Hoe oschot verwijderen ?

indo1991 · 4 augustus 2013

0p een laptop krijg ik de melding van otschot.

ik hb gekeken op verschillende website's.

maar dan moet ik programma spyhunter instaleren,waar je

daarna voor moet betalen.

is er ook een mogelijkheid hem gratis te verwijderen?

kape · 5 augustus 2013

1. Download HijackThis. (klik er op)

De download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Jion · 5 augustus 2013

Kan je ook even ter info voor Kape zeggen of het over dezelfde laptop gaat als in DEZE topic?

indo1991 · 5 augustus 2013

het gaat dit x om een andere laptop( van de buurvrouw)

ik heb de virus/scanner van cc cleaner en avast.

de log van de laptop is

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:33:40, on 5-8-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16635)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe

C:\Users\Electrikeye\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe

C:\Program Files\otshot\otshot.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=2133e195-412b-4090-ae1d-7ca51e78a860&searchtype=ds&q={searchTerms}&installDate=30/04/2013

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=2133e195-412b-4090-ae1d-7ca51e78a860&searchtype=ds&q={searchTerms}&installDate=30/04/2013

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: (no name) - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll

O2 - BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O3 - Toolbar: (no name) - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - (no file)

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [KPN Assistent] C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto

O4 - HKLM\..\Run: [Otshot] c:\program files\otshot\otshot.exe -minimize

O4 - HKLM\..\Run: [Denzi] C:\Program Files (x86)\Denzi\Denzi.exe

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKCU\..\Run: [sDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto

O4 - HKCU\..\Run: [spotify] "C:\Users\Electrikeye\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Electrikeye\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [smart Driver Updater] C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)

O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)

O20 - AppInit_DLLs:

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe

O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files (x86)\PasswordBox\pbbtnService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: Web Assistant - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe

--

End of file - 13116 bytes

indo1991 · 5 augustus 2013

En als jullie toevallig iets zie staan wat rotzooi is.

kunnen jullie me dat dan ook vertellen

bedankt alvast

kape · 5 augustus 2013

Er zit veel meer rotzooi op dan je zou kunnen vermoeden ... maar dat halen we er wel af ;-)

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&u serid=2133e195-412b-4090-ae1d-7ca51e78a860&searchtype=ds&q={searchTerms}&install Date=30/04/2013

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&u serid=2133e195-412b-4090-ae1d-7ca51e78a860&searchtype=ds&q={searchTerms}&install Date=30/04/2013

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)

O2 - BHO: (no name) - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll

O2 - BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll

O3 - Toolbar: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O3 - Toolbar: (no name) - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - (no file)

O8 - Extra context menu item: Zoek op het web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)

O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file)

O20 - AppInit_DLLs:

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Klik op de knop "Options" en vink nu de onderstaande opties aan.
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm; 
Web Assistant;s
C:\Program Files\Web Assistant;fs
c:\program files\otshot;fs

Vink nu de onderstaande opties aan.

HijackThis Log
Firefox Look
Chrome Look
Firefox Defaults
Reset Chrome
IE Defaults
Auto Clean

Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.

indo1991 · 5 augustus 2013

Hier de logje van zoek.exe

Zoek.exe Version 4.0.0.4 Updated 31-07-2013

Tool run by Electrikeye on ma 05-08-2013 at 14:31:21,75.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Electrikeye\Downloads\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

5-8-2013 14:36:11 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1961875930-2905929432-421735862-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully

HKEY_USERS\S-1-5-21-1961875930-2905929432-421735862-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully

HKEY_USERS\S-1-5-21-1961875930-2905929432-421735862-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-1961875930-2905929432-421735862-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Web Assistant deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Web Assistant deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WsysSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WsysSvc deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Electrikeye\AppData\Roaming\Mozilla\Firefox\Profiles\rg9ib7hw.default\prefs.js:

Added to C:\Users\Electrikeye\AppData\Roaming\Mozilla\Firefox\Profiles\rg9ib7hw.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

"C:\user.js" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml" deleted

"C:\Users\Electrikeye\Downloads\SoftonicDownloader_for_free-easy-cd-dvd-burner.exe" deleted

"C:\Users\Electrikeye\Downloads\SoftonicDownloader_voor_vlc-media-player.exe" deleted

