QVO6 probleem

[Saintofkillers]

Hier alvast de hijack this log

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:10:53, on 10/08/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16635)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Users\Sabine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sabine\AppData\Roaming\Spotify\spotify.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchpages.info/?unqvl=29

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKCU\..\Run: [bitTorrent] "C:\Users\Sabine\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [spotify] "C:\Users\Sabine\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Sabine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~2\websea~1\sprote~1.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: lxcf_device - - C:\Windows\system32\lxcfcoms.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12675 bytes

Wat moet ik verwijderen om mijn qvo6 probleem op te lossen?

Dank!!!

[kape]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchpages.info/?unqvl=29

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O20 - AppInit_DLLs: c:\progra~2\websea~1\sprote~1.dll

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

 
startupall; 
filesrcm; 

Vink nu de onderstaande opties aan.

• HijackThis Log
  
• Firefox Look
  
• Chrome Look
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[Saintofkillers]

Zoek.exe Version 4.0.0.4 Updated 10-August-2013

Tool run by Sabine on zo 11/08/2013 at 13:29:36,59.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Sabine\Downloads\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

11/08/2013 13:32:55 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1948262491-116342277-127499765-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\2jbldbb3.default-1373378846779\prefs.js:

user_pref("browser.startup.homepage", "https://www.google.be/");

user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");

user_pref("browser.search.defaulturl", "http://websearch.searchpages.info/?unqvl=29&l=1&q=");

user_pref("browser.search.defaultenginename", "WebSearch");

user_pref("browser.search.defaultenginename,S", "WebSearch");

user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");

user_pref("browser.search.selectedEngine", "WebSearch");

user_pref("browser.search.selectedEngine,S", "WebSearch");

user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

user_pref("browser.search.order.1", "WebSearch");

user_pref("browser.search.order.1,S", "WebSearch");

user_pref("keyword.URL", "http://websearch.searchpages.info/?unqvl=29&l=1&q=");

user_pref("sweetim.toolbar.previous.keyword.URL", "");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\2jbldbb3.default-1373378846779\prefs.js:

ProfilePath: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\2jbldbb3.default-1373378846779

---- Lines 34dpc@eyymcz.edu removed from prefs.js ----

---- Lines 34dpc@eyymcz.edu modified from prefs.js ----

---- Lines 34dpc@eyymcz.edu removed from user.js ----

---- Lines WebSearch removed from prefs.js ----

---- Lines WebSearch modified from prefs.js ----

---- Lines WebSearch removed from user.js ----

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines babylon removed from user.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- Lines SweetIM removed from user.js ----

---- Lines ilivid removed from prefs.js ----

---- Lines ilivid modified from prefs.js ----

---- Lines ilivid removed from user.js ----

---- Lines browser.startup.page removed from prefs.js ----

---- Lines browser.startup.page modified from prefs.js ----

---- Lines browser.startup.page removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_20131108_1339_.backup

prefs_20131108_1339_.backup

==== Deleting Files \ Folders ======================

"C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\2jbldbb3.default-1373378846779\searchplugins\WebSearch.xml" deleted

"C:\windows\SysNative\Tasks\YourFile DownloaderUpdate" deleted

"C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk" deleted

"C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\2jbldbb3.default-1373378846779\searchplugins\WebSearch.xml" deleted

"C:\ProgramData\ssafe saovei" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted

"C:\Program Files (x86)\WebSearch" deleted

"C:\Users\Sabine\AppData\Roaming\eIntaller" deleted

"C:\Users\Sabine\AppData\Roaming\Web Cake" deleted

"C:\Users\Sabine\AppData\Roaming\YourFileDownloader" deleted

"C:\ProgramData\eSafe" deleted

"C:\ProgramData\StarApp" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ssafe saovei" deleted

"C:\Users\Sabine\AppData\LocalLow\ssafe saovei" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-08-07 09:40:11 B0CC70E8CE80A1955623B85E062C94BD 614435121 ----a-w- C:\Windows\MEMORY.DMP

====== C:\Users\Sabine\AppData\Local\Temp ====

2013-08-10 14:14:54 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Sabine\AppData\Local\Temp\ESGScanner.sys

2013-08-10 14:10:30 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Sabine\AppData\Local\Temp\SHSetup.exe

