp Software 2013-07-13 07:30:21 -------- d-----w- C:\ProgramData\TuneUp Software 2013-07-13 07:30:19 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2013-07-13 07:30:19 -------- d--h--w- C:\ProgramData\Common Files 2013-07-13 07:29:56 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\OpenCandy 2013-07-12 22:00:15 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\WinZipper 2013-07-12 21:49:31 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Diagnostics 2013-07-12 21:44:48 -------- d-----r- C:\Users\Eigenaar\Dropbox 2013-07-12 21:41:16 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Dropbox 2013-07-12 21:39:57 -------- d-----w- C:\ProgramData\eSafe 2013-07-12 21:39:52 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Desk 365 2013-07-12 21:39:52 -------- d-----w- C:\Program Files (x86)\Desk 365 2013-07-12 21:39:49 -------- d-----w- C:\ProgramData\Tarma Installer 2013-07-12 21:39:45 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\eIntaller 2013-07-12 20:04:36 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Jasc 2013-07-12 19:59:38 -------- d-----w- C:\Program Files (x86)\Jasc Software Inc 2013-07-12 13:58:42 -------- d-----w- C:\ProgramData\Corel Painter 12 - Extra Content 2013-07-11 19:20:31 -------- d-----w- C:\Users\Eigenaar\AppData\Local\ElevatedDiagnostics 2013-07-11 14:27:55 -------- d-----w- C:\Users\Eigenaar\AppData\Local\CrashDumps 2013-07-11 11:50:59 -------- d-----w- C:\ProgramData\Protexis 2013-07-11 11:19:12 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Corel PaintShop Pro 2013-07-11 11:18:27 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Google 2013-07-11 11:18:13 -------- d-----w- C:\ProgramData\Corel 2013-07-11 11:18:13 -------- d-----w- C:\Program Files (x86)\Common Files\Protexis 2013-07-11 11:17:32 -------- d-----w- C:\Program Files (x86)\Corel 2013-07-11 08:57:35 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\OpenOffice.org 2013-07-11 08:53:13 -------- d-----w- C:\Program Files\Canon 2013-07-11 08:52:57 -------- d-----w- C:\Program Files (x86)\Canon 2013-07-11 08:49:10 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Windows Live Writer 2013-07-11 08:49:10 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Windows Live Writer 2013-07-11 08:46:03 -------- d-----w- C:\Windows\PCHEALTH 2013-07-11 08:45:25 5659096 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f5df914e1ce7e1204\skydrivesetup.exe 2013-07-11 08:45:25 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive 2013-07-11 08:45:17 -------- d-----w- C:\ProgramData\Microsoft SkyDrive 2013-07-11 08:45:10 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Windows Live 2013-07-11 08:44:48 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2013-07-11 08:42:15 -------- d-----w- C:\Windows\SysWow64\XPSViewer 2013-07-11 08:41:12 778856 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll 2013-07-11 08:41:12 35400 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe 2013-07-11 08:41:12 35400 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2013-07-11 08:41:12 124040 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2013-07-11 08:41:12 1166440 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll 2013-07-11 08:41:12 102528 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2013-07-11 08:38:48 83968 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPP9W.DLL 2013-07-11 08:38:48 28672 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPD9W.DLL 2013-07-11 08:38:44 336896 ----a-w- C:\Windows\System32\CNMLM9W.DLL 2013-07-11 08:38:31 92672 ----a-w- C:\Windows\System32\CNC250I.dll 2013-07-11 08:38:31 328192 ----a-w- C:\Windows\System32\CNC250L.dll 2013-07-11 08:38:31 303104 ----a-w- C:\Windows\SysWow64\CNC250L.dll 2013-07-11 08:38:31 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll 2013-07-11 08:38:31 1321984 ----a-w- C:\Windows\System32\CNC250C.dll 2013-07-11 08:38:31 106496 ----a-w- C:\Windows\SysWow64\CNC250U.dll 2013-07-11 08:38:30 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll 2013-07-10 12:52:09 308736 ----a-w- C:\Windows\System32\ssleay32.dll 2013-07-10 12:52:09 1503744 ----a-w- C:\Windows\System32\libeay32.dll 2013-07-10 12:52:03 327008 ----a-w- C:\Windows\System32\RaCoInstx.dll 2013-07-10 12:52:03 1979464 ----a-w- C:\Windows\System32\drivers\netr28ux.sys 2013-07-10 12:52:02 -------- d-----w- C:\ProgramData\Ralink Driver 2013-07-10 12:52:02 -------- d-----w- C:\Program Files (x86)\Ralink 2013-07-10 07:50:55 237744 