Ga naar inhoud

naabje

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    443

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door naabje

  1. naabje
    ~ Report of ZHPDiag v2013.11.22.46 - Nicolas Coolman (22-11-2013) ~ Launched by Danny (22-11-2013 18:35:18) ~ Web site address : Home - Malicius Software Information ~ Free support forums for disinfection : Links - Malicius Software Information ~ Translated by ~ Version State : ~ White List : Activate by program ~ Elevation of privilege : OK ~ User Account Control : Activate by user ---\\ Internet browsers MSIE: Internet Explorer v11.0.9600.16438 MFIE: Mozilla Firefox 25.0 GCIE: Google Chrome v31.0.1650.57 OPIE: Opera vStable 18.0.1284.49 (Defaut) ---\\ Windows product information ~ Langage: Anglais Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600) Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System protection software avast! Free Antivirus v9.0.2006 Windows Defender W8 ---\\ System optimization software ---\\ Sharing software PeerToPeer ---\\ Surveillance software Adobe Flash Player 11 Plugin Java 7 Update 45 ---\\ Information on the system ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3912 MB (58% free) System Restore: Activé (Enable) System drive C: has 284 GB (71%) free of 395 GB ---\\ Connection to the system mode ~ Computer Name: PCDANNY ~ User Name: Danny ~ All Users Names: HomeGroupUser$, Guest, Danny, ASPNET, Administrator, ~ Unselected Option: None Logged in as Administrator ---\\ Environment variables ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Danny\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Danny\AppData\Roaming\ ~ %Desktop% : C:\Users\Danny\Desktop\ ~ %Favorites% : C:\Users\Danny\Favorites\ ~ %LocalAppData% : C:\Users\Danny\AppData\Local\ ~ %StartMenu% : C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumeration of the disk units C: Hard drive, Flash drive, Thumb drive (Free 284 Go of 395 Go) D: Hard drive, Flash drive, Thumb drive (Free 34 Go of 49 Go) F: CD-ROM drive (Free 0 Go of 1 Go) S: CD-ROM drive (Not Inserted) ---\\ State of the Windows Security Center [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified ~ Security Center: 41 Legitimates Filtered in 00mn 00s ---\\ Search Generic System Files [MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Windows Verkenner.) (.22-10-2013 - 08:55:27.) -- C:\Windows\Explorer.exe [2328872] [MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Windows Toepassing Opstarten.) (.22-8-2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384] [MD5.92E05214CC073A85CEDFF9BD4966F96B] - (.Microsoft Corporation - Internetuitbreidingen voor Win32.) (.19-10-2013 - 04:53:26.) -- C:\Windows\System32\wininet.dll [2332160] [MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Toepassing Windows-aanmelden.) (.22-8-2013 - 10:55:08.) -- C:\Windows\System32\Winlogon.exe [564736] [MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Software Licensing-bibliotheek.) (.22-8-2013 - 11:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488] [MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Ondersteunend functiestuurprogramma van WinSock.) (.22-8-2013 - 14:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296] [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22-8-2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464] [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22-8-2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576] [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22-8-2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352] [MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22-8-2013 - 12:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656] [MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22-8-2013 - 12:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336] [MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.22-8-2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520] [MD5.E23D32BAF152FBE35F18C6A2AB8EF271] - (.Microsoft Corporation - IP Network Address Translator.) (.30-9-2013 - 05:11:10.) -- C:\Windows\system32\Drivers\IpNat.sys [141824] [MD5.6129EDB793A4255B1E2FB41773AC9D9A] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.30-9-2013 - 05:11:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404992] [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22-8-2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624] [MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - NT-bestandssysteemstuurprogramma.) (.22-8-2013 - 14:25:41.) -- C:\Windows\system32\Drivers\ntfs.sys [2011488] [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.22-8-2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208] [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22-8-2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832] [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.30-9-2013 - 04:58:55.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584] [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22-8-2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520] [MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.22-8-2013 - 13:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160] ~ Generic Processes: Scanned in 00mn 01s ---\\ Hidden files state (Hidden/Total) ~ Mes images (My Pictures) : 2/51 ~ Mes musiques (My Musics) : 5/6689 ~ Mes Videos (My Videos) : 2/70 ~ Mes Favoris (My Favorites) : 1/7 ~ Mes Documents (My Documents) : 1/7137 ~ Mon Bureau (My Desktop) : 3/1725 ~ Menu demarrer (Programs) : 1/31 ~ Hidden Files: Scanned in 00mn 33s ---\\ Process running [MD5.1DE65EBD6DF1ADC1D74CD9218FC68693] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896] [PID.3276] [MD5.DDE16105862139906957070ADC7F5B65] - (.Nota Inc. - Gyazo Station.) -- C:\Program Files (x86)\Gyazo\GyStation.exe [2990304] [PID.3440] [MD5.7C0704D4523BA671AFE6D028399942D3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [3567800] [PID.3796] [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3816] [MD5.F6C30F1B0EDF56F51467CA2EFDB139C1] - (...) -- C:\Program Files (x86)\GameforgeLive\gfl_client.exe [2899840] [PID.3564] [MD5.849D66021A0EF43A20137BA9D85ECADF] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222720] [PID.4236] [MD5.636D97B3BAF854511FF3F4093E895FED] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184] [PID.3672] [MD5.06BC146E6C2E881A7235A142BA877B82] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8262144] [PID.5212] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Winkel v.0.2 (Activé) G2 - GCE: Preference [user Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [kpckgflgdapkpabemgkielbefdildaio] Magic Player v.1.1.32 (Activé) ~ Google Browser: 16 Legitimates Filtered in 00mn 17s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects (O2) O2 - BHO: YouTube to MP3 Converter [64Bits] - {A3EDD32E-7957-4F51-8BFD-A528BBBE5DE5} . (.YouTube to MP3 Converter - No Comment.) -- C:\Program Files (x86)\YouTube to MP3 Converter\ytdl.dll ~ BHO: 9 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer toolbars (O3) O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Orphan key ~ Toolbar: Scanned in 00mn 00s ---\\ Other User Links (O4) O4 - GS\Desktop [Public]: Gameforge Live.lnk . (...) -- C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe O4 - GS\Program [Public]: Desktop.lnk - Orphan key O4 - GS\Program [Public]: FL Studio 11.lnk . (.Image-Line - FL Studio launcher.) -- C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe O4 - GS\QuickLaunch [Danny]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch [Danny]: Gyazo GIF.lnk . (.Nota Inc. - Gyazo GIF.) -- C:\Program Files (x86)\Gyazo\GyazoGIF.exe O4 - GS\QuickLaunch [Danny]: Gyazo.lnk . (.Nota Inc. - Gyazo: Screen Uploader.) -- C:\Program Files (x86)\Gyazo\Gyazowin.exe O4 - GS\QuickLaunch [Danny]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [Danny]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar [Danny]: Gyazo.lnk . (.Nota Inc. - Gyazo: Screen Uploader.) -- C:\Program Files (x86)\Gyazo\Gyazowin.exe O4 - GS\TaskBar [Danny]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [Danny]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\TaskBar [Danny]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe O4 - GS\Program [Danny]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\SendTo [Danny]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe O4 - GS\Desktop [Administrator]: Crossfire Europe.lnk . (.Neowiz Games - Crossfire Patcher.) -- C:\SG Interactive\Crossfire Europe\patcher_cf.exe O4 - GS\Desktop [Administrator]: SopCast.lnk . (...) -- C:\Program Files (x86)\SopCast\SopCast.exe (.not file.) ~ Global Startup: 45 Legitimates Filtered in 00mn 01s ---\\ Auto loading programs from Registry and folders (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio configuratie.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKCU\..\Run: [spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O4 - HKCU\..\Run: [Gyazo] . (.Nota Inc. - Gyazo Station.) -- C:\Program Files (x86)\Gyazo\GyStation.exe O4 - HKCU\..\Run: [spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe O4 - HKCU\..\Run: [AceStream] . (...) -- C:\Users\Danny\AppData\Roaming\ACEStream\engine\ace_engine.exe O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.exe =>.Epson Seiko Corporation O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKUS\S-1-5-21-3751033221-735151488-1739522443-1001\..\Run: [spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKUS\S-1-5-21-3751033221-735151488-1739522443-1001\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-3751033221-735151488-1739522443-1001\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O4 - HKUS\S-1-5-21-3751033221-735151488-1739522443-1001\..\Run: [Gyazo] . (.Nota Inc. - Gyazo Station.) -- C:\Program Files (x86)\Gyazo\GyStation.exe O4 - HKUS\S-1-5-21-3751033221-735151488-1739522443-1001\..\Run: [spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe O4 - HKUS\S-1-5-21-3751033221-735151488-1739522443-1001\..\Run: [AceStream] . (...) -- C:\Users\Danny\AppData\Roaming\ACEStream\engine\ace_engine.exe O4 - HKUS\S-1-5-21-3751033221-735151488-1739522443-1001\..\Run: [EPLTarget\P0000000000000000] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.exe =>.Epson Seiko Corporation ~ Application: Scanned in 00mn 00s ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9) O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBttnIE.dll =>.Microsoft Corporation O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBTTN~1.dll =>.Microsoft Corporation ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Lop.com/Domain Hijackers (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{77EE3CE1-F2D8-46A6-9319-E6A9B0194D84}: DhcpNameServer = 213.46.228.196 62.179.104.196 O17 - HKLM\System\CCS\Services\Tcpip\..\{874F96E4-7CCE-4671-B704-101382BB5721}: DhcpNameServer = 213.46.228.196 62.179.104.196 O17 - HKLM\System\CCS\Services\Tcpip\..\{77EE3CE1-F2D8-46A6-9319-E6A9B0194D84}: DhcpDomain = arnhem.chello.nl O17 - HKLM\System\CCS\Services\Tcpip\..\{874F96E4-7CCE-4671-B704-101382BB5721}: DhcpDomain = arnhem.chello.nl O17 - HKLM\System\CS1\Services\Tcpip\..\{77EE3CE1-F2D8-46A6-9319-E6A9B0194D84}: DhcpNameServer = 213.46.228.196 62.179.104.196 O17 - HKLM\System\CS1\Services\Tcpip\..\{874F96E4-7CCE-4671-B704-101382BB5721}: DhcpNameServer = 213.46.228.196 62.179.104.196 O17 - HKLM\System\CS1\Services\Tcpip\..\{77EE3CE1-F2D8-46A6-9319-E6A9B0194D84}: DhcpDomain = arnhem.chello.nl O17 - HKLM\System\CS1\Services\Tcpip\..\{874F96E4-7CCE-4671-B704-101382BB5721}: DhcpDomain = arnhem.chello.nl O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.228.196 62.179.104.196 ~ Domain: Scanned in 00mn 00s ---\\ Extra protocols (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML-viewer.) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ AppInit_DLLs Registry value Autorun (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) O23 - Service: Unsigned Themes (UnsignedThemes) . (.The Within Network, LLC - Unsigned themes service executable.) - C:\WINDOWS\unsignedthemes.exe ~ Services: 5 Legitimates Filtered in 00mn 03s ---\\ Task Planned Automatically (039) [MD5.4E8C983215115036C46841FFB51562A1] [APT] [AutoKMS] (...) -- C:\WINDOWS\AutoKMS\AutoKMS.exe [2820608] =>Trojan.Keygen ~ Scheduled Task: 10 Legitimates Filtered in 00mn 08s ---\\ Software installed (O42) O42 - Logiciel: Ace Stream Media 2.1.8 - (.Ace Stream Media.) [HKCU][64Bits] -- AceStream O42 - Logiciel: Easy Cover Print 2.3 - (...) [HKLM][64Bits] -- Easy Cover Print 2.3 O42 - Logiciel: UxStyle - (.The Within Network, LLC.) [HKLM][64Bits] -- {05560347-3a9b-4644-a8ed-8b64cc947189} O42 - Logiciel: UxStyle - (.The Within Network, LLC.) [HKLM][64Bits] -- {86D24646-DAF6-4F5E-BCAD-CF7EF8E362E1} O42 - Logiciel: YouTube to MP3 Converter - (.YouTube to MP3 Converter.) [HKLM][64Bits] -- YouTube to MP3 Converter ~ Logic: 92 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\BI] [HKCU\Software\Drivers] [HKCU\Software\Pando Networks] [HKCU\Software\Somoto] =>Adware.MegaSearch [HKCU\Software\System32] [HKCU\Software\Win] [HKCU\Software\XinYi Network] [HKLM\Software\Wow6432Node\Pando Networks] [HKLM\Software\Wow6432Node\XinYi Network] ~ Key Software: 203 Legitimates Filtered in 00mn 00s ---\\ Contents of the Common Files folders (O43) O43 - CFD: 12-11-2013 - 14:24:42 - [0,877] ----D C:\Program Files (x86)\CoverPro O43 - CFD: 12-11-2013 - 14:17:38 - [0,774] ----D C:\Program Files (x86)\Easy Cover Print O43 - CFD: 6-11-2013 - 14:05:30 - [22,674] ----D C:\Program Files (x86)\YouTube to MP3 Converter O43 - CFD: 9-11-2013 - 20:34:53 - [3,530] ----D C:\Users\Danny\AppData\Roaming\.ACEStream O43 - CFD: 26-10-2013 - 21:03:59 - [187,239] ----D C:\Users\Danny\AppData\Roaming\ACEStream O43 - CFD: 28-10-2013 - 01:18:51 - [0,110] ----D C:\Users\Danny\AppData\Roaming\mgyun O43 - CFD: 17-10-2013 - 20:25:43 - [1,865] ----D C:\Users\Danny\AppData\Local\Adscan O43 - CFD: 6-11-2013 - 14:05:16 - [0,099] ----D C:\Users\Danny\AppData\Local\YouTube to MP3 Converter O43 - CFD: 12-11-2013 - 14:17:37 - [0] ----D C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Cover Print ~ Program Folder: 139 Legitimates Filtered in 00mn 47s ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.D2096B322A5F8D9354B61B4BFDFA7132] - 17-11-2013 - 13:15:53 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml [385528] O44 - LFC:[MD5.D2096B322A5F8D9354B61B4BFDFA7132] - 17-11-2013 - 13:15:53 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [385528] O44 - LFC:[MD5.919DAC5548D2000BFE3E43C0F74CE669] - 22-11-2013 - 12:33:46 ---A- . (...) -- C:\Windows\win.ini [167] O44 - LFC:[MD5.02940D6C7722E91342A32CFF5C60F4E4] - 22-11-2013 - 16:47:46 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064] O44 - LFC:[MD5.0F0D1A59C67F5E83DCB199A3D0743EDB] - 22-11-2013 - 16:50:05 ---A- . (...) -- C:\zoek-results.log [42784] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22-11-2013 - 17:37:11 ---A- . (...) -- C:\dfu.log [0] O44 - LFC:[MD5.DE91B46904C6AD1FEC7B34C98B4E852B] - 9-11-2013 - 16:51:13 ---A- . (...) -- C:\Windows\SysNative\unrar64.dll [256088] O44 - LFC:[MD5.DE91B46904C6AD1FEC7B34C98B4E852B] - 9-11-2013 - 16:51:13 ---A- . (...) -- C:\Windows\System32\unrar64.dll [256088] ~ Files: 231 Legitimates Filtered in 00mn 14s ---\\ Last files created in Windows Prefetcher (O45) O45 - LFCP:[MD5.5AD6273CFAA3809984727A775F9255DD] - 1-11-2013 - 15:49:53 ---A- - C:\Windows\Prefetch\FASTBOOT-WINDOWS.EXE-BA3D93F1.pf O45 - LFCP:[MD5.6021B2C505B4914E60F54EB35DBBF44C] - 1-11-2013 - 15:49:58 ---A- - C:\Windows\Prefetch\ADB-WINDOWS.EXE-1915F602.pf O45 - LFCP:[MD5.A6532043CCC9432F3ECC31C4920D66D1] - 1-11-2013 - 16:18:15 ---A- - C:\Windows\Prefetch\UXSTYLE_BUNDLE.EXE-6428FFC2.pf O45 - LFCP:[MD5.B997FEBFDAA3BCE0B91AF59902D3E932] - 1-11-2013 - 16:44:24 ---A- - C:\Windows\Prefetch\KEYGEN.EXE-08AE2355.pf O45 - LFCP:[MD5.DA4AD86FDB865D2646ADE75B94D0851B] - 1-11-2013 - 19:37:30 ---A- - C:\Windows\Prefetch\AUTHHOST.EXE-44C90B62.pf O45 - LFCP:[MD5.CB6A4475FA42B348610B0E0A221F1B70] - 10-11-2013 - 19:52:22 ---A- - C:\Windows\Prefetch\XM.EXE-627D5C51.pf O45 - LFCP:[MD5.4715BC56566904532DD92A334F0150D5] - 10-11-2013 - 20:01:38 ---A- - C:\Windows\Prefetch\RENAMEME.EXE-10A502CA.pf O45 - LFCP:[MD5.FE54FEF05DA93EFAFC1B4723FDA7646B] - 12-11-2013 - 11:36:08 ---A- - C:\Windows\Prefetch\ASIO4ALL.EXE-A5EEECA0.pf O45 - LFCP:[MD5.6E1F7A4BFAE76EDB845001B79A6B4FC1] - 12-11-2013 - 12:25:55 ---A- - C:\Windows\Prefetch\FL.EXE-4963A95D.pf O45 - LFCP:[MD5.AC8DBC4039E9081F632B996729352573] - 12-11-2013 - 14:16:14 ---A- - C:\Windows\Prefetch\YOURSOFTWAREDEALS.TMP-2380E230.pf O45 - LFCP:[MD5.D9305D8A186449B681E05F99CA99BEB0] - 12-11-2013 - 14:16:27 ---A- - C:\Windows\Prefetch\BURNINGSTUDIO.EXE-7AABD021.pf O45 - LFCP:[MD5.49981D71F526B409D716984C001F70CE] - 12-11-2013 - 14:17:17 ---A- - C:\Windows\Prefetch\EASYCOVERPRINT.EXE-012D8A96.pf O45 - LFCP:[MD5.3C473246BA9B256D1D42D6506C33BC68] - 12-11-2013 - 14:18:58 ---A- - C:\Windows\Prefetch\EASYCO~1.EXE-4EB74246.pf O45 - LFCP:[MD5.43A1E082696D6F4EE8A5B35BD91A8DBF] - 12-11-2013 - 14:25:06 ---A- - C:\Windows\Prefetch\COVER.EXE-5E199D4E.pf O45 - LFCP:[MD5.DCE0EA02036464353DD544564ECBF8D7] - 12-11-2013 - 15:20:36 ---A- - C:\Windows\Prefetch\PRINTDIALOGHOST.EXE-90923561.pf O45 - LFCP:[MD5.995AF18A236C9BF99C49C8171689E6C8] - 12-11-2013 - 20:16:56 ---A- - C:\Windows\Prefetch\GYAZOSETUP (3).TMP-8FC402A0.pf O45 - LFCP:[MD5.8D6BE5B1A1409226711F08C337D271AB] - 12-11-2013 - 20:16:59 ---A- - C:\Windows\Prefetch\GYAZOSETUP (3).TMP-20AE2D74.pf O45 - LFCP:[MD5.04B76BB300FED70488A9DA33B19530F1] - 13-11-2013 - 19:06:14 ---A- - C:\Windows\Prefetch\SETUP-STUB.EXE-3D48A72A.pf O45 - LFCP:[MD5.AD84705FDE83948D003F168892D22E1F] - 13-11-2013 - 19:37:46 ---A- - C:\Windows\Prefetch\GLCND.EXE-02A191A6.pf O45 - LFCP:[MD5.C32A281994FC0BAC58B44C97B056A662] - 16-11-2013 - 14:53:19 ---A- - C:\Windows\Prefetch\SUDDENATTACK.EXE-5BEDBF88.pf O45 - LFCP:[MD5.254DB839309339AC92335C76A17A2DFE] - 16-11-2013 - 15:05:40 ---A- - C:\Windows\Prefetch\SAENDINGBANNER.EXE-836405B4.pf O45 - LFCP:[MD5.477071B890B51453D78949A51158C3DE] - 16-11-2013 - 17:09:52 ---A- - C:\Windows\Prefetch\SKY37DF.TMP-D1EEFEB0.pf O45 - LFCP:[MD5.AE7568A00F8DE8161507967DDAAAFA6A] - 19-11-2013 - 14:22:00 ---A- - C:\Windows\Prefetch\GUNGODZ.EXE-82B46402.pf O45 - LFCP:[MD5.7346DFAD4369EB53CD9C164B25C1A6C2] - 2-11-2013 - 12:59:28 ---A- - C:\Windows\Prefetch\SUDDENATTACKV42.EXE-F99E1BE3.pf O45 - LFCP:[MD5.11329125F3E622D21D55B2FADBEDC28C] - 20-11-2013 - 20:00:27 ---A- - C:\Windows\Prefetch\SYSTEMSETTINGS.EXE-D8CC3B5E.pf O45 - LFCP:[MD5.74D89D9BA279FCED6BFE63F38A4C3C98] - 20-11-2013 - 21:11:20 ---A- - C:\Windows\Prefetch\dynreservedpri.db O45 - LFCP:[MD5.22A75CBDEA0BEE02AFFA8F634153F7F6] - 21-11-2013 - 18:32:18 ---A- - C:\Windows\Prefetch\7.8.2_30332.EXE-A3D13883.pf O45 - LFCP:[MD5.F60EEC5633854D7A3121C10B81F7D903] - 21-11-2013 - 20:14:19 ---A- - C:\Windows\Prefetch\BITTORRENT.EXE-7B6B07AF.pf =>P2P.BitTorrent O45 - LFCP:[MD5.6394CDBEB99CEC94AE302AC74E0AD326] - 21-11-2013 - 20:15:03 ---A- - C:\Windows\Prefetch\KMSAUTOEASY EN.EXE-E0B011AA.pf O45 - LFCP:[MD5.A41896E00DA9C3CB6915651AB0C9919C] - 22-11-2013 - 12:39:56 ---A- - C:\Windows\Prefetch\IGXPUN.EXE-3A9B3A59.pf O45 - LFCP:[MD5.5C6BB3E7E02FB57D5C8BAFA3078AC56B] - 22-11-2013 - 12:41:14 ---A- - C:\Windows\Prefetch\LAUNCHTM.EXE-B444BC8E.pf O45 - LFCP:[MD5.302574BFE22B25424CC7F7AB14B0F676] - 22-11-2013 - 12:44:14 ---A- - C:\Windows\Prefetch\CAMERA.EXE-D751BF92.pf O45 - LFCP:[MD5.7DB3C22E5377A3FF414B1E348FF72881] - 22-11-2013 - 14:06:53 ---A- - C:\Windows\Prefetch\INSTUP.EXE-3AF05CB9.pf O45 - LFCP:[MD5.748EA9FAA3A0ADA22C6F5DD295B2A950] - 22-11-2013 - 15:01:59 ---A- - C:\Windows\Prefetch\GAMEFORGELIVE.EXE-1D04B684.pf O45 - LFCP:[MD5.024B21D17F6564F84C68656803EADC99] - 22-11-2013 - 16:02:46 ---A- - C:\Windows\Prefetch\AUTOREPORTER.EXE-5288A910.pf O45 - LFCP:[MD5.351AA2E40B33BA360333E6C7AFA45A9E] - 22-11-2013 - 16:05:10 ---A- - C:\Windows\Prefetch\UNINST.EXE-15E1F145.pf O45 - LFCP:[MD5.C5D9CADAA6A4E795DCAB4C80C5F5FFCF] - 22-11-2013 - 16:05:41 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-B0D51EDE.pf O45 - LFCP:[MD5.E94B81B272F97E04A68207A3FDBC0AE5] - 22-11-2013 - 16:31:10 ---A- - C:\Windows\Prefetch\WGET.EXE-B2D6EC90.pf O45 - LFCP:[MD5.ED70CDCF884F7F9339B67BD2ED0C903E] - 22-11-2013 - 16:31:48 ---A- - C:\Windows\Prefetch\PEVZ.EXE-1248E520.pf O45 - LFCP:[MD5.9276D41F4F69D1E99C9FA19078A57A4D] - 22-11-2013 - 16:31:54 ---A- - C:\Windows\Prefetch\PEVZ.EXE-044FB5BD.pf O45 - LFCP:[MD5.B0AA5B9091BC7D18A96FFF156B91DF22] - 22-11-2013 - 16:31:55 ---A- - C:\Windows\Prefetch\ZOEK.SCR-7D91160E.pf O45 - LFCP:[MD5.6F2487C4FEFC05829AEE7EC3B21858D3] - 22-11-2013 - 16:32:01 ---A- - C:\Windows\Prefetch\ZOEK.COM-3B78AE61.pf O45 - LFCP:[MD5.733B55E82C28B07BDD2AC39CCBAB26D8] - 22-11-2013 - 16:40:05 ---A- - C:\Windows\Prefetch\XCOPY.EXE-85839ADD.pf O45 - LFCP:[MD5.1472457395D22CFD66CC3AA99F95EBBB] - 22-11-2013 - 16:40:11 ---A- - C:\Windows\Prefetch\SWXCACLS.EXE-DACFDEE5.pf O45 - LFCP:[MD5.F51287D30248745855573370A80ED353] - 22-11-2013 - 16:46:02 ---A- - C:\Windows\Prefetch\PEVZ.EXE-02F1F156.pf O45 - LFCP:[MD5.A7D002DA5E31F7563483144CA4ED3FA5] - 22-11-2013 - 16:46:02 ---A- - C:\Windows\Prefetch\SORT.EXE-EA1A5446.pf O45 - LFCP:[MD5.451564BD1DD0F9951A8A315093B0CA0C] - 22-11-2013 - 16:46:48 ---A- - C:\Windows\Prefetch\FIND.EXE-3298DC3B.pf O45 - LFCP:[MD5.D8F003B116029BC42C447D2C215772E0] - 22-11-2013 - 16:46:56 ---A- - C:\Windows\Prefetch\MORE.COM-B7EC4EA6.pf O45 - LFCP:[MD5.679CAE59BE858B4FC3F53287EF05FEA9] - 22-11-2013 - 16:47:46 ---A- - C:\Windows\Prefetch\REMOVE.EXE-25E5916B.pf O45 - LFCP:[MD5.84B326E27990545E0A994038B4780DFF] - 22-11-2013 - 16:48:42 ---A- - C:\Windows\Prefetch\WLRMDR.EXE-8CD26CA2.pf O45 - LFCP:[MD5.5AF420ADAE8133B5EBC593F544B73065] - 22-11-2013 - 16:50:51 ---A- - C:\Windows\Prefetch\ACE_ENGINE.EXE-2D7C7672.pf O45 - LFCP:[MD5.55488B21B61B2AC4CAD16DC132DFE1F8] - 22-11-2013 - 16:50:51 ---A- - C:\Windows\Prefetch\GYSTATION.EXE-8C07B337.pf O45 - LFCP:[MD5.8C37B14FBF219A172A4DDA5BA6FFC3D3] - 22-11-2013 - 16:51:18 ---A- - C:\Windows\Prefetch\NETSTAT.EXE-726AAE4D.pf O45 - LFCP:[MD5.FE1BA7E885313D3B333C5119940C3689] - 22-11-2013 - 16:52:50 ---A- - C:\Windows\Prefetch\RSITX64.EXE-0BF1C9C4.pf O45 - LFCP:[MD5.2FA391F9993C5DF88EEF030F33E2F6E4] - 22-11-2013 - 16:52:54 ---A- - C:\Windows\Prefetch\DANNY.EXE-559ACA85.pf O45 - LFCP:[MD5.E26B4C73A08B5C7D014760055EA52D3D] - 22-11-2013 - 16:58:01 ---A- - C:\Windows\Prefetch\WSHOST.EXE-05F0A3AF.pf O45 - LFCP:[MD5.5C10B2F1B22D4E5D7199EA4120173A42] - 22-11-2013 - 17:30:07 ---A- - C:\Windows\Prefetch\PACKAGE TRACK.EXE-FA199DB0.pf O45 - LFCP:[MD5.04949B8CACACE1638A1AE8C23D4C451D] - 22-11-2013 - 17:35:01 ---A- - C:\Windows\Prefetch\SPOTIFY.EXE-423E842D.pf O45 - LFCP:[MD5.70220D0A8F8C78089318EFFDC76DD3AB] - 22-11-2013 - 17:36:45 ---A- - C:\Windows\Prefetch\SKILL_GAMEFORGELIVESETUP (1).-9ABCC733.pf O45 - LFCP:[MD5.1F4ED08DC7446BB6C9A2ADF48ED873CC] - 22-11-2013 - 17:36:52 ---A- - C:\Windows\Prefetch\SKILL_GAMEFORGELIVESETUP (1).-0985E10E.pf O45 - LFCP:[MD5.CDD76320D4D9E78D008343BCA66DBFFD] - 22-11-2013 - 17:36:52 ---A- - C:\Windows\Prefetch\SKILL_GAMEFORGELIVESETUP (1).