2013-08-09 11:32:28 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Sabine\AppData\Local\Temp\tgd14naj.dll

====== C:\Windows\SysWOW64 =====

2013-07-28 15:20:33 A64711C9CF690718EADA750370EC5EB2 4659712 ----a-w- C:\Windows\SysWOW64\Redemption.dll

2013-07-28 15:20:24 37655385D1CF8560A52027B8008FAE0E 821824 ----a-w- C:\Windows\SysWOW64\dgderapi.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-07-28 15:23:11 5DC6B957DF2AE4B704C71AAFAE4BF401 1919168 ----a-w- C:\Windows\Sysnative\WdfCoInstaller01005.dll

====== C:\Windows\Sysnative\drivers =====

2013-08-10 14:14:54 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\Sysnative\drivers\EsgScanner.sys

2013-08-08 10:27:59 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-07-28 15:23:11 5DC6B957DF2AE4B704C71AAFAE4BF401 1919168 ----a-w- C:\Windows\Sysnative\drivers\WdfCoInstaller01005.dll

2013-07-28 15:23:11 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\Sysnative\drivers\ssadwhnt.sys

2013-07-28 15:23:11 0D7B007DEA662EE90C87CB0AEA5D692A 17736 ----a-w- C:\Windows\Sysnative\drivers\ssadwh.sys

2013-07-28 15:23:10 FF20F67DD5644BD1D2E7FCD95AF7F03B 158024 ----a-w- C:\Windows\Sysnative\drivers\ssadserd.sys

2013-07-28 15:23:10 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\Sysnative\drivers\ssadcmnt.sys

2013-07-28 15:23:10 FE9FA1AAE4D00CA73ADEF4437CD89679 17224 ----a-w- C:\Windows\Sysnative\drivers\ssadcm.sys

2013-07-28 15:23:10 D6CFD3B2EABCF9327DE39C62BABFA1E3 21320 ----a-w- C:\Windows\Sysnative\drivers\ssadmdfl.sys

2013-07-28 15:23:10 5EB01E6148742C3EC2185AC92F6D16FD 188232 ----a-w- C:\Windows\Sysnative\drivers\ssadmdm.sys

2013-07-28 15:23:10 52D6F40B50ECFC051979FEC68E74F0F8 169288 ----a-w- C:\Windows\Sysnative\drivers\ssadbus.sys

2013-07-28 15:23:10 3CF7A4350C9646D92F147D620EC0D363 38080 ----a-w- C:\Windows\Sysnative\drivers\ssadadb.sys

====== C:\Windows\Tasks ======

2013-08-10 14:14:54 DBCF51F81101C8CA5C6137CBB8012C66 3332 ----a-w- C:\Windows\Sysnative\Tasks\SpyHunter4Startup

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-08-10 14:14:51 -------- d-----w- C:\Program Files\Enigma Software Group

======= C:\Program Files (x86) =====

2013-08-10 14:14:25 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2013-08-10 14:08:07 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-07-28 15:20:03 -------- d-----w- C:\Program Files (x86)\Samsung

2013-07-24 20:38:47 -------- d-----w- C:\Program Files (x86)\Common Files\Skype

2013-07-24 20:38:47 -------- d-----r- C:\Program Files (x86)\Skype

======= C: =====

2013-08-10 14:15:28 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

====== C:\Users\Sabine\AppData\Roaming ======

2013-08-10 14:14:52 -------- d-----w- C:\users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter

2013-07-29 20:52:30 -------- d-----w- C:\users\Sabine\AppData\Locallow\EboeoKBroiwSe

2013-07-28 15:51:06 -------- d-----w- C:\users\Sabine\AppData\Local\Samsung

2013-07-28 15:51:03 -------- d-----w- C:\users\Sabine\AppData\Roaming\Samsung

2013-07-28 15:18:55 -------- d-----w- C:\users\Sabine\AppData\Local\Downloaded Installations

2013-07-24 20:38:53 -------- d-----w- C:\users\Jochen\AppData\Roaming\Skype

2013-07-23 01:07:28 -------- d-----w- C:\users\Sabine\AppData\Local\Programs

====== C:\Users\Sabine ======

2013-08-10 14:10:19 7FABE7FDAE109028ABC40A647953164D 728960 ----a-w- C:\Users\Sabine\Downloads\SpyHunter-Installer.exe

