Ga naar inhoud

malware op mijn computer

remo
 Delen

Aanbevolen berichten

Asus Grootmeester

Asus

Geplaatst:
Geplaatst:

Hoi remo,

welkom op PC-Helpforum.be. ;)

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk.

Kan je het onderstaande uitvoeren en het gevraagde logje hier in je topic posten ? ...

 

Download 51a5f5d096dae-icon_RSIT.png RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

 

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

 

Link naar reactie
Delen op andere sites
remo Nieuweling

remo

Geplaatst:
  • Auteur
Geplaatst:

Hallo,

 

Ik hoop dat deze goed is.

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Gebruiker at 2015-01-15 11:26:44
Microsoft Windows 7 Enterprise  Service Pack 1
System drive C: has 128 GB (18%) free of 715 GB
Total RAM: 8044 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:27:17, on 15-1-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Gebruiker.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1421253045&from=exp&uid=WDCXWD7500BPVT-22HXZT3_WD-WXA1E51EJF77EJF77&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1421253045&from=exp&uid=WDCXWD7500BPVT-22HXZT3_WD-WXA1E51EJF77EJF77
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1421253045&from=exp&uid=WDCXWD7500BPVT-22HXZT3_WD-WXA1E51EJF77EJF77&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1421253045&from=exp&uid=WDCXWD7500BPVT-22HXZT3_WD-WXA1E51EJF77EJF77&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1421253045&from=exp&uid=WDCXWD7500BPVT-22HXZT3_WD-WXA1E51EJF77EJF77
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nexus]  (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nexus]  (User 'Default user')
O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.10 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Winstep Xtreme Service - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11052 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=44c17c13-1fce-410f-83a1-bc2973bb6836 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\93de537f-6475-4119-96a6-7577b0af1476-194-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\Explorer.EXE
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\KMSpico\Service_KMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
"C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe" /TUStart /pid:3424
"C:\Program Files (x86)\Winstep\WsxService"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-146841313-1588484448-389034741-2033688503-1190002332865129046576078928337164937
WLIDSvcM.exe 3624
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-41be1c69-d0c7-4dc8-a6d4-8d845168dffc -SystemEventPortName:HostProcess-d5de4a8f-24f8-46d3-99bf-44de311abb90 -IoCancelEventPortName:HostProcess-e8f9f620-964e-4831-982c-8f71d8e1ab41 -NonStateChangingEventPortName:HostProcess-15bdc153-a835-4180-97d1-86247b03e47a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2ff178d7-3a7b-4e72-bf3c-9adcb423df5d -DeviceGroupId:WpdFsGroup
ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe" --type=renderer --no-sandbox --user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko" --lang=en-US --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --lang=en-US --uncaught-exception-stack-size=1024 --disable-pepper-3d --disable-accelerated-compositing --disable-accelerated-video-decode --disable-webrtc-hw-encoding --enable-software-compositing --disable-gpu-compositing --disable-pepper-3d --channel="3548.2.1360154665\512337525" /prefetch:673131151
taskeng.exe {E970DECE-EE51-4059-BCCF-2EA9532B0C70}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540

"C:\Users\Gebruiker\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  

=========Mozilla firefox=========

ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\or9i1a1y.default-1415777599621

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "https://www.google.be/?gws_rd=ssl"

"{5081D2D4-1637-404c-B74F-50526718257D}"=C:\Program Files\shopperz\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.257 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.257 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\or9i1a1y.default-1415777599621\extensions\
avg@toolbar
fftoolbar2014@etech.com
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}