"C:\Users\Electrikeye\Downloads\SoftonicDownloader_voor_winrar.exe" deleted

"C:\Windows\wininit.ini" deleted

"C:\Windows\SysNative\roboot64.exe" deleted

"C:\windows\SysNative\Tasks\DealPly" deleted

"C:\Windows\FAP1047.tmp" deleted

"C:\Windows\FAP10D6.tmp" deleted

"C:\Windows\FAP10F9.tmp" deleted

"C:\Windows\FAP1136.tmp" deleted

"C:\Windows\FAP1181.tmp" deleted

"C:\Windows\FAP11E3.tmp" deleted

"C:\Windows\FAP12D0.tmp" deleted

"C:\Windows\FAP12EF.tmp" deleted

"C:\Windows\FAP133.tmp" deleted

"C:\Windows\FAP13B1.tmp" deleted

"C:\Windows\FAP13F7.tmp" deleted

"C:\Windows\FAP140.tmp" deleted

"C:\Windows\FAP1442.tmp" deleted

"C:\Windows\FAP1467.tmp" deleted

"C:\Windows\FAP14AE.tmp" deleted

"C:\Windows\FAP1552.tmp" deleted

"C:\Windows\FAP15D1.tmp" deleted

"C:\Windows\FAP1608.tmp" deleted

"C:\Windows\FAP165.tmp" deleted

"C:\Windows\FAP1653.tmp" deleted

"C:\Windows\FAP1685.tmp" deleted

"C:\Windows\FAP16C6.tmp" deleted

"C:\Windows\FAP16E5.tmp" deleted

"C:\Windows\FAP1755.tmp" deleted

"C:\Windows\FAP178B.tmp" deleted

"C:\Windows\FAP17A4.tmp" deleted

"C:\Windows\FAP17C0.tmp" deleted

"C:\Windows\FAP17D5.tmp" deleted

"C:\Windows\FAP1802.tmp" deleted

"C:\Windows\FAP180A.tmp" deleted

"C:\Windows\FAP1826.tmp" deleted

"C:\Windows\FAP184C.tmp" deleted

"C:\Windows\FAP18C0.tmp" deleted

"C:\Windows\FAP190D.tmp" deleted

"C:\Windows\FAP19C2.tmp" deleted

"C:\Windows\FAP1A6.tmp" deleted

"C:\Windows\FAP1A90.tmp" deleted

"C:\Windows\FAP1B34.tmp" deleted

"C:\Windows\FAP1B8A.tmp" deleted

"C:\Windows\FAP1C0D.tmp" deleted

"C:\Windows\FAP1C67.tmp" deleted

"C:\Windows\FAP1CF.tmp" deleted

"C:\Windows\FAP1D06.tmp" deleted

"C:\Windows\FAP1D1F.tmp" deleted

"C:\Windows\FAP1D98.tmp" deleted

"C:\Windows\FAP1DF1.tmp" deleted

"C:\Windows\FAP1E09.tmp" deleted

"C:\Windows\FAP1E0D.tmp" deleted

"C:\Windows\FAP1E31.tmp" deleted

"C:\Windows\FAP1E4E.tmp" deleted

"C:\Windows\FAP1E56.tmp" deleted

"C:\Windows\FAP1E66.tmp" deleted

"C:\Windows\FAP1E99.tmp" deleted

"C:\Windows\FAP1EBE.tmp" deleted

"C:\Windows\FAP1ED7.tmp" deleted

"C:\Windows\FAP1EF5.tmp" deleted

"C:\Windows\FAP1F24.tmp" deleted

"C:\Windows\FAP1F57.tmp" deleted

"C:\Windows\FAP1F75.tmp" deleted

"C:\Windows\FAP1FAB.tmp" deleted

"C:\Windows\FAP1FB1.tmp" deleted

"C:\Windows\FAP1FB8.tmp" deleted

"C:\Windows\FAP1FF3.tmp" deleted

"C:\Windows\FAP2001.tmp" deleted

"C:\Windows\FAP2069.tmp" deleted

"C:\Windows\FAP2092.tmp" deleted

"C:\Windows\FAP20B4.tmp" deleted

"C:\Windows\FAP218A.tmp" deleted

"C:\Windows\FAP220E.tmp" deleted

"C:\Windows\FAP228E.tmp" deleted

"C:\Windows\FAP22CA.tmp" deleted

"C:\Windows\FAP2332.tmp" deleted

"C:\Windows\FAP23B6.tmp" deleted

"C:\Windows\FAP243B.tmp" deleted

"C:\Windows\FAP2472.tmp" deleted

"C:\Windows\FAP2493.tmp" deleted

"C:\Windows\FAP24F1.tmp" deleted

"C:\Windows\FAP2537.tmp" deleted

"C:\Windows\FAP25DE.tmp" deleted

"C:\Windows\FAP25E9.tmp" deleted

"C:\Windows\FAP260D.tmp" deleted

"C:\Windows\FAP264E.tmp" deleted

"C:\Windows\FAP266.tmp" deleted

"C:\Windows\FAP26B.tmp" deleted

"C:\Windows\FAP26C0.tmp" deleted

"C:\Windows\FAP26D5.tmp" deleted

"C:\Windows\FAP26DC.tmp" deleted

"C:\Windows\FAP272.tmp" deleted

"C:\Windows\FAP27C8.tmp" deleted

"C:\Windows\FAP27E2.tmp" deleted

"C:\Windows\FAP2833.tmp" deleted

"C:\Windows\FAP283F.tmp" deleted

"C:\Windows\FAP2843.tmp" deleted

"C:\Windows\FAP2870.tmp" deleted

"C:\Windows\FAP28A3.tmp" deleted

"C:\Windows\FAP28C3.tmp" deleted

"C:\Windows\FAP2931.tmp" deleted

"C:\Windows\FAP29D0.tmp" deleted

"C:\Windows\FAP2A6E.tmp" deleted

"C:\Windows\FAP2AAA.tmp" deleted

"C:\Windows\FAP2AD4.tmp" deleted

"C:\Windows\FAP2AE3.tmp" deleted

"C:\Windows\FAP2BC0.tmp" deleted

"C:\Windows\FAP2BE9.tmp" deleted

"C:\Windows\FAP2C1F.tmp" deleted

"C:\Windows\FAP2C24.tmp" deleted

"C:\Windows\FAP2C5E.tmp" deleted

"C:\Windows\FAP2C69.tmp" deleted

"C:\Windows\FAP2D18.tmp" deleted

"C:\Windows\FAP2D4A.tmp" deleted

"C:\Windows\FAP2D9B.tmp" deleted

"C:\Windows\FAP2DD6.tmp" deleted

"C:\Windows\FAP2E2.tmp" deleted

"C:\Windows\FAP2E4.tmp" deleted

"C:\Windows\FAP2E40.tmp" deleted

"C:\Windows\FAP2EDF.tmp" deleted

"C:\Windows\FAP2F7E.tmp" deleted

"C:\Windows\FAP2FBC.tmp" deleted

"C:\Windows\FAP30D8.tmp" deleted

"C:\Windows\FAP30D9.tmp" deleted

"C:\Windows\FAP3126.tmp" deleted

"C:\Windows\FAP3139.tmp" deleted

"C:\Windows\FAP319C.tmp" deleted

"C:\Windows\FAP323.tmp" deleted

"C:\Windows\FAP3242.tmp" deleted

"C:\Windows\FAP3269.tmp" deleted

"C:\Windows\FAP329.tmp" deleted

"C:\Windows\FAP32B2.tmp" deleted

"C:\Windows\FAP32E6.tmp" deleted

"C:\Windows\FAP32F8.tmp" deleted

"C:\Windows\FAP3359.tmp" deleted

"C:\Windows\FAP33B9.tmp" deleted

"C:\Windows\FAP33CB.tmp" deleted

"C:\Windows\FAP3429.tmp" deleted

"C:\Windows\FAP3432.tmp" deleted

"C:\Windows\FAP3554.tmp" deleted

"C:\Windows\FAP3563.tmp" deleted

"C:\Windows\FAP357D.tmp" deleted

"C:\Windows\FAP35EC.tmp" deleted

"C:\Windows\FAP379A.tmp" deleted

"C:\Windows\FAP37E6.tmp" deleted

"C:\Windows\FAP392A.tmp" deleted

"C:\Windows\FAP397B.tmp" deleted

"C:\Windows\FAP3A6D.tmp" deleted

"C:\Windows\FAP3AAE.tmp" deleted

"C:\Windows\FAP3AF0.tmp" deleted

"C:\Windows\FAP3B3D.tmp" deleted

"C:\Windows\FAP3B42.tmp" deleted

"C:\Windows\FAP3B81.tmp" deleted

"C:\Windows\FAP3CB6.tmp" deleted

"C:\Windows\FAP3D39.tmp" deleted

"C:\Windows\FAP3E14.tmp" deleted

"C:\Windows\FAP3E5F.tmp" deleted

"C:\Windows\FAP3EF1.tmp" deleted

"C:\Windows\FAP3F90.tmp" deleted

"C:\Windows\FAP4013.tmp" deleted

"C:\Windows\FAP405F.tmp" deleted

"C:\Windows\FAP409F.tmp" deleted

"C:\Windows\FAP4247.tmp" deleted

"C:\Windows\FAP4298.tmp" deleted

"C:\Windows\FAP42D9.tmp" deleted

"C:\Windows\FAP4554.tmp" deleted

"C:\Windows\FAP45CC.tmp" deleted

"C:\Windows\FAP4640.tmp" deleted

"C:\Windows\FAP4656.tmp" deleted

"C:\Windows\FAP4664.tmp" deleted

"C:\Windows\FAP4696.tmp" deleted

"C:\Windows\FAP469E.tmp" deleted

