pop-us virus? (2)

  • Annemieke

    Hallo Virus hulp,

    Ik krijg aldoor pop-ups met allerlei meldingen waaronder dat mijn computer binnekort crasht, hopelijk kunnen jullie me helpen.

    Groetjes Annemieke

    info.txt logfile of random's system information tool 1.09 2014-04-08 18:16:16

    ======Uninstall list======

    Update for Microsoft Office 2007 (KB2508958)–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

    Aangifte inkomstenbelasting 2010–>C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2010\ib2010u.exe

    Aangifte inkomstenbelasting 2011–>C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2011\ib2011u.exe

    Aangifte inkomstenbelasting 2012–>C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2012\ib2012u.exe

    Aangifte inkomstenbelasting 2013–>C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013u.exe

    ABBYY FineReader 9.0 Sprint–>MsiExec.exe /I {F9000000-0018-0000-0000-074957833700}

    ABBYY FineReader 9.0 Sprint–>MsiExec.exe /X{F9000000-0018-0000-0000-074957833700}

    Adobe Flash Player 12 ActiveX–>C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe -maintain activex

    Adobe Flash Player 12 Plugin–>C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe -maintain plugin

    Adobe Reader X (10.1.9) - Nederlands–>MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AA1000000001}

    Advertising Center–>MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}

    AMD Drag and Drop Transcoding–>MsiExec.exe /X{71D5559C-85E5-5206-3B1C-A8A9DDDE4AC9}

    Apple Application Support–>MsiExec.exe /I{B3575D00-27EF-49C2-B9E0-14B3D954E992}

    Apple Mobile Device Support–>MsiExec.exe /I{C23CD6DA-1958-43A5-ADD0-59396572E02E}

    Apple Software Update–>MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

    ATI Catalyst Install Manager–>msiexec /q/x{0FEA9A38-B993-0969-3A78-4D5CDDACEFEE} REBOOT=ReallySuppress

    avast! Free Antivirus–>C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall

    Bonjour–>MsiExec.exe /X{D03482C5-9AD8-496D-B388-692AE04C93AF}

    Canon MG3100 series MP Drivers–>“C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series\DelDrv.exe” /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series /L0x0013

    Catalyst Control Center - Branding–>MsiExec.exe /I{87323561-58BA-4D5B-BADA-A791B69D1705}

    CCleaner–>“C:\Program Files\CCleaner\uninst.exe”

    CDBurnerXP–>“C:\Program Files\CDBurnerXP\unins000.exe”

    CloudReading–>“C:\Users\Gebruiker\AppData\Roaming\Foxit Software\Foxit Cloud\Reader\unins000.exe”

    Complément Messenger–>MsiExec.exe /I{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

    Contrôle ActiveX Windows Live Mesh pour connexions à distance–>MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3}

    D3DX10–>MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}

    DolbyFiles–>MsiExec.exe /X{b1adf008-e898-4fe2-8a1f-690d9a06acaf}

    Epson Easy Photo Print 2–>C:\Program Files\InstallShield Installation Information\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}\SETUP.EXE -runfromtemp -l0x0013 UNINST -removeonly

    Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)–>C:\Program Files\InstallShield Installation Information\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}\setup.exe -runfromtemp -l0x0013 -removeonly

    Epson Event Manager–>MsiExec.exe /X{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}

    EPSON Scan–>C:\Program Files\epson\escndv\setup\setup.exe /r

    EPSON SX125 Series Handboek–>“C:\Program Files\Epson\TpManual\EPSON SX125 Series\nl\Useg\DocUnins.exe”

    Fotosizer 2.00.0.529–>C:\Program Files\Fotosizer\uninst.exe

    Foxit Reader–>“C:\Program Files\Foxit Software\Foxit Reader\unins000.exe”

    Galerie de photos Windows Live–>MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}

    Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

    Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2548139)–>c:\Windows\system32\msiexec.exe /package {85076DFF-7A17-3566-9CC0-488E6E6D4494} /uninstall {40BA5965-82C8-3220-BAFA-B247A761053C} /qb+ REBOOTPROMPT=“”

    Hotfix for Microsoft Visual Web Developer 2010 Express - ENU (KB2635973)–>c:\Windows\system32\msiexec.exe /package {85076DFF-7A17-3566-9CC0-488E6E6D4494} /uninstall {A003ADF2-C209-378D-959B-4D93E75FD7A5} /qb+ REBOOTPROMPT=“”