C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\or9i1a1y.default-1415777599621\searchplugins\
avg-secure-search.xml
webssearches.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll [2014-11-12 2369560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-12-16 5188112]
""= []
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-11-12 3060248]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-02-20 1994752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoResolveTrack"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-15 11:26:45 ----D---- C:\Program Files\trend micro
2015-01-15 11:26:44 ----D---- C:\rsit
2015-01-15 10:17:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 09:17:38 ----D---- C:\zoek_backup
2015-01-15 07:49:56 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-15 07:49:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-15 07:49:40 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-15 07:49:39 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-15 07:49:38 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-15 07:49:38 ----A---- C:\Windows\system32\srcore.dll
2015-01-15 07:49:38 ----A---- C:\Windows\system32\srclient.dll
2015-01-15 07:49:38 ----A---- C:\Windows\system32\rstrui.exe
2015-01-14 18:35:00 ----A---- C:\autoexec.bat
2015-01-14 18:07:40 ----D---- C:\shoplog
2015-01-14 17:31:47 ----D---- C:\Users\Gebruiker\AppData\Roaming\webssearches
2015-01-14 17:30:32 ----D---- C:\Program Files\shopperz
2015-01-14 07:37:54 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 07:37:51 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 07:37:50 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 07:37:50 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 07:37:47 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-10 14:50:50 ----D---- C:\Downloads
2015-01-10 14:50:06 ----D---- C:\Program Files (x86)\Google
2015-01-10 14:49:28 ----D---- C:\Users\Gebruiker\AppData\Roaming\BitComet
2015-01-10 14:49:22 ----D---- C:\Program Files\BitComet
2015-01-10 14:48:15 ----D---- C:\Users\Gebruiker\AppData\Roaming\BitTorrent
2015-01-05 11:03:21 ----D---- C:\Program Files (x86)\Windows Live
2015-01-03 13:39:28 ----D---- C:\Users\Gebruiker\AppData\Roaming\CyberLink
2015-01-03 13:37:27 ----D---- C:\ProgramData\PDVD
2015-01-03 13:37:25 ----D---- C:\Program Files (x86)\InstallShield Installation Information
2015-01-03 13:37:24 ----D---- C:\Program Files (x86)\NSIS Uninstall Information
2015-01-03 13:33:48 ----D---- C:\ProgramData\CyberLink
2015-01-03 13:33:46 ----D---- C:\ProgramData\SUPPORTDIR
2015-01-03 13:33:46 ----D---- C:\ProgramData\install_clap
2015-01-03 09:21:59 ----D---- C:\Users\Gebruiker\AppData\Roaming\Nero
2015-01-03 09:13:40 ----D---- C:\Program Files (x86)\Nero
2015-01-03 09:13:32 ----D---- C:\ProgramData\Nero
2015-01-03 09:12:36 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2015-01-03 09:12:33 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2015-01-03 09:12:31 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2015-01-03 09:12:28 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-01-03 09:12:25 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-01-03 09:12:13 ----D---- C:\ProgramData\Package Cache
2014-12-21 09:38:43 ----D---- C:\Users\Gebruiker\AppData\Roaming\Apple Computer
2014-12-21 09:38:22 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2014-12-21 09:38:21 ----DC---- C:\Windows\system32\DRVSTORE
2014-12-21 09:36:41 ----D---- C:\Program Files\iPod
2014-12-21 09:36:40 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-21 09:36:40 ----D---- C:\ProgramData\Apple Computer
2014-12-21 09:36:40 ----D---- C:\Program Files\iTunes
2014-12-21 09:36:40 ----D---- C:\Program Files (x86)\iTunes
2014-12-21 09:36:26 ----D---- C:\Program Files (x86)\Apple Software Update
2014-12-21 09:36:02 ----D---- C:\Program Files\Common Files\Apple
2014-12-21 09:35:47 ----D---- C:\Program Files\Bonjour
2014-12-21 09:35:47 ----D---- C:\Program Files (x86)\Bonjour
2014-12-21 09:35:10 ----D---- C:\ProgramData\Apple
2014-12-18 07:42:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 07:42:40 ----A---- C:\Windows\system32\ieUnatt.exe