"C:\Windows\FAP46F7.tmp" deleted

"C:\Windows\FAP4732.tmp" deleted

"C:\Windows\FAP4817.tmp" deleted

"C:\Windows\FAP485B.tmp" deleted

"C:\Windows\FAP488C.tmp" deleted

"C:\Windows\FAP48BB.tmp" deleted

"C:\Windows\FAP4986.tmp" deleted

"C:\Windows\FAP4A50.tmp" deleted

"C:\Windows\FAP4A92.tmp" deleted

"C:\Windows\FAP4AAF.tmp" deleted

"C:\Windows\FAP4AD1.tmp" deleted

"C:\Windows\FAP4AEF.tmp" deleted

"C:\Windows\FAP4AF.tmp" deleted

"C:\Windows\FAP4AFB.tmp" deleted

"C:\Windows\FAP4B40.tmp" deleted

"C:\Windows\FAP4BCD.tmp" deleted

"C:\Windows\FAP4BE2.tmp" deleted

"C:\Windows\FAP4BF4.tmp" deleted

"C:\Windows\FAP4C08.tmp" deleted

"C:\Windows\FAP4C28.tmp" deleted

"C:\Windows\FAP4C83.tmp" deleted

"C:\Windows\FAP4D32.tmp" deleted

"C:\Windows\FAP4D7B.tmp" deleted

"C:\Windows\FAP4DD3.tmp" deleted

"C:\Windows\FAP4E1A.tmp" deleted

"C:\Windows\FAP4E35.tmp" deleted

"C:\Windows\FAP4E5B.tmp" deleted

"C:\Windows\FAP4E7C.tmp" deleted

"C:\Windows\FAP4EC5.tmp" deleted

"C:\Windows\FAP4F58.tmp" deleted

"C:\Windows\FAP4F8.tmp" deleted

"C:\Windows\FAP4FE6.tmp" deleted

"C:\Windows\FAP509D.tmp" deleted

"C:\Windows\FAP50EE.tmp" deleted

"C:\Windows\FAP5119.tmp" deleted

"C:\Windows\FAP519D.tmp" deleted

"C:\Windows\FAP5201.tmp" deleted

"C:\Windows\FAP5269.tmp" deleted

"C:\Windows\FAP52D0.tmp" deleted

"C:\Windows\FAP52F3.tmp" deleted

"C:\Windows\FAP5322.tmp" deleted

"C:\Windows\FAP53B1.tmp" deleted

"C:\Windows\FAP53CD.tmp" deleted

"C:\Windows\FAP54B9.tmp" deleted

"C:\Windows\FAP551B.tmp" deleted

"C:\Windows\FAP55BE.tmp" deleted

"C:\Windows\FAP5602.tmp" deleted

"C:\Windows\FAP5636.tmp" deleted

"C:\Windows\FAP573D.tmp" deleted

"C:\Windows\FAP5762.tmp" deleted

"C:\Windows\FAP5775.tmp" deleted

"C:\Windows\FAP57F5.tmp" deleted

"C:\Windows\FAP5851.tmp" deleted

"C:\Windows\FAP58A1.tmp" deleted

"C:\Windows\FAP58A2.tmp" deleted

"C:\Windows\FAP58C7.tmp" deleted

"C:\Windows\FAP58D4.tmp" deleted

"C:\Windows\FAP591A.tmp" deleted

"C:\Windows\FAP594C.tmp" deleted

"C:\Windows\FAP597E.tmp" deleted

"C:\Windows\FAP598D.tmp" deleted

"C:\Windows\FAP59C8.tmp" deleted

"C:\Windows\FAP5A08.tmp" deleted

"C:\Windows\FAP5A1D.tmp" deleted

"C:\Windows\FAP5A49.tmp" deleted

"C:\Windows\FAP5AF7.tmp" deleted

"C:\Windows\FAP5B03.tmp" deleted

"C:\Windows\FAP5B7.tmp" deleted

"C:\Windows\FAP5C94.tmp" deleted

"C:\Windows\FAP5CC6.tmp" deleted

"C:\Windows\FAP5CC8.tmp" deleted

"C:\Windows\FAP5D08.tmp" deleted

"C:\Windows\FAP5E25.tmp" deleted

"C:\Windows\FAP5E53.tmp" deleted

"C:\Windows\FAP5EDE.tmp" deleted

"C:\Windows\FAP5EF7.tmp" deleted

"C:\Windows\FAP5F22.tmp" deleted

"C:\Windows\FAP5F27.tmp" deleted

"C:\Windows\FAP5F48.tmp" deleted

"C:\Windows\FAP5F89.tmp" deleted

"C:\Windows\FAP600F.tmp" deleted

"C:\Windows\FAP6043.tmp" deleted

"C:\Windows\FAP6055.tmp" deleted

"C:\Windows\FAP6059.tmp" deleted

"C:\Windows\FAP60AA.tmp" deleted

"C:\Windows\FAP60ED.tmp" deleted

"C:\Windows\FAP611A.tmp" deleted

"C:\Windows\FAP619.tmp" deleted

"C:\Windows\FAP620E.tmp" deleted

"C:\Windows\FAP62DC.tmp" deleted

"C:\Windows\FAP632D.tmp" deleted

"C:\Windows\FAP638D.tmp" deleted

"C:\Windows\FAP6392.tmp" deleted

"C:\Windows\FAP64A1.tmp" deleted

"C:\Windows\FAP64B9.tmp" deleted

"C:\Windows\FAP6548.tmp" deleted

"C:\Windows\FAP6578.tmp" deleted

"C:\Windows\FAP6583.tmp" deleted

"C:\Windows\FAP6584.tmp" deleted

"C:\Windows\FAP65D7.tmp" deleted

"C:\Windows\FAP6641.tmp" deleted

"C:\Windows\FAP6655.tmp" deleted

"C:\Windows\FAP6676.tmp" deleted

"C:\Windows\FAP66B0.tmp" deleted

"C:\Windows\FAP66BE.tmp" deleted

"C:\Windows\FAP6721.tmp" deleted

"C:\Windows\FAP672C.tmp" deleted

"C:\Windows\FAP675.tmp" deleted

"C:\Windows\FAP6792.tmp" deleted

"C:\Windows\FAP67C0.tmp" deleted

"C:\Windows\FAP67F5.tmp" deleted

"C:\Windows\FAP6875.tmp" deleted

"C:\Windows\FAP6885.tmp" deleted

"C:\Windows\FAP68B2.tmp" deleted

"C:\Windows\FAP68B3.tmp" deleted

"C:\Windows\FAP68C6.tmp" deleted

"C:\Windows\FAP68EB.tmp" deleted

"C:\Windows\FAP693A.tmp" deleted

"C:\Windows\FAP699F.tmp" deleted

"C:\Windows\FAP6A07.tmp" deleted

"C:\Windows\FAP6B16.tmp" deleted

"C:\Windows\FAP6BC4.tmp" deleted

"C:\Windows\FAP6BEC.tmp" deleted

"C:\Windows\FAP6C1E.tmp" deleted

"C:\Windows\FAP6C22.tmp" deleted

"C:\Windows\FAP6CB8.tmp" deleted

"C:\Windows\FAP6CD0.tmp" deleted

"C:\Windows\FAP6D2A.tmp" deleted

"C:\Windows\FAP6E12.tmp" deleted

"C:\Windows\FAP6EE0.tmp" deleted

"C:\Windows\FAP6F1E.tmp" deleted

"C:\Windows\FAP6FB6.tmp" deleted

"C:\Windows\FAP6FDB.tmp" deleted

"C:\Windows\FAP70C5.tmp" deleted

"C:\Windows\FAP70D2.tmp" deleted

"C:\Windows\FAP7142.tmp" deleted

"C:\Windows\FAP7172.tmp" deleted

"C:\Windows\FAP71D1.tmp" deleted

"C:\Windows\FAP71E1.tmp" deleted

"C:\Windows\FAP7241.tmp" deleted

"C:\Windows\FAP725E.tmp" deleted

"C:\Windows\FAP727F.tmp" deleted

"C:\Windows\FAP7290.tmp" deleted

"C:\Windows\FAP72A9.tmp" deleted

"C:\Windows\FAP72F0.tmp" deleted

"C:\Windows\FAP7306.tmp" deleted

"C:\Windows\FAP7377.tmp" deleted

"C:\Windows\FAP739B.tmp" deleted

"C:\Windows\FAP7403.tmp" deleted

"C:\Windows\FAP7461.tmp" deleted

"C:\Windows\FAP7483.tmp" deleted

"C:\Windows\FAP752E.tmp" deleted

"C:\Windows\FAP7561.tmp" deleted

"C:\Windows\FAP762B.tmp" deleted

"C:\Windows\FAP7756.tmp" deleted

"C:\Windows\FAP7757.tmp" deleted

"C:\Windows\FAP7824.tmp" deleted

"C:\Windows\FAP785C.tmp" deleted

"C:\Windows\FAP789.tmp" deleted

"C:\Windows\FAP78B3.tmp" deleted

"C:\Windows\FAP78DC.tmp" deleted

"C:\Windows\FAP7914.tmp" deleted

"C:\Windows\FAP7934.tmp" deleted

"C:\Windows\FAP794E.tmp" deleted

"C:\Windows\FAP7969.tmp" deleted

"C:\Windows\FAP7980.tmp" deleted

"C:\Windows\FAP79C2.tmp" deleted

"C:\Windows\FAP7A36.tmp" deleted

"C:\Windows\FAP7A65.tmp" deleted

"C:\Windows\FAP7A66.tmp" deleted

"C:\Windows\FAP7AB.tmp" deleted

"C:\Windows\FAP7AC8.tmp" deleted

"C:\Windows\FAP7B62.tmp" deleted

"C:\Windows\FAP7B7F.tmp" deleted

