HJT Logje

[naabje]

Hallo, heb toch mijn twijfels over m'n pc.

Laatst een raar mailtje geopend die zei iets over USPS pakket, heb daar nooit iets mee besteld ofzo, toen ik de link opende kwam ik op een lege error pagina aan.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:36:06, on 29/08/2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.9431.0000)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Danny\AppData\Roaming\Spotify\spotify.exe

C:\Program Files (x86)\Gyazo\GyStation.exe

C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\Users\Danny\AppData\Roaming\BitTorrent\BitTorrent.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

O4 - HKLM\..\RunOnce: [Del1217053171] cmd.exe /Q /D /c del "C:\Users\Danny\AppData\Local\Temp\0.del"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [spotify] "C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [Epson Stylus SX235] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Danny\AppData\Local\Temp\E_S2C03.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [EPSON2589BA (Epson Stylus SX235)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Danny\AppData\Local\Temp\E_S2C90.tmp" /EF "HKCU"

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: DealPly Live Service (dealplylive) (dealplylive) - Unknown owner - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe

O23 - Service: DealPly Live Service (dealplylivem) (dealplylivem) - Unknown owner - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9682 bytes

[Gblue]

De malware experts worden verwittigd, zodra ze online zijn analyseren ze je logje en begeleiden ze je verder.

[Jion]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Search 880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search 880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Search 880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Search 880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O4 - HKLM\..\RunOnce: [Del1217053171] cmd.exe /Q /D /c del "C:\Users\Danny\AppData\Local\Temp\0.del"

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download Zoek.zip naar het bureaublad.

• 
  
• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

{ae07101b-46d4-4a98-af68-0333ea26e113};c
dealplylive;s
C:\Program Files (x86)\DealPlyLive;fs
dealplylivem;s
iedefaults; 
startupall; 
filesrcm;
autoclean;

• 
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[naabje]

Bijde gedaan, vind het nog wel vreemd dat de startpagina niet is verandert terwijl er staat dat google.nl dat is, maar het is qv06

Zoek.exe Version 4.0.0.4 Updated 30-08-2013

Tool run by Danny on 30/08/2013 at 12:54:12.61.

Microsoft Windows 8.1 Pro Preview 6.3.9431 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Danny\Desktop\zoek\zoek.exe [script inserted]

==== System Restore Info ======================

30/08/2013 12:55:18 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3751033221-735151488-1739522443-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully

HKEY_USERS\S-1-5-21-3751033221-735151488-1739522443-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default

---- Lines qvo6 removed from prefs.js ----

user_pref("browser.search.defaultenginename", "qvo6");

user_pref("browser.search.order.1", "qvo6");

---- Lines qvo6 modified from prefs.js ----

---- Lines qvo6 removed from user.js ----

---- Lines helperbar removed from prefs.js ----

user_pref("extensions.helperbar.countryiso", "tj");

user_pref("extensions.helperbar.DockingPositionDown", false);

user_pref("extensions.helperbar.downloadprovider", "somoto");

user_pref("extensions.helperbar.installationid", "3a0cb2ea-9b63-880d-e477-77a74ae98c34");

user_pref("extensions.helperbar.installdate", "29/08/2013");

user_pref("extensions.helperbar.publisher", "somoto");

user_pref("extensions.helperbar.SmartbarDisabled", false);

user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

user_pref("extensions.helperbar.Visibility", true);

---- Lines helperbar modified from prefs.js ----

---- Lines helperbar removed from user.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- Lines smartbar removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_082013_1257_.backup

prefs_082013_1257_.backup

==== Deleting Files \ Folders ======================

"C:\user.js" deleted

"C:\Users\Danny\Downloads\iLividSetup-r367-n-bc.exe" deleted

"C:\Users\Danny\Downloads\SoftonicDownloader_voor_bluestacks-app-player.exe" deleted

"C:\WINDOWS\Tasks\Dealply.job" deleted

"C:\windows\SysNative\Tasks\Dealply" deleted

"C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk" deleted

"C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx" deleted

"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted

"C:\user.js" deleted

"C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\searchplugins\Web Search.xml" deleted

"C:\Program Files (x86)\DealPlyLive" deleted

"C:\Program Files (x86)\WinZipper" deleted

"C:\Program Files (x86)\Common Files\337" deleted

"C:\Program Files (x86)\DealPly" deleted

"C:\Program Files (x86)\DealPlyLive" deleted

"C:\Program Files (x86)\Desk 365" deleted

"C:\Users\Danny\AppData\Roaming\Desk 365" deleted

"C:\Users\Danny\AppData\Roaming\Dealply" deleted

"C:\ProgramData\eSafe" deleted

"C:\ProgramData\DealPlyLive" deleted

"C:\Users\Danny\AppData\Local\DealPlyLive" deleted

"C:\Users\Danny\AppData\Local\SwvUpdater" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-08-11 17:28:06 2FA617D1B062B8D9F08036E90003B3E2 1698408 ----a-w- C:\WINDOWS\RtlExUpd.dll

2013-08-11 16:09:10 70757BB715401D58378CEFA1164902C8 13338 ----a-w- C:\WINDOWS\diagwrn.xml

2013-08-11 16:09:10 70757BB715401D58378CEFA1164902C8 13338 ----a-w- C:\WINDOWS\diagerr.xml

====== C:\Users\Danny\AppData\Local\Temp ====

2013-08-29 13:40:11 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\AppData\Local\Temp\ose00001.exe

2013-08-29 13:24:30 6FF3CFB85B18C032AF8F242498DFC8D9 303680 ----a-w- C:\Users\Danny\AppData\Local\Temp\eSafeSvc.exe

2013-08-29 13:24:26 FEA91DA0F43314348ED490748755E869 267856 ----a-w- C:\Users\Danny\AppData\Local\Temp\deskplusdl.exe

2013-08-29 13:24:26 7ECC6FA1B23EFCFFCD7164FC2966A263 3029672 ----a-w- C:\Users\Danny\AppData\Local\Temp\dl_1217189062.exe

2013-08-29 13:24:25 8A27F94D00E891296DA496EFE4CA38FF 267856 ----a-w- C:\Users\Danny\AppData\Local\Temp\WinZipperdl.exe

2013-08-29 13:24:25 56F9BB47B2CC82C1FA548BEAA040E2EA 3186344 ----a-w- C:\Users\Danny\AppData\Local\Temp\dl_1217187937.exe

2013-08-29 13:24:00 5AA3E89A59E3D556B5F9B6D8D8EE3A82 42080 ----a-w- C:\Users\Danny\AppData\Local\Temp\bi_cleaner.exe

2013-08-29 13:23:45 9B4316A022E8FFA53C35FAFAB8F7753B 305192 ----a-w- C:\Users\Danny\AppData\Local\Temp\UpdUninstall.exe

2013-08-29 13:21:03 5F25A1A3D3D57AD6BC0A14BBD6E03327 1109983 ----a-w- C:\Users\Danny\AppData\Local\Temp\6_Offer_11.exe

2013-08-29 13:19:54 E0713BA9EE9DF4FD8E7E9B888710F944 4620384 ----a-w- C:\Users\Danny\AppData\Local\Temp\OptimizerPro.exe

2013-08-29 13:19:50 2F5252E50745E47DB355B005725DAE05 327880 ----a-w- C:\Users\Danny\AppData\Local\Temp\appshat-distribution.exe