======List of files/folders modified in the last 1 month======

2015-01-15 11:26:45 ----RD---- C:\Program Files
2015-01-15 11:23:27 ----D---- C:\Windows\Temp
2015-01-15 11:05:09 ----D---- C:\Users\Gebruiker\AppData\Roaming\FileZilla
2015-01-15 11:01:08 ----D---- C:\Users\Gebruiker\AppData\Roaming\vlc
2015-01-15 10:48:55 ----D---- C:\Users\Gebruiker\AppData\Roaming\dvdcss
2015-01-15 10:35:59 ----D---- C:\films
2015-01-15 10:17:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-15 10:17:35 ----RD---- C:\Program Files (x86)
2015-01-15 09:48:40 ----D---- C:\Windows\system32\config
2015-01-15 09:42:55 ----SHD---- C:\System Volume Information
2015-01-15 09:40:07 ----D---- C:\Windows\SysWOW64
2015-01-15 09:39:15 ----D---- C:\ProgramData\MFAData
2015-01-15 09:31:25 ----D---- C:\Windows\system32\catroot2
2015-01-15 09:29:44 ----D---- C:\Windows\system32\Tasks
2015-01-15 09:29:20 ----D---- C:\Windows\system32\drivers
2015-01-15 09:08:10 ----D---- C:\Windows\winsxs
2015-01-15 09:05:25 ----D---- C:\Windows\System32
2015-01-15 08:26:47 ----D---- C:\Windows\system32\wbem
2015-01-15 08:26:47 ----D---- C:\Windows
2015-01-15 08:25:49 ----D---- C:\Windows\inf
2015-01-15 08:25:48 ----D---- C:\Windows\system32\DriverStore
2015-01-15 08:25:48 ----D---- C:\Windows\registration
2015-01-15 08:10:43 ----D---- C:\Windows\system32\restore
2015-01-15 07:47:59 ----D---- C:\Windows\system32\catroot
2015-01-14 21:57:26 ----D---- C:\Windows\system32\MRT
2015-01-14 21:57:21 ----A---- C:\Windows\system32\mrt.exe
2015-01-14 19:32:47 ----D---- C:\Windows\Tasks
2015-01-14 19:32:44 ----SHD---- C:\Windows\Installer
2015-01-14 19:32:44 ----SHD---- C:\Config.Msi
2015-01-14 19:05:12 ----D---- C:\Windows\Prefetch
2015-01-14 18:03:10 ----D---- C:\Users\Gebruiker\AppData\Roaming\Skype
2015-01-14 17:17:33 ----D---- C:\Program Files (x86)\Common Files
2015-01-14 09:48:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-14 09:38:11 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2015-01-12 14:56:35 ----D---- C:\Users\Gebruiker\AppData\Roaming\HpUpdate
2015-01-12 13:58:45 ----RSD---- C:\Windows\assembly
2015-01-12 13:58:34 ----RSD---- C:\Windows\Fonts
2015-01-12 13:58:33 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-01-11 16:48:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-10 16:52:53 ----D---- C:\ProgramData\Skype
2015-01-10 16:52:49 ----RD---- C:\Program Files (x86)\Skype
2015-01-10 15:51:13 ----D---- C:\Users\Gebruiker\AppData\Roaming\uTorrent
2015-01-10 14:31:47 ----D---- C:\Serie's
2015-01-09 17:27:16 ----SD---- C:\Users\Gebruiker\AppData\Roaming\Microsoft
2015-01-05 11:06:43 ----D---- C:\USB NDE
2015-01-05 11:03:47 ----SD---- C:\ProgramData\Microsoft
2015-01-05 11:02:42 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-01-04 18:15:38 ----D---- C:\windows programma's
2015-01-03 13:37:27 ----HD---- C:\ProgramData
2015-01-03 13:34:28 ----D---- C:\ProgramData\TEMP
2015-01-03 09:50:21 ----D---- C:\muziek
2015-01-03 09:44:01 ----D---- C:\Windows\Cursors
2015-01-03 09:12:23 ----D---- C:\Windows\Logs
2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-31 10:44:51 ----D---- C:\Windows\system32\appmgmt
2014-12-29 12:48:52 ----D---- C:\Windows\rescache
2014-12-28 13:35:28 ----D---- C:\Program Files (x86)\VSO
2014-12-28 13:35:26 ----D---- C:\Users\Gebruiker\AppData\Roaming\Vso
2014-12-28 13:35:26 ----A---- C:\Users\Gebruiker\AppData\Roaming\inst.exe
2014-12-28 09:31:57 ----SHD---- C:\$Recycle.Bin
2014-12-25 10:25:35 ----D---- C:\E - Books
2014-12-21 09:36:02 ----D---- C:\Program Files\Common Files
2014-12-19 16:28:52 ----HD---- C:\Windows\system32\GroupPolicy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-29 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-10-24 237848]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-20 269080]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-11-12 50976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-12-13 2797056]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-07-19 110744]
R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-02-09 11856]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 cherimoya;cherimoya; C:\Windows\system32\drivers\cherimoya.sys []
S3 b06diag;Broadcom NetXtreme II Diag Driver; C:\Windows\system32\drivers\bxdiaga.sys [2012-03-08 88104]
S3 BFN7x64;Bigfoot Networks Killer Gaming Service; C:\Windows\system32\drivers\Xeno7x64.sys [2012-02-22 157288]
S3 bxfcoe;bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [2012-02-22 178216]
S3 bxois;bxois; C:\Windows\system32\drivers\bxois.sys [2012-02-22 539176]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys [2009-11-16 40144]
S3 ioatdma2;Intel® QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys [2009-11-16 42192]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-10-29 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-10-29 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-10-29 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-10-29 29696]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 42496]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 VGPU;VGPU; C:\Windows\system32\drivers\VGPU.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-12-16 3247120]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-12-16 289328]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-11-13 108032]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-07-15 786256]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2014-10-26 965776]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-03-02 2143552]
R2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [2014-11-12 1849368]
R2 Winstep Xtreme Service;Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService []
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2013-11-29 1296728]
S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-09 114800]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-29 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
 