-58B394E3.pf O45 - LFCP:[MD5.E7F37399D70EEA0002AF0840F953F87D] - 22-11-2013 - 17:37:01 ---A- - C:\Windows\Prefetch\GAMEFORGELIVE.EXE-82576BD5.pf O45 - LFCP:[MD5.03A3485494D74360F741B5D5AF8941C4] - 22-11-2013 - 17:37:11 ---A- - C:\Windows\Prefetch\DFUBG.EXE-92307C7F.pf O45 - LFCP:[MD5.04578E3695E58323B89C59CBA59CE5E7] - 22-11-2013 - 17:37:15 ---A- - C:\Windows\Prefetch\DFUFG.EXE-27FA4173.pf O45 - LFCP:[MD5.54BC16079CEDE4F3AE35F9582B2D1BD3] - 22-11-2013 - 17:38:07 ---A- - C:\Windows\Prefetch\SF2.EXE-4C5B1246.pf O45 - LFCP:[MD5.58C03CCC11CC9DA0DAAF9524627EB058] - 22-11-2013 - 17:38:17 ---A- - C:\Windows\Prefetch\XXD.XEM-56E9612C.pf O45 - LFCP:[MD5.400FAA149DE2598B9AB30F07F8DB54ED] - 22-11-2013 - 17:50:35 ---A- - C:\Windows\Prefetch\PfPre_f1989cdb.db O45 - LFCP:[MD5.F387A69C8E562000677AF07B0288E101] - 28-10-2013 - 01:13:52 ---A- - C:\Windows\Prefetch\UNLOCKROOT.EXE-A7601503.pf O45 - LFCP:[MD5.9BB74FABA8519BBD4F8CAC4A7DA560DA] - 28-10-2013 - 01:19:00 ---A- - C:\Windows\Prefetch\ROOT.EXE-CEF59991.pf O45 - LFCP:[MD5.A092C65AFE752E558000E16A53A923F6] - 28-10-2013 - 02:30:12 ---A- - C:\Windows\Prefetch\FASTBOOT-WINDOWS.EXE-29098A6F.pf O45 - LFCP:[MD5.C6F706784AC7EB59FF6F3B37DEC3B5F8] - 29-10-2013 - 17:10:48 ---A- - C:\Windows\Prefetch\FASTBOOT.EXE-AD585884.pf O45 - LFCP:[MD5.A23A45957F2620168365EB55E61D5180] - 6-11-2013 - 12:22:48 ---A- - C:\Windows\Prefetch\FM.EXE-FF3A8A5F.pf O45 - LFCP:[MD5.4E3CBE4438487E793ED44E9ECEC53BD2] - 7-11-2013 - 15:14:56 ---A- - C:\Windows\Prefetch\IMAGINGDEVICES.EXE-F990F186.pf O45 - LFCP:[MD5.A508BC155BE33CF6C5F568E4F96AEF65] - 7-11-2013 - 17:12:33 ---A- - C:\Windows\Prefetch\HANDSET WINDRIVER.EXE-50B860C8.pf O45 - LFCP:[MD5.73C75FFC5E01935373C72612A0DD5346] - 8-11-2013 - 16:39:15 ---A- - C:\Windows\Prefetch\SETUP64.EXE-001C6BF1.pf O45 - LFCP:[MD5.B7AD0FC4080C6CD8D8D9EE9D4464ABF5] - 9-11-2013 - 20:34:53 ---A- - C:\Windows\Prefetch\ACE_PLAYER.EXE-890A6130.pf ~ Prefetcher: 301 Legitimates Filtered in 00mn 01s ---\\ Local Security Authority-LSA Deny (O48) ~ LSA: 3 Legitimates Filtered in 00mn 00s ---\\ MountPoints2 Shell Key (MPKS) (O51) O51 - MPSK:{53fff45e-1164-11e3-9b1f-20689d174ab8}\AutoRun\command. (.Microsoft Corporation - Microsoft Setup Bootstrapper.) -- F:\SETUP.exe ~ Keys: Scanned in 00mn 00s ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"VIDC.FICV"="ficvdec_x64.dll" . (...) -- C:\Windows\System32\ficvdec_x64.dll ~ TDSD: 3 Legitimates Filtered in 00mn 00s ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 17 Legitimates Filtered in 00mn 00s ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s ---\\ System Drivers List (SDL) (O58) O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 17-10-2013 - 21:26:37 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] ~ Drivers: 17 Legitimates Filtered in 00mn 01s ---\\ Last modified or created user files (O61) O61 - LFC: 19-11-2013 - 18:38:56 ---A- . (...) -- C:\Users\Danny\Links\Desktop.lnk [449] O61 - LFC: 19-11-2013 - 18:38:56 ---A- . (...) -- C:\Users\Danny\Links\Downloads.lnk [870] O61 - LFC: 19-11-2013 - 18:38:56 ---A- . (...) -- C:\Users\Danny\Links\RecentPlaces.lnk [367] O61 - LFC: 20-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_dcgfeeneehecjobkopmnpaiffolcnhli_0.localstorage [49152] O61 - LFC: 20-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_dcgfeeneehecjobkopmnpaiffolcnhli_0.localstorage-journal [16384] O61 - LFC: 20-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\bookmarks.db-journal [1544] O61 - LFC: 20-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Login Data [12288] O61 - LFC: 20-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Login Data-journal [8736] O61 - LFC: 20-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Visited Links [131072] O61 - LFC: 21-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Local State [431] O61 - LFC: 21-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Local Storage\opera_discover_0.localstorage [232448] O61 - LFC: 21-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Local Storage\opera_discover_0.localstorage-journal [16384] O61 - LFC: 21-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\TransportSecurity [1284] O61 - LFC: 21-11-2013 - 18:38:55 ---A- . (...) -- C:\Users\Danny\Downloads\MSo2013a.rar [1125754] O61 - LFC: 21-11-2013 - 18:38:55 R--A- . (...) -- C:\Users\Danny\Downloads\Microsoft OFFICE 2010 Pro Plus PRECRACKED.rar [741891315] O61 - LFC: 21-11-2013 - 18:38:56 ---A- . (...) -- C:\Users\Danny\Downloads\[kickass.to]microsoft.office.2010.pro.plus.precracked.rar.torrent [57195] O61 - LFC: 21-11-2013 - 18:38:56 ---A- . (...) -- C:\Users\Danny\Downloads\[kickass.to]microsoft.office.proplus.2013.vl.x86.x64.en.us.oct2013.torrent [15008] O61 - LFC: 21-11-2013 - 18:38:56 ---A- . (.johnson siu.) -- C:\Users\Danny\Downloads\Z20130924.xls [39936] O61 - LFC: 22-11-2013 - 18:37:42 ---A- . (...) -- C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [266033] O61 - LFC: 22-11-2013 - 18:37:48 ---A- . (...) -- C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Local State [47102] O61 - LFC: 22-11-2013 - 18:38:46 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\.ACEStream\a\.lock [0] O61 - LFC: 22-11-2013 - 18:38:46 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\.ACEStream\itracker\tracker.db [74] O61 - LFC: 22-11-2013 - 18:38:46 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\.ACEStream\state.dat [10638] O61 - LFC: 22-11-2013 - 18:38:47 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\ACEStream\engine\acestream.port [5] O61 - LFC: 22-11-2013 - 18:38:47 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\ACEStream\updater\updater.conf [508] O61 - LFC: 22-11-2013 - 18:38:47 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\ACEStream\updater\updater.port [5] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Cookies [64512] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Cookies-journal [16384] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Extension State\CURRENT [16] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Extension State\LOCK [0] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Extension State\LOG [47] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Extension State\MANIFEST-000002 [50] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Favicons [79872] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Favicons-journal [16384] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\GPUCache\data_0 [45056] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\GPUCache\data_1 [270336] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\GPUCache\data_2 [1056768] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\History [159744] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\History Provider Cache [12750] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\History-journal [16384] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\favorites.db [163840] O61 - LFC: 22-11-2013 - 18:38:48 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\favorites.db-journal [16384] O61 - LFC: 22-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Preferences [24745] O61 - LFC: 22-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Preferences.bak [24745] O61 - LFC: 22-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Web Data [49152] O61 - LFC: 22-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal [10792] O61 - LFC: 22-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\session.db [229376] O61 - LFC: 22-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\session.db-journal [16384] O61 - LFC: 22-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\session.dbak [229376] O61 - LFC: 22-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\thumbnails.db [524288] O61 - LFC: 22-11-2013 - 18:38:49 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\Opera Software\Opera Stable\thumbnails.db-journal [16384] O61 - LFC: 22-11-2013 - 18:38:51 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\ZHP\Log.txt [17848] =>.Nicolas Coolman O61 - LFC: 22-11-2013 - 18:38:51 ---A- . (...) -- C:\Users\Danny\AppData\Roaming\ZHP\TestsZHPDiag.txt [2855] =>.Nicolas Coolman O61 - LFC: 22-11-2013 - 18:38:55 ---A- . (...) -- C:\Users\Danny\Downloads\RSITx64.exe [935175] O61 - LFC: 22-11-2013 - 18:38:56 ---A- . (...) -- C:\Users\Danny\Downloads\zoek-results.txt [42784] O61 - LFC: 22-11-2013 - 18:38:56 ---A- . (...) -- C:\Users\Danny\Downloads\zoek.rar [4182609] ~ 5 Fichiers temporaires (Temporary files) ~ 2 Fichiers cookies (Cookies files) ~ Files: 1663 Legitimates Filtered in 01mn 18s ---\\ List all tools cleaner (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} O63 - Logiciel: RSIT - (.random/random.) ~ ADS: Scanned in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Legitimates Filtered in 00mn 00s ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google ~ Keys: Scanned in 00mn 00s ---\\ Crack & Keygen Files (CKF) (O82) C:\Users\Danny\Downloads\Microsoft OFFICE 2010 Pro Plus PRECRACKED.rar C:\Users\Danny\Downloads\[katproxy.com]adobe.photoshop.lightroom.2.5.keygen.torrent C:\Users\Danny\Downloads\[katproxy.com]adobe.photoshop.lightroom.5.2.rc.multilingual.keygen.torrent C:\Users\Danny\Downloads\[katproxy.com]simcity.2013.no.drm.cracked.1.5.vulpeszedra (1).torrent C:\Users\Danny\Downloads\[katproxy.com]simcity.2013.no.drm.cracked.1.5.vulpeszedra - Copy.torrent C:\Users\Danny\Downloads\[kickass.to]microsoft.office.2010.pro.plus.precracked.rar.torrent C:\Windows.old\Users\Danny\AppData\Roaming\BitTorrent\Microsoft OFFICE 2010 Pro Plus PRECRACKED.rar.torrent =>P2P.BitTorrent C:\Users\Danny\Downloads\Microsoft OFFICE 2010 Pro Plus PRECRACKED.rar C:\Users\Danny\Downloads\[katproxy.com]adobe.photoshop.lightroom.2.5.keygen.torrent C:\Users\Danny\Downloads\[katproxy.com]adobe.photoshop.lightroom.5.2.rc.multilingual.keygen.torrent C:\Users\Danny\Downloads\[katproxy.com]simcity.2013.no.drm.cracked.1.5.vulpeszedra (1).torrent C:\Users\Danny\Downloads\[katproxy.com]simcity.2013.no.drm.cracked.1.5.vulpeszedra - Copy.torrent C:\Users\Danny\Downloads\[kickass.to]microsoft.office.2010.pro.plus.precracked.rar.torrent C:\Windows.old\Users\Danny\AppData\Roaming\BitTorrent\Microsoft OFFICE 2010 Pro Plus PRECRACKED.rar.torrent =>P2P.BitTorrent ~ Files: Scanned in 01mn 35s ---\\ Search Particular Root Folder (SPRF) (O84) [MD5.32C736FB85BC71F67450CD23B89A1066] [sPRF][22-11-2013] (...) -- C:\Users\Danny\AppData\Local\Temp\71ec268ab42822c4d9d539589dff355e.dll [56] [MD5.F80CFD218A94524669236F311CAA1846] [sPRF][28-8-2013] (.No owner - Package Track.) -- C:\Users\Danny\Desktop\Package Track.exe [1144832] ~ Files: 2 Legitimates Filtered in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "TCP Query User{F400C8C3-7E2D-4CD2-9172-6762A8B87B56}C:\users\danny\desktop\microsoft toolkit.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\danny\desktop\microsoft toolkit.exe (.not file.) O87 - FAEL: "UDP Query User{16CBF918-229D-4CC7-9A2F-267CA08DC7AC}C:\users\danny\desktop\microsoft toolkit.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\danny\desktop\microsoft toolkit.exe (.not file.) O87 - FAEL: "TCP Query User{DD5EA7DD-56FF-4283-8F9F-C1779290D1DA}C:\users\danny\appdata\roaming\acestream\engine\ace_engine.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\danny\appdata\roaming\acestream\engine\ace_engine.exe O87 - FAEL: "UDP Query User{3C6A3509-826F-4A5D-B534-3490059C28DF}C:\users\danny\appdata\roaming\acestream\engine\ace_engine.