2013-08-29 13:19:50 2EFD560A4734B1245F20F0AA91A4B57E 8149388 ----a-w- C:\Users\Danny\AppData\Local\Temp\QuickShare1.exe

2013-08-29 13:19:42 A094070E6A43A03B7D5BD603532FCBAA 111071 ----a-w- C:\Users\Danny\AppData\Local\Temp\WajamC.exe

2013-08-29 13:19:13 8C8B135897470CB8DF7F34BDA3ED3538 1110212 ----a-w- C:\Users\Danny\AppData\Local\Temp\SevenZip-Installer.exe

2013-08-29 13:18:56 E565BD591BF472D62B580324164B0DAB 43545 ----a-w- C:\Users\Danny\AppData\Local\Temp\Run-Setup.exe

2013-08-29 13:17:25 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\AppData\Local\Temp\ose00000.exe

2013-08-28 08:00:12 A8BC134E7AA5F29C4FFCB71C2D452B3A 9027352 ----a-w- C:\Users\Danny\AppData\Local\Temp\Installer.exe

====== C:\WINDOWS\SysWOW64 =====

2013-08-29 15:19:08 351D111CD5C5479946EB724DBBB1275E 96168 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2013-08-29 13:21:53 CC2973069AD865E3B1DC2FDF61134E97 421032 ----a-w- C:\WINDOWS\SysWOW64\msvcp100.dll

2013-08-29 13:21:53 BF6FE24C8C344DEE4ADA87F93D55B069 773800 ----a-w- C:\WINDOWS\SysWOW64\msvcr100.dll

2013-08-27 17:03:21 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\WINDOWS\SysWOW64\XAPOFX1_5.dll

2013-08-27 17:03:21 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\WINDOWS\SysWOW64\XAudio2_7.dll

2013-08-27 17:03:20 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\WINDOWS\SysWOW64\d3dx11_43.dll

2013-08-27 17:03:20 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_43.dll

2013-08-27 17:03:16 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\WINDOWS\SysWOW64\d3dx10_42.dll

2013-08-27 17:02:59 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_32.dll

2013-08-21 18:37:03 E1D342DA107E8A025320CEF4449B56F7 214016 ----a-w- C:\WINDOWS\SysWOW64\dplayx.dll

2013-08-21 18:37:03 D3A06FAC0FE8FC12B6C642F80E48C0B4 33792 ----a-w- C:\WINDOWS\SysWOW64\dpnsvr.exe

2013-08-21 18:37:03 CB5C291D9963BE4CB51FC18643A91642 30720 ----a-w- C:\WINDOWS\SysWOW64\dplaysvr.exe

2013-08-21 18:37:03 C85AD797B395D84AB0CDAE40BA6338DF 377856 ----a-w- C:\WINDOWS\SysWOW64\dpnet.dll

2013-08-21 18:37:03 AD41901EFBAD2485D208E685775FC786 9216 ----a-w- C:\WINDOWS\SysWOW64\dpnhpast.dll

2013-08-21 18:37:03 4C56525111980136E20930704BFAC6F6 45056 ----a-w- C:\WINDOWS\SysWOW64\dpwsockx.dll

2013-08-21 18:37:03 47F0ACDF6D9E0661A2AAA5ECA33EC4AA 9216 ----a-w- C:\WINDOWS\SysWOW64\dpnhupnp.dll

2013-08-21 18:37:03 38C97AFD7E2A36EE6CAB725B106D0767 23552 ----a-w- C:\WINDOWS\SysWOW64\dpmodemx.dll

2013-08-21 18:37:03 0AA63C488FC4FE8210E1D0A6885F2C90 59904 ----a-w- C:\WINDOWS\SysWOW64\dpnathlp.dll

2013-08-21 18:33:01 5C4D3843B491C047B7A619901FBD2EC1 230168 ----a-w- C:\WINDOWS\SysWOW64\xactengine2_2.dll

2013-08-21 18:33:00 F1726346E583442541FE73429F8E9C10 62672 ----a-w- C:\WINDOWS\SysWOW64\xinput1_1.dll

2013-08-21 18:32:58 7C9952111F4C743B9F0D8B68B6ED93C9 229584 ----a-w- C:\WINDOWS\SysWOW64\xactengine2_1.dll

2013-08-21 18:32:45 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_30.dll

2013-08-21 18:32:44 4E961525CC7FF0E5D7DA19E170B7C14C 14032 ----a-w- C:\WINDOWS\SysWOW64\x3daudio1_0.dll

2013-08-21 18:32:44 2112FE0C46662D429347A7D7B49E3ECE 230096 ----a-w- C:\WINDOWS\SysWOW64\xactengine2_0.dll

2013-08-21 18:32:43 BE19B603DFBAA829EE5B7749B3BA97DB 2323664 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_28.dll

2013-08-21 18:32:43 99F4FC172A5ACE36CF00AA7038D23F2C 2332368 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_29.dll

2013-08-21 18:32:42 852EDC778A7A50077694F84D8E601234 2319568 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_27.dll

2013-08-21 18:32:41 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_25.dll

2013-08-21 18:32:41 523AB607EEF81CC4D909E7FEBD8A788E 2297552 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_26.dll

2013-08-21 18:32:38 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\WINDOWS\SysWOW64\d3dx9_24.dll

2013-08-19 00:35:40 3870409C1A92BBB676FEB7FB17D9D158 389120 ----a-w- C:\WINDOWS\SysWOW64\RegistryHelperLM.ocx

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2013-08-28 15:55:07 23948829C6D049B8ADE0E0FB87305AC3 17272 ----a-w- C:\WINDOWS\Sysnative\sdnclean64.exe

2013-08-27 17:03:21 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\WINDOWS\Sysnative\XAPOFX1_5.dll

2013-08-27 17:03:21 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\WINDOWS\Sysnative\XAudio2_7.dll

2013-08-27 17:03:20 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_43.dll

2013-08-27 17:03:20 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\WINDOWS\Sysnative\d3dx11_43.dll

2013-08-27 17:03:16 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\WINDOWS\Sysnative\d3dx10_42.dll

2013-08-27 17:02:59 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\WINDOWS\Sysnative\d3dx9_32.dll

2013-08-21 18:37:03 FCE8FAA3F342702CA6ACE15957D917F1 9216 ----a-w- C:\WINDOWS\Sysnative\dpnhupnp.dll

2013-08-21 18:37:03 F88A51195BC9524FA407E81218323B7E 461312 ----a-w- C:\WINDOWS\Sysnative\dpnet.dll

2013-08-21 18:37:03 E67D364628726110DE7DA2FE120C17BE 9216 ----a-w- C:\WINDOWS\Sysnative\dpnhpast.dll

2013-08-21 18:37:03 E16AF4DD6CA160C544AC50C8AFFB5822 66560 ----a-w- C:\WINDOWS\Sysnative\dpnathlp.dll

2013-08-21 18:37:03 16B383A5C3F980B300EB38D593244024 34304 ----a-w- C:\WINDOWS\Sysnative\dpnsvr.exe

2013-08-21 18:33:01 DC5A914C34EB12056531777D4DD0F44E 354072 ----a-w- C:\WINDOWS\Sysnative\xactengine2_2.dll

2013-08-21 18:33:00 6F9D3289D8B166E478AFFF9EFA92C42C 83664 ----a-w- C:\WINDOWS\Sysnative\xinput1_1.dll