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
vProt;s
Wondershare Helper Compact.exe;s
C:\Program Files (x86)\Common Files\Wondershare;fs
Freemake Improver;s
C:\ProgramData\Freemake;fs
Service KMSELDI;s
C:\Program Files\KMSpico;fs
vToolbarUpdater18.1.10;s
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater;fs
Winstep Xtreme Service;s
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\or9i1a1y.default-1415777599621\extensions\avg@toolbar;fs
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\or9i1a1y.default-1415777599621\extensions\fftoolbar2014@etech.com;fs
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\or9i1a1y.default-1415777599621\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB};fs
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\or9i1a1y.default-1415777599621\searchplugins\avg-secure-search.xml;f
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\or9i1a1y.default-1415777599621\searchplugins\webssearches.xml;f
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
""=-,r64
"vProt"=-;r64
“Wondershare Helper Compact.exe"=-;r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
"AppInit_DLLs"=-;r64
C:\zoek_backup;fs
C:\Users\Gebruiker\AppData\Roaming\webssearches;fs
C:\Program Files\shopperz;fs
emptyfolderscheck;delete
startupall;
filesrcm;
  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan
  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.
Zoek.exe logbestand plaatsen
  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Link naar reactie
Delen op andere sites
remo Nieuweling

remo

Geplaatst:
  • Auteur
Geplaatst:

Hallo,

 

Ik heb ook Malwarebytes Anti-maleware gebruikt en die vond geinfecteerde file's.deze heeft die ook verwijderd.Ik hoop dat ik er nu vanaf ben.

 

maar hier het gevraagde logje.

 

Zoek.exe v5.0.0.0 Updated 14-01-2015
Tool run by Gebruiker on do 15-01-2015 at 15:48:44,09.
Microsoft Windows 7 Enterprise  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 15:53:21,30 =====

--- Create Environment Variables 15:53:23,46
--- Checking Input 15:53:31,94
--- AU AppData Check 15:53:38,76
--- Windows Installer List 15:53:43,69
--- Empty Folders Check 15:55:21,75
--- Registry HKLM Software Check 15:55:22,03
--- Quick Launch Shortcut Check 15:55:39,40
--- IE Startpage Check 15:55:43,68
--- Program Files DB Check 15:56:19,01
--- C:\Users\Default\AppData\Roaming DB Check 15:57:15,52
--- C:\Users\Default User\AppData\Roaming DB Check 15:57:15,52
--- C:\Users\Gebruiker\AppData\Roaming DB Check 15:57:15,52
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 15:57:15,52
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 15:57:15,52
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 15:57:15,52
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 15:57:15,52
--- C:\Users\Gebruiker DB Check 15:59:53,14
--- C:\PROGRA~3 DB Check 16:00:12,63
--- C:\Users\Default\AppData\Local DB Check 16:00:18,41
--- C:\Users\Default User\AppData\Local DB Check 16:00:18,41
--- C:\Users\Gebruiker\AppData\Local DB Check 16:00:18,41
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 16:00:18,41
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 16:00:18,41
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 16:00:18,41
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 16:00:18,41
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 16:02:06,65
--- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 16:02:17,92
--- Tasks DB Check 16:02:25,14
--- Downloads DB Check 16:02:29,56
--- C:\Users\Gebruiker\AppData\LocalLow DB Check 16:02:34,72
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 16:02:34,72
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 16:02:34,72
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 16:02:34,72
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 16:02:34,72
--- Tasks2 DB Check 16:03:36,72
--- Documents DB Check 16:04:07,64
--- C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\or9i1a1y.default-1415777599621 DB Check 16:04:15,92
--- C:\Users\Public\Desktop DB Check 16:04:19,27
--- C:\Users\Gebruiker\Desktop DB Check 16:04:25,56
--- Services DB Check 16:04:36,50
--- FF prefs.js DB Check 16:05:05,14
--- Symlinks Check 16:06:01,24
 