"C:\Windows\FAP7B86.tmp" deleted

"C:\Windows\FAP7BB0.tmp" deleted

"C:\Windows\FAP7C30.tmp" deleted

"C:\Windows\FAP7C32.tmp" deleted

"C:\Windows\FAP7D08.tmp" deleted

"C:\Windows\FAP7D7C.tmp" deleted

"C:\Windows\FAP7E16.tmp" deleted

"C:\Windows\FAP7E4F.tmp" deleted

"C:\Windows\FAP7E61.tmp" deleted

"C:\Windows\FAP7E62.tmp" deleted

"C:\Windows\FAP7E92.tmp" deleted

"C:\Windows\FAP7EC4.tmp" deleted

"C:\Windows\FAP7FBF.tmp" deleted

"C:\Windows\FAP7FD8.tmp" deleted

"C:\Windows\FAP801C.tmp" deleted

"C:\Windows\FAP8097.tmp" deleted

"C:\Windows\FAP80E8.tmp" deleted

"C:\Windows\FAP80F9.tmp" deleted

"C:\Windows\FAP810B.tmp" deleted

"C:\Windows\FAP8119.tmp" deleted

"C:\Windows\FAP814C.tmp" deleted

"C:\Windows\FAP818E.tmp" deleted

"C:\Windows\FAP81F6.tmp" deleted

"C:\Windows\FAP8211.tmp" deleted

"C:\Windows\FAP8282.tmp" deleted

"C:\Windows\FAP82ED.tmp" deleted

"C:\Windows\FAP82F3.tmp" deleted

"C:\Windows\FAP831D.tmp" deleted

"C:\Windows\FAP83BC.tmp" deleted

"C:\Windows\FAP83D0.tmp" deleted

"C:\Windows\FAP83F5.tmp" deleted

"C:\Windows\FAP8446.tmp" deleted

"C:\Windows\FAP84CB.tmp" deleted

"C:\Windows\FAP84E0.tmp" deleted

"C:\Windows\FAP8572.tmp" deleted

"C:\Windows\FAP85A3.tmp" deleted

"C:\Windows\FAP85D5.tmp" deleted

"C:\Windows\FAP85F1.tmp" deleted

"C:\Windows\FAP86EE.tmp" deleted

"C:\Windows\FAP8709.tmp" deleted

"C:\Windows\FAP874A.tmp" deleted

"C:\Windows\FAP879B.tmp" deleted

"C:\Windows\FAP87D8.tmp" deleted

"C:\Windows\FAP8865.tmp" deleted

"C:\Windows\FAP88D5.tmp" deleted

"C:\Windows\FAP8923.tmp" deleted

"C:\Windows\FAP8970.tmp" deleted

"C:\Windows\FAP898.tmp" deleted

"C:\Windows\FAP89DD.tmp" deleted

"C:\Windows\FAP89E1.tmp" deleted

"C:\Windows\FAP8A5D.tmp" deleted

"C:\Windows\FAP8ADD.tmp" deleted

"C:\Windows\FAP8AFD.tmp" deleted

"C:\Windows\FAP8C62.tmp" deleted

"C:\Windows\FAP8CA4.tmp" deleted

"C:\Windows\FAP8D16.tmp" deleted

"C:\Windows\FAP8DE5.tmp" deleted

"C:\Windows\FAP8E1E.tmp" deleted

"C:\Windows\FAP8E54.tmp" deleted

"C:\Windows\FAP8E63.tmp" deleted

"C:\Windows\FAP8E9.tmp" deleted

"C:\Windows\FAP8EA.tmp" deleted

"C:\Windows\FAP8EA3.tmp" deleted

"C:\Windows\FAP8EF4.tmp" deleted

"C:\Windows\FAP8F12.tmp" deleted

"C:\Windows\FAP8F73.tmp" deleted

"C:\Windows\FAP8F8.tmp" deleted

"C:\Windows\FAP9010.tmp" deleted

"C:\Windows\FAP9051.tmp" deleted

"C:\Windows\FAP912.tmp" deleted

"C:\Windows\FAP918C.tmp" deleted

"C:\Windows\FAP91D8.tmp" deleted

"C:\Windows\FAP925F.tmp" deleted

"C:\Windows\FAP929.tmp" deleted

"C:\Windows\FAP937B.tmp" deleted

"C:\Windows\FAP93DC.tmp" deleted

"C:\Windows\FAP93E0.tmp" deleted

"C:\Windows\FAP9566.tmp" deleted

"C:\Windows\FAP95B.tmp" deleted

"C:\Windows\FAP95F7.tmp" deleted

"C:\Windows\FAP960F.tmp" deleted

"C:\Windows\FAP9696.tmp" deleted

"C:\Windows\FAP96C0.tmp" deleted

"C:\Windows\FAP96D7.tmp" deleted

"C:\Windows\FAP96DB.tmp" deleted

"C:\Windows\FAP9762.tmp" deleted

"C:\Windows\FAP97E2.tmp" deleted

"C:\Windows\FAP98FA.tmp" deleted

"C:\Windows\FAP997B.tmp" deleted

"C:\Windows\FAP99AA.tmp" deleted

"C:\Windows\FAP99F6.tmp" deleted

"C:\Windows\FAP9A06.tmp" deleted

"C:\Windows\FAP9A83.tmp" deleted

"C:\Windows\FAP9A96.tmp" deleted

"C:\Windows\FAP9B02.tmp" deleted

"C:\Windows\FAP9B07.tmp" deleted

"C:\Windows\FAP9B2.tmp" deleted

"C:\Windows\FAP9B58.tmp" deleted

"C:\Windows\FAP9C4C.tmp" deleted

"C:\Windows\FAP9C93.tmp" deleted

"C:\Windows\FAP9C98.tmp" deleted

"C:\Windows\FAP9D1.tmp" deleted

"C:\Windows\FAP9D18.tmp" deleted

"C:\Windows\FAP9D97.tmp" deleted

"C:\Windows\FAP9DC5.tmp" deleted

"C:\Windows\FAP9DC6.tmp" deleted

"C:\Windows\FAP9E06.tmp" deleted

"C:\Windows\FAP9E55.tmp" deleted

"C:\Windows\FAP9E64.tmp" deleted

"C:\Windows\FAP9EE8.tmp" deleted

"C:\Windows\FAP9FA6.tmp" deleted

"C:\Windows\FAP9FA8.tmp" deleted

"C:\Windows\FAPA128.tmp" deleted

"C:\Windows\FAPA131.tmp" deleted

"C:\Windows\FAPA1FB.tmp" deleted

"C:\Windows\FAPA2C9.tmp" deleted

"C:\Windows\FAPA30F.tmp" deleted

"C:\Windows\FAPA332.tmp" deleted

"C:\Windows\FAPA368.tmp" deleted

"C:\Windows\FAPA3FC.tmp" deleted

"C:\Windows\FAPA41.tmp" deleted

"C:\Windows\FAPA43E.tmp" deleted

"C:\Windows\FAPA47F.tmp" deleted

"C:\Windows\FAPA61.tmp" deleted

"C:\Windows\FAPA623.tmp" deleted

"C:\Windows\FAPA710.tmp" deleted

"C:\Windows\FAPA741.tmp" deleted

"C:\Windows\FAPA78B.tmp" deleted

"C:\Windows\FAPA7CC.tmp" deleted

"C:\Windows\FAPA80E.tmp" deleted

"C:\Windows\FAPA812.tmp" deleted

"C:\Windows\FAPA891.tmp" deleted

"C:\Windows\FAPA92D.tmp" deleted

"C:\Windows\FAPA974.tmp" deleted

"C:\Windows\FAPA97E.tmp" deleted

"C:\Windows\FAPA9B0.tmp" deleted

"C:\Windows\FAPAA7F.tmp" deleted

"C:\Windows\FAPAB3C.tmp" deleted

"C:\Windows\FAPABC3.tmp" deleted

"C:\Windows\FAPABF3.tmp" deleted

"C:\Windows\FAPAC35.tmp" deleted

"C:\Windows\FAPAC54.tmp" deleted

"C:\Windows\FAPACE3.tmp" deleted

"C:\Windows\FAPAD22.tmp" deleted

"C:\Windows\FAPADB9.tmp" deleted

"C:\Windows\FAPADCD.tmp" deleted

"C:\Windows\FAPADD0.tmp" deleted

"C:\Windows\FAPAE2D.tmp" deleted

"C:\Windows\FAPAE7A.tmp" deleted

"C:\Windows\FAPAE9D.tmp" deleted

"C:\Windows\FAPAEC2.tmp" deleted

"C:\Windows\FAPAF09.tmp" deleted

"C:\Windows\FAPAF1B.tmp" deleted

"C:\Windows\FAPAF51.tmp" deleted

"C:\Windows\FAPAF80.tmp" deleted

"C:\Windows\FAPAF89.tmp" deleted

"C:\Windows\FAPAFCA.tmp" deleted

"C:\Windows\FAPB018.tmp" deleted

"C:\Windows\FAPB01F.tmp" deleted

"C:\Windows\FAPB026.tmp" deleted

"C:\Windows\FAPB08F.tmp" deleted

"C:\Windows\FAPB0E6.tmp" deleted

"C:\Windows\FAPB0EA.tmp" deleted

"C:\Windows\FAPB113.tmp" deleted

"C:\Windows\FAPB119.tmp" deleted

"C:\Windows\FAPB171.tmp" deleted

"C:\Windows\FAPB173.tmp" deleted

"C:\Windows\FAPB257.tmp" deleted

"C:\Windows\FAPB264.tmp" deleted

"C:\Windows\FAPB2FB.tmp" deleted

"C:\Windows\FAPB353.tmp" deleted

"C:\Windows\FAPB365.tmp" deleted

"C:\Windows\FAPB367.tmp" deleted

"C:\Windows\FAPB388.tmp" deleted