2013-08-09 07:19:15 03C8B84FF051328F6892B6F505C7BBAC 300680 ----a-w- C:\Users\Sabine\Downloads\setup.exe

2013-07-28 15:20:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

2013-07-28 15:20:03 -------- d-----w- C:\ProgramData\Samsung

2013-07-24 20:38:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

====== C: exe-files ==

2013-08-10 15:59:52 EEA0B34B60632083F2A75352BAE365FB 726464 ----a-w- C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WUR5HZU0\SpyHunter-Installer.exe

2013-08-10 14:14:52 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Sabine\AppData\Roaming\Microsoft\Installer\{67E1227E-D553-4A6A-96CD-40CCBBC705D8}\IconF7A21AF7.exe

2013-08-10 14:14:52 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Sabine\AppData\Roaming\Microsoft\Installer\{67E1227E-D553-4A6A-96CD-40CCBBC705D8}\IconD7F16134.exe

2013-08-10 14:14:52 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Sabine\AppData\Roaming\Microsoft\Installer\{67E1227E-D553-4A6A-96CD-40CCBBC705D8}\Icon1226A4C5.exe

2013-08-10 14:14:26 8BE4ED63F6E098F75F8996541791C231 190411 ----a-w- C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP\WiseCustomCalla36.exe

2013-08-10 14:10:30 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Sabine\AppData\Local\Temp\SHSetup.exe

2013-08-10 14:10:19 7FABE7FDAE109028ABC40A647953164D 728960 ----a-w- C:\Users\Sabine\Downloads\SpyHunter-Installer.exe

2013-08-09 07:19:15 03C8B84FF051328F6892B6F505C7BBAC 300680 ----a-w- C:\Users\Sabine\Downloads\setup.exe

2013-08-08 10:26:19 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Sabine\AppData\Local\Temp\is1326335552\2293068_Setup.EXE

2013-08-07 14:54:38 CE84DFCA7E5268E1ED367D4678417FAA 295424 ------w- C:\Users\Sabine\AppData\Local\Temp\is1326335552\LollipopInstaller.exe

2013-08-06 20:53:24 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\Sabine\AppData\Local\Temp\D9BC9FA8-01A1-4F35-B2E5-73DCF0D106EA\DismHost.exe

2013-08-04 18:38:18 22385EE33688B10B61DA1D8CA9549E4B 120192 ----a-w- C:\Users\Sabine\AppData\Local\Temp\clear.fiClient\cabarc.exe

=== C: other files ==

2013-08-11 11:42:20 6D04886D649030E2CEAD917DABE8D843 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1948262491-116342277-127499765-1001\$I1WJO9C.zip

2013-08-10 14:15:28 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

2013-08-10 14:14:58 64F7854468F5D54389D9E0500FD47FE8 7529344 ----a-w- C:\Program Files\Enigma Software Group\SpyHunter\SH4.com

2013-08-10 14:14:54 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys

2013-08-10 14:14:54 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Sabine\AppData\Local\Temp\ESGScanner.sys

2013-08-09 08:23:38 FB44AB3F6D7EE71D08989F7621D29FB8 648 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave3.zip

2013-08-09 08:23:38 BF3A665CD4B6477BDA613488B550F31E 645 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip

2013-08-09 08:23:38 B26588002B8DDD8A6DAE550EF8E2B319 742 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\YourFileDownloader.zip

2013-08-09 08:23:38 A5B8B6ACDF778C236C42270FB54DBEBE 336 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave7.zip

2013-08-09 08:23:38 9D4AC9F1C18BB54619BC1F5BFD555A49 550 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar.zip

2013-08-09 08:23:38 9C383E14FD68325C774A36205EF8DDAC 618 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar1.zip

2013-08-09 08:23:38 807C148F7BCEFA66B43D07FF3E419936 3645 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave6.zip

2013-08-09 08:23:38 4E79DF214BCE0EF41DE8803D6F18B545 1320 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave8.zip

2013-08-09 08:23:38 442F5AEF5D01F03C876F7A3901E02D37 552 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave4.zip

2013-08-09 08:23:38 3EC03ACE40C395C67DDB8CD7EAFF60EA 618 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave5.zip