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\danny\appdata\roaming\acestream\engine\ace_engine.exe ~ Firewall: 242 Legitimates Filtered in 00mn 01s ---\\ MyComputer Name Space (MNS) (O92) O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE} O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B} O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA} O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C} O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0} O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641} ~ MNS: 6 Legitimates Filtered in 00mn 00s ---\\ Windows Installer Scan (WIS) (O93) (NTFS) [MD5.E4617689D2A51DA75ECEF98CD2250F56] [WIS][23-9-2013] (.The Within Network, LLC - UxStyle.) -- C:\Windows\Installer\4b28f90.msi [208896] ~ WIS: 42 Legitimates Filtered in 00mn 03s ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 29-8-2012 208384 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Windows\System32\AdminService.exe SR - | Auto 17-10-2013 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SS - | Demand 7-11-2013 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SS - | Auto 17-10-2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 17-10-2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Demand 24-4-2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe SS - | Demand 26-10-2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 5-9-2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SR - | Auto 23-9-2013 13824 | (UnsignedThemes) . (.The Within Network, LLC.) - C:\WINDOWS\unsignedthemes.exe SR - | Demand 10-7-1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe SR - | Demand 10-7-1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe SS - | Demand 10-7-1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SS - | Demand 22-8-2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 06s ---\\ Search Master Boot Record Infection (MBR)(O80) Run by Danny at 22-11-2013 18:40:48 ~ OS 64 not supported by MBR tool ~ MBR: 0 Legitimates Filtered in 00mn 00s ---\\ Search Master Boot Record Infection (MBRCheck)(O80) Written by ad13, PC Helpforum - Gratis hulp bij computer problemen Run by Danny at 22-11-2013 18:40:51 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 12996 - (22-11-2013) Clés trouvées (Keys found) : 2 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 1 [HKCU\Software\Somoto] =>Adware.MegaSearch [HKCU\Software\BI] =>Adware.MegaSearch C:\WINDOWS\AutoKMS\AutoKMS.exe =>Trojan.Keygen^ ~ Additionnel Scan: 219533 Items scanned in 00mn 22s ---\\ Summary of the detections found on your workstation ~ Adware.MegaSearch - Malicius Software Information =>Adware.MegaSearch ~ MSI: 1 link(s) detected in 00mn 22s ~ 3060 Legitimates filtered by white list End of the scan (639 lines in 05mn 55s)(14)
  2. naabje
    Nee, helaas. het is niet heel erg ofzo, maar om de halve minuut een kleine seconde lagg. Voorheen had ik dit niet. kan ook zijn dat mijn laptop het niet aan kan hoor, er zit maar een i3 met intel hd 3000 graphics kaart in. Het gaat om het spel S.K.I.L.L. Special force 2
  3. naabje
    [ATTACH]29115[/ATTACH]Op een of andere manier kan ik het LOG bestand niet uploaden of in het bericht plakken. wel heb ik het zoek-result zoek-results.txt
  4. naabje
    Laptop word weer een beetje sloom tijdens het gamen, dus maar even een logje! vriendelijk bedankt! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:11:50, on 22-11-2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.16384) Boot mode: Normal Running processes: C:\Program Files (x86)\Gyazo\GyStation.exe C:\Users\Danny\AppData\Local\FilesFrog Update Checker\update_checker.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: YouTube to MP3 Converter - {A3EDD32E-7957-4F51-8BFD-A528BBBE5DE5} - C:\PROGRA~2\YOUTUB~1\ytdl.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe O4 - HKCU\..\Run: [spotify] "C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [AceStream] C:\Users\Danny\AppData\Roaming\ACEStream\engine\ace_engine.exe O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\WINDOWS\unsignedthemes.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9535 bytes
  5. naabje
    Dankjewel voor het helpen. ik zal de laatste stap uitvoeren en het topic mankeren als opgelost!
  6. naabje
    Fijn, de startpagina is nu niet meer QV06. bedankt, Zoek.exe Version 4.0.0.4 Updated 30-08-2013 Tool run by Danny on 30/08/2013 at 13:58:20.17. Microsoft Windows 8.1 Pro Preview 6.3.9431 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Danny\Desktop\zoek\zoek.exe [script inserted] ==== FireFox Fix ====================== Deleted from C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\prefs.js: user_pref("browser.newtab.url", "about:blank"); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== Profilepath: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller 0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 07FAA8B85F81784DEC315E04E5852F2F - C:\Users\Danny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 0DB01492F7B7F3B0FC49BA0E8E9EFDEA - C:\WINDOWS\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== Snap.Do - Danny - Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl Google Docs - Danny - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Danny - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Danny - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Battlefield Heroes - Danny - Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh Google Search - Danny - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Card number - Danny - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Danny - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage deleted successfully ==== Reset Google Chrome ====================== C:\users\Danny\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== HijackThis Entries ====================== C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify] "C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Epson Stylus SX235] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Danny\AppData\Local\Temp\E_S2C03.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [EPSON2589BA (Epson Stylus SX235)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Danny\AppData\Local\Temp\E_S2C90.tmp" /EF "HKCU" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing) O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== EOF on 30/08/2013 at 13:59:52.54 ====================== # AdwCleaner v3.001 - Report created 30/08/2013 at 14:03:37 # Updated 24/08/2013 by Xplode # Operating System : Windows 8.1 Pro Preview (64 bits) # Username : Danny - PCDANNY # Running from : C:\Users\Danny\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Key Deleted : HKCU\Software\BI Key Deleted : HKCU\Software\dealplylive Key Deleted : HKCU\Software\SmartBar Key Deleted : HKLM\Software\Desksvc Key Deleted : HKLM\Software\qvo6Software ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9431.0 -\\ Mozilla Firefox v23.0.1 (nl) [ File : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\prefs.js ] -\\ Google Chrome v29.0.1547.62 [ File : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2699 octets] - [30/08/2013 14:02:58] AdwCleaner[s0].txt - [1923 octets] - [30/08/2013 14:03:37] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1983 octets] ##########
  7. naabje
    Bijde gedaan, vind het nog wel vreemd dat de startpagina niet is verandert terwijl er staat dat google.nl dat is, maar het is qv06 Zoek.exe Version 4.0.0.4 Updated 30-08-2013 Tool run by Danny on 30/08/2013 at 12:54:12.61. Microsoft Windows 8.1 Pro Preview 6.3.9431 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Danny\Desktop\zoek\zoek.exe [script inserted] ==== System Restore Info ====================== 30/08/2013 12:55:18 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3751033221-735151488-1739522443-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-3751033221-735151488-1739522443-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default ---- Lines qvo6 removed from prefs.js ---- user_pref("browser.search.defaultenginename", "qvo6"); user_pref("browser.search.order.1", "qvo6"); ---- Lines qvo6 modified from prefs.js ---- ---- Lines qvo6 removed from user.js ---- ---- Lines helperbar removed from prefs.js ---- user_pref("extensions.helperbar.countryiso", "tj"); user_pref("extensions.helperbar.DockingPositionDown", false); user_pref("extensions.helperbar.downloadprovider", "somoto"); user_pref("extensions.helperbar.installationid", "3a0cb2ea-9b63-880d-e477-77a74ae98c34"); user_pref("extensions.helperbar.installdate", "29/08/2013"); user_pref("extensions.helperbar.publisher", "somoto"); user_pref("extensions.helperbar.SmartbarDisabled", false); user_pref("extensions.helperbar.SmartbarStateMinimaized", false); user_pref("extensions.helperbar.Visibility", true); ---- Lines helperbar modified from prefs.js ---- ---- Lines helperbar removed from user.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- Lines smartbar removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_082013_1257_.backup prefs_082013_1257_.backup ==== Deleting Files \ Folders ====================== "C:\user.js" deleted "C:\Users\Danny\Downloads\iLividSetup-r367-n-bc.exe" deleted "C:\Users\Danny\Downloads\SoftonicDownloader_voor_bluestacks-app-player.exe" deleted "C:\WINDOWS\Tasks\Dealply.job" deleted "C:\windows\SysNative\Tasks\Dealply" deleted "C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk" deleted "C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx" deleted "C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted "C:\user.js" deleted "C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\searchplugins\Web Search.xml" deleted "C:\Program Files (x86)\DealPlyLive" deleted "C:\Program Files (x86)\WinZipper" deleted "C:\Program Files (x86)\Common Files\337" deleted "C:\Program Files (x86)\DealPly" deleted "C:\Program Files (x86)\DealPlyLive" deleted "C:\Program Files (x86)\Desk 365" deleted "C:\Users\Danny\AppData\Roaming\Desk 365" deleted "C:\Users\Danny\AppData\Roaming\Dealply" deleted "C:\ProgramData\eSafe" deleted "C:\ProgramData\DealPlyLive" deleted "C:\Users\Danny\AppData\Local\DealPlyLive" deleted "C:\Users\Danny\AppData\Local\SwvUpdater" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2013-08-11 17:28:06 2FA617D1B062B8D9F08036E90003B3E2 1698408 ----a-w- C:\WINDOWS\RtlExUpd.dll 2013-08-11 16:09:10 70757BB715401D58378CEFA1164902C8 13338 ----a-w- C:\WINDOWS\diagwrn.xml 2013-08-11 16:09:10 70757BB715401D58378CEFA1164902C8 13338 ----a-w- C:\WINDOWS\diagerr.xml ====== C:\Users\Danny\AppData\Local\Temp ==== 2013-08-29 13:40:11 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\AppData\Local\Temp\ose00001.exe 2013-08-29 13:24:30 6FF3CFB85B18C032AF8F242498DFC8D9 303680 ----a-w- C:\Users\Danny\AppData\Local\Temp\eSafeSvc.exe 2013-08-29 13:24:26 FEA91DA0F43314348ED490748755E869 267856 ----a-w- C:\Users\Danny\AppData\Local\Temp\deskplusdl.exe 2013-08-29 13:24:26 7ECC6FA1B23EFCFFCD7164FC2966A263 3029672 ----a-w- C:\Users\Danny\AppData\Local\Temp\dl_1217189062.exe 2013-08-29 13:24:25 8A27F94D00E891296DA496EFE4CA38FF 267856 ----a-w- C:\Users\Danny\AppData\Local\Temp\WinZipperdl.exe 2013-08-29 13:24:25 56F9BB47B2CC82C1FA548BEAA040E2EA 3186344 ----a-w- C:\Users\Danny\AppData\Local\Temp\dl_1217187937.exe 2013-08-29 13:24:00 5AA3E89A59E3D556B5F9B6D8D8EE3A82 42080 ----a-w- C:\Users\Danny\AppData\Local\Temp\bi_cleaner.exe 2013-08-29 13:23:45 9B4316A022E8FFA53C35FAFAB8F7753B 305192 ----a-w- C:\Users\Danny\AppData\Local\Temp\UpdUninstall.exe 2013-08-29 13:21:03 5F25A1A3D3D57AD6BC0A14BBD6E03327 1109983 ----a-w- C:\Users\Danny\AppData\Local\Temp\6_Offer_11.exe 2013-08-29 13:19:54 E0713BA9EE9DF4FD8E7E9B888710F944 4620384 ----a-w- C:\Users\Danny\AppData\Local\Temp\OptimizerPro.exe 2013-08-29 13:19:50 2F5252E50745E47DB355B005725DAE05 327880 ----a-w- C:\Users\Danny\AppData\Local\Temp\appshat-distribution.exe 2013-08-29 13:19:50 2EFD560A4734B1245F20F0AA91A4B57E 8149388 ----a-w- C:\Users\Danny\AppData\Local\Temp\QuickShare1.exe 2013-08-29 13:19:42 A094070E6A43A03B7D5BD603532FCBAA 111071 ----a-w- C:\Users\Danny\AppData\Local\Temp\WajamC.exe 2013-08-29 13:19:13 8C8B135897470CB8DF7F34BDA3ED3538 1110212 ----a-w- C:\Users\Danny\AppData\Local\Temp\SevenZip-Installer.exe 2013-08-29 13:18:56 E565BD591BF472D62B580324164B0DAB 43545 ----a-w- C:\Users\Danny\AppData\Local\Temp\Run-Setup.exe 2013-08-29 13:17:25 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\AppData\Local\Temp\ose00000.exe 2013-08-28 08:00:12 A8BC134E7AA5F29C4FFCB71C2D452B3A 9027352 ----a-w- C:\Users\Danny\AppData\Local\Temp\Installer.exe ====== C:\WINDOWS\SysWOW64 ===== 2013-08-29 15:19:08 351D111CD5C5479946EB724DBBB1275E 96168 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2013-08-29 13:21:53 CC2973069AD865E3B1DC2FDF61134E97 421032 ----a-w- C:\WINDOWS\SysWOW64\msvcp100.dll 