2013-08-21 18:32:58 0CC809422AB40974DFF8078392E4D507 352464 ----a-w- C:\WINDOWS\Sysnative\xactengine2_1.dll

2013-08-21 18:32:45 E09A9CF383ACF4A28038561E62277377 3927248 ----a-w- C:\WINDOWS\Sysnative\d3dx9_30.dll

2013-08-21 18:32:44 F77D5AB654881E683CFF6650916C424E 16592 ----a-w- C:\WINDOWS\Sysnative\x3daudio1_0.dll

2013-08-21 18:32:44 CE5753F9A27837259EB52F3F47F39593 355536 ----a-w- C:\WINDOWS\Sysnative\xactengine2_0.dll

2013-08-21 18:32:43 88BAC8306D4EC79A82B1FFA17DC8CF4A 3815120 ----a-w- C:\WINDOWS\Sysnative\d3dx9_28.dll

2013-08-21 18:32:43 68B35CBDB4A8CC424718BBCC894FEEEA 3830992 ----a-w- C:\WINDOWS\Sysnative\d3dx9_29.dll

2013-08-21 18:32:42 914C3237E4D145A18DCD1D0D4C8659E1 3807440 ----a-w- C:\WINDOWS\Sysnative\d3dx9_27.dll

2013-08-21 18:32:41 4C56E7C5B2A61353E534C7D15D05856D 3823312 ----a-w- C:\WINDOWS\Sysnative\d3dx9_25.dll

2013-08-21 18:32:41 44F5C5E27D6825E4E62420BC29B8B533 3767504 ----a-w- C:\WINDOWS\Sysnative\d3dx9_26.dll

2013-08-21 18:32:38 B165DF72E13E6AF74D47013504319921 3544272 ----a-w- C:\WINDOWS\Sysnative\d3dx9_24.dll

====== C:\WINDOWS\Sysnative\drivers =====

2013-08-23 15:50:11 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf

2013-08-11 17:28:35 FCA6883B690E3722B6A60ADA972A831A 520 ----a-w- C:\WINDOWS\Sysnative\drivers\RTEQEX1.dat

2013-08-11 17:28:35 EBCA7473A23120CAE4066BEB3835D48F 520 ----a-w- C:\WINDOWS\Sysnative\drivers\RTEQEX0.dat

2013-08-11 17:28:35 E67AAB6205BD45C9A9644CDAC9CE9664 39672 ----a-w- C:\WINDOWS\Sysnative\drivers\RtPCEE3.DAT

2013-08-11 17:28:35 DAE054749540938A0889AA40E0D5594A 1448 ----a-w- C:\WINDOWS\Sysnative\drivers\RtHdatEx.dat

2013-08-11 17:28:35 D2621569F1EF82A58D4906E29DBCBF15 115256 ----a-w- C:\WINDOWS\Sysnative\drivers\RtPCEE4.DAT

2013-08-11 17:28:35 C104D162A7AC593908FCE05456300619 176 ----a-w- C:\WINDOWS\Sysnative\drivers\RTHDAEQ1.dat

2013-08-11 17:28:35 99E26EFF2A113E052CB973E989835DC3 24 ----a-w- C:\WINDOWS\Sysnative\drivers\rtkhdaud.dat

2013-08-11 17:28:35 57B8D47F171677E88563A42924D64D3D 520 ----a-w- C:\WINDOWS\Sysnative\drivers\RTEQEX2.dat

2013-08-11 17:28:35 530A9FEB236FF8DD1BC941A7F08E6561 520 ----a-w- C:\WINDOWS\Sysnative\drivers\RTEQEX3.dat

2013-08-11 17:28:35 4E84A165644886CC5333335C289B33D0 247560 ----a-w- C:\WINDOWS\Sysnative\drivers\RTConvEQ.dat

2013-08-11 17:28:23 E83BB47C3446F0497019DE7FD6C6A86F 4744808 ----a-w- C:\WINDOWS\Sysnative\drivers\RTKVHD64.sys

2013-08-11 17:28:19 AA554816190EBCB9AC3D413F469C9FBE 238448 ----a-w- C:\WINDOWS\Sysnative\drivers\RTAIODAT.DAT

2013-08-11 16:54:20 86B213002C4CA3C533866E654B7BFC15 1538304 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys

2013-08-11 16:54:20 3156C957C1ECCEF82791E3541D0C68C7 395520 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys

2013-08-11 15:58:13 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf

====== C:\WINDOWS\Tasks ======

2013-08-28 15:55:30 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Safer-Networking

2013-08-22 12:15:05 3FE7916E673809EFE69E2ADA207CC3A1 3150 ----a-w- C:\WINDOWS\Sysnative\Tasks\{197DA9B0-9EA7-48BB-BFF1-20C4544484A3}

2013-08-11 16:29:25 E10C1DDE64A7F5AF8857A42AEE1D467D 830 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-08-11 16:29:25 7D8BA7D70568EE6903936A07A459854A 3718 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater

2013-08-11 16:18:39 A7A46AA3E65066F4E44972B990E40D88 912 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-11 16:18:39 9CF40236E79ECAB7BC817A4919FD4F3E 3884 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA

2013-08-11 16:18:38 7EE0D0C9F5C5E2B9F5710FE809A5CD40 3648 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore

2013-08-11 16:18:38 5FB9D10AA1CC1B84EA3AF99F5505EF2E 908 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2013-08-11 15:57:43 E66FB5AC763E96DBA5668D9DA2808C58 3922 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{13A63F00-5E30-4DE9-A7B5-205834E97951}

2013-08-11 15:57:22 A044798F02AE601250374334315F2EC1 3596 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3751033221-735151488-1739522443-1001

2013-08-11 15:52:38 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\WPD

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-08-29 15:11:09 -------- d-----w- C:\Program Files\Speccy

2013-08-29 13:41:08 -------- d-----w- C:\Program Files\Microsoft Office

2013-08-27 17:03:58 -------- d-----w- C:\Program Files\Windows Live

2013-08-13 13:26:19 -------- d-----w- C:\Program Files\Common Files\EPSON

2013-08-11 17:40:49 -------- d-----w- C:\Program Files\Reference Assemblies

2013-08-11 17:40:49 -------- d-----w- C:\Program Files\MSBuild

2013-08-11 17:28:35 -------- d-----w- C:\Program Files\Realtek

2013-08-11 17:02:08 -------- d-----w- C:\Program Files\WinRAR

======= C:\Program Files (x86) =====

2013-08-29 13:44:49 -------- d-----w- C:\Program Files (x86)\Microsoft Works

2013-08-29 13:43:58 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio

2013-08-29 13:43:57 -------- d-----w- C:\Program Files (x86)\Common Files\DESIGNER

2013-08-29 13:41:02 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2013-08-29 13:40:27 -------- d-----w- C:\Program Files (x86)\Microsoft Office

2013-08-29 13:32:57 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-08-28 15:54:52 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-08-27 17:04:34 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2013-08-27 17:03:49 -------- d-----w- C:\Program Files (x86)\Windows Live