    InCD Help–>MsiExec.exe /X{b86754dd-2ddb-4ac0-9015-cb487277254e}

    iTunes–>MsiExec.exe /I{69995C7A-062A-4A90-A4DF-8C22895DF522}

    Java(TM) 6 Update 30–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216030FF}

    Junk Mail filter update–>MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

    Malwarebytes Anti-Malware versie 2.0.1.1004–>“C:\Program Files\Malwarebytes Anti-Malware\unins000.exe”

    McAfee Security Scan Plus–>“C:\Program Files\McAfee Security Scan\uninstall.exe”

    Mesh Runtime–>MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}

    Messenger Companion–>MsiExec.exe /I{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}

    Messenger Companion–>MsiExec.exe /I{50816F92-1652-4A7C-B9BC-48F682742C4B}

    Messenger Companion–>MsiExec.exe /I{8142D25E-028A-4563-86ED-5755783C8029}

    Microsoft .NET Framework 4 Multi-Targeting Pack–>MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}

    Microsoft .NET Framework 4.5.1 (Nederlands)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\NLD\\Setup.exe /repair /x86 /lcid 1043

    Microsoft .NET Framework 4.5.1 (NLD)–>MsiExec.exe /X{1A91D86E-3124-3574-A4BF-406761265CFA}

    Microsoft .NET Framework 4.5.1–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86

    Microsoft .NET Framework 4.5.1–>MsiExec.exe /X{4903D172-DCCB-392F-93A3-34CA9D47FE3D}

    Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools–>MsiExec.exe /X{5BDFAB82-060E-438B-AB4F-A2331B2294C0}

    Microsoft ASP.NET MVC 2–>MsiExec.exe /X{1803A630-3C38-4D2B-9B9A-0CB37243539C}

    Microsoft F# Runtime for Silverlight 4–>MsiExec.exe /I{27B6D024-FD7E-4A88-BC17-5AFBE33EC072}

    Microsoft Help Viewer 1.1–>c:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.1\install.exe

    Microsoft Help Viewer 1.1–>MsiExec.exe /X{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

    Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}

    Microsoft Office Access MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}

    Microsoft Office Enterprise 2007–>“C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” /uninstall ENTERPRISER /dll OSETUP.DLL

    Microsoft Office Enterprise 2007–>MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}

    Microsoft Office Excel MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}

    Microsoft Office Groove MUI (Dutch) 2007–>MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE}

    Microsoft Office InfoPath MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}

    Microsoft Office OneNote MUI (Dutch) 2007–>MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}

    Microsoft Office Outlook MUI (Dutch) 2007–>MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}

    Microsoft Office PowerPoint MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}

    Microsoft Office Proof (Dutch) 2007–>MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

    Microsoft Office Proof (English) 2007–>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

    Microsoft Office Proof (French) 2007–>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

    Microsoft Office Proof (German) 2007–>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

    Microsoft Office Proofing (Dutch) 2007–>MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}

    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}

    Microsoft Office Publisher MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}

    Microsoft Office Shared MUI (Dutch) 2007–>MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}

    Microsoft Office Word MUI (Dutch) 2007–>MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}

    Microsoft Silverlight 3 SDK–>MsiExec.exe /X{2012098D-EEE9-4769-8DD3-B038050854D4}

    Microsoft Silverlight 4 SDK–>MsiExec.exe /X{05855322-BE43-41FE-B583-D3AE0C326D58}

    Microsoft Silverlight 4 Toolkit April 2010–>MsiExec.exe /I{2DDCCEA5-2AA4-4ABB-BCAD-41BB115A4333}

    Microsoft Silverlight Tools for Visual Studio 2010–>MsiExec.exe /X{558358E5-E4F3-4374-BA1D-26FF39EF87D9}

    Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

    Microsoft SQL Server 2005 Compact Edition –>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

    Microsoft SQL Server 2008 R2 Management Objects–>MsiExec.exe /I{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}

    Microsoft SQL Server 2008 R2 Native Client–>MsiExec.exe /I{185292F7-7C0A-4F72-B2CC-CBEBD40B050E}

    Microsoft SQL Server 2008 R2 RsFx Driver–>MsiExec.exe /I{93968FB2-C67A-4A9B-80C2-5D4D9393058E}

    Microsoft SQL Server 2008 R2 Setup (English)–>MsiExec.exe /X{48B08845-0CB0-45EC-893C-15319ADDA312}