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dit is het werkbestand van zoek.exe dat je gepost hebt. Bedoeling is dat je het logje ophaalt zoals hier beschreven:

Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)

Link naar reactie
Delen op andere sites
remo Nieuweling

remo

Geplaatst:
  • Auteur
Geplaatst:

Zoek.exe v5.0.0.0 Updated 14-01-2015
Tool run by Gebruiker on do 15-01-2015 at 15:48:44,09.
Microsoft Windows 7 Enterprise  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-01-15-084343.log    3209 bytes

==== Running Processes ======================

c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\KMSpico\Service_KMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
C:\Program Files (x86)\Winstep\WsxService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Users\Gebruiker\Downloads\zoek.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Windows Installer Info ======================

Adobe Reader XI (11.0.10) - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73401B744BA0000000010]C:\Windows\Installer\15becbb.msi
Adobe Refresh Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA408033019195008120111403]C:\Windows\Installer\31109.msi
Apple Application Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED0FAC38B3D873C46A13B2F861CE0313]C:\Windows\Installer\5a23dc.msi
Apple Mobile Device Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\09699DDB14539164D9A2C3DD3B1EF5E9]C:\Windows\Installer\5a23ea.msi
Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46B5A9879DD95AB419A50FCFA0B1B7EF]C:\Windows\Installer\5a23f1.msi
AVG 2014 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A18D88C697A0134493C6DD75E72A349]C:\Windows\Installer\702e5.msi
AVG 2014 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93FA3E31F7F75E34B9ECAF985AB256E9]C:\Windows\Installer\3ab74.msi
Bonjour  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B0163E6D0340BE4183EB2758E9BEDD8]C:\Windows\Installer\5a23e3.msi
D3DX10  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\6725d9.msi
HP Deskjet 2540 series Basissoftware van het apparaat [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\65241F7A6CD6A8549AD25BEE7F4992BA]C:\Windows\Installer\58d86c.msi
HP Deskjet 2540 series Help [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FCE764059A6FCE046A9476BEF6DA8949]C:\Windows\Installer\58d884.msi
HP Support Solutions Framework [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9CE21D69B027BF5409C4636D03A7C167]C:\Windows\Installer\117b8b.msi
HP Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FC03D219E93F13B4DAA921C3B697E42E]C:\Windows\Installer\58d87c.msi
iTunes  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\19DBBBA25E197DA429A9EF511DCD5067]C:\Windows\Installer\5a23f5.msi
Microsoft .NET Framework 4.5.1 (NLD) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2FA0BBE92DA4ABA359FE79E7EB1ABC90]C:\Windows\Installer\84fda.msi
Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BE4EBED704B66673BB53C5BB3C58AD73]C:\Windows\Installer\3f7eb.msi
Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\Windows\Installer\6725a2.msi
Microsoft Office Access MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109510031400100000000F01FEC]C:\Windows\Installer\13a2a7c.msi
Microsoft Office Excel MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109610031400100000000F01FEC]C:\Windows\Installer\13a2a39.msi
Microsoft Office Groove MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109AB0031400100000000F01FEC]C:\Windows\Installer\13a2a41.msi
Microsoft Office InfoPath MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109440031400100000000F01FEC]C:\Windows\Installer\13a2a94.msi
Microsoft Office Office 32-bit Components 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109340000000100000000F01FEC]C:\Windows\Installer\13a2aaf.msi
Microsoft Office OneNote MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000041091A0031400100000000F01FEC]C:\Windows\Installer\13a2a84.msi
Microsoft Office Outlook MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A10031400100000000F01FEC]C:\Windows\Installer\13a2a4a.msi
Microsoft Office PowerPoint MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109810031400100000000F01FEC]C:\Windows\Installer\13a2a30.msi
Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109110000000100000000F01FEC]C:\Windows\Installer\13a2abb.msi