2013-08-27 17:02:46 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive

2013-08-27 17:00:26 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live

2013-08-21 18:30:11 -------- d-----w- C:\Program Files (x86)\TmNationsForever

2013-08-21 11:55:11 -------- d-----w- C:\Program Files (x86)\Cisco Systems

2013-08-14 13:15:37 -------- d-----w- C:\Program Files (x86)\EA Games

2013-08-13 16:16:20 -------- d-----w- C:\Program Files (x86)\Gyazo

2013-08-12 15:41:32 -------- d-----w- C:\Program Files (x86)\Twitter

2013-08-12 11:21:38 -------- d-----w- C:\Program Files (x86)\Common Files\Skype

2013-08-12 11:21:36 -------- d-----r- C:\Program Files (x86)\Skype

2013-08-11 17:41:05 -------- d-----w- C:\Program Files (x86)\Reference Assemblies

2013-08-11 17:41:05 -------- d-----w- C:\Program Files (x86)\MSBuild

2013-08-11 17:35:31 -------- d-----w- C:\Program Files (x86)\Dolby Home Theater v4

2013-08-11 17:28:09 -------- d--h--w- C:\Program Files (x86)\InstallShield Installation Information

2013-08-11 17:28:09 -------- d-----w- C:\Program Files (x86)\Realtek

2013-08-11 17:28:07 -------- d--h--w- C:\Program Files (x86)\Temp

2013-08-11 17:28:02 -------- d-----w- C:\Program Files (x86)\Common Files\InstallShield

2013-08-11 16:34:55 -------- d-----w- C:\Program Files (x86)\Opera

2013-08-11 16:26:49 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2013-08-11 16:18:36 -------- d-----w- C:\Program Files (x86)\Google

2013-08-11 16:03:58 -------- d-----w- C:\Program Files (x86)\Intel

======= C: =====

====== C:\Users\Danny\AppData\Roaming ======

2013-08-29 15:13:24 -------- d-----w- C:\users\Danny\AppData\Locallow\Sun

2013-08-29 14:49:16 -------- d-----w- C:\users\Default\AppData\Local\Microsoft Help

2013-08-29 14:49:16 -------- d-----w- C:\users\Default User\AppData\Local\Microsoft Help

2013-08-29 13:22:46 -------- d-----w- C:\users\Danny\AppData\Local\WebPlayer

2013-08-29 13:19:10 -------- d-----w- C:\users\Danny\AppData\Local\Microsoft Help

2013-08-27 17:00:32 -------- d-----w- C:\users\Danny\AppData\Local\Windows Live

2013-08-27 16:36:59 -------- d-----w- C:\users\Danny\AppData\Roaming\Unity

2013-08-27 16:36:36 -------- d-----w- C:\users\Danny\AppData\Local\Unity

2013-08-27 16:36:35 -------- d-----w- C:\users\Danny\AppData\Locallow\Unity

2013-08-22 20:42:33 -------- d-----w- C:\users\Danny\AppData\Locallow\Google

2013-08-14 13:51:34 -------- d-----w- C:\users\Danny\AppData\Local\PunkBuster

2013-08-13 17:31:24 -------- d-----w- C:\users\Danny\AppData\Local\twitter

2013-08-13 16:16:48 -------- d-----w- C:\users\Danny\AppData\Roaming\Gyazo

2013-08-13 16:16:18 -------- d-----w- C:\users\Danny\AppData\Local\Programs

2013-08-12 15:41:34 -------- d-----w- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck

2013-08-12 11:24:50 -------- d-----w- C:\users\Danny\AppData\Local\Spotify

2013-08-12 11:24:19 -------- d-----w- C:\users\Danny\AppData\Roaming\Spotify

2013-08-12 11:21:46 -------- d-----w- C:\users\Danny\AppData\Roaming\Skype

2013-08-11 17:02:24 -------- d-----w- C:\users\Danny\AppData\Roaming\WinRAR

2013-08-11 17:02:24 -------- d-----w- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-08-11 16:35:15 -------- d-----w- C:\users\Danny\AppData\Roaming\Opera Software

2013-08-11 16:35:15 -------- d-----w- C:\users\Danny\AppData\Local\Opera Software

2013-08-11 16:28:43 -------- d-----w- C:\users\Danny\AppData\Local\Adobe

2013-08-11 16:26:56 -------- d-----w- C:\users\Danny\AppData\Roaming\Mozilla

2013-08-11 16:26:56 -------- d-----w- C:\users\Danny\AppData\Local\Mozilla

2013-08-11 16:26:41 -------- d-----w- C:\users\Danny\AppData\Roaming\BitTorrent

2013-08-11 16:18:30 -------- d-----w- C:\users\Danny\AppData\Local\Google

2013-08-11 16:08:51 -------- d-s---w- C:\users\Danny\AppData\Roaming\Microsoft

2013-08-11 16:08:51 -------- d-----w- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-08-11 16:08:51 -------- d-----w- C:\users\Danny\AppData\Local\Temp

2013-08-11 16:08:51 -------- d-----w- C:\users\Danny\AppData\Local\Microsoft

2013-08-11 16:08:51 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-08-11 16:08:51 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-08-11 16:08:51 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2013-08-11 16:08:49 -------- d-s---w- C:\users\Administrator\AppData\Roaming\Microsoft

2013-08-11 16:08:49 -------- d-----w- C:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-08-11 16:08:49 -------- d-----w- C:\users\Administrator\AppData\Local\Temp

2013-08-11 16:08:49 -------- d-----w- C:\users\Administrator\AppData\Local\Microsoft

2013-08-11 16:08:49 -------- d-----r- C:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-08-11 16:08:49 -------- d-----r- C:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-08-11 16:08:49 -------- d-----r- C:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2013-08-11 15:57:52 -------- d-----w- C:\users\Danny\AppData\Locallow\Microsoft

2013-08-11 15:51:21 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-08-11 15:51:21 -------- d-----r- C:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-08-11 15:51:01 -------- d-----w- C:\users\Danny\AppData\Local\Packages

2013-08-11 15:51:00 -------- d-----w- C:\users\Danny\AppData\Roaming\Adobe

2013-08-11 15:50:57 -------- d-----w- C:\users\Danny\AppData\Local\VirtualStore

====== C:\Users\Danny ======

2013-08-29 15:17:49 0748E29E764BAC0E7F9E2567D4CECF94 903080 ----a-w- C:\Users\Danny\Downloads\chromeinstall-7u25 (1).exe

2013-08-29 15:14:53 -------- d-----w- C:\ProgramData\Sun

2013-08-29 15:13:15 0748E29E764BAC0E7F9E2567D4CECF94 903080 ----a-w- C:\Users\Danny\Downloads\chromeinstall-7u25.exe

2013-08-29 15:10:35 096C3277599629BD22AF6959D20774B9 4454952 ----a-w- C:\Users\Danny\Downloads\ccsetup405.exe

2013-08-29 15:10:10 1EFDECC41128BABB5B09B4C9BEB98D46 5127856 ----a-w- C:\Users\Danny\Downloads\spsetup122.exe

2013-08-29 13:45:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2013-08-29 13:22:51 -------- d-----w- C:\Users\Danny\Local Settings

2013-08-29 13:19:01 -------- d-----w- C:\ProgramData\Microsoft Help

2013-08-28 15:55:28 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-08-28 15:55:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2013-08-28 15:52:26 5041225B3ACEA99FD34EB9F026AC7D82 37672592 ----a-w- C:\Users\Danny\Downloads\spybotsd-2.1.21-SR2.exe

2013-08-28 15:01:43 C30FF2A7F0CE3A717585A8EC1E751417 92776 ----a-w- C:\Users\Danny\Downloads\SpotifySetup (3).exe