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10209.bin 2013-07-10 07:18:09 2035200 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll 2013-07-10 07:18:08 1617920 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2013-07-10 07:18:08 1413632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll 2013-07-10 07:18:08 1318912 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2013-07-10 07:18:08 1306112 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2013-07-10 07:18:08 1272320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2013-07-10 07:18:08 1029632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\journal.dll 2013-07-10 07:12:04 -------- d-----w- C:\Program Files (x86)\MSECache 2013-07-10 07:10:44 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3 2013-07-10 07:09:41 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin 2013-07-10 07:09:39 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin 2013-07-09 19:38:09 -------- d-----w- C:\Windows\Panther 2013-07-09 19:19:07 760032 ----a-w- C:\Windows\System32\drivers\Rt630x64.sys 2013-07-09 19:19:07 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll 2013-07-09 19:19:03 -------- d-----w- C:\Program Files (x86)\Realtek 2013-07-09 18:58:57 414632 ------w- C:\Windows\difxapi.dll 2013-07-09 18:58:56 -------- d-----w- C:\Program Files (x86)\VIA 2013-07-09 18:58:30 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll 2013-07-09 18:58:10 -------- d-----w- C:\Intel 2013-07-09 18:57:38 10296 ----a-w- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS 2013-07-09 18:45:07 -------- d-----r- C:\Users\Eigenaar\Searches 2013-07-09 18:45:07 -------- d-----r- C:\Users\Eigenaar\Contacts 2013-07-09 18:40:18 -------- d-sh--we C:\ProgramData\Sjablonen 2013-07-09 18:40:18 -------- d-sh--we C:\ProgramData\Menu Start 2013-07-09 18:40:18 -------- d-sh--we C:\ProgramData\Documenten 2013-07-09 18:40:17 -------- d-sh--we C:\ProgramData\Bureaublad 2013-07-09 15:36:03 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Adobe 2013-07-09 15:35:01 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-07-09 15:21:00 2367528 ----a-w- C:\Windows\System32\WSService.dll 2013-07-09 15:19:59 976384 ----a-w- C:\Windows\System32\KernelBase.dll 2013-07-09 15:18:50 76288 ----a-w- C:\Windows\System32\newdev.exe 2013-07-09 14:49:26 144384 ----a-w- C:\Windows\System32\tssdisai.dll 2013-07-09 14:37:39 -------- d-----r- C:\Windows\BrowserChoice 2013-07-09 14:14:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-07-09 14:09:41 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll 2013-07-09 14:09:35 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll 2013-07-09 14:09:00 2094592 ----a-w- C:\Windows\System32\mmc.exe 2013-07-09 14:09:00 1964544 ----a-w- C:\Windows\System32\wlidsvc.dll 2013-07-09 14:07:49 915968 ----a-w- C:\Windows\System32\uxtheme.dll 2013-07-09 14:06:18 2361344 ----a-w- C:\Windows\System32\msxml6.dll 2013-07-09 14:06:18 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll 2013-07-09 14:06:18 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2013-07-09 14:06:18 2048 ----a-w- C:\Windows\System32\msxml6r.dll 2013-07-09 14:06:18 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2013-07-09 14:06:18 1836032 ----a-w- C:\Windows\System32\msxml3.dll 2013-07-09 14:06:18 1802240 ----a-w- C:\Windows\SysWow64\msxml6.dll 2013-07-09 14:06:18 1438720 ----a-w- C:\Windows\SysWow64\msxml3.dll . ==================== Find3M ==================== . 2013-07-12 22:00:15 773800 ----a-w- C:\Windows\SysWow64\msvcr100.dll 2013-07-12 22:00:15 421032 ----a-w- C:\Windows\SysWow64\msvcp100.dll 2013-06-27 22:04:51 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-27 22:04:51 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-16 22:41:31 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys 2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-06-01 11:54:16 194816 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2013-06-01 11:54:10 125184 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2013-06-01 11:34:21 2391280 ----a-w- C:\Windows\explorer.exe 2013-06-01 11:33:13 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-06-01 11:29:35 337152 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2013-06-01 11:29:35 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS 2013-06-01 11:26:33 327936 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2013-06-01 11:26:31 6987008 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-06-01 10:24:46 2106176 ----a-w- C:\Windows\SysWow64\explorer.exe 