    Microsoft SQL Server 2008 R2–>“c:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\SQLServer2008R2\x86\SetupARP.exe” /x86

    Microsoft SQL Server 2008 R2–>“c:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\SQLServer2008R2\x86\SetupARP.exe” /X86

    Microsoft SQL Server 2008 Setup Support Files –>MsiExec.exe /X{D441BD04-E548-4F8E-97A4-1B66135BAAA8}

    Microsoft SQL Server Browser–>MsiExec.exe /X{BF9BF038-FE03-429D-9B26-2FA0FD756052}

    Microsoft SQL Server Database Publishing Wizard 1.4–>MsiExec.exe /I{ACE28263-76A4-4BF5-B6F4-8BD719595969}

    Microsoft SQL Server System CLR Types–>MsiExec.exe /I{877B76B2-F83F-4F5A-B28D-3F398641ADB6}

    Microsoft SQL Server VSS Writer–>MsiExec.exe /I{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}

    Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570–>MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161–>MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219–>MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219–>MsiExec.exe /X{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}

    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools–>MsiExec.exe /X{14DD7530-CCD2-3798-B37D-3839ED6A441C}

    Microsoft Visual Studio 2010 Service Pack 1–>C:\ProgramData\VS\vs10sp1\SetupCache\Setup.exe

    Microsoft Visual Studio 2010 Service Pack 1–>MsiExec.exe /X{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}

    Microsoft Visual Studio 2010 Tools for Office Runtime (x86)–>c:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)\install.exe

    Microsoft Visual Studio 2010 Tools for Office Runtime (x86)–>MsiExec.exe /X{A0FE0292-D3BE-3447-80F2-72E032A54875}

    Microsoft Visual Web Developer 2010 Express - ENU–>c:\Program Files\Microsoft Visual Studio 10.0\Microsoft Visual Web Developer 2010 Express - ENU\setup.exe

    Microsoft Visual Web Developer 2010 Express - ENU–>MsiExec.exe /X{85076DFF-7A17-3566-9CC0-488E6E6D4494}

    Microsoft Web Platform Installer 3.0–>MsiExec.exe /X{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}

    Mozilla Firefox 28.0 (x86 nl)–>“C:\Program Files\Mozilla Firefox\uninstall\helper.exe”

    Mozilla Maintenance Service–>“C:\Program Files\Mozilla Maintenance Service\uninstall.exe”

    MSVCRT–>MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

    MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

    MSXML 4.0 SP2 (KB973688)–>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

    MyTomTom 3.1.0.530–>C:\Program Files\MyTomTom 3\Uninstall MyTomTom3.exe

    Nero 9 Essentials–>C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER=“2M0M-K08C-2LTT-MKWH-MM4K-6767-6TT9-C0XM-U6EE-P288-08EX-HU66-4602-2WM2-0LCE-M69L-L0CA-225W-213L-392Z-4UA0-1U89-3T7H-884M-774W-3C00”