2013-08-27 17:04:52 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

2013-08-27 17:02:32 -------- d-----w- C:\ProgramData\Microsoft SkyDrive

2013-08-27 17:00:16 517792A56DBF99B4277B9B573E008EDD 1239536 ----a-w- C:\Users\Danny\Downloads\wlsetup-web.exe

2013-08-27 16:36:26 32D3D0D1EBF3773354E84EF6083DB53F 648144 ----a-w- C:\Users\Danny\Downloads\UnityWebPlayer.exe

2013-08-22 20:42:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

2013-08-22 20:41:32 E0031C4FFC714668ED09374509881E90 784856 ----a-w- C:\Users\Danny\Downloads\GoogleEarthPluginSetup.exe

2013-08-21 23:29:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon

2013-08-21 23:21:21 -------- d-----w- C:\ProgramData\NexonUS

2013-08-21 22:33:32 33D092D09C1B022574FFF40EABA28906 2232617911 ----a-w- C:\Users\Danny\Downloads\SuddenAttackV41.exe

2013-08-21 18:36:42 -------- d-----w- C:\ProgramData\TmForever

2013-08-21 18:31:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever

2013-08-21 18:24:56 2A36D70989F94BA9369993749FF20640 530600781 ----a-w- C:\Users\Danny\Downloads\tmnationsforever_setup.exe

2013-08-21 11:48:20 -------- d-----w- C:\ProgramData\Cisco Systems

2013-08-14 13:33:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games

2013-08-13 16:16:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo

2013-08-13 13:26:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON

2013-08-13 13:26:13 -------- d-----w- C:\ProgramData\EPSON

2013-08-12 11:21:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2013-08-12 11:21:29 -------- d-----w- C:\ProgramData\Skype

2013-08-11 17:35:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby

2013-08-11 17:02:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-08-11 16:31:39 -------- d--h--r- C:\Users\Public\AccountPictures

2013-08-11 16:30:59 -------- d-----r- C:\Users\Danny\SkyDrive

2013-08-11 16:26:50 -------- d-----w- C:\ProgramData\Mozilla

2013-08-11 16:19:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2013-08-11 16:08:51 -------- d--h--w- C:\Users\Danny\AppData

2013-08-11 16:08:51 -------- d-----r- C:\Users\Danny\Favorites

2013-08-11 16:08:51 -------- d-----r- C:\Users\Danny\Desktop

2013-08-11 16:08:49 -------- d--h--w- C:\Users\Administrator\AppData

2013-08-11 16:08:49 -------- d-----r- C:\Users\Administrator\Favorites

2013-08-11 16:08:49 -------- d-----r- C:\Users\Administrator\Desktop

2013-08-11 15:51:33 -------- d-----w- C:\ProgramData\PRICache

2013-08-11 15:51:21 -------- d-----r- C:\Users\Danny\Searches

2013-08-11 15:50:22 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Danny\ntuser.ini

2013-08-10 18:49:14 -------- d-----w- C:\Users\Danny\.Virtualbox.sav

2013-08-10 18:47:56 -------- d-----w- C:\Users\Danny\youwave

2013-08-10 18:17:37 -------- d-----w- C:\Users\Danny\.androvm

====== C: exe-files ==

2013-08-29 20:45:35 35359260836A6ED5D2408A1FA6DABD01 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3751033221-735151488-1739522443-1001\$I0U1XBO.exe

2013-08-29 20:45:20 ABD932A233B861AEE91E01C0665117EA 1260032 ----a-w- C:\$Recycle.Bin\S-1-5-21-3751033221-735151488-1739522443-1001\$R0U1XBO.exe

2013-08-29 18:11:06 120BB0B1A5295EA4E0E03822EF989144 73568 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\wow_helper.exe

2013-08-29 18:11:05 A235463929816A7548DF44C07DC423E1 1384800 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\opera_crashreporter.exe

2013-08-29 18:11:01 196C43111B13666422D5E9A8D0C5C23E 2851168 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\opera_autoupdate.exe

2013-08-29 18:10:57 12CA2FE2BFB6CB5B5DC81743E4B883EF 41219936 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\opera.exe

2013-08-29 18:10:55 F323A6022EFB1B3CF075160B8B60E831 1597792 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\launcher.exe

2013-08-29 18:09:44 331796FB3EF3916576FC089D48F93F96 32056088 ----a-w- C:\Users\Danny\AppData\Local\Temp\CProgram Files (x86)Opera\ready\Opera_16.0.1196.62_Autoupdate.exe

2013-08-29 15:17:49 0748E29E764BAC0E7F9E2567D4CECF94 903080 ----a-w- C:\Users\Danny\Downloads\chromeinstall-7u25 (1).exe

2013-08-29 15:13:15 0748E29E764BAC0E7F9E2567D4CECF94 903080 ----a-w- C:\Users\Danny\Downloads\chromeinstall-7u25.exe

2013-08-29 15:10:35 096C3277599629BD22AF6959D20774B9 4454952 ----a-w- C:\Users\Danny\Downloads\ccsetup405.exe

2013-08-29 15:10:10 1EFDECC41128BABB5B09B4C9BEB98D46 5127856 ----a-w- C:\Users\Danny\Downloads\spsetup122.exe

2013-08-29 13:40:11 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\AppData\Local\Temp\ose00001.exe

2013-08-29 13:38:53 95B8A4245A6CD37D36E56FAE5A23E2B1 463152 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\setup.exe

2013-08-29 13:38:53 95B8A4245A6CD37D36E56FAE5A23E2B1 463152 ----a-w- C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe

2013-08-29 13:38:53 16101796FCA07764ED634FEC742CA8C2 5409712 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\Updates\office2007-kb932338-fullfile-x86-glb.exe

2013-08-29 13:38:44 C6D0721E9156EB2A40A04BB38BE0B2A5 813384 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\Office.en-us\DW20.EXE

2013-08-29 13:38:44 C6D0721E9156EB2A40A04BB38BE0B2A5 813384 ----a-w- C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\DW20.EXE

2013-08-29 13:38:44 29E177C7BB7343F365F12AD9A8AF4C48 434528 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\Office.en-us\dwtrig20.exe

2013-08-29 13:38:44 29E177C7BB7343F365F12AD9A8AF4C48 434528 ----a-w- C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\dwtrig20.exe

2013-08-29 13:38:42 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\Desktop\Office 2007 Enterprise\Setup\Enterprise.WW\ose.exe

2013-08-29 13:38:42 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe

2013-08-29 13:24:30 6FF3CFB85B18C032AF8F242498DFC8D9 303680 ----a-w- C:\Users\Danny\AppData\Local\Temp\eSafeSvc.exe

2013-08-29 13:24:26 FEA91DA0F43314348ED490748755E869 267856 ----a-w- C:\Users\Danny\AppData\Local\Temp\deskplusdl.exe

2013-08-29 13:24:26 7ECC6FA1B23EFCFFCD7164FC2966A263 3029672 ----a-w- C:\Users\Danny\AppData\Local\Temp\dl_1217189062.exe

2013-08-29 13:24:25 8A27F94D00E891296DA496EFE4CA38FF 267856 ----a-w- C:\Users\Danny\AppData\Local\Temp\WinZipperdl.exe