Microsoft Office Proof (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10031400100000000F01FEC]C:\Windows\Installer\13a2a52.msi
Microsoft Office Proof (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400100000000F01FEC]C:\Windows\Installer\13a2a6a.msi
Microsoft Office Proof (French) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400100000000F01FEC]C:\Windows\Installer\13a2a62.msi
Microsoft Office Proof (German) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10070400100000000F01FEC]C:\Windows\Installer\13a2a5a.msi
Microsoft Office Proofing (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109C20031400100000000F01FEC]C:\Windows\Installer\13a2a72.msi
Microsoft Office Publisher MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109910031400100000000F01FEC]C:\Windows\Installer\13a2a9d.msi
Microsoft Office Shared 32-bit MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109340031400100000000F01FEC]C:\Windows\Installer\13a2a8c.msi
Microsoft Office Shared MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60031400100000000F01FEC]C:\Windows\Installer\13a2a28.msi
Microsoft Office Word MUI (Dutch) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109B10031400100000000F01FEC]C:\Windows\Installer\13a2aa6.msi
Microsoft Security Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C87C2F32131E0AC4F8484337BF7782AB]C:\Windows\Installer\167267.msi
Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]C:\Windows\Installer\485365.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\19a8b9.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\9d70eb.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\9d70f3.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\1adb29.msi
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\ce019.msi
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C025571B2A687A53689168CD7369889B]C:\Windows\Installer\4cc8be.msi
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DC8A59DBF9D1DA5389A1E3975220E6BB]C:\Windows\Installer\4cc8b3.msi
MSVCRT  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\6725d5.msi
Nero 2015 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\87F535875758E6D409AC89A17DAEDBE0]C:\Windows\Installer\11d5aa.msi
Nero Audio Pack 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E2FB0A7ACC133E949931255C30BE69D9]C:\Windows\Installer\11d5ef.msi
Nero Blu-ray Player [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\48B421222B3930642B214166564E6B1B]C:\Windows\Installer\11d5f8.msi
Nero Burning Core [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F69E14BF59EC181449885A109E429087]C:\Windows\Installer\11d7e8.msi
Nero Burning ROM [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FCF6573B3D31B064885D33BC88ECC6AF]C:\Windows\Installer\11d617.msi
Nero BurningROM 2015 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2C553F18F2F9204479761650D4F46534]C:\Windows\Installer\4cc8c3.msi
Nero ControlCenter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\35588CBA077879B44BE3A50946A7B536]C:\Windows\Installer\11d5db.msi
Nero Core Components [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D43EEBEB2A48DDE4B8AE69CC45732136]C:\Windows\Installer\11d5e7.msi
Nero Device Updates [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A46F7ABABEC895B4489D4B9DC8DC234D]C:\Windows\Installer\11d7f1.msi
Nero Disc Menus Basic [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67BCB71E42995DB46B6D053D04B7E447]C:\Windows\Installer\11d601.msi
Nero Disc to Device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6167FB28E8055A4448F814EFC280921F]C:\Windows\Installer\11d6a9.msi
Nero Effects Basic [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\48D76F9207A3E65408A62503B12070B0]C:\Windows\Installer\11d61f.msi
Nero Express [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA16FEE6B0CC71943A2F7909C21D0137]C:\Windows\Installer\11d63b.msi
Nero Info [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA0E197B9A784A14D8891DC3E2739D82]C:\Windows\Installer\4cc911.msi
Nero Kwik Themes Basic [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\15E5F6B1E5753964CB2A573475D070D6]C:\Windows\Installer\11d60a.msi
Nero Launcher [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\938087D979E6A2E45A7F17A12F126B90]C:\Windows\Installer\11d6a1.msi