2013-06-01 09:25:52 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-06-01 09:25:05 67584 ----a-w- C:\Windows\SysWow64\samlib.dll 2013-06-01 09:25:03 496640 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-06-01 09:24:19 493056 ----a-w- C:\Windows\SysWow64\mscms.dll 2013-06-01 09:24:09 850944 ----a-w- C:\Windows\SysWow64\mfasfsrcsnk.dll 2013-06-01 09:24:09 1453568 ----a-w- C:\Windows\SysWow64\mfcore.dll 2013-06-01 09:23:46 1842176 ----a-w- C:\Windows\SysWow64\dwmcore.dll 2013-06-01 09:23:06 680960 ----a-w- C:\Windows\System32\vds.exe 2013-06-01 09:22:47 80896 ----a-w- C:\Windows\System32\MbaeParserTask.exe 2013-06-01 09:22:33 523264 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-06-01 09:22:33 446976 ----a-w- C:\Windows\System32\wwansvc.dll 2013-06-01 09:22:09 190976 ----a-w- C:\Windows\System32\vdsutil.dll 2013-06-01 09:21:39 729600 ----a-w- C:\Windows\System32\samsrv.dll 2013-06-01 09:21:39 106496 ----a-w- C:\Windows\System32\samlib.dll 2013-06-01 09:21:34 595968 ----a-w- C:\Windows\System32\qedit.dll 2013-06-01 09:20:45 583168 ----a-w- C:\Windows\System32\mscms.dll 2013-06-01 09:20:34 1527808 ----a-w- C:\Windows\System32\mfcore.dll 2013-06-01 09:20:34 1048576 ----a-w- C:\Windows\System32\mfasfsrcsnk.dll 2013-06-01 09:20:04 2219520 ----a-w- C:\Windows\System32\dwmcore.dll 2013-06-01 09:19:58 207872 ----a-w- C:\Windows\System32\DeviceSetupManager.dll 2013-06-01 09:19:42 785408 ----a-w- C:\Windows\System32\audiosrv.dll 2013-06-01 03:08:57 37632 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys 2013-05-30 23:14:23 4036096 ----a-w- C:\Windows\System32\win32k.sys 2013-05-24 22:09:20 1403296 ----a-w- C:\Windows\System32\winload.efi 2013-05-24 22:09:20 1271584 ----a-w- C:\Windows\System32\winload.exe 2013-05-24 22:09:20 1217352 ----a-w- C:\Windows\System32\winresume.efi 2013-05-24 22:09:20 1093904 ----a-w- C:\Windows\System32\winresume.exe 2013-05-23 23:01:46 1300992 ----a-w- C:\Windows\System32\gdi32.dll 2013-05-23 22:27:05 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll 2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll 2013-05-15 02:25:59 888320 ----a-w- C:\Windows\System32\autochk.exe 2013-05-15 02:25:44 542208 ----a-w- C:\Windows\System32\untfs.dll 2013-05-15 02:24:10 793088 ----a-w- C:\Windows\SysWow64\autochk.exe 2013-05-15 02:24:01 482816 ----a-w- C:\Windows\SysWow64\untfs.dll 2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe 2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys 2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe 2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe 2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe 2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll 2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll 2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll 2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll 2013-05-04 06:59:21 2842112 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll 2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll 2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll 2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll 2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll 2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll 2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll 2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll 2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll 2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll 2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll 2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll 2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll 2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll 2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll 2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll 2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll 2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll 2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll 2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl 2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe 2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe 2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll 2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2013-05-04 04:57:58 2620928 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll 2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll 2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll 2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll 2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll 2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll 2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll 2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll 2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll . ============= FINISH: 13:34:36,71 =============== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.25.2 Run by Eigenaar at 13:34:09 on 2013-07-16 Microsoft Windows 8 6.2.9200.0.1252.32.1043.18.3770.1372 [GMT 2:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\viakaraokesrv.