2013-08-29 13:21:53 BF6FE24C8C344DEE4ADA87F93D55B069 773800 ----a-w- C:\WINDOWS\SysWOW64\msvcr100.dll 2013-08-27 17:03:21 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\WINDOWS\SysWOW64\XAPOFX1_5.dll 2013-08-27 17:03:21 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\WINDOWS\SysWOW64\XAudio2_7.dll 2013-08-27 17:03:20 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\WINDOWS\SysWOW64\d3dx11_43.dll 2013-08-27 17:03:20 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2013-08-27 17:03:16 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\WINDOWS\SysWOW64\d3dx10_42.dll 2013-08-27 17:02:59 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_32.dll 2013-08-21 18:37:03 E1D342DA107E8A025320CEF4449B56F7 214016 ----a-w- C:\WINDOWS\SysWOW64\dplayx.dll 2013-08-21 18:37:03 D3A06FAC0FE8FC12B6C642F80E48C0B4 33792 ----a-w- C:\WINDOWS\SysWOW64\dpnsvr.exe 2013-08-21 18:37:03 CB5C291D9963BE4CB51FC18643A91642 30720 ----a-w- C:\WINDOWS\SysWOW64\dplaysvr.exe 2013-08-21 18:37:03 C85AD797B395D84AB0CDAE40BA6338DF 377856 ----a-w- C:\WINDOWS\SysWOW64\dpnet.dll 2013-08-21 18:37:03 AD41901EFBAD2485D208E685775FC786 9216 ----a-w- C:\WINDOWS\SysWOW64\dpnhpast.dll 2013-08-21 18:37:03 4C56525111980136E20930704BFAC6F6 45056 ----a-w- C:\WINDOWS\SysWOW64\dpwsockx.dll 2013-08-21 18:37:03 47F0ACDF6D9E0661A2AAA5ECA33EC4AA 9216 ----a-w- C:\WINDOWS\SysWOW64\dpnhupnp.dll 2013-08-21 18:37:03 38C97AFD7E2A36EE6CAB725B106D0767 23552 ----a-w- C:\WINDOWS\SysWOW64\dpmodemx.dll 2013-08-21 18:37:03 0AA63C488FC4FE8210E1D0A6885F2C90 59904 ----a-w- C:\WINDOWS\SysWOW64\dpnathlp.dll 2013-08-21 18:33:01 5C4D3843B491C047B7A619901FBD2EC1 230168 ----a-w- C:\WINDOWS\SysWOW64\xactengine2_2.dll 2013-08-21 18:33:00 F1726346E583442541FE73429F8E9C10 62672 ----a-w- C:\WINDOWS\SysWOW64\xinput1_1.dll 2013-08-21 18:32:58 7C9952111F4C743B9F0D8B68B6ED93C9 229584 ----a-w- C:\WINDOWS\SysWOW64\xactengine2_1.dll 2013-08-21 18:32:45 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_30.dll 2013-08-21 18:32:44 4E961525CC7FF0E5D7DA19E170B7C14C 14032 ----a-w- C:\WINDOWS\SysWOW64\x3daudio1_0.dll 2013-08-21 18:32:44 2112FE0C46662D429347A7D7B49E3ECE 230096 ----a-w- C:\WINDOWS\SysWOW64\xactengine2_0.dll 2013-08-21 18:32:43 BE19B603DFBAA829EE5B7749B3BA97DB 2323664 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_28.dll 2013-08-21 18:32:43 99F4FC172A5ACE36CF00AA7038D23F2C 2332368 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_29.dll 2013-08-21 18:32:42 852EDC778A7A50077694F84D8E601234 2319568 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_27.dll 2013-08-21 18:32:41 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_25.dll 2013-08-21 18:32:41 523AB607EEF81CC4D909E7FEBD8A788E 2297552 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_26.dll 2013-08-21 18:32:38 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_24.dll 2013-08-19 00:35:40 3870409C1A92BBB676FEB7FB17D9D158 389120 ----a-w- C:\WINDOWS\SysWOW64\RegistryHelperLM.ocx ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2013-08-28 15:55:07 23948829C6D049B8ADE0E0FB87305AC3 17272 ----a-w- C:\WINDOWS\Sysnative\sdnclean64.exe 2013-08-27 17:03:21 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\WINDOWS\Sysnative\XAPOFX1_5.dll 2013-08-27 17:03:21 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\WINDOWS\Sysnative\XAudio2_7.dll 2013-08-27 17:03:20 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_43.dll 2013-08-27 17:03:20 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\WINDOWS\Sysnative\d3dx11_43.dll 2013-08-27 17:03:16 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\WINDOWS\Sysnative\d3dx10_42.dll 2013-08-27 17:02:59 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\WINDOWS\Sysnative\d3dx9_32.dll 2013-08-21 18:37:03 FCE8FAA3F342702CA6ACE15957D917F1 9216 ----a-w- C:\WINDOWS\Sysnative\dpnhupnp.dll 2013-08-21 18:37:03 F88A51195BC9524FA407E81218323B7E 461312 ----a-w- C:\WINDOWS\Sysnative\dpnet.dll 2013-08-21 18:37:03 E67D364628726110DE7DA2FE120C17BE 9216 ----a-w- C:\WINDOWS\Sysnative\dpnhpast.dll 2013-08-21 18:37:03 E16AF4DD6CA160C544AC50C8AFFB5822 66560 ----a-w- C:\WINDOWS\Sysnative\dpnathlp.dll 2013-08-21 18:37:03 16B383A5C3F980B300EB38D593244024 34304 ----a-w- C:\WINDOWS\Sysnative\dpnsvr.exe 2013-08-21 18:33:01 DC5A914C34EB12056531777D4DD0F44E 354072 ----a-w- C:\WINDOWS\Sysnative\xactengine2_2.dll 2013-08-21 18:33:00 6F9D3289D8B166E478AFFF9EFA92C42C 83664 ----a-w- C:\WINDOWS\Sysnative\xinput1_1.dll 2013-08-21 18:32:58 0CC809422AB40974DFF8078392E4D507 352464 ----a-w- C:\WINDOWS\Sysnative\xactengine2_1.dll 2013-08-21 18:32:45 E09A9CF383ACF4A28038561E62277377 3927248 ----a-w- C:\WINDOWS\Sysnative\d3dx9_30.dll 2013-08-21 18:32:44 F77D5AB654881E683CFF6650916C424E 16592 ----a-w- C:\WINDOWS\Sysnative\x3daudio1_0.dll 2013-08-21 18:32:44 CE5753F9A27837259EB52F3F47F39593 355536 ----a-w- C:\WINDOWS\Sysnative\xactengine2_0.dll 2013-08-21 18:32:43 88BAC8306D4EC79A82B1FFA17DC8CF4A 3815120 ----a-w- C:\WINDOWS\Sysnative\d3dx9_28.dll 2013-08-21 18:32:43 68B35CBDB4A8CC424718BBCC894FEEEA 3830992 ----a-w- C:\WINDOWS\Sysnative\d3dx9_29.dll 2013-08-21 18:32:42 914C3237E4D145A18DCD1D0D4C8659E1 3807440 ----a-w- C:\WINDOWS\Sysnative\d3dx9_27.dll 2013-08-21 18:32:41 4C56E7C5B2A61353E534C7D15D05856D 3823312 ----a-w- C:\WINDOWS\Sysnative\d3dx9_25.dll 2013-08-21 18:32:41 44F5C5E27D6825E4E62420BC29B8B533 3767504 ----a-w- C:\WINDOWS\Sysnative\d3dx9_26.dll 2013-08-21 18:32:38 B165DF72E13E6AF74D47013504319921 3544272 ----a-w- C:\WINDOWS\Sysnative\d3dx9_24.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2013-08-23 15:50:11 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf 2013-08-11 17:28:35 FCA6883B690E3722B6A60ADA972A831A 520 ----a-w- C:\WINDOWS\Sysnative\drivers\RTEQEX1.dat 2013-08-11 17:28:35 EBCA7473A23120CAE4066BEB3835D48F 520 ----a-w- C:\WINDOWS\Sysnative\drivers\RTEQEX0.dat 2013-08-11 17:28:35 E67AAB6205BD45C9A9644CDAC9CE9664 39672 ----a-w- C:\WINDOWS\Sysnative\drivers\RtPCEE3.DAT 2013-08-11 17:28:35 DAE054749540938A0889AA40E0D5594A 1448 ----a-w- C:\WINDOWS\Sysnative\drivers\RtHdatEx.dat 2013-08-11 17:28:35 D2621569F1EF82A58D4906E29DBCBF15 115256 ----a-w- C:\WINDOWS\Sysnative\drivers\RtPCEE4.DAT 2013-08-11 17:28:35 C104D162A7AC593908FCE05456300619 176 ----a-w- C:\WINDOWS\Sysnative\drivers\RTHDAEQ1.dat 2013-08-11 17:28:35 99E26EFF2A113E052CB973E989835DC3 24 ----a-w- C:\WINDOWS\Sysnative\drivers\rtkhdaud.dat 2013-08-11 17:28:35 57B8D47F171677E88563A42924D64D3D 520 ----a-w- C:\WINDOWS\Sysnative\drivers\RTEQEX2.dat 2013-08-11 17:28:35 530A9FEB236FF8DD1BC941A7F08E6561 520 ----a-w- C:\WINDOWS\Sysnative\drivers\RTEQEX3.dat 2013-08-11 17:28:35 4E84A165644886CC5333335C289B33D0 247560 ----a-w- C:\WINDOWS\Sysnative\drivers\RTConvEQ.dat 2013-08-11 17:28:23 E83BB47C3446F0497019DE7FD6C6A86F 4744808 ----a-w- C:\WINDOWS\Sysnative\drivers\RTKVHD64.sys 2013-08-11 17:28:19 AA554816190EBCB9AC3D413F469C9FBE 238448 ----a-w- C:\WINDOWS\Sysnative\drivers\RTAIODAT.DAT 2013-08-11 16:54:20 86B213002C4CA3C533866E654B7BFC15 1538304 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2013-08-11 16:54:20 3156C957C1ECCEF82791E3541D0C68C7 395520 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2013-08-11 15:58:13 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf ====== C:\WINDOWS\Tasks ====== 2013-08-28 15:55:30 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Safer-Networking 2013-08-22 12:15:05 3FE7916E673809EFE69E2ADA207CC3A1 3150 ----a-w- C:\WINDOWS\Sysnative\Tasks\{197DA9B0-9EA7-48BB-BFF1-20C4544484A3} 2013-08-11 16:29:25 E10C1DDE64A7F5AF8857A42AEE1D467D 830 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-08-11 16:29:25 7D8BA7D70568EE6903936A07A459854A 3718 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater 2013-08-11 16:18:39 A7A46AA3E65066F4E44972B990E40D88 912 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-11 16:18:39 9CF40236E79ECAB7BC817A4919FD4F3E 3884 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2013-08-11 16:18:38 7EE0D0C9F5C5E2B9F5710FE809A5CD40 3648 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2013-08-11 16:18:38 5FB9D10AA1CC1B84EA3AF99F5505EF2E 908 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-11 15:57:43 E66FB5AC763E96DBA5668D9DA2808C58 3922 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{13A63F00-5E30-4DE9-A7B5-205834E97951} 2013-08-11 15:57:22 A044798F02AE601250374334315F2EC1 3596 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3751033221-735151488-1739522443-1001 2013-08-11 15:52:38 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\WPD ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2013-08-29 15:11:09 -------- d-----w- C:\Program Files\Speccy 2013-08-29 13:41:08 -------- d-----w- C:\Program Files\Microsoft Office 2013-08-27 17:03:58 -------- d-----w- C:\Program Files\Windows Live 2013-08-13 13:26:19 -------- d-----w- C:\Program Files\Common Files\EPSON 2013-08-11 17:40:49 -------- d-----w- C:\Program Files\Reference Assemblies 2013-08-11 17:40:49 -------- d-----w- C:\Program Files\MSBuild 2013-08-11 17:28:35 -------- d-----w- C:\Program Files\Realtek 2013-08-11 17:02:08 -------- d-----w- C:\Program Files\WinRAR ======= C:\Program Files (x86) ===== 2013-08-29 13:44:49 -------- d-----w- C:\Program Files (x86)\Microsoft Works 2013-08-29 13:43:58 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 2013-08-29 13:43:57 -------- d-----w- C:\Program Files (x86)\Common Files\DESIGNER 2013-08-29 13:41:02 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2013-08-29 13:40:27 -------- d-----w- C:\Program Files (x86)\Microsoft Office 2013-08-29 13:32:57 -------- d-----w- C:\Program Files (x86)\Trend Micro 2013-08-28 15:54:52 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-08-27 17:04:34 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2013-08-27 17:03:49 -------- d-----w- C:\Program Files (x86)\Windows Live 2013-08-27 17:02:46 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive 2013-08-27 17:00:26 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2013-08-21 18:30:11 -------- d-----w- C:\Program Files (x86)\TmNationsForever 2013-08-21 11:55:11 -------- d-----w- C:\Program Files (x86)\Cisco Systems 2013-08-14 13:15:37 -------- d-----w- C:\Program Files (x86)\EA Games 2013-08-13 16:16:20 -------- d-----w- C:\Program Files (x86)\Gyazo 2013-08-12 15:41:32 -------- d-----w- C:\Program Files (x86)\Twitter 2013-08-12 11:21:38 -------- d-----w- C:\Program Files (x86)\Common Files\Skype 2013-08-12 11:21:36 -------- d-----r- C:\Program Files (x86)\Skype 2013-08-11 17:41:05 -------- d-----w- C:\Program Files (x86)\Reference Assemblies 2013-08-11 17:41:05 -------- d-----w- C:\Program Files (x86)\MSBuild 2013-08-11 17:35:31 -------- d-----w- C:\Program Files (x86)\Dolby Home Theater v4 2013-08-11 17:28:09 -------- d--h--w- C:\Program Files (x86)\InstallShield Installation Information 2013-08-11 17:28:09 -------- d-----w- C:\Program Files (x86)\Realtek 2013-08-11 17:28:07 -------- d--h--w- C:\Program Files (x86)\Temp 2013-08-11 17:28:02 -------- d-----w- C:\Program Files (x86)\Common Files\InstallShield 2013-08-11 16:34:55 -------- d-----w- C:\Program Files (x86)\Opera 2013-08-11 16:26:49 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-11 16:18:36 -------- d-----w- C:\Program Files (x86)\Google 2013-08-11 16:03:58 -------- d-----w- C:\Program Files (x86)\Intel ======= C: ===== ====== C:\Users\Danny\AppData\Roaming ====== 2013-08-29 15:13:24 -------- d-----w- C:\users\Danny\AppData\Locallow\Sun 2013-08-29 14:49:16 -------- d-----w- C:\users\Default\AppData\Local\Microsoft Help 2013-08-29 14:49:16 -------- d-----w- C:\users\Default User\AppData\Local\Microsoft Help 2013-08-29 13:22:46 -------- d-----w- C:\users\Danny\AppData\Local\WebPlayer 2013-08-29 13:19:10 -------- d-----w- C:\users\Danny\AppData\Local\Microsoft Help 2013-08-27 17:00:32 -------- d-----w- C:\users\Danny\AppData\Local\Windows Live 2013-08-27 16:36:59 -------- d-----w- C:\users\Danny\AppData\Roaming\Unity 2013-08-27 16:36:36 -------- d-----w- C:\users\Danny\AppData\Local\Unity 2013-08-27 16:36:35 -------- d-----w- C:\users\Danny\AppData\Locallow\Unity 2013-08-22 20:42:33 -------- d-----w- C:\users\Danny\AppData\Locallow\Google 2013-08-14 13:51:34 -------- d-----w- C:\users\Danny\AppData\Local\PunkBuster 2013-08-13 17:31:24 -------- d-----w- C:\users\Danny\AppData\Local\twitter 2013-08-13 16:16:48 -------- d-----w- C:\users\Danny\AppData\Roaming\Gyazo 2013-08-13 16:16:18 -------- d-----w- C:\users\Danny\AppData\Local\Programs 2013-08-12 15:41:34 -------- d-----w- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck 2013-08-12 11:24:50 -------- d-----w- C:\users\Danny\AppData\Local\Spotify 2013-08-12 11:24:19 -------- d-----w- C:\users\Danny\AppData\Roaming\Spotify 2013-08-12 11:21:46 -------- d-----w- C:\users\Danny\AppData\Roaming\Skype 2013-08-11 17:02:24 -------- d-----w- C:\users\Danny\AppData\Roaming\WinRAR 2013-08-11 17:02:24 -------- d-----w- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-08-11 16:35:15 -------- d-----w- C:\users\Danny\AppData\Roaming\Opera Software 2013-08-11 16:35:15 -------- d-----w- C:\users\Danny\AppData\Local\Opera Software 2013-08-11 16:28:43 -------- d-----w- C:\users\Danny\AppData\Local\Adobe 2013-08-11 16:26:56 -------- d-----w- C:\users\Danny\AppData\Roaming\Mozilla 2013-08-11 16:26:56 -------- d-----w- C:\users\Danny\AppData\Local\Mozilla 2013-08-11 16:26:41 -------- d-----w- C:\users\Danny\AppData\Roaming\BitTorrent 2013-08-11 16:18:30 -------- d-----w- C:\users\Danny\AppData\Local\Google 2013-08-11 16:08:51 -------- d-s---w- C:\users\Danny\AppData\Roaming\Microsoft 2013-08-11 16:08:51 -------- d-----w- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-08-11 16:08:51 -------- d-----w- C:\users\Danny\AppData\Local\Temp 2013-08-11 16:08:51 -------- d-----w- C:\users\Danny\AppData\Local\Microsoft 2013-08-11 16:08:51 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-08-11 16:08:51 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-08-11 16:08:51 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-08-11 16:08:49 -------- d-s---w- C:\users\Administrator\AppData\Roaming\Microsoft 2013-08-11 16:08:49 -------- d-----w- C:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-08-11 16:08:49 -------- d-----w- C:\users\Administrator\AppData\Local\Temp 2013-08-11 16:08:49 -------- d-----w- C:\users\Administrator\AppData\Local\Microsoft 2013-08-11 16:08:49 -------- d-----r- C:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-08-11 16:08:49 -------- d-----r- C:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-08-11 16:08:49 -------- d-----r- C:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-08-11 15:57:52 -------- d-----w- C:\users\Danny\AppData\Locallow\Microsoft 2013-08-11 15:51:21 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-08-11 15:51:21 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-08-11 15:51:01 -------- d-----w- C:\users\Danny\AppData\Local\Packages 2013-08-11 15:51:00 -------- d-----w- C:\users\Danny\AppData\Roaming\Adobe 2013-08-11 15:50:57 -------- d-----w- C:\users\Danny\AppData\Local\VirtualStore ====== C:\Users\Danny ====== 2013-08-29 15:17:49 0748E29E764BAC0E7F9E2567D4CECF94 903080 ----a-w- C:\Users\Danny\Downloads\chromeinstall-7u25 (1).exe 2013-08-29 15:14:53 -------- d-----w- C:\ProgramData\Sun 2013-08-29 15:13:15 0748E29E764BAC0E7F9E2567D4CECF94 903080 ----a-w- C:\Users\Danny\Downloads\chromeinstall-7u25.exe 2013-08-29 15:10:35 096C3277599629BD22AF6959D20774B9 4454952 ----a-w- C:\Users\Danny\Downloads\ccsetup405.exe 2013-08-29 15:10:10 1EFDECC41128BABB5B09B4C9BEB98D46 5127856 ----a-w- C:\Users\Danny\Downloads\spsetup122.exe 2013-08-29 13:45:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013-08-29 13:22:51 -------- d-----w- C:\Users\Danny\Local Settings 2013-08-29 13:19:01 -------- d-----w- C:\ProgramData\Microsoft Help 2013-08-28 15:55:28 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-08-28 15:55:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2013-08-28 15:52:26 5041225B3ACEA99FD34EB9F026AC7D82 37672592 ----a-w- C:\Users\Danny\Downloads\spybotsd-2.1.21-SR2.exe 2013-08-28 15:01:43 C30FF2A7F0CE3A717585A8EC1E751417 92776 ----a-w- C:\Users\Danny\Downloads\SpotifySetup (3).exe 2013-08-27 17:04:52 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2013-08-27 17:02:32 -------- d-----w- C:\ProgramData\Microsoft SkyDrive 2013-08-27 17:00:16 517792A56DBF99B4277B9B573E008EDD 1239536 ----a-w- C:\Users\Danny\Downloads\wlsetup-web.exe 2013-08-27 16:36:26 32D3D0D1EBF3773354E84EF6083DB53F 648144 ----a-w- C:\Users\Danny\Downloads\UnityWebPlayer.exe 2013-08-22 20:42:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2013-08-22 20:41:32 E0031C4FFC714668ED09374509881E90 784856 ----a-w- C:\Users\Danny\Downloads\GoogleEarthPluginSetup.exe 2013-08-21 23:29:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon 2013-08-21 23:21:21 -------- d-----w- C:\ProgramData\NexonUS 2013-08-21 22:33:32 33D092D09C1B022574FFF40EABA28906 2232617911 ----a-w- C:\Users\Danny\Downloads\SuddenAttackV41.exe 2013-08-21 18:36:42 -------- d-----w- C:\ProgramData\TmForever 2013-08-21 18:31:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever 2013-08-21 18:24:56 2A36D70989F94BA9369993749FF20640 530600781 ----a-w- C:\Users\Danny\Downloads\tmnationsforever_setup.exe 2013-08-21 11:48:20 -------- d-----w- C:\ProgramData\Cisco Systems 2013-08-14 13:33:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games 2013-08-13 16:16:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo 2013-08-13 13:26:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2013-08-13 13:26:13 -------- d-----w- C:\ProgramData\EPSON 2013-08-12 11:21:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2013-08-12 11:21:29 -------- d-----w- C:\ProgramData\Skype 2013-08-11 17:35:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2013-08-11 17:02:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2013-08-11 16:31:39 -------- d--h--r- C:\Users\Public\AccountPictures 2013-08-11 16:30:59 -------- d-----r- C:\Users\Danny\SkyDrive 2013-08-11 16:26:50 -------- d-----w- C:\ProgramData\Mozilla 2013-08-11 16:19:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2013-08-11 16:08:51 -------- d--h--w- C:\Users\Danny\AppData 2013-08-11 16:08:51 -------- d-----r- C:\Users\Danny\Favorites 2013-08-11 16:08:51 -------- d-----r- C:\Users\Danny\Desktop 2013-08-11 16:08:49 -------- d--h--w- C:\Users\Administrator\AppData 2013-08-11 16:08:49 -------- d-----r- C:\Users\Administrator\Favorites 2013-08-11 16:08:49 -------- d-----r- C:\Users\Administrator\Desktop 2013-08-11 15:51:33 -------- d-----w- C:\ProgramData\PRICache 2013-08-11 15:51:21 -------- d-----r- C:\Users\Danny\Searches 2013-08-11 15:50:22 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Danny\ntuser.ini 2013-08-10 18:49:14 -------- d-----w- C:\Users\Danny\.Virtualbox.sav 2013-08-10 18:47:56 -------- d-----w- C:\Users\Danny\youwave 2013-08-10 18:17:37 -------- d-----w- C:\Users\Danny\.androvm ====== C: exe-files == 2013-08-29 20:45:35 35359260836A6ED5D2408A1FA6DABD01 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3751033221-735151488-1739522443-1001\$I0U1XBO.exe 2013-08-29 20:45:20 ABD932A233B861AEE91E01C0665117EA 1260032 ----a-w- C:\$Recycle.Bin\S-1-5-21-3751033221-735151488-1739522443-1001\$R0U1XBO.exe 2013-08-29 18:11:06 120BB0B1A5295EA4E0E03822EF989144 73568 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\wow_helper.exe 2013-08-29 18:11:05 A235463929816A7548DF44C07DC423E1 1384800 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\opera_crashreporter.exe 2013-08-29 18:11:01 196C43111B13666422D5E9A8D0C5C23E 2851168 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\opera_autoupdate.exe 2013-08-29 18:10:57 12CA2FE2BFB6CB5B5DC81743E4B883EF 41219936 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\opera.exe 2013-08-29 18:10:55 F323A6022EFB1B3CF075160B8B60E831 1597792 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\launcher.exe 2013-08-29 18:09:44 331796FB3EF3916576FC089D48F93F96 32056088 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\Opera_16.0.1196.62_Autoupdate.exe 2013-08-29 15:17:49 0748E29E764BAC0E7F9E2567D4CECF94 903080 ----a-w- C:\Users\Danny\Downloads\chromeinstall-7u25 (1).exe 2013-08-29 15:13:15 0748E29E764BAC0E7F9E2567D4CECF94 903080 ----a-w- C:\Users\Danny\Downloads\chromeinstall-7u25.exe 2013-08-29 15:10:35 096C3277599629BD22AF6959D20774B9 4454952 ----a-w- C:\Users\Danny\Downloads\ccsetup405.exe 2013-08-29 15:10:10 1EFDECC41128BABB5B09B4C9BEB98D46 5127856 ----a-w- C:\Users\Danny\Downloads\spsetup122.exe 2013-08-29 13:40:11 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\AppData\Local\Temp\ose00001.exe 2013-08-29 13:38:53 95B8A4245A6CD37D36E56FAE5A23E2B1 463152 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\setup.exe 2013-08-29 13:38:53 95B8A4245A6CD37D36E56FAE5A23E2B1 463152 ----a-w- C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe 2013-08-29 13:38:53 16101796FCA07764ED634FEC742CA8C2 5409712 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\Updates\office2007-kb932338-fullfile-x86-glb.exe 2013-08-29 13:38:44 C6D0721E9156EB2A40A04BB38BE0B2A5 813384 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\Office.en-us\DW20.EXE 2013-08-29 13:38:44 C6D0721E9156EB2A40A04BB38BE0B2A5 813384 ----a-w- C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\DW20.EXE 2013-08-29 13:38:44 29E177C7BB7343F365F12AD9A8AF4C48 434528 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\Office.en-us\dwtrig20.exe 2013-08-29 13:38:44 29E177C7BB7343F365F12AD9A8AF4C48 434528 ----a-w- C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\dwtrig20.exe 2013-08-29 13:38:42 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\Enterprise.WW\ose.exe 2013-08-29 13:38:42 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe 2013-08-29 13:24:30 6FF3CFB85B18C032AF8F242498DFC8D9 303680 ----a-w- C:\Users\Danny\AppData\Local\Temp\eSafeSvc.exe 2013-08-29 13:24:26 FEA91DA0F43314348ED490748755E869 267856 ----a-w- C:\Users\Danny\AppData\Local\Temp\deskplusdl.exe 2013-08-29 13:24:26 7ECC6FA1B23EFCFFCD7164FC2966A263 3029672 ----a-w- C:\Users\Danny\AppData\Local\Temp\dl_1217189062.exe 2013-08-29 13:24:25 8A27F94D00E891296DA496EFE4CA38FF 267856 ----a-w- C:\Users\Danny\AppData\Local\Temp\WinZipperdl.exe 2013-08-29 13:24:25 56F9BB47B2CC82C1FA548BEAA040E2EA 3186344 ----a-w- C:\Users\Danny\AppData\Local\Temp\dl_1217187937.exe 2013-08-29 13:24:00 5AA3E89A59E3D556B5F9B6D8D8EE3A82 42080 ----a-w- C:\Users\Danny\AppData\Local\Temp\bi_cleaner.exe 2013-08-29 13:23:45 9B4316A022E8FFA53C35FAFAB8F7753B 305192 ----a-w- C:\Users\Danny\AppData\Local\Temp\UpdUninstall.exe 2013-08-29 13:22:51 AC8F7611F353CA9803FAD5FF81900678 228432 ----a-w- C:\Users\Danny\Local Settings\Application Data\Bundled software uninstaller\biclient.exe 2013-08-29 13:22:47 D8BA5F4E6A1594D0E07C886DAC0F5F8C 64142 ----a-w- C:\Users\Danny\AppData\Local\WebPlayer\Uninstall.exe 2013-08-29 13:21:41 CD47E8A6F925071A9B883F4C2F02D24D 1508944 ----a-w- C:\Users\Danny\AppData\Local\Temp\Desk365\eInstall\eInstall.exe 2013-08-29 13:21:17 BC7338B48C03D5BF2B2ACCA13EE56E68 698880 ----a-w- C:\Users\Danny\AppData\Local\Temp\eIntaller\3DCCE30AEC5445ba9913E6A5C448A34E\eXQ.exe 2013-08-29 13:21:17 6FF3CFB85B18C032AF8F242498DFC8D9 303680 ----a-w- C:\Users\Danny\AppData\Local\Temp\eIntaller\3DCCE30AEC5445ba9913E6A5C448A34E\eGdpSvc.exe 2013-08-29 13:21:17 1C3F886FEC804BFF5E262E08D65D5B9E 4441168 ----a-w- C:\Users\Danny\AppData\Local\Temp\eIntaller\3DCCE30AEC5445ba9913E6A5C448A34E\Desk365.exe 2013-08-29 13:21:03 5F25A1A3D3D57AD6BC0A14BBD6E03327 1109983 ----a-w- C:\Users\Danny\AppData\Local\Temp\6_Offer_11.exe 2013-08-29 13:19:54 E0713BA9EE9DF4FD8E7E9B888710F944 4620384 ----a-w- C:\Users\Danny\AppData\Local\Temp\OptimizerPro.exe 2013-08-29 13:19:50 2F5252E50745E47DB355B005725DAE05 