Nero MediaHome [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C8DAFC2678A4F094597F1DE07D05A10D]C:\Windows\Installer\11d644.msi
Nero PiP Effects Basic [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\05D94ECADC916A441B29649F5882B362]C:\Windows\Installer\11d628.msi
Nero Recode [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A05A41B6F9838264EB96CD6521F289B2]C:\Windows\Installer\11d656.msi
Nero RescueAgent [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\06B5CB8307E4A074EA670EC65107C086]C:\Windows\Installer\11d64d.msi
Nero SharedVideoCodecs [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\985E2342652631540BFBFE8A3E525D0F]C:\Windows\Installer\4cc8ef.msi
Nero Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7040BB568CC47CD459E2E3FEFD5006A2]C:\Windows\Installer\496776.msi
Nero Video [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6D406FA8EB9EF5458E51BFA31EB8EC8]C:\Windows\Installer\11d65f.msi
Nero Video Samples [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\821B6C5004B15944C99B90B063B8AFA0]C:\Windows\Installer\11d668.msi
Prerequisite installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\63AFA9975AE432346898470C66542AB6]C:\Windows\Installer\11d633.msi
Productverbeteringsonderzoek voor HP Deskjet 2540 series [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2A88BF806BF328E4DA5593E3AB0D9E76]C:\Windows\Installer\58d874.msi
SkypeT 7.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0AB19942EE0FDA44C98CE55CA0CE6F7B]C:\Windows\Installer\edd0d6.msi
TuneUp Utilities 2012 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AEC463235587C3A46B47358D9E9B9763]C:\Windows\Installer\10b406.msi
TuneUp Utilities Language Pack (nl-NL) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0710902A6B076D04B83440CECD46E16A]C:\Windows\Installer\10b402.msi
Visual Studio 2012 x64 Redistributables [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\07E577C8197A8AD4CB3CA67B31F64448]C:\Windows\Installer\16e6d5.msi
Visual Studio 2012 x86 Redistributables [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A91FFE89BA03B4E49B340FB6C136BE8F]C:\Windows\Installer\16e6cd.msi
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D04254D3B6B9FF42B3445CE3E1E0066]C:\Windows\Installer\6725ea.msi
Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B53C70A248384AD4A95944B2C6980A37]C:\Windows\Installer\672610.msi
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BFF8CCA148D950C44AED2DA8B99C6189]C:\Windows\Installer\67259e.msi
Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F132F0B0A6ECD384AA32773B467F9571]C:\Windows\Installer\6725bd.msi
Windows Live Language Selector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8888C0811F05B6249ACDBA381A89C956]C:\Windows\Installer\6725a6.msi
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B292C385A83B0447A137070E0186AF4]C:\Windows\Installer\6725fa.msi
Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4E3B286A696ED244AC1C470AE61874B]C:\Windows\Installer\6725e1.msi
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26CEF00243C306D4C98ECE73E2100CF8]C:\Windows\Installer\6725dd.msi
Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E97A59ECCF4EFFF4A857920FB449F22F]C:\Windows\Installer\6725aa.msi
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9FC52F6D78E4BE343B421CB29EDC6D86]C:\Windows\Installer\672606.msi

==== Empty Folders Check ======================

C:\PROGRA~2\%APPDATA% deleted successfully
C:\PROGRA~2\InstallShield Installation Information deleted successfully
C:\Users\Gebruiker\AppData\Roaming\FirefoxToolbar deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Systweak deleted successfully
C:\Users\Gebruiker\AppData\Roaming\WebExtend deleted successfully
 

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Dit is slechts een gedeelte van het (correcte) logje. Ofwel heb je slechts een beperkt deel gekopieerd, ofwel heb je zoek.exe niet lang genoeg zijn werk laten doen. Bekijk eens of dit log nog meer info bevat ? Zo niet, start dan de procedure van zoek.exe opnieuw op en wacht lang genoeg tot je een volledig log hebt bekomen. Hou er rekening mee dat dit - afhankelijk van de inhoud van de PC - een behoorlijk lange tijd in beslag kan nemen. Succes ermee ;)

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.