"C:\Windows\FAPB3A6.tmp" deleted

"C:\Windows\FAPB3AB.tmp" deleted

"C:\Windows\FAPB3D1.tmp" deleted

"C:\Windows\FAPB408.tmp" deleted

"C:\Windows\FAPB414.tmp" deleted

"C:\Windows\FAPB422.tmp" deleted

"C:\Windows\FAPB454.tmp" deleted

"C:\Windows\FAPB465.tmp" deleted

"C:\Windows\FAPB514.tmp" deleted

"C:\Windows\FAPB515.tmp" deleted

"C:\Windows\FAPB594.tmp" deleted

"C:\Windows\FAPB5A2.tmp" deleted

"C:\Windows\FAPB602.tmp" deleted

"C:\Windows\FAPB634.tmp" deleted

"C:\Windows\FAPB640.tmp" deleted

"C:\Windows\FAPB6C8.tmp" deleted

"C:\Windows\FAPB6DF.tmp" deleted

"C:\Windows\FAPB816.tmp" deleted

"C:\Windows\FAPB9D0.tmp" deleted

"C:\Windows\FAPBA21.tmp" deleted

"C:\Windows\FAPBABD.tmp" deleted

"C:\Windows\FAPBAFE.tmp" deleted

"C:\Windows\FAPBB2D.tmp" deleted

"C:\Windows\FAPBB32.tmp" deleted

"C:\Windows\FAPBB33.tmp" deleted

"C:\Windows\FAPBB7.tmp" deleted

"C:\Windows\FAPBBF9.tmp" deleted

"C:\Windows\FAPBC39.tmp" deleted

"C:\Windows\FAPBCBB.tmp" deleted

"C:\Windows\FAPBCC8.tmp" deleted

"C:\Windows\FAPBCEA.tmp" deleted

"C:\Windows\FAPBDA.tmp" deleted

"C:\Windows\FAPBDB1.tmp" deleted

"C:\Windows\FAPBDC5.tmp" deleted

"C:\Windows\FAPBE44.tmp" deleted

"C:\Windows\FAPBE7E.tmp" deleted

"C:\Windows\FAPBF3D.tmp" deleted

"C:\Windows\FAPBF4E.tmp" deleted

"C:\Windows\FAPC114.tmp" deleted

"C:\Windows\FAPC20C.tmp" deleted

"C:\Windows\FAPC21F.tmp" deleted

"C:\Windows\FAPC23F.tmp" deleted

"C:\Windows\FAPC24.tmp" deleted

"C:\Windows\FAPC29F.tmp" deleted

"C:\Windows\FAPC2DE.tmp" deleted

"C:\Windows\FAPC440.tmp" deleted

"C:\Windows\FAPC486.tmp" deleted

"C:\Windows\FAPC508.tmp" deleted

"C:\Windows\FAPC573.tmp" deleted

"C:\Windows\FAPC5E8.tmp" deleted

"C:\Windows\FAPC678.tmp" deleted

"C:\Windows\FAPC6BE.tmp" deleted

"C:\Windows\FAPC6D7.tmp" deleted

"C:\Windows\FAPC76B.tmp" deleted

"C:\Windows\FAPC7E3.tmp" deleted

"C:\Windows\FAPC7F3.tmp" deleted

"C:\Windows\FAPC83A.tmp" deleted

"C:\Windows\FAPC858.tmp" deleted

"C:\Windows\FAPC89.tmp" deleted

"C:\Windows\FAPC8E7.tmp" deleted

"C:\Windows\FAPC965.tmp" deleted

"C:\Windows\FAPC967.tmp" deleted

"C:\Windows\FAPC9AB.tmp" deleted

"C:\Windows\FAPCA08.tmp" deleted

"C:\Windows\FAPCAFE.tmp" deleted

"C:\Windows\FAPCB15.tmp" deleted

"C:\Windows\FAPCB3F.tmp" deleted

"C:\Windows\FAPCB62.tmp" deleted

"C:\Windows\FAPCBBA.tmp" deleted

"C:\Windows\FAPCBC3.tmp" deleted

"C:\Windows\FAPCC50.tmp" deleted

"C:\Windows\FAPCC7.tmp" deleted

"C:\Windows\FAPCCA.tmp" deleted

"C:\Windows\FAPCD79.tmp" deleted

"C:\Windows\FAPCD8A.tmp" deleted

"C:\Windows\FAPCD8E.tmp" deleted

"C:\Windows\FAPCD96.tmp" deleted

"C:\Windows\FAPCDCF.tmp" deleted

"C:\Windows\FAPCDE9.tmp" deleted

"C:\Windows\FAPCDFE.tmp" deleted

"C:\Windows\FAPCE05.tmp" deleted

"C:\Windows\FAPCE11.tmp" deleted

"C:\Windows\FAPCE39.tmp" deleted

"C:\Windows\FAPCE3A.tmp" deleted

"C:\Windows\FAPCE8C.tmp" deleted

"C:\Windows\FAPCEB3.tmp" deleted

"C:\Windows\FAPCEE8.tmp" deleted

"C:\Windows\FAPCFA1.tmp" deleted

"C:\Windows\FAPCFB5.tmp" deleted

"C:\Windows\FAPCFC7.tmp" deleted

"C:\Windows\FAPD031.tmp" deleted

"C:\Windows\FAPD0A1.tmp" deleted

"C:\Windows\FAPD0B.tmp" deleted

"C:\Windows\FAPD0C4.tmp" deleted

"C:\Windows\FAPD12A.tmp" deleted

"C:\Windows\FAPD22A.tmp" deleted

"C:\Windows\FAPD2FA.tmp" deleted

"C:\Windows\FAPD31E.tmp" deleted

"C:\Windows\FAPD340.tmp" deleted

"C:\Windows\FAPD375.tmp" deleted

"C:\Windows\FAPD381.tmp" deleted

"C:\Windows\FAPD3A9.tmp" deleted

"C:\Windows\FAPD3CE.tmp" deleted

"C:\Windows\FAPD40A.tmp" deleted

"C:\Windows\FAPD47A.tmp" deleted

"C:\Windows\FAPD4B9.tmp" deleted

"C:\Windows\FAPD4C.tmp" deleted

"C:\Windows\FAPD4E4.tmp" deleted

"C:\Windows\FAPD519.tmp" deleted

"C:\Windows\FAPD55E.tmp" deleted

"C:\Windows\FAPD5C4.tmp" deleted

"C:\Windows\FAPD5D4.tmp" deleted

"C:\Windows\FAPD634.tmp" deleted

"C:\Windows\FAPD673.tmp" deleted

"C:\Windows\FAPD684.tmp" deleted

"C:\Windows\FAPD6C8.tmp" deleted

"C:\Windows\FAPD6E1.tmp" deleted

"C:\Windows\FAPD702.tmp" deleted

"C:\Windows\FAPD75.tmp" deleted

"C:\Windows\FAPD750.tmp" deleted

"C:\Windows\FAPD7A9.tmp" deleted

"C:\Windows\FAPD83D.tmp" deleted

"C:\Windows\FAPD86B.tmp" deleted

"C:\Windows\FAPD988.tmp" deleted

"C:\Windows\FAPDAF.tmp" deleted

"C:\Windows\FAPDB06.tmp" deleted

"C:\Windows\FAPDB84.tmp" deleted

"C:\Windows\FAPDBBC.tmp" deleted

"C:\Windows\FAPDBC9.tmp" deleted

"C:\Windows\FAPDC41.tmp" deleted

"C:\Windows\FAPDCA6.tmp" deleted

"C:\Windows\FAPDCCE.tmp" deleted

"C:\Windows\FAPDD07.tmp" deleted

"C:\Windows\FAPDD2E.tmp" deleted

"C:\Windows\FAPDD6D.tmp" deleted

"C:\Windows\FAPDEE6.tmp" deleted

"C:\Windows\FAPDF1.tmp" deleted

"C:\Windows\FAPE00A.tmp" deleted

"C:\Windows\FAPE031.tmp" deleted

"C:\Windows\FAPE1A5.tmp" deleted

"C:\Windows\FAPE292.tmp" deleted

"C:\Windows\FAPE2D4.tmp" deleted

"C:\Windows\FAPE315.tmp" deleted

"C:\Windows\FAPE32.tmp" deleted

"C:\Windows\FAPE3AE.tmp" deleted

"C:\Windows\FAPE432.tmp" deleted

"C:\Windows\FAPE487.tmp" deleted

"C:\Windows\FAPE4DD.tmp" deleted

"C:\Windows\FAPE4F1.tmp" deleted

"C:\Windows\FAPE6DF.tmp" deleted

"C:\Windows\FAPE702.tmp" deleted

"C:\Windows\FAPE783.tmp" deleted

"C:\Windows\FAPE83A.tmp" deleted

"C:\Windows\FAPE86B.tmp" deleted

"C:\Windows\FAPE8ED.tmp" deleted

"C:\Windows\FAPE92E.tmp" deleted

"C:\Windows\FAPE958.tmp" deleted

"C:\Windows\FAPE9AD.tmp" deleted

"C:\Windows\FAPE9E2.tmp" deleted

"C:\Windows\FAPE9FE.tmp" deleted

"C:\Windows\FAPEA36.tmp" deleted

"C:\Windows\FAPEA55.tmp" deleted

"C:\Windows\FAPEA5F.tmp" deleted

"C:\Windows\FAPEA75.tmp" deleted

"C:\Windows\FAPEAA7.tmp" deleted

"C:\Windows\FAPEAE9.tmp" deleted

"C:\Windows\FAPEAFE.tmp" deleted

"C:\Windows\FAPEB45.tmp" deleted

"C:\Windows\FAPEC52.tmp" deleted

"C:\Windows\FAPECA9.tmp" deleted

"C:\Windows\FAPECB1.tmp" deleted

"C:\Windows\FAPED0A.tmp" deleted

"C:\Windows\FAPEED4.tmp" deleted

"C:\Windows\FAPEFC1.tmp" deleted