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\dashost.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\dwm.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\wwahost.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\wwahost.exe C:\Program Files (x86)\Corel\Corel PaintShop Pro X5\Corel PaintShop Pro.exe C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe C:\Windows\system32\taskhost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\ThumbnailExtractionHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.paintshopproforum.be/phpbb/search.php?search_id=newposts uDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 mWinlogon: Userinit = userinit.exe BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Rich Media Downloader: {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRunOnce: [uninstall C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" uRunOnce: [uninstall C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Eigenaar\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64" mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\Eigenaar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe IE: {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - TCP: NameServer = 192.168.1.1 TCP: Interfaces\{D324D438-4E23-4AA7-8145-46FC1FA994D6} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings x64-mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 x64-mDefault_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=WDCXWD10EZEX-00RKKA0_WD-WCC1S358089180891&ts=1373665188 x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2013-7-9 27792] R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-7-9 760032] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\Drivers\viahduaa.sys [2013-7-9 2201744] R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2013-07-16 11:34:09 -------- d-----r- C:\Users\Eigenaar\Videos 2013-07-16 11:34:09 -------- d-----r- C:\Users\Eigenaar\Music 2013-07-16 11:24:19 -------- d-----w- C:\Program Files\Enigma Software Group 2013-07-16 11:23:49 -------- d-----w- C:\Windows\8AE3CFB678B24F55A7BE618FCFF43A03.TMP 2013-07-16 11:23:48 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2013-07-16 11:23:22 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{51435816-49A8-46A6-8104-B40E6E306CEA}\offreg.dll 2013-07-16 09:33:10 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{51435816-49A8-46A6-8104-B40E6E306CEA}\mpengine.dll 2013-07-15 14:29:06 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-07-15 09:32:57 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2013-07-14 12:26:46 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-07-13 09:18:51 -------- d-----r- C:\Plugins 2013-07-13 08:06:54 -------- d-----w- C:\Windows\System32\MRT 2013-07-13 07:48:39 -------- d-----w- C:\Windows\SysWow64\searchplugins 2013-07-13 07:48:39 -------- d-----w- C:\Windows\SysWow64\Extensions 2013-07-13 07:48:06 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Babylon 2013-07-13 07:48:06 -------- d-----w- C:\ProgramData\Babylon 2013-07-13 07:30:50 -------- d-----r- C:\Program Files (x86)\Skype 2013-07-13 07:30:49 93976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll 2013-07-13 07:30:25 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\TuneUp Software 2013-07-13 07:30:21 -------- d-----w- C:\ProgramData\TuneUp Software 2013-07-13 07:30:19 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2013-07-13 07:30:19 -------- d--h--w- C:\ProgramData\Common Files 2013-07-13 07:29:56 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\OpenCandy 2013-07-12 22:00:15 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\WinZipper 2013-07-12 21:49:31 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Diagnostics 2013-07-12 21:44:48 -------- d-----r- C:\Users\Eigenaar\Dropbox 2013-07-12 21:41:16 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Dropbox 2013-07-12 21:39:57 -------- d-----w- C:\ProgramData\eSafe 2013-07-12 21:39:52 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Desk 365 2013-07-12 21:39:52 -------- d-----w- C:\Program Files (x86)\Desk 365 2013-07-12 21:39:49 -------- d-----w- C:\ProgramData\Tarma Installer 2013-07-12 21:39:45 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\eIntaller 2013-07-12 20:04:36 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Jasc 2013-07-12 19:59:38 -------- d-----w- C:\Program Files (x86)\Jasc Software Inc 2013-07-12 13:58:42 -------- d-----w- C:\ProgramData\Corel Painter 12 - Extra Content 2013-07-11 19:20:31 -------- d-----w- C:\Users\Eigenaar\AppData\Local\ElevatedDiagnostics 2013-07-11 14:27:55 -------- d-----w- C:\Users\Eigenaar\AppData\Local\CrashDumps 2013-07-11 11:50:59 -------- d-----w- C:\ProgramData\Protexis 2013-07-11 11:19:12 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Corel PaintShop Pro 2013-07-11 11:18:27 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Google 2013-07-11 11:18:13 -------- d-----w- C:\ProgramData\Corel 2013-07-11 11:18:13 -------- d-----w- C:\Program Files (x86)\Common Files\Protexis 2013-07-11 11:17:32 -------- d-----w- C:\Program Files (x86)\Corel 2013-07-11 08:57:35 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\OpenOffice.org 2013-07-11 08:53:13 -------- d-----w- C:\Program Files\Canon 2013-07-11 08:52:57 -------- d-----w- C:\Program Files (x86)\Canon 2013-07-11 08:49:10 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Windows Live Writer 2013-07-11 08:49:10 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Windows Live Writer 2013-07-11 08:46:03 -------- d-----w- C:\Windows\PCHEALTH 2013-07-11 08:45:25 5659096 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f5df914e1ce7e1204\skydrivesetup.exe 2013-07-11 08:45:25 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive 2013-07-11 08:45:17 -------- d-----w- C:\ProgramData\Microsoft SkyDrive 2013-07-11 08:45:10 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Windows Live 2013-07-11 08:44:48 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2013-07-11 08:42:15 -------- d-----w- C:\Windows\SysWow64\XPSViewer 2013-07-11 08:41:12 778856 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll 2013-07-11 08:41:12 35400 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe 2013-07-11 08:41:12 35400 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2013-07-11 08:41:12 124040 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2013-07-11 08:41:12 1166440 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll 2013-07-11 08:41:12 102528 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2013-07-11 08:38:48 83968 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPP9W.DLL 2013-07-11 08:38:48 28672 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPD9W.DLL 2013-07-11 08:38:44 336896 ----a-w- C:\Windows\System32\CNMLM9W.DLL 2013-07-11 08:38:31 92672 ----a-w- C:\Windows\System32\CNC250I.dll 2013-07-11 08:38:31 328192 ----a-w- C:\Windows\System32\CNC250L.dll 2013-07-11 08:38:31 303104 ----a-w- C:\Windows\SysWow64\CNC250L.dll 2013-07-11 08:38:31 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll 2013-07-11 08:38:31 1321984 ----a-w- C:\Windows\System32\CNC250C.dll 2013-07-11 08:38:31 106496 ----a-w- C:\Windows\SysWow64\CNC250U.dll 2013-07-11 08:38:30 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll 2013-07-10 12:52:09 308736 ----a-w- C:\Windows\System32\ssleay32.dll 2013-07-10 12:52:09 1503744 ----a-w- C:\Windows\System32\libeay32.dll 2013-07-10 12:52:03 327008 ----a-w- C:\Windows\System32\RaCoInstx.dll 2013-07-10 12:52:03 1979464 ----a-w- C:\Windows\System32\drivers\netr28ux.sys 2013-07-10 12:52:02 -------- d-----w- C:\ProgramData\Ralink Driver 2013-07-10 12:52:02 -------- d-----w- C:\Program Files (x86)\Ralink 2013-07-10 07:50:55 237744 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10209.bin 2013-07-10 07:18:09 2035200 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll 2013-07-10 07:18:08 1617920 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2013-07-10 07:18:08 1413632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll 2013-07-10 07:18:08 1318912 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2013-07-10 07:18:08 1306112 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2013-07-10 07:18:08 1272320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2013-07-10 07:18:08 1029632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\journal.dll 2013-07-10 07:12:04 -------- d-----w- C:\Program Files (x86)\MSECache 2013-07-10 07:10:44 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3 2013-07-10 07:09:41 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin 2013-07-10 07:09:39 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin 2013-07-09 19:38:09 -------- d-----w- C:\Windows\Panther 2013-07-09 19:19:07 760032 ----a-w- C:\Windows\System32\drivers\Rt630x64.sys 2013-07-09 19:19:07 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll 2013-07-09 19:19:03 -------- d-----w- C:\Program Files (x86)\Realtek 2013-07-09 18:58:57 414632 ------w- C:\Windows\difxapi.dll 2013-07-09 18:58:56 -------- d-----w- C:\Program Files (x86)\VIA 2013-07-09 18:58:30 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll 2013-07-09 18:58:10 -------- d-----w- C:\Intel 2013-07-09 18:57:38 10296 ----a-w- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS 2013-07-09 18:45:07 -------- d-----r- C:\Users\Eigenaar\Searches 2013-07-09 18:45:07 -------- d-----r- C:\Users\Eigenaar\Contacts 2013-07-09 18:40:18 -------- d-sh--we C:\ProgramData\Sjablonen 2013-07-09 18:40:18 -------- d-sh--we C:\ProgramData\Menu Start 2013-07-09 18:40:18 -------- d-sh--we C:\ProgramData\Documenten 2013-07-09 18:40:17 -------- d-sh--we C:\ProgramData\Bureaublad 2013-07-09 15:36:03 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Adobe 2013-07-09 15:35:01 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-07-09 15:21:00 2367528 ----a-w- C:\Windows\System32\WSService.dll 2013-07-09 15:19:59 976384 ----a-w- C:\Windows\System32\KernelBase.dll 2013-07-09 15:18:50 76288 ----a-w- C:\Windows\System32\newdev.exe 2013-07-09 14:49:26 144384 ----a-w- C:\Windows\System32\tssdisai.dll 2013-07-09 14:37:39 -------- d-----r- C:\Windows\BrowserChoice 2013-07-09 14:14:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-07-09 14:09:41 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll 2013-07-09 14:09:35 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll 2013-07-09 14:09:00 2094592 ----a-w- C:\Windows\System32\mmc.exe 2013-07-09 14:09:00 1964544 ----a-w- C:\Windows\System32\wlidsvc.dll 2013-07-09 14:07:49 915968 ----a-w- C:\Windows\System32\uxtheme.dll 2013-07-09 14:06:18 2361344 ----a-w- C:\Windows\System32\msxml6.dll 2013-07-09 14:06:18 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll 2013-07-09 14:06:18 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2013-07-09 14:06:18 2048 ----a-w- C:\Windows\System32\msxml6r.dll 2013-07-09 14:06:18 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2013-07-09 14:06:18 1836032 ----a-w- C:\Windows\System32\msxml3.dll 2013-07-09 14:06:18 1802240 ----a-w- C:\Windows\SysWow64\msxml6.dll 2013-07-09 14:06:18 1438720 ----a-w- C:\Windows\SysWow64\msxml3.dll . ==================== Find3M ==================== . 2013-07-12 22:00:15 773800 ----a-w- C:\Windows\SysWow64\msvcr100.dll 2013-07-12 22:00:15 421032 ----a-w- C:\Windows\SysWow64\msvcp100.dll 2013-06-27 22:04:51 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-27 22:04:51 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-16 22:41:31 997632 ----a-w- C:\Windows\System32\drivers\ndis.sys 2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-06-01 11:54:16 194816 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2013-06-01 11:54:10 125184 ----a-w- C:\Windows\System32\drivers\dumpsd.sys 2013-06-01 11:34:21 2391280 ----a-w- C:\Windows\explorer.exe 2013-06-01 11:33:13 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-06-01 11:29:35 337152 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS 2013-06-01 11:29:35 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS 2013-06-01 11:26:33 327936 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2013-06-01 11:26:31 6987008 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-06-01 10:24:46 2106176 ----a-w- C:\Windows\SysWow64\explorer.exe 2013-06-01 09:25:52 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-06-01 09:25:05 67584 ----a-w- C:\Windows\SysWow64\samlib.dll 2013-06-01 09:25:03 496640 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-06-01 09:24:19 493056 ----a-w- C:\Windows\SysWow64\mscms.dll 2013-06-01 09:24:09 850944 ----a-w- C:\Windows\SysWow64\mfasfsrcsnk.dll 2013-06-01 09:24:09 1453568 ----a-w- C:\Windows\SysWow64\mfcore.dll 2013-06-01 09:23:46 1842176 ----a-w- C:\Windows\SysWow64\dwmcore.dll 2013-06-01 09:23:06 680960 ----a-w- C:\Windows\System32\vds.exe 2013-06-01 09:22:47 80896 ----a-w- C:\Windows\System32\MbaeParserTask.exe 2013-06-01 