2013-08-29 13:24:25 56F9BB47B2CC82C1FA548BEAA040E2EA 3186344 ----a-w- C:\Users\Danny\AppData\Local\Temp\dl_1217187937.exe

2013-08-29 13:24:00 5AA3E89A59E3D556B5F9B6D8D8EE3A82 42080 ----a-w- C:\Users\Danny\AppData\Local\Temp\bi_cleaner.exe

2013-08-29 13:23:45 9B4316A022E8FFA53C35FAFAB8F7753B 305192 ----a-w- C:\Users\Danny\AppData\Local\Temp\UpdUninstall.exe

2013-08-29 13:22:51 AC8F7611F353CA9803FAD5FF81900678 228432 ----a-w- C:\Users\Danny\Local Settings\Application Data\Bundled software uninstaller\biclient.exe

2013-08-29 13:22:47 D8BA5F4E6A1594D0E07C886DAC0F5F8C 64142 ----a-w- C:\Users\Danny\AppData\Local\WebPlayer\Uninstall.exe

2013-08-29 13:21:41 CD47E8A6F925071A9B883F4C2F02D24D 1508944 ----a-w- C:\Users\Danny\AppData\Local\Temp\Desk365\eInstall\eInstall.exe

2013-08-29 13:21:17 BC7338B48C03D5BF2B2ACCA13EE56E68 698880 ----a-w- C:\Users\Danny\AppData\Local\Temp\eIntaller\3DCCE30AEC5445ba9913E6A5C448A34E\eXQ.exe

2013-08-29 13:21:17 6FF3CFB85B18C032AF8F242498DFC8D9 303680 ----a-w- C:\Users\Danny\AppData\Local\Temp\eIntaller\3DCCE30AEC5445ba9913E6A5C448A34E\eGdpSvc.exe

2013-08-29 13:21:17 1C3F886FEC804BFF5E262E08D65D5B9E 4441168 ----a-w- C:\Users\Danny\AppData\Local\Temp\eIntaller\3DCCE30AEC5445ba9913E6A5C448A34E\Desk365.exe

2013-08-29 13:21:03 5F25A1A3D3D57AD6BC0A14BBD6E03327 1109983 ----a-w- C:\Users\Danny\AppData\Local\Temp\6_Offer_11.exe

2013-08-29 13:19:54 E0713BA9EE9DF4FD8E7E9B888710F944 4620384 ----a-w- C:\Users\Danny\AppData\Local\Temp\OptimizerPro.exe

2013-08-29 13:19:50 2F5252E50745E47DB355B005725DAE05 327880 ----a-w- C:\Users\Danny\AppData\Local\Temp\appshat-distribution.exe

2013-08-29 13:19:50 2EFD560A4734B1245F20F0AA91A4B57E 8149388 ----a-w- C:\Users\Danny\AppData\Local\Temp\QuickShare1.exe

2013-08-29 13:19:42 A094070E6A43A03B7D5BD603532FCBAA 111071 ----a-w- C:\Users\Danny\AppData\Local\Temp\WajamC.exe

2013-08-29 13:19:13 8C8B135897470CB8DF7F34BDA3ED3538 1110212 ----a-w- C:\Users\Danny\AppData\Local\Temp\SevenZip-Installer.exe

2013-08-29 13:18:56 E565BD591BF472D62B580324164B0DAB 43545 ----a-w- C:\Users\Danny\AppData\Local\Temp\Run-Setup.exe

2013-08-29 13:17:25 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\Danny\AppData\Local\Temp\ose00000.exe

2013-08-28 19:23:03 DC5C3A2292D011EF3BBF9D17BD28A54C 1194848 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.62\29.0.1547.62_29.0.1547.57_chrome_updater.exe

2013-08-28 18:38:01 C0474D835A81DE2B8F264EA955B34534 884576 ----a-w- C:\Users\Danny\AppData\Roaming\BitTorrent\updates\7.8.1_30016.exe

2013-08-28 15:58:14 FEE1C90AF84E759CBBE45C0FA9B63012 254064 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\spybotsd2-translation-frx.exe

2013-08-28 15:58:13 FEE1C90AF84E759CBBE45C0FA9B63012 254064 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\spybotsd2-translation-frx.exe

2013-08-28 15:58:12 0C68C4B59CEF048ADADCA4FC4EA6991A 17392 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDDisableProxy.exe

2013-08-28 15:58:12 0C68C4B59CEF048ADADCA4FC4EA6991A 17392 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDisableProxy.exe

2013-08-28 15:55:14 9B17FF79B20D59E71E4AE522E33B9210 248712 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookInst32.exe

2013-08-28 15:55:14 6AE8E702D1027A9627DDE2B77BB9992B 171928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

2013-08-28 15:55:14 0655F97E68430250FF645BAF75226847 316632 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookInst64.exe

2013-08-28 15:55:13 D5AD5E8830E3613B2CFA3378237014EE 126640 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookHelper.exe

2013-08-28 15:55:12 275D7DEE68B77A5D3EDE23D327E63ED7 132560 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\blindman.exe

2013-08-28 15:55:11 D31398D4BB4907B517B6E784C2100C4A 1033688 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

2013-08-28 15:55:11 66F296D86873FE65E6E9F09FFE5D949F 2977768 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPrepPos.exe

2013-08-28 15:55:11 01F441F655D8CC4214BDF411D39D04AF 3881928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

2013-08-28 15:55:10 B9DF317275DC6EB461ACED5EBEBC254D 5042648 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSBIEdit.exe

2013-08-28 15:55:10 39CEC90CF1E9541EA41E3ECCC69E498F 4352984 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScript.exe

2013-08-28 15:55:09 AED8D2D7AE0E77AB72D3887FD2E74016 223184 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPESetup.exe

2013-08-28 15:55:09 5D8057F6C56082ECC2533B89899A0F56 3580888 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDBootCD.exe

2013-08-28 15:55:09 3F8111AB50845D0DF5ABCE01ED44B5FC 2729432 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPEStart.exe

2013-08-28 15:55:08 EBF236A412C38EDF04D3E18425EE393E 4812744 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSettings.exe

2013-08-28 15:55:08 D3BF70B531AB5468B4CBFE98C2459CD1 4563928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe

2013-08-28 15:55:08 A58EAD767EAE964ED463FEDF25E750A2 3609552 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

2013-08-28 15:55:07 D71699B1030F1021E663DBD567F7B018 3642312 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe

2013-08-28 15:55:07 23948829C6D049B8ADE0E0FB87305AC3 17272 ----a-w- C:\Windows\System32\sdnclean64.exe

2013-08-28 15:55:07 03250DB0886A23B1F6C077C5D9F152B0 3859928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

2013-08-28 15:55:07 03250DB0886A23B1F6C077C5D9F152B0 3859928 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\explorer.exe

2013-08-28 15:55:06 E3399927C23E8B35B550B09602411310 221216 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanHelper.exe

2013-08-28 15:55:06 95AA9E165C7DE1B64A11E8B18E91E499 1817560 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

2013-08-28 15:55:06 63B4C70F88BB8DF11E6A0FA5ABE3C34B 4255184 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe

2013-08-28 15:55:06 5FFCEDD10D4E21CF2A857BCBC3437A6F 2935760 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe

2013-08-28 15:55:02 AF49D1C79EA49A7833017F290EE63B82 5624784 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

2013-08-28 15:54:59 34B546C897FA6E41957824303F0E007B 6175696 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe

2013-08-28 15:54:56 AC8BD92DDEFE7A1BED5C7AFB37E4ADDC 2988496 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDShell.exe

2013-08-28 15:54:56 76ABF19EBC873704960D191E22C8A4A5 127984 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPRE.exe

2013-08-28 15:54:55 D906E46C649BFEC3F11287531516FE4E 5347288 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exe

2013-08-28 15:54:55 BB9E4FA5783686595CA8A7BC90CE7997 3330000 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe

2013-08-28 15:54:55 7A693C96C87EFE7E047A9042CFDCDA75 3502032 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSysRepair.exe

2013-08-28 15:54:55 23146C8162411DFFB5B4DF48A708312E 3124688 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDShred.exe

2013-08-28 15:54:54 B1B174A83FDCF9FF76DC463FE243BF0E 3436000 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPhoneScan.exe

2013-08-28 15:54:54 566F7FAB0CFA43CC277249C7CC699707 2674128 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe

2013-08-28 15:54:53 98F2272A7D1BA8E3155FBEA167BCC613 91648 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\xcacls.exe

2013-08-28 15:54:52 EE962F34EB2A8904B2597CF73BB56FDD 1272624 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe

2013-08-28 15:52:26 5041225B3ACEA99FD34EB9F026AC7D82 37672592 ----a-w- C:\Users\Danny\Downloads\spybotsd-2.1.21-SR2.exe

2013-08-28 15:01:43 C30FF2A7F0CE3A717585A8EC1E751417 92776 ----a-w- C:\Users\Danny\Downloads\SpotifySetup (3).exe

2013-08-28 08:00:12 A8BC134E7AA5F29C4FFCB71C2D452B3A 9027352 ----a-w- C:\Users\Danny\AppData\Local\Temp\Installer.exe

2013-08-27 17:02:46 DEDD078A9893AF42CD624977DADF308A 5659096 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f35250271cea34602\skydrivesetup.exe

2013-08-27 17:02:46 DEDD078A9893AF42CD624977DADF308A 5659096 ----a-w- C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe

2013-08-27 17:02:42 DEDD078A9893AF42CD624977DADF308A 5659096 ----a-w- C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSetup.exe

2013-08-27 17:02:42 0D5ECE83B01ACEE67F97EEED185773B1 238552 ----a-w- C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

2013-08-27 17:02:36 94F34B2CFF8B56C49BCD88077F3BEB16 74712 ----a-w- C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveConfig.exe

2013-08-27 17:00:45 DDCE338BB173B32024679D61FB4F2BA6 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f6cfdb041cea34604\DXSETUP.exe

2013-08-27 17:00:42 F5443547CAAC20AA334A88817579270F 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f51172671cea34603\DXSETUP.exe

2013-08-27 17:00:35 DDCE338BB173B32024679D61FB4F2BA6 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\f1c4f73b1cea34601\DXSETUP.exe

2013-08-27 17:00:16 517792A56DBF99B4277B9B573E008EDD 1239536 ----a-w- C:\Users\Danny\Downloads\wlsetup-web.exe

2013-08-27 16:36:36 872669B6F5359EF6D35E22C4FBF00684 219434 ----a-w- C:\Users\Danny\AppData\Local\Unity\WebPlayer\Uninstall.exe

2013-08-27 16:36:26 32D3D0D1EBF3773354E84EF6083DB53F 648144 ----a-w- C:\Users\Danny\Downloads\UnityWebPlayer.exe

2013-08-25 16:37:32 A35576A433F4AEB0D48976A004657CB6 117656 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe

=== C: other files ==

2013-08-29 20:45:35 24CD81C95D7AFDE098545C6ABC93F172 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3751033221-735151488-1739522443-1001\$IE94UBP.com

2013-08-29 20:45:23 ABD932A233B861AEE91E01C0665117EA 1260032 ----a-w- C:\$Recycle.Bin\S-1-5-21-3751033221-735151488-1739522443-1001\$RE94UBP.com

2013-08-29 13:21:38 65C234A4E5FD498E7848F3DA62001BE0 363755 ----a-w- C:\Users\Danny\AppData\Local\Temp\scoped_dir_5352_6437\newtab.crx

2013-08-28 20:35:44 E7B3F9B002FCA1381F30B16429AA31F3 2857 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0001.zip

2013-08-28 20:35:44 AD4C9A5A1EA015FD01858DE456E22A96 2847 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0003.zip

2013-08-28 20:35:44 18EC84E66D9EAF26745C4655CB803F72 2851 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0002.zip

2013-08-28 20:35:43 DAD650F1ACB5F5720AC5EA5EF76E89BD 3134 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip

2013-08-28 20:35:43 D87A5959D645622CFEBD676E3CFD682D 3198 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip

2013-08-28 20:35:43 C3877FEB8CD72E740544BD79E27E8F4B 3356 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip

2013-08-28 20:35:43 9F6DC26DD89A6A21D750B54E810607E5 3198 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0000.zip

2013-08-28 20:35:43 9298A980B1F3A25B95FBC3AD55ED3804 4275 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Amonetize.InstallPath-0000.zip

2013-08-28 20:35:43 8E526D810E924CF580849D17E89E0C8F 3121 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip

2013-08-28 20:35:43 8270FD5B670EF3D244BFBE6D41E4C899 3194 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip

2013-08-28 20:35:43 4C83D01872FFE144765A5F668C257D7A 3274 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip

2013-08-28 20:35:43 3E9DF40FA15B747524AB5CCAC60BEA62 3213 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip

2013-08-28 20:35:43 0B99DF3C1B3A74D652D52739FBE3C83A 3504 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.2UrFace.bho-0000.zip

2013-08-28 20:35:43 08A72ED42A000D4ADCDD19DF1D64F981 25663 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip

2013-08-28 20:35:43 01A69A906740A7D93FA2EEFD6FFC4ADC 3171 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\WinRAR-0000.zip

2013-08-28 19:24:31 8C5ED21E91607DF444667C1FD4AD3D9E 534346971 ----a-r- C:\Users\Danny\Downloads\Microsoft Office 2007 Enterprise- Fully Activated-hasim751.zip

2013-08-28 16:00:32 3596B655ED3320859ABF15F72279304A 1144 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0002.zip

2013-08-28 16:00:02 503A905E5B2B39A58870BB765A43FD53 1352 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip

2013-08-28 16:00:01 E60A281051FF1715FB2987C3E508E8B6 1357 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip

2013-08-28 16:00:01 E4B70E687A0552194FC9D5FC259FDC12 1383 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0001.zip

2013-08-28 16:00:01 3AFDA89104EB3628310502F5F6C508FC 1353 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip

2013-08-28 15:59:59 99D0F3A12467CD7BF62EF0DA8EC89827 1352 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip

2013-08-28 15:59:58 8C3B590972D44393BD4D1D4880ADDB3A 1384 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip

2013-08-28 15:59:58 59694D54D890DC61B770D85A27AFA169 1358 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip

2013-08-28 15:55:13 E6BAF67CB6C590E3A57D35004AB28CDA 63776 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys

2013-08-28 15:55:13 723E71EC3F271041AE3D8AA736B3C163 46120 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv32.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3751033221-735151488-1739522443-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Spotify"="C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Epson Stylus SX235"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\Danny\AppData\Local\Temp\E_S2C03.tmp /EF HKCU"

"Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe"