"C:\Windows\FAPF00A.tmp" deleted

"C:\Windows\FAPF02D.tmp" deleted

"C:\Windows\FAPF03C.tmp" deleted

"C:\Windows\FAPF09D.tmp" deleted

"C:\Windows\FAPF0A0.tmp" deleted

"C:\Windows\FAPF0DA.tmp" deleted

"C:\Windows\FAPF0F1.tmp" deleted

"C:\Windows\FAPF149.tmp" deleted

"C:\Windows\FAPF152.tmp" deleted

"C:\Windows\FAPF215.tmp" deleted

"C:\Windows\FAPF27A.tmp" deleted

"C:\Windows\FAPF3A5.tmp" deleted

"C:\Windows\FAPF4E4.tmp" deleted

"C:\Windows\FAPF514.tmp" deleted

"C:\Windows\FAPF572.tmp" deleted

"C:\Windows\FAPF5E2.tmp" deleted

"C:\Windows\FAPF5FB.tmp" deleted

"C:\Windows\FAPF624.tmp" deleted

"C:\Windows\FAPF6D4.tmp" deleted

"C:\Windows\FAPF735.tmp" deleted

"C:\Windows\FAPF89E.tmp" deleted

"C:\Windows\FAPF94D.tmp" deleted

"C:\Windows\FAPF9DD.tmp" deleted

"C:\Windows\FAPF9EC.tmp" deleted

"C:\Windows\FAPFA5E.tmp" deleted

"C:\Windows\FAPFA8.tmp" deleted

"C:\Windows\FAPFA9B.tmp" deleted

"C:\Windows\FAPFAD9.tmp" deleted

"C:\Windows\FAPFB1B.tmp" deleted

"C:\Windows\FAPFBE5.tmp" deleted

"C:\Windows\FAPFC06.tmp" deleted

"C:\Windows\FAPFC66.tmp" deleted

"C:\Windows\FAPFC95.tmp" deleted

"C:\Windows\FAPFE29.tmp" deleted

"C:\Windows\FAPFE4C.tmp" deleted

"C:\Windows\FAPFF18.tmp" deleted

"C:\Windows\FAPFF8.tmp" deleted

"C:\Windows\FAPFFE5.tmp" deleted

"C:\Windows\FAPFFF5.tmp" deleted

"C:\windows\SysNative\tasks\Omiga Plus RunAsStdUser" deleted

"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted

"C:\user.js" deleted

"C:\Windows\Syswow64\shoFFDC.tmp" deleted

"C:\Users\Electrikeye\AppData\Roaming\Mozilla\Firefox\Profiles\rg9ib7hw.default\searchplugins\babylon.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted

"c:\program files\otshot\otshot.exe" deleted

"C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe" deleted

"C:\Program Files\Web Assistant" deleted

"c:\program files\otshot" deleted

"C:\Program Files (x86)\Smart Driver Updater" deleted

"C:\Program Files (x86)\Delta" deleted

"C:\Program Files (x86)\SearchCore for Browsers" deleted

"C:\Program Files (x86)\WinZipper" deleted

"C:\Program Files (x86)\FilesFrog Update Checker" deleted

"C:\Program Files (x86)\I Want This" deleted

"C:\Program Files (x86)\BearShare Applications\MediaBar" deleted

"C:\Program Files (x86)\Windows Searchqu Toolbar" deleted

"C:\Program Files (x86)\Desk 365" deleted

"C:\Program Files (x86)\Omiga Plus" deleted

"C:\Program Files (x86)\BrowserCompanion" deleted

"C:\Program Files (x86)\Perion" deleted

"C:\Program Files\Web Assistant" deleted

"C:\Users\Electrikeye\AppData\Roaming\Omiga Plus" deleted

"C:\Users\Electrikeye\AppData\Roaming\WinZipper" deleted

"C:\Users\Electrikeye\AppData\Roaming\Desk 365" deleted

"C:\Users\Electrikeye\AppData\Roaming\337" deleted

"C:\Users\Electrikeye\AppData\Roaming\eIntaller" deleted

"C:\Users\Electrikeye\AppData\Roaming\Babylon" deleted

"C:\Users\Electrikeye\AppData\Roaming\DealPly" deleted

"C:\Users\Electrikeye\AppData\Roaming\YoudaGames" deleted

"C:\Users\Electrikeye\AppData\Roaming\Systweak" deleted

"C:\Users\Electrikeye\AppData\Roaming\Smart Driver Updater" deleted

"C:\Users\Electrikeye\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\Browser Manager" deleted

"C:\ProgramData\eSafe" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Babylon" deleted

"C:\ProgramData\Trymedia" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater" deleted

"C:\Users\Electrikeye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker" deleted

"C:\Users\Electrikeye\AppData\Local\I Want This" deleted

"C:\Users\Electrikeye\AppData\Local\Software" deleted

"C:\Users\Electrikeye\AppData\Local\PackageAware" deleted

"C:\Users\Electrikeye\AppData\Local\SwvUpdater" deleted

"C:\Users\Electrikeye\AppData\LocalLow\mediabarbs" deleted

"C:\Users\Electrikeye\AppData\LocalLow\Delta" deleted

"C:\Users\Electrikeye\AppData\LocalLow\Softonic" deleted

"C:\Users\Electrikeye\AppData\LocalLow\DataMngr" deleted

"C:\Users\Electrikeye\AppData\LocalLow\uTorrentBar_NL" deleted

"C:\Users\Electrikeye\AppData\LocalLow\PriceGong" deleted

"C:\Users\Electrikeye\AppData\LocalLow\searchquband" deleted

"C:\Users\Electrikeye\AppData\LocalLow\Conduit" deleted

"C:\Windows\SysWow64\searchplugins" deleted

"C:\Windows\SysWow64\Extensions" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-08-04 19:34:12 E9C8673674ECF840EE59ED805DBE9966 41664 ----a-w- C:\Windows\avastSS.scr

====== C:\Users\ELECTR~1\AppData\Local\Temp ====

2013-08-03 22:03:46 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\ELECTR~1\AppData\Local\Temp\ESGScanner.sys

2013-08-03 22:02:16 B575AB32F77C20EB24D2EB4822B0EFBA 46646352 ----a-w- C:\Users\ELECTR~1\AppData\Local\Temp\SHSetup.exe

2013-08-03 12:38:16 F3A10836603E03A28CAF404B29328F92 394320 ----a-w- C:\Users\ELECTR~1\AppData\Local\Temp\uninst1.exe

====== C:\Windows\SysWOW64 =====

2013-08-04 19:34:36 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\config.nt

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-08-04 19:34:36 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\Sysnative\aswBoot.exe

====== C:\Windows\Sysnative\drivers =====

2013-08-04 19:34:48 E86C64478D9A90D62255FE9EB0150C6E 175 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys.sum

2013-08-04 19:34:48 A5F29AC2F0ADE8B995B49D7350CE3AC0 175 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys.sum

2013-08-04 19:34:48 2E83D2621E87C493AB45DC6655BA77D4 175 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys.sum

2013-08-04 19:34:44 3815DB16CDA62190F5C0A65118F3D714 378944 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys

2013-08-04 19:34:44 0BAEFD3F648C6E7AB52990DD9565E4E2 33400 ----a-w- C:\Windows\Sysnative\drivers\aswFsBlk.sys

2013-08-04 19:34:42 64E2BAB4096C13D2342BC4661C967E07 72016 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys

2013-08-04 19:34:39 29DD8E458A84171202AA4979364C30C0 64288 ----a-w- C:\Windows\Sysnative\drivers\aswTdi.sys