09:22:33 523264 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-06-01 09:22:33 446976 ----a-w- C:\Windows\System32\wwansvc.dll 2013-06-01 09:22:09 190976 ----a-w- C:\Windows\System32\vdsutil.dll 2013-06-01 09:21:39 729600 ----a-w- C:\Windows\System32\samsrv.dll 2013-06-01 09:21:39 106496 ----a-w- C:\Windows\System32\samlib.dll 2013-06-01 09:21:34 595968 ----a-w- C:\Windows\System32\qedit.dll 2013-06-01 09:20:45 583168 ----a-w- C:\Windows\System32\mscms.dll 2013-06-01 09:20:34 1527808 ----a-w- C:\Windows\System32\mfcore.dll 2013-06-01 09:20:34 1048576 ----a-w- C:\Windows\System32\mfasfsrcsnk.dll 2013-06-01 09:20:04 2219520 ----a-w- C:\Windows\System32\dwmcore.dll 2013-06-01 09:19:58 207872 ----a-w- C:\Windows\System32\DeviceSetupManager.dll 2013-06-01 09:19:42 785408 ----a-w- C:\Windows\System32\audiosrv.dll 2013-06-01 03:08:57 37632 ----a-w- C:\Windows\System32\drivers\BthAvrcpTg.sys 2013-05-30 23:14:23 4036096 ----a-w- C:\Windows\System32\win32k.sys 2013-05-24 22:09:20 1403296 ----a-w- C:\Windows\System32\winload.efi 2013-05-24 22:09:20 1271584 ----a-w- C:\Windows\System32\winload.exe 2013-05-24 22:09:20 1217352 ----a-w- C:\Windows\System32\winresume.efi 2013-05-24 22:09:20 1093904 ----a-w- C:\Windows\System32\winresume.exe 2013-05-23 23:01:46 1300992 ----a-w- C:\Windows\System32\gdi32.dll 2013-05-23 22:27:05 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll 2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll 2013-05-15 02:25:59 888320 ----a-w- C:\Windows\System32\autochk.exe 2013-05-15 02:25:44 542208 ----a-w- C:\Windows\System32\untfs.dll 2013-05-15 02:24:10 793088 ----a-w- C:\Windows\SysWow64\autochk.exe 2013-05-15 02:24:01 482816 ----a-w- C:\Windows\SysWow64\untfs.dll 2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe 2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys 2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe 2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe 2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe 2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll 2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll 2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll 2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll 2013-05-04 06:59:21 2842112 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll 2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll 2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll 2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll 2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll 2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll 2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll 2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll 2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll 2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll 2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll 2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll 2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll 2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll 2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll 2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll 2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll 2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll 2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll 2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl 2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe 2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe 2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll 2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2013-05-04 04:57:58 2620928 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll 2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll 2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll 2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll 2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll 2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll 2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll 2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll 2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll . ============= FINISH: 13:34:36,71 ===============

Ik heb een eigen domeinnaam en vroeger maakte ik mijn site met Office2000 Frontpage. Nu heb ik een andere pc en daar kan Office2000 niet op maar Open Office3.2. Deze heeft geen Frontpage dus moet ik opzoek naar iets anders om mijn site te veranderen. Heeft u een voorstel ? Silvi@