2013-08-09 08:23:38 2EB16732DD2CD3D15B85DA2B72CB2F21 575 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave2.zip

2013-08-09 08:23:38 24A6D6215CDF7239DCCBC4CAE761B813 1150925 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\KeywordHijacker.zip

2013-08-09 08:23:38 235365E6F68D1084EB1AAAE73259E56A 574 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave.zip

2013-08-09 08:23:38 211D34C1C67F01DDAFE8FA8CB9329DB6 796 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\ElexDesk.zip

2013-08-09 08:23:38 0FFA7DA5C68C7364201502635EB50D3F 657 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave9.zip

2013-08-08 10:27:59 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1948262491-116342277-127499765-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="C:\Users\Sabine\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED"

"Spotify"="C:\Users\Sabine\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Sabine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"

"Dolby Advanced Audio v2"="C:\Dolby PCEE4\pcee4.exe -autostart"

"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"

"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe -osboot"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"BitTorrent"="C:\Users\Sabine\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED"

"Spotify"="C:\Users\Sabine\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Sabine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"

"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"

@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "

"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"

"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [28/07/2013 15:44]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/03/2013 18:34]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/03/2013 18:34]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

==== Firefox Plugins ======================

Profilepath: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\2jbldbb3.default-1373378846779

0C8597DBC74AAF5179471BA013E3C6B4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll - Shockwave Flash

2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16

F7015E6C5FE1E74C0E029A291E732787 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)

BF115DE08783E9FA8A9BB83DAA39149B - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)

395BB0421E1C57D201DCE4D48E05E0BA - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)

A56B8E622037E6D57480F16F4B8F472C - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[06/03/2013 02:26]

RealDownloader - Jochen - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji

Angry Birds - Sabine - Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

Bejeweled 2 Deluxe - Sabine - Default\Extensions\ggojbamedagekhbkdpjhalimjgommeaf

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://google.com/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=TOSHIBAXMK5059GSXP_423RC5O8TXX423RC5O8T&ts=1375957651"

"Start Page"="http://websearch.searchpages.info/?unqvl=29"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=TOSHIBAXMK5059GSXP_423RC5O8TXX423RC5O8T&ts=1375957651"

"Start Page"="http://websearch.searchpages.info/?unqvl=29"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://google.com/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\Jochen\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Jochen\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Sabine\Desktop\HiJackThis.lnk - C:\Users\Sabine\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\Sabine\Desktop\Spotify.lnk - C:\Users\Sabine\AppData\Roaming\Spotify\spotify.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6

C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe

C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Sabine\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk - C:\Windows\explorer.exe "C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4.com"

C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk - C:\Windows\SysWOW64\msiexec.exe /X {67E1227E-D553-4A6A-96CD-40CCBBC705D8}

C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk - C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe /removeonly

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Story Album Viewer\Samsung Story Album Viewer.lnk - C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Story Album Viewer\Uninstall Samsung Story Album Viewer.lnk - C:\Program Files (x86)\InstallShield Installation Information\{698BBAD8-B116-495D-B879-0F07A533E57F}\setup.exe /removeonly

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Jochen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Jochen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Jochen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Jochen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Jochen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Jochen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Story Album Viewer.lnk - C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Sabine\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKCU\..\Run: [bitTorrent] "C:\Users\Sabine\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [spotify] "C:\Users\Sabine\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Sabine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: c:\progra~2\websea~1\sprote~1.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: lxcf_device - - C:\Windows\system32\lxcfcoms.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Jochen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Sabine\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\users\Sabine\AppData\Local\Mozilla\Firefox\Profiles\2jbldbb3.default-1373378846779\Cache will be emptied at reboot

==== Empty Chrome Cache ======================

C:\users\Jochen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Sabine\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Sabine\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 11/08/2013 at 22:26:25,71 ======================

Laptop is ook heropgestart, btw

[kape]

Dit ziet er netjes uit nu ... heb je nu nog problemen met QVO6 of andere merkbare problemen ?

[Saintofkillers]

Ik ondervind geen problemen meer, dus dit is opgelost, neem ik aan.

Hartelijk dank, ik zet het topic op opgelost

[kape]

Verwijder nog wel zoek.exe van je bureaublad en laat dit nog even scannen:

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.