2013-08-04 19:34:37 8C0800CDB501CFC1164B286A0478DC10 1030952 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys

2013-08-04 19:34:37 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys

2013-08-04 19:34:37 22F521108881DC59837F6FC614E0568F 189936 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys

2013-08-04 19:34:36 FA562F34ED6633C66170B09182B4C049 80816 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys

====== C:\Windows\Tasks ======

2013-08-05 12:34:08 6B9C314E56492169BAC1776ADBB4098A 3096 ----a-w- C:\Windows\Sysnative\Tasks\{99CE5B5F-5B08-4773-BC74-A3EAF410E67E}

2013-08-04 21:48:39 EB03E261C03B6E2E3DD4A279A264C3C5 4062 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA

2013-08-04 21:48:39 853DC2B86482AA389820782E30D1FEF6 1066 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-08-04 21:48:38 7246ABB110B175DD44BB6A8C90BA1E7C 3810 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore

2013-08-04 21:48:35 8D1A3D63CE788C74C6DD61D25E2E1E36 1062 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-08-04 19:34:36 59A0140F3A42F76F9170FB10771401F3 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update

2013-08-04 14:40:48 B799F6BB8413BD872F3353BEAB02965C 3370 ----a-w- C:\Windows\Sysnative\Tasks\{C3FC2B30-653E-4891-9B07-7D8D615B50AE}

2013-07-19 22:24:14 8FA3088182517205320B1D253DE69148 3198 ----a-w- C:\Windows\Sysnative\Tasks\{12E26A27-6E90-1358-3B11-CD5797742779}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-08-03 22:03:41 -------- d-----w- C:\Program Files\Enigma Software Group

======= C:\Program Files (x86) =====

2013-08-05 10:30:15 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-08-04 14:06:56 -------- d-----w- C:\Program Files (x86)\Google

2013-08-03 22:02:55 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

======= C: =====

2013-08-03 22:04:22 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\Electrikeye\AppData\Roaming ======

2013-08-04 22:39:57 -------- d-----w- C:\users\Electrikeye\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter

2013-08-02 21:24:42 -------- d-----w- C:\users\Electrikeye\AppData\Roaming\Ashtons Family Resort

2013-07-23 19:15:17 -------- d-----w- C:\users\Electrikeye\AppData\Roaming\PeaceCraft2

====== C:\Users\Electrikeye ======

2013-08-04 23:09:48 21D2A2DE8554DEBA29D8B721EB29E552 726464 ----a-w- C:\Users\Electrikeye\Downloads\SpyHunter-Installer (3).exe

2013-08-04 22:59:32 99FF410D3B6E8C7194EA8E001BBAE131 28659040 ----a-w- C:\Users\Electrikeye\Downloads\TuneUpUtilities2013_nl-NL.exe

2013-08-04 22:31:30 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\Electrikeye\Downloads\SpyHunter-Installer (2).exe

2013-08-04 22:01:38 7251634C9F0E9822CB9692AD5898D803 2828552 ----a-w- C:\Users\Electrikeye\Downloads\avast-browser-cleanup.exe

2013-08-04 21:49:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2013-08-04 20:03:43 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Users\Electrikeye\Downloads\adwcleaner.exe

2013-08-04 19:46:57 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\Electrikeye\Downloads\SpyHunter-Installer (1).exe

2013-08-04 19:34:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

2013-08-04 19:31:24 0EA95F1E762494B5D928ED4D5B5DA29B 117478104 ----a-w- C:\Users\Electrikeye\Downloads\avast_free_antivirus_setup.exe

2013-08-04 14:06:29 A8B5123A82CE82D806145C5EBAF8D3DB 784880 ----a-w- C:\Users\Electrikeye\Downloads\ChromeSetup.exe

2013-08-03 22:01:58 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\Electrikeye\Downloads\SpyHunter-Installer.exe

2013-08-03 21:52:42 3C6B3DFE2D8C5E0E61AE1468E9623F3E 655200 ----a-w- C:\Users\Electrikeye\Downloads\setup(2).exe

2013-08-02 21:24:42 -------- d-----w- C:\ProgramData\Ashtons Family Resort

====== C: exe-files ==

2013-08-04 23:09:48 21D2A2DE8554DEBA29D8B721EB29E552 726464 ----a-w- C:\Users\Electrikeye\Downloads\SpyHunter-Installer (3).exe

2013-08-04 22:59:32 99FF410D3B6E8C7194EA8E001BBAE131 28659040 ----a-w- C:\Users\Electrikeye\Downloads\TuneUpUtilities2013_nl-NL.exe

2013-08-04 22:39:57 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Electrikeye\AppData\Roaming\Microsoft\Installer\{8AE3CFB6-78B2-4F55-A7BE-618FCFF43A03}\Icon1226A4C5.exe

2013-08-04 22:39:56 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Electrikeye\AppData\Roaming\Microsoft\Installer\{8AE3CFB6-78B2-4F55-A7BE-618FCFF43A03}\IconF7A21AF7.exe

2013-08-04 22:39:56 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Electrikeye\AppData\Roaming\Microsoft\Installer\{8AE3CFB6-78B2-4F55-A7BE-618FCFF43A03}\IconD7F16134.exe

2013-08-04 22:31:30 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\Electrikeye\Downloads\SpyHunter-Installer (2).exe

2013-08-04 22:01:38 7251634C9F0E9822CB9692AD5898D803 2828552 ----a-w- C:\Users\Electrikeye\Downloads\avast-browser-cleanup.exe

2013-08-04 21:49:14 4A3B3C915C3FC187689EC0EB116C2616 33792864 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\28.0.1500.95\28.0.1500.95_chrome_installer.exe

2013-08-04 21:48:32 6466C051022547489D3409205128881B 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateBroker.exe

2013-08-04 21:48:32 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

2013-08-04 21:48:32 1CA3976D1B1FE826ADF339F90AC25C60 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe

2013-08-04 21:48:32 107FB8EC41EA89DFD895E900A78BB9C6 784880 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdateSetup.exe

2013-08-04 21:48:31 D9A08472D8D0218A0AE2C9D9F63EA531 290696 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

2013-08-04 21:48:31 8726802EA4FBFFA3FD54FD2449BF51D4 217992 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

2013-08-04 21:48:31 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleUpdate.exe

2013-08-04 20:03:43 4C47469F47FD9F8437B62A86F6E0874F 666633 ----a-w- C:\Users\Electrikeye\Downloads\adwcleaner.exe

2013-08-04 19:46:57 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\Electrikeye\Downloads\SpyHunter-Installer (1).exe

2013-08-04 19:34:36 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\System32\aswBoot.exe

2013-08-04 19:31:24 0EA95F1E762494B5D928ED4D5B5DA29B 117478104 ----a-w- C:\Users\Electrikeye\Downloads\avast_free_antivirus_setup.exe

2013-08-04 19:21:47 3129F15EF44A1C48C898D5F4C8961372 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IOVIHQ3.exe

2013-08-04 19:19:29 B61EEE7F852F2657BF818BB674967C40 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IKDUNQS.exe

2013-08-04 19:14:15 A35E41A6B13B008982D91EFDCCB23D69 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I765BSH.exe

2013-08-04 14:35:27 B693AEE5CD3D6EB29057F8EFFAC67660 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I29CP83.exe

2013-08-04 14:35:27 A8C75E265799C1BDA2FF23C21DE07688 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I1RXY4O.exe

2013-08-04 14:35:27 9CFDF02426E6A80AD213CE872FB7EDF6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I6QSKMR.exe

2013-08-04 14:35:27 98433FFF3196AD196540A15BE5827B7F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I9FR6R9.exe

2013-08-04 14:35:27 96395031F4D86F82F1A638C461CD80B6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I3VMRA0.exe

2013-08-04 14:35:27 218FEA164B6A295862F8264B3C7FBAD7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IZOBCN6.exe

2013-08-04 14:35:27 1F1D17976BFC82E77D8A6AD87B973CFE 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IMO2VG8.exe

2013-08-04 14:35:00 EB283EB76EE94B9AF86930EE97026D78 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I1EL30I.exe

2013-08-04 14:35:00 E5E3D12C66783BCC817EA844633EC8D6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IY516TF.exe

2013-08-04 14:35:00 D7C545992259E12D875E9F32CDE81F65 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I8UHXGS.exe

2013-08-04 14:35:00 D25457A820521EAC73D86AF522FE1CB2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IDILAPZ.exe

2013-08-04 14:35:00 CB4B58A30CBB473EF19968AB67A8389E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IE7APR9.exe