327880 ----a-w- C:\Users\Danny\AppData\Local\Temp\appshat-distribution.exe 2013-08-29 13:19:50 2EFD560A4734B1245F20F0AA91A4B57E 8149388 ----a-w- C:\Users\Danny\AppData\Local\Temp\QuickShare1.exe 2013-08-29 13:19:42 A094070E6A43A03B7D5BD603532FCBAA 111071 ----a-w- C:\Users\Danny\AppData\Local\Temp\WajamC.exe 2013-08-29 13:19:13 8C8B135897470CB8DF7F34BDA3ED3538 1110212 ----a-w- C:\Users\Danny\AppData\Local\Temp\SevenZip-Installer.exe 2013-08-29 13:18:56 E565BD591BF472D62B580324164B0DAB 43545 ----a-w- C:\Users\Danny\AppData\Local\Temp\Run-Setup.exe 2013-08-29 13:17:25 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\AppData\Local\Temp\ose00000.exe 2013-08-28 19:23:03 DC5C3A2292D011EF3BBF9D17BD28A54C 1194848 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.62\29.0.1547.62_29.0.1547.57_chrome_updater.exe 2013-08-28 18:38:01 C0474D835A81DE2B8F264EA955B34534 884576 ----a-w- C:\Users\Danny\AppData\Roaming\BitTorrent\updates\7.8.1_30016.exe 2013-08-28 15:58:14 FEE1C90AF84E759CBBE45C0FA9B63012 254064 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\spybotsd2-translation-frx.exe 2013-08-28 15:58:13 FEE1C90AF84E759CBBE45C0FA9B63012 254064 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\spybotsd2-translation-frx.exe 2013-08-28 15:58:12 0C68C4B59CEF048ADADCA4FC4EA6991A 17392 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDDisableProxy.exe 2013-08-28 15:58:12 0C68C4B59CEF048ADADCA4FC4EA6991A 17392 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDisableProxy.exe 2013-08-28 15:55:14 9B17FF79B20D59E71E4AE522E33B9210 248712 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookInst32.exe 2013-08-28 15:55:14 6AE8E702D1027A9627DDE2B77BB9992B 171928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 2013-08-28 15:55:14 0655F97E68430250FF645BAF75226847 316632 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookInst64.exe 2013-08-28 15:55:13 D5AD5E8830E3613B2CFA3378237014EE 126640 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookHelper.exe 2013-08-28 15:55:12 275D7DEE68B77A5D3EDE23D327E63ED7 132560 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\blindman.exe 2013-08-28 15:55:11 D31398D4BB4907B517B6E784C2100C4A 1033688 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 2013-08-28 15:55:11 66F296D86873FE65E6E9F09FFE5D949F 2977768 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPrepPos.exe 2013-08-28 15:55:11 01F441F655D8CC4214BDF411D39D04AF 3881928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe 2013-08-28 15:55:10 B9DF317275DC6EB461ACED5EBEBC254D 5042648 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSBIEdit.exe 2013-08-28 15:55:10 39CEC90CF1E9541EA41E3ECCC69E498F 4352984 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScript.exe 2013-08-28 15:55:09 AED8D2D7AE0E77AB72D3887FD2E74016 223184 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPESetup.exe 2013-08-28 15:55:09 5D8057F6C56082ECC2533B89899A0F56 3580888 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDBootCD.exe 2013-08-28 15:55:09 3F8111AB50845D0DF5ABCE01ED44B5FC 2729432 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPEStart.exe 2013-08-28 15:55:08 EBF236A412C38EDF04D3E18425EE393E 4812744 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSettings.exe 2013-08-28 15:55:08 D3BF70B531AB5468B4CBFE98C2459CD1 4563928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe 2013-08-28 15:55:08 A58EAD767EAE964ED463FEDF25E750A2 3609552 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe 2013-08-28 15:55:07 D71699B1030F1021E663DBD567F7B018 3642312 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe 2013-08-28 15:55:07 23948829C6D049B8ADE0E0FB87305AC3 17272 ----a-w- C:\Windows\System32\sdnclean64.exe 2013-08-28 15:55:07 03250DB0886A23B1F6C077C5D9F152B0 3859928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe 2013-08-28 15:55:07 03250DB0886A23B1F6C077C5D9F152B0 3859928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe 2013-08-28 15:55:06 E3399927C23E8B35B550B09602411310 221216 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanHelper.exe 2013-08-28 15:55:06 95AA9E165C7DE1B64A11E8B18E91E499 1817560 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 2013-08-28 15:55:06 63B4C70F88BB8DF11E6A0FA5ABE3C34B 4255184 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe 2013-08-28 15:55:06 5FFCEDD10D4E21CF2A857BCBC3437A6F 2935760 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe 2013-08-28 15:55:02 AF49D1C79EA49A7833017F290EE63B82 5624784 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 2013-08-28 15:54:59 34B546C897FA6E41957824303F0E007B 6175696 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe 2013-08-28 15:54:56 AC8BD92DDEFE7A1BED5C7AFB37E4ADDC 2988496 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDShell.exe 2013-08-28 15:54:56 76ABF19EBC873704960D191E22C8A4A5 127984 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPRE.exe 2013-08-28 15:54:55 D906E46C649BFEC3F11287531516FE4E 5347288 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exe 2013-08-28 15:54:55 BB9E4FA5783686595CA8A7BC90CE7997 3330000 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe 2013-08-28 15:54:55 7A693C96C87EFE7E047A9042CFDCDA75 3502032 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSysRepair.exe 2013-08-28 15:54:55 23146C8162411DFFB5B4DF48A708312E 3124688 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDShred.exe 2013-08-28 15:54:54 B1B174A83FDCF9FF76DC463FE243BF0E 3436000 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPhoneScan.exe 2013-08-28 15:54:54 566F7FAB0CFA43CC277249C7CC699707 2674128 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe 2013-08-28 15:54:53 98F2272A7D1BA8E3155FBEA167BCC613 91648 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\xcacls.exe 2013-08-28 15:54:52 EE962F34EB2A8904B2597CF73BB56FDD 1272624 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe 2013-08-28 15:52:26 5041225B3ACEA99FD34EB9F026AC7D82 37672592 ----a-w- C:\Users\Danny\Downloads\spybotsd-2.1.21-SR2.exe 2013-08-28 15:01:43 C30FF2A7F0CE3A717585A8EC1E751417 92776 ----a-w- C:\Users\Danny\Downloads\SpotifySetup (3).exe 2013-08-28 08:00:12 A8BC134E7AA5F29C4FFCB71C2D452B3A 9027352 ----a-w- C:\Users\Danny\AppData\Local\Temp\Installer.exe 2013-08-27 17:02:46 DEDD078A9893AF42CD624977DADF308A 5659096 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f35250271cea34602\skydrivesetup.exe 2013-08-27 17:02:46 DEDD078A9893AF42CD624977DADF308A 5659096 ----a-w- C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe 2013-08-27 17:02:42 DEDD078A9893AF42CD624977DADF308A 5659096 ----a-w- C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSetup.exe 2013-08-27 17:02:42 0D5ECE83B01ACEE67F97EEED185773B1 238552 ----a-w- C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe 2013-08-27 17:02:36 94F34B2CFF8B56C49BCD88077F3BEB16 74712 ----a-w- C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveConfig.exe 2013-08-27 17:00:45 DDCE338BB173B32024679D61FB4F2BA6 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f6cfdb041cea34604\DXSETUP.exe 2013-08-27 17:00:42 F5443547CAAC20AA334A88817579270F 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f51172671cea34603\DXSETUP.exe 2013-08-27 17:00:35 DDCE338BB173B32024679D61FB4F2BA6 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f1c4f73b1cea34601\DXSETUP.exe 2013-08-27 17:00:16 517792A56DBF99B4277B9B573E008EDD 1239536 ----a-w- C:\Users\Danny\Downloads\wlsetup-web.exe 2013-08-27 16:36:36 872669B6F5359EF6D35E22C4FBF00684 219434 ----a-w- C:\Users\Danny\AppData\Local\Unity\WebPlayer\Uninstall.exe 2013-08-27 16:36:26 32D3D0D1EBF3773354E84EF6083DB53F 648144 ----a-w- C:\Users\Danny\Downloads\UnityWebPlayer.exe 2013-08-25 16:37:32 A35576A433F4AEB0D48976A004657CB6 117656 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe === C: other files == 2013-08-29 20:45:35 24CD81C95D7AFDE098545C6ABC93F172 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3751033221-735151488-1739522443-1001\$IE94UBP.com 2013-08-29 20:45:23 ABD932A233B861AEE91E01C0665117EA 1260032 ----a-w- C:\$Recycle.Bin\S-1-5-21-3751033221-735151488-1739522443-1001\$RE94UBP.com 2013-08-29 13:21:38 65C234A4E5FD498E7848F3DA62001BE0 363755 ----a-w- C:\Users\Danny\AppData\Local\Temp\scoped_dir_5352_6437\newtab.crx 2013-08-28 20:35:44 E7B3F9B002FCA1381F30B16429AA31F3 2857 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0001.zip 2013-08-28 20:35:44 AD4C9A5A1EA015FD01858DE456E22A96 2847 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0003.zip 2013-08-28 20:35:44 18EC84E66D9EAF26745C4655CB803F72 2851 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0002.zip 2013-08-28 20:35:43 DAD650F1ACB5F5720AC5EA5EF76E89BD 3134 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip 2013-08-28 20:35:43 D87A5959D645622CFEBD676E3CFD682D 3198 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip 2013-08-28 20:35:43 C3877FEB8CD72E740544BD79E27E8F4B 3356 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip 2013-08-28 20:35:43 9F6DC26DD89A6A21D750B54E810607E5 3198 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0000.zip 2013-08-28 20:35:43 9298A980B1F3A25B95FBC3AD55ED3804 4275 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Amonetize.InstallPath-0000.zip 2013-08-28 20:35:43 8E526D810E924CF580849D17E89E0C8F 3121 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip 2013-08-28 20:35:43 8270FD5B670EF3D244BFBE6D41E4C899 3194 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip 2013-08-28 20:35:43 4C83D01872FFE144765A5F668C257D7A 3274 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip 2013-08-28 20:35:43 3E9DF40FA15B747524AB5CCAC60BEA62 3213 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip 2013-08-28 20:35:43 0B99DF3C1B3A74D652D52739FBE3C83A 3504 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.2UrFace.bho-0000.zip 2013-08-28 20:35:43 08A72ED42A000D4ADCDD19DF1D64F981 25663 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip 2013-08-28 20:35:43 01A69A906740A7D93FA2EEFD6FFC4ADC 3171 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\WinRAR-0000.zip 2013-08-28 19:24:31 8C5ED21E91607DF444667C1FD4AD3D9E 534346971 ----a-r- C:\Users\Danny\Downloads\Microsoft Office 2007 Enterprise- Fully Activated-hasim751.zip 2013-08-28 16:00:32 3596B655ED3320859ABF15F72279304A 1144 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0002.zip 2013-08-28 16:00:02 503A905E5B2B39A58870BB765A43FD53 1352 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip 2013-08-28 16:00:01 E60A281051FF1715FB2987C3E508E8B6 1357 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip 2013-08-28 16:00:01 E4B70E687A0552194FC9D5FC259FDC12 1383 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0001.zip 2013-08-28 16:00:01 3AFDA89104EB3628310502F5F6C508FC 1353 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip 2013-08-28 15:59:59 99D0F3A12467CD7BF62EF0DA8EC89827 1352 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip 2013-08-28 15:59:58 8C3B590972D44393BD4D1D4880ADDB3A 1384 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip 2013-08-28 15:59:58 59694D54D890DC61B770D85A27AFA169 1358 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip 2013-08-28 15:55:13 E6BAF67CB6C590E3A57D35004AB28CDA 63776 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys 2013-08-28 15:55:13 723E71EC3F271041AE3D8AA736B3C163 46120 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv32.