"Spotify Web Helper"="C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"EPSON2589BA (Epson Stylus SX235)"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\Danny\AppData\Local\Temp\E_S2C90.tmp /EF HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart"

"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Spotify"="C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Epson Stylus SX235"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\Danny\AppData\Local\Temp\E_S2C03.tmp /EF HKCU"

"Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe"

"Spotify Web Helper"="C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"EPSON2589BA (Epson Stylus SX235)"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\Danny\AppData\Local\Temp\E_S2C90.tmp /EF HKCU"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"Persistence"="C:\WINDOWS\system32\igfxpers.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/08/2013 18:29]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [undetermined Task]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/08/2013 18:18]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default

D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller

0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

07FAA8B85F81784DEC315E04E5852F2F - C:\Users\Danny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

0DB01492F7B7F3B0FC49BA0E8E9EFDEA - C:\WINDOWS\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[]

Snap.Do - Danny - Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl

Battlefield Heroes - Danny - Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=TJ&userid=3a0cb2ea-9b63-880d-e477-77a74ae98c34&searchtype=ds&q={searchTerms}&installDate=29/08/2013"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== shortcuts on Users Desktops ======================

C:\Users\Danny\Desktop\BitTorrent.lnk - C:\Users\Danny\AppData\Roaming\BitTorrent\BitTorrent.exe

C:\Users\Danny\Desktop\Crossfire Europe.lnk - C:\SG Interactive\Crossfire Europe\patcher_cf.exe

C:\Users\Danny\Desktop\HiJackThis.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\Danny\Desktop\Microsoft Office Excel 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Danny\Desktop\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Danny\Desktop\Spotify.lnk - C:\Users\Danny\AppData\Roaming\Spotify\spotify.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\Users\Public\Desktop\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6

C:\Users\Public\Desktop\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe

C:\Users\Public\Desktop\Play League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe

C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe

C:\Users\Public\Desktop\TmNationsForever.lnk - C:\Program Files (x86)\TmNationsForever\TmForeverLauncher.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk - C:\Users\Danny\AppData\Roaming\BitTorrent\BitTorrent.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Users\Danny\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\Danny\AppData\Roaming\Spotify\spotify.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck\TweetDeck.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Installer\{E2031233-3B7C-4DFC-9319-197626C011C3}\TweetDeck.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\Rar.txt

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk - C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Connect.lnk - C:\Program Files (x86)\Cisco Systems\Cisco Connect\Cisco Connect.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Home Theater Demo.lnk - C:\Program Files (x86)\Dolby Home Theater v4\pcee4d.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Home Theater.lnk - C:\Program Files (x86)\Dolby Home Theater v4\pcee4l.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON SX235 Series\Driver Update.lnk - C:\Windows\System32\spool\drivers\x64\3\E_IUCHLE.EXE /RUN /D "EPSON SX235 Series"

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON SX235 Series\EPSON Printer Software Uninstall.lnk - C:\Windows\System32\spool\drivers\x64\3\E_IINSHLE.EXE /R /APD /P:"EPSON SX235 Series"

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON SX235 Series\Technical Support.lnk - C:\Windows\System32\rundll32.exe C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IGEPHLE.DLL,GE_OpenELINK "Epson Stylus SX235"

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth Plug-in.lnk - C:\Windows\SysWOW64\msiexec.exe /x {79361740-EAE3-11E2-9911-B8AC6F98CCE3} FEEDBACK=1

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk - C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype voor bureaublad.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Create System Report.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\File Scan.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Immunization.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Rootkit Scan.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\System Scan.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk - C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever\TmNationsForever spelen.lnk - C:\Program Files (x86)\TmNationsForever\TmForeverLauncher.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever\TmNationsForever verwijderen.lnk - C:\Program Files (x86)\TmNationsForever\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk - C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\Rar.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\Danny\AppData\Roaming\BitTorrent\BitTorrent.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\WINDOWS\system32\calc.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\WINDOWS\system32\notepad.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TweetDeck.lnk - C:\Users\Danny\AppData\Roaming\Microsoft\Installer\{E2031233-3B7C-4DFC-9319-197626C011C3}\TweetDeck.exe

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Danny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Danny\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\Danny\AppData\Local\Mozilla\Firefox\Profiles\qvl3w6dp.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Danny\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\Danny\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 30/08/2013 at 13:09:13.96 ======================

[Jion]

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

amfclgbdpgndipgoegfpkkgobahigbcl;chr
CHRdefaults; 
FFdefaults;
hijackthis;

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

Download AdwCleaner by Xplode naar je bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op Scan.
  
• Klik vervolgens op Clean als er items zijn gevonden.
  
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt.

Post aansluitend de inhoud van dit log in je volgende bericht.

[naabje]

Fijn, de startpagina is nu niet meer QV06. bedankt,

Zoek.exe Version 4.0.0.4 Updated 30-08-2013

Tool run by Danny on 30/08/2013 at 13:58:20.17.

Microsoft Windows 8.1 Pro Preview 6.3.9431 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Danny\Desktop\zoek\zoek.exe [script inserted]

==== FireFox Fix ======================

Deleted from C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\prefs.js:

user_pref("browser.newtab.url", "about:blank");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default

D7324EB1EDCB8990F8522DE0311359E9 - C:\WINDOWS\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17

6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller

0C8597DBC74AAF5179471BA013E3C6B4 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

07FAA8B85F81784DEC315E04E5852F2F - C:\Users\Danny\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

0DB01492F7B7F3B0FC49BA0E8E9EFDEA - C:\WINDOWS\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

Snap.Do - Danny - Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl

Google Docs - Danny - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Danny - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Danny - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Battlefield Heroes - Danny - Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh

Google Search - Danny - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Card number - Danny - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Danny - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully

C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage deleted successfully

==== Reset Google Chrome ======================

C:\users\Danny\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Danny\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== HijackThis Entries ======================

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [spotify] "C:\Users\Danny\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [Epson Stylus SX235] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Danny\AppData\Local\Temp\E_S2C03.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Danny\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [EPSON2589BA (Epson Stylus SX235)] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\Danny\AppData\Local\Temp\E_S2C90.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== EOF on 30/08/2013 at 13:59:52.54 ======================

# AdwCleaner v3.001 - Report created 30/08/2013 at 14:03:37

# Updated 24/08/2013 by Xplode

# Operating System : Windows 8.1 Pro Preview (64 bits)

# Username : Danny - PCDANNY

# Running from : C:\Users\Danny\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKCU\Software\BI

Key Deleted : HKCU\Software\dealplylive

Key Deleted : HKCU\Software\SmartBar

Key Deleted : HKLM\Software\Desksvc

Key Deleted : HKLM\Software\qvo6Software

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9431.0

-\\ Mozilla Firefox v23.0.1 (nl)

[ File : C:\Users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\qvl3w6dp.default\prefs.js ]

-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\Danny\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2699 octets] - [30/08/2013 14:02:58]

AdwCleaner[s0].txt - [1923 octets] - [30/08/2013 14:03:37]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1983 octets] ##########

[Jion]

Mooi zo!

Tijd voor de grote schoonmaak dan:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• 
  
• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Als je verder geen vragen meer hebt, mag je op de knop "Markeer als Opgelost" tokkelen.

[naabje]

Dankjewel voor het helpen. ik zal de laatste stap uitvoeren en het topic mankeren als opgelost!