2013-08-04 14:35:00 C5B6E5716C97110142952C0AACA5B8A2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IP8TWE4.exe

2013-08-04 14:35:00 BA32062DCDDEF5AF731423394B9D7A36 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IPNKFSE.exe

2013-08-04 14:35:00 B7CCC5D783D96ACD4E41BEC9C2E1E213 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$ID4A925.exe

2013-08-04 14:35:00 B7229598D539A7C69586C1E5EC20D27E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I6KDU17.exe

2013-08-04 14:35:00 B6B7AB818F671064FF8C9FBBA30279BE 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I0SSOZO.exe

2013-08-04 14:35:00 B5F59A07DCF7220C2B7DDFE5A15A2484 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IDUFKNZ.exe

2013-08-04 14:35:00 B5B491FCDEF7E9DBF14129D317C09315 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I6JXB86.exe

2013-08-04 14:35:00 B507CA9CCA1549D25CD93FE46F3D42B7 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IK646OC.exe

2013-08-04 14:35:00 B3C5DF2F4C1CA163953CA7BA5AA53C37 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IY84WYV.exe

2013-08-04 14:35:00 ABFB34FCD5D0EF52FCA8A8F76E8B9176 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$ISA9DN2.exe

2013-08-04 14:35:00 ABD0A1529A390E72E8DF55A8CDAB1861 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I9MPSDG.exe

2013-08-04 14:35:00 A843689E69E9A90E02E4C5A6874C0145 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IRZ801Q.exe

2013-08-04 14:35:00 A7BBD42AB74B84F96F6BDBF818916FE6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$ILCQ8AD.exe

2013-08-04 14:35:00 A51B782AB28E8282ADF0F8D84D060816 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IKED4AO.exe

2013-08-04 14:35:00 9F187E1DA7C3B202867F5E370760BE70 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I37UW1Z.exe

2013-08-04 14:35:00 95220E746DA7A8AD3140C4C49E431EF2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$ICW9KOE.exe

2013-08-04 14:35:00 842249D8B6C3FC00765EB179AD51381A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$INWSAF6.exe

2013-08-04 14:35:00 83952103DB302D0366B82E8FDFAC10AC 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I8QNCY1.exe

2013-08-04 14:35:00 8240407C47CCFE2CD067E002C82D4FB6 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IH7GX92.exe

2013-08-04 14:35:00 7EBCD2BCEF394FACF3CBE4DF70BFFC67 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IKXYTHT.exe

2013-08-04 14:35:00 7DC53E6AFC1B11323BDBE64F2C3BC604 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IY6I0MB.exe

2013-08-04 14:35:00 756FAC4CF06C3FCF8FF3ACF2681ECDB3 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IAR59RQ.exe

2013-08-04 14:35:00 6AFFCF3EC856968724A6FFE056F11133 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I4RV5HB.exe

2013-08-04 14:35:00 5D7D3C44B98381A577F472D42E93FF9B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IU5GTC1.exe

2013-08-04 14:35:00 51E91B1FB9A9577C94C07320FC3E2F28 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IZ2N0BI.exe

2013-08-04 14:35:00 51CA387FF4D18ACEB7837268A5C3698E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IC0Q4NK.exe

2013-08-04 14:35:00 515547A88A5223F53C5E0391145BA7BA 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I1R84Q5.exe

2013-08-04 14:35:00 4AEC3CA3B892D1FEF69DF6A95D449C39 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I26CYS1.exe

2013-08-04 14:35:00 2CB090C591766E1BB756E75D730B0739 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I21ZZFY.exe

2013-08-04 14:35:00 2BD4A47A7FB6ACA252D1BDC9D237BC5B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IW1GGCH.exe

2013-08-04 14:35:00 1F7403AC29DA65DA5B07A3CA35ADE857 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IKSD2C6.exe

2013-08-04 14:35:00 1CB5E4BF06ECD0C6FB9288B4A0539999 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I1MWXS6.exe

2013-08-04 14:35:00 07855C4BB47D88E824490ED8B5429459 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I6PF2UT.exe

2013-08-04 14:35:00 0561EA1B84DA76FB61BD77973617C695 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IFKUFNA.exe

2013-08-04 14:06:29 A8B5123A82CE82D806145C5EBAF8D3DB 784880 ----a-w- C:\Users\Electrikeye\Downloads\ChromeSetup.exe

2013-08-03 22:02:16 B575AB32F77C20EB24D2EB4822B0EFBA 46646352 ----a-w- C:\Users\Electrikeye\AppData\Local\Temp\SHSetup.exe

2013-08-03 22:01:58 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\Electrikeye\Downloads\SpyHunter-Installer.exe

2013-08-03 21:52:42 3C6B3DFE2D8C5E0E61AE1468E9623F3E 655200 ----a-w- C:\Users\Electrikeye\Downloads\setup(2).exe

2013-08-03 21:18:22 30A17EBA6EF99EC3DAAA90A2AF83FF9D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$I9DYF6R.exe

2013-08-03 12:38:16 F3A10836603E03A28CAF404B29328F92 394320 ----a-w- C:\Users\Electrikeye\AppData\Local\Temp\uninst1.exe

2013-07-31 16:12:18 F850FB25CC95C20CAB231AA9F245BA5E 5984531 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1.11.0.1146[1].exe

=== C: other files ==

2013-08-04 19:34:44 3815DB16CDA62190F5C0A65118F3D714 378944 ----a-w- C:\Windows\System32\drivers\aswSP.sys

2013-08-04 19:34:44 0BAEFD3F648C6E7AB52990DD9565E4E2 33400 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys

2013-08-04 19:34:42 64E2BAB4096C13D2342BC4661C967E07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-08-04 19:34:39 29DD8E458A84171202AA4979364C30C0 64288 ----a-w- C:\Windows\System32\drivers\aswTdi.sys

2013-08-04 19:34:37 8C0800CDB501CFC1164B286A0478DC10 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-08-04 19:34:37 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-08-04 19:34:37 22F521108881DC59837F6FC614E0568F 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-08-04 19:34:36 FA562F34ED6633C66170B09182B4C049 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-08-04 14:35:00 75A8EBA9F3429E325B5F3EC52179F3B5 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1961875930-2905929432-421735862-1001\$IK5NG3N.sys

2013-08-03 22:04:22 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

2013-08-03 22:03:46 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Electrikeye\AppData\Local\Temp\ESGScanner.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1961875930-2905929432-421735862-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"SDP"="C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto "

"Spotify"="C:\Users\Electrikeye\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Electrikeye\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"

"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"

"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

"KPN Assistent"="C:\Program Files (x86)\KPN\KPN Assistent\KPN_Assistent.exe /auto"

"Otshot"="c:\program files\otshot\otshot.exe -minimize"

"Denzi"="C:\Program Files (x86)\Denzi\Denzi.exe"

"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"SDP"="C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto "

"Spotify"="C:\Users\Electrikeye\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Electrikeye\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-08-2013 23:48]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-08-2013 23:48]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Undetermined - %AppDir%\extensions\staged

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

- Undetermined - %AppDir%\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[]

fdloijijlkoblmigdofommgnheckmaki - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx[]

fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 11:09]

jifflliplgeajjdhmkcfnngfpgbjonjg - C:\Program Files (x86)\Perion\NewTab\newTab.crx[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[]

meinjhkhgaalhfbinmclpmjikccbplkf - C:\Users\Electrikeye\AppData\Local\CRE\meinjhkhgaalhfbinmclpmjikccbplkf.crx[]

mpfapcdfbbledbojijcbcclmlieaoogk - C:\Users\Electrikeye\AppData\Local\I Want This\Chrome\I Want This.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

meinjhkhgaalhfbinmclpmjikccbplkf - C:\Users\Electrikeye\AppData\Local\CRE\meinjhkhgaalhfbinmclpmjikccbplkf.crx[]

Google Docs - Electrikeye - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Electrikeye - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Electrikeye - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Electrikeye - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

avast Ad Blocker - Electrikeye - Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd

AdBlock - Electrikeye - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

avast Online Security - Electrikeye - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

New tab for Chrome\u2122 - Electrikeye - Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg

Gmail - Electrikeye - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Electrikeye\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com/"

"Search Bar"="http://www.bing.com"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=2133e195-412b-4090-ae1d-7ca51e78a860&searchtype=ds&q={searchTerms}&installDate=30/04/2013"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=2133e195-412b-4090-ae1d-7ca51e78a860&searchtype=ds&q={searchTerms}&installDate=30/04/2013"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.google.com/"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\Electrikeye\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Electrikeye\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf deleted successfully

==== HijackThis Entries ======================