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3751033221-735151488-1739522443-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify"="C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Epson Stylus SX235"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\Danny\AppData\Local\Temp\E_S2C03.tmp /EF HKCU" "Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe" "Spotify Web Helper"="C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "EPSON2589BA (Epson Stylus SX235)"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\Danny\AppData\Local\Temp\E_S2C90.tmp /EF HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart" "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify"="C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Epson Stylus SX235"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\Danny\AppData\Local\Temp\E_S2C03.tmp /EF HKCU" "Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe" "Spotify Web Helper"="C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "EPSON2589BA (Epson Stylus SX235)"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\Danny\AppData\Local\Temp\E_S2C90.tmp /EF HKCU" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/08/2013 18:29] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/08/2013 18:18] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== Profilepath: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller 0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash 07FAA8B85F81784DEC315E04E5852F2F - C:\Users\Danny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 0DB01492F7B7F3B0FC49BA0E8E9EFDEA - C:\WINDOWS\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[] Snap.Do - Danny - Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl Battlefield Heroes - Danny - Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== shortcuts on Users Desktops ====================== C:\Users\Danny\Desktop\BitTorrent.lnk - C:\Users\Danny\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\Danny\Desktop\Crossfire Europe.lnk - C:\SG Interactive\Crossfire Europe\patcher_cf.exe C:\Users\Danny\Desktop\HiJackThis.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\Danny\Desktop\Microsoft Office Excel 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Danny\Desktop\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Danny\Desktop\Spotify.lnk - C:\Users\Danny\AppData\Roaming\Spotify\spotify.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6 C:\Users\Public\Desktop\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6 C:\Users\Public\Desktop\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe C:\Users\Public\Desktop\Play League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe C:\Users\Public\Desktop\TmNationsForever.lnk - C:\Program Files (x86)\TmNationsForever\TmForeverLauncher.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk - C:\Users\Danny\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6 C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\Danny\AppData\Roaming\Spotify\spotify.exe C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck\TweetDeck.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Installer\{E2031233-3B7C-4DFC-9319-197626C011C3}\TweetDeck.exe C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\Rar.txt C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Connect.lnk - C:\Program Files (x86)\Cisco Systems\Cisco Connect\Cisco Connect.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Home Theater Demo.lnk - C:\Program Files (x86)\Dolby Home Theater v4\pcee4d.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Home Theater.lnk - C:\Program Files (x86)\Dolby Home Theater v4\pcee4l.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON SX235 Series\Driver Update.lnk - C:\Windows\System32\spool\drivers\x64\3\E_IUCHLE.EXE /RUN /D "EPSON SX235 Series" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON SX235 Series\EPSON Printer Software Uninstall.lnk - C:\Windows\System32\spool\drivers\x64\3\E_IINSHLE.EXE /R /APD /P:"EPSON SX235 Series" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON SX235 Series\Technical Support.lnk - C:\Windows\System32\rundll32.exe C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IGEPHLE.DLL,GE_OpenELINK "Epson Stylus SX235" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth Plug-in.lnk - C:\Windows\SysWOW64\msiexec.exe /x {79361740-EAE3-11E2-9911-B8AC6F98CCE3} FEEDBACK=1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype voor bureaublad.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Create System Report.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\File Scan.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Immunization.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Rootkit Scan.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\System Scan.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever\TmNationsForever spelen.lnk - C:\Program Files (x86)\TmNationsForever\TmForeverLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever\TmNationsForever verwijderen.lnk - C:\Program Files (x86)\TmNationsForever\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk - C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\Rar.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe ==== shortcuts in Quick Launch ====================== C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\Danny\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6 C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6 C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\WINDOWS\system32\calc.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6 C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6 C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\WINDOWS\system32\notepad.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TweetDeck.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Installer\{E2031233-3B7C-4DFC-9319-197626C011C3}\TweetDeck.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Danny\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\Danny\AppData\Local\Mozilla\Firefox\Profiles\qvl3w6dp.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Danny\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Danny\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 30/08/2013 at 13:09:13.96 ======================
  8. naabje
    Hallo, heb toch mijn twijfels over m'n pc. Laatst een raar mailtje geopend die zei iets over USPS pakket, heb daar nooit iets mee besteld ofzo, toen ik de link opende kwam ik op een lege error pagina aan. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:36:06, on 29/08/2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9431.0000) Boot mode: Normal Running processes: C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Danny\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Gyazo\GyStation.exe C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Users\Danny\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\RunOnce: [Del1217053171] cmd.exe /Q /D /c del "C:\Users\Danny\AppData\Local\Temp\0.del" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify] "C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Epson Stylus SX235] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Danny\AppData\Local\Temp\E_S2C03.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [EPSON2589BA (Epson Stylus SX235)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Danny\AppData\Local\Temp\E_S2C90.tmp" /EF "HKCU" O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing) O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: DealPly Live Service (dealplylive) (dealplylive) - Unknown owner - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe O23 - Service: DealPly Live Service (dealplylivem) (dealplylivem) - Unknown owner - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9682 bytes
  9. naabje
    Het probleem is opgelost denk ik. ik krijg de melding dat het inconstant is niet meer iedergeval wanneer ik een programma wil uitvoeren als administrator. Je zult het bijna niet geloven, maar dit was de oplossing: Ik had een ander thema geïnstalleerd op mijn laptop, ook met andere geluiden. nu heb ik het thema veranderd naar de standaart thema en nu krijg ik geen melding meer. toch bedankt voor het helpen iedereen!
  10. naabje
    Weer een systeem herstel gedaan, helaas weer geen succes
  11. naabje
    Deze melding kreeg ik. na het opnieuw opstarten kreeg ik geen melding meer
  12. naabje
    Eigenlijks maak ik die nooit
  13. naabje
    Hmm, wat moet ik precies doen? chkdsk.exe uitvoeren dat die vervolgens een CMD venster opent en snel sluit?? is dat goed?
  14. naabje
    Ik kan nog steeds niet uitvoeren als administrator. Ook kreeg ik deze melding na het herstelpunt.
  15. naabje
    Hey, Als ik een programma probeer uit te voeren als administrator krijg ik de volgende melding: "De uitgebreide kenmerken zijn incostant" Ook toen ik een programma wilde verwijderen lukte dat niet. Die zij dat ik in moest loggen op een Administrator account terwijl ik maar 1 account heb. Het account geeft wel aan dat het een Administrator is. Hier een HJT Logje. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:22:32, on 7-5-2013 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe C:\Users\Danny\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Danny\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [skyDrive] "C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235" O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000001" /M "Epson Stylus SX235" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [pdiface] C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe -noshow O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\bin\ManyCam.exe" /silent O4 - HKCU\..\Run: [ONAIR] C:\Program Files\ONAIR\ONAIR.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000002" /M "Epson Stylus SX235" O4 - HKCU\..\Run: [spotify] "C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: PdaNet Desktop.lnk = C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe O4 - Global Startup: RocketDock.lnk = C:\Program Files (x86)\Equinox Skin Pack\RocketDock\RocketDock.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.alipay.com O15 - Trusted Zone: http://*.alisoft.com O15 - Trusted Zone: http://*.taobao.com O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: Bitdefender 60-Second Virus Scanner Service (pdserv) - Bitdefender - C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Unsigned Themes (UnsignedThemes) - Unknown owner - C:\Windows\UnsignedThemesSvc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16420 bytes
  16. naabje
    Probleem inmiddels opgelost, moest de wifi driver updaten ^^ Toch bedankt iedereen!
  17. naabje
    Hoi, ik wil wat meer ram en een betere video kaart. Ik heb een Acer Aspire V3 771 Laptop Dit zijn mijn specificaties momenteel: Budget het liefst onder de 100 euro houden! Alvast bedankt. mvg
  18. naabje
    Dit helpt helaas niet. Ook het kanaal van de router wijzigen helpt niet. dit heb ik nameklijk vandaag ook geprobeerd.
  19. naabje
    Awh jammer. Hopelijk komt er toch snel een oplossing.
  20. naabje
    Hoi. ik ben maar verbonden met 1 wifi netwerk. Ook ik heb alleen last van dit probleem met mijn laptop. voor de rest niemand die verbonden is met de wifi. en ik kan draadloze netwerken "beheren" niet vinden bij netwerk centrum. misschien dat u in de war bent met een andere windows versie? ik heb windows 8.
  21. naabje
    iemand?
  22. naabje
    ik heb er nu op een of andere manier geen last meer van dit probleem. en ik zou ook totaal niet weten welke F toets dat dan wel zou moeten zijn. maar ik heb nu last van een ander probleempje. Mijn WiFi springt af en toe zomaar op "Beperkt" en dan duurt het weer eventjes voor dat ik internet heb. of ik moet opnieuw verbinding maken met de wifi. dan is het probleem wel weer op gelost. maar een paar minuten daar na. springt die net zo goed weer op beperkt. dit is heel erg vervelend. maar ook heel afwisselend, de ene keer is het vaker dan de andere keer.
  23. naabje
    Dat moet ik toch doen als ik windows op start en dan telkens op F8 tokkelen? Dat zwarte scherm krijg ik er iedergeval niet op met F8
  24. naabje
    als ik combofix.exe wil opstarten zegt die dat die niet langer beschikbaar is omdat ik windows 2000 heb haha, terwijl ik windows 8 heb!
  25. naabje
    bedankt!
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.