    Nero BurnRights Help–>MsiExec.exe /X{f6bdd7c5-89ed-4569-9318-469aa9732572}

    Nero BurnRights–>MsiExec.exe /X{7829db6f-a066-4e40-8912-cb07887c20bb}

    Nero ControlCenter–>MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}

    Nero ControlCenter–>MsiExec.exe /X{f4041dce-3fe1-4e18-8a9e-9de65231ee36}

    Nero CoverDesigner Help–>MsiExec.exe /X{ce96f5a5-584d-4f8f-aa3e-9baed413db72}

    Nero CoverDesigner–>MsiExec.exe /X{62ac81f6-bdd3-4110-9d36-3e9eaab40999}

    Nero Disc Copy Gadget Help–>MsiExec.exe /X{60c731fb-c951-41ce-ad41-8e54c8594609}

    Nero Disc Copy Gadget–>MsiExec.exe /X{f1861f30-3419-44db-b2a1-c274825698b3}

    Nero DiscSpeed Help–>MsiExec.exe /X{cc019e3f-59d2-4486-8d4b-878105b62a71}

    Nero DiscSpeed–>MsiExec.exe /X{869200db-287a-4dc0-b02b-2b6787fbcd4c}

    Nero DriveSpeed Help–>MsiExec.exe /X{e5c7d048-f9b4-4219-b323-8bdb01a2563d}

    Nero DriveSpeed–>MsiExec.exe /X{33cf58f5-48d8-4575-83d6-96f574e4d83a}

    Nero Express Help–>MsiExec.exe /X{83202942-84b3-4c50-8622-b8c0aa2d2885}

    Nero InfoTool Help–>MsiExec.exe /X{20400dbd-e6db-45b8-9b6b-1dd7033818ec}

    Nero InfoTool–>MsiExec.exe /X{fbcdfd61-7dcf-4e71-9226-873ba0053139}

    Nero Installer–>MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}

    Nero Online Upgrade–>MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}

    Nero PhotoSnap Help–>MsiExec.exe /X{1c00c7c5-e615-4139-b817-7f4003de68c0}

    Nero PhotoSnap–>MsiExec.exe /X{9e82b934-9a25-445b-b8df-8012808074ac}

    Nero Recode Help–>MsiExec.exe /X{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}

    Nero Recode–>MsiExec.exe /X{359cfc0a-beb1-440d-95ba-cf63a86da34f}

    Nero ShowTime–>MsiExec.exe /X{02627ee5-eaca-4742-a9cc-e687631773e4}

    Nero ShowTime–>MsiExec.exe /X{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}

    Nero StartSmart Help–>MsiExec.exe /X{2348b586-c9ae-46ce-936c-a68e9426e214}

    Nero StartSmart OEM–>MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}

    Nero StartSmart–>MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}

    Nero Vision Help–>MsiExec.exe /X{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}

    Nero Vision–>MsiExec.exe /X{43e39830-1826-415d-8bae-86845787b54b}

    NeroExpress–>MsiExec.exe /X{595a3116-40bb-4e0f-a2e8-d7951da56270}

    neroxml–>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

    NVIDIA Display Control Panel–>C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel

    NVIDIA Drivers–>C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI

    OpenOffice.org 3.2–>MsiExec.exe /I{19AAE765-632C-498A-9948-379E02CF8472}

    Printer EPSON SX125 Series verwijderen–>C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSGGE.EXE /R /APD /P:“EPSON SX125 Series”

    PVSonyDll–>MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}

    QuickTime–>MsiExec.exe /I{C9E14402-3631-4182-B377-6B0DFB1C0339}

    Realtek High Definition Audio Driver–>C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709

    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8086EDC0-3409-3560-B108-44FC46882443}

    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {FED9B2BC-E6D7-3409-B4C9-99AF8AC65725}

    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}

    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}

    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}

    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}

    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}

    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}

    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}

    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}

    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}

    Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition –>msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {02AF2AA9-6FFA-47D7-BDBB-42B3A8AD8616}

    Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}

    Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}

    Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {B7112510-2575-4BA4-A576-78BF8A6307BC}

    Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D}

    Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {1A0CA3FF-2BB8-4CF8-A5A9-9B314260C327}

    Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}

    Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958}

    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}

    Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {12A1DD97-E9A1-4370-837E-D1BBD088584B}

    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}

    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}

    Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {9D689455-5858-4AE4-A3CA-6E4149FE3F70}

    Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition –>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {8A8710F9-C828-440A-A2A7-2FCE899B7D99}

    Service Pack 1 for SQL Server 2008 R2 (KB2528583)–>“c:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB2528583\ServicePack\setup.exe” /Action=RemovePatch /AllInstances

    SQL Server 2008 R2 SP1 Common Files–>MsiExec.exe /I{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}

    SQL Server 2008 R2 SP1 Common Files–>MsiExec.exe /I{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}

    SQL Server 2008 R2 SP1 Database Engine Services–>MsiExec.exe /I{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}

    SQL Server 2008 R2 SP1 Database Engine Services–>MsiExec.exe /I{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}

    SQL Server 2008 R2 SP1 Database Engine Shared–>MsiExec.exe /I{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}

    SQL Server 2008 R2 SP1 Database Engine Shared–>MsiExec.exe /I{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}

    Sql Server Customer Experience Improvement Program–>MsiExec.exe /I{93998800-1608-403F-9A51-420A77D23C25}

    Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD–>c:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD\install.exe

    Three Ships Browser Plugin–>MsiExec.exe /I{D4A2957D-5113-4722-A0A3-E7D0BF85D5D4}

    Update for 2007 Microsoft Office System (KB967642)–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}

    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}

    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}

    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}

    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition–>msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {F8564AF8-30AE-4427-ACF3-69714E1BB656}

    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition–>msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}

    Update voor Microsoft Office Excel 2007 Help (KB963678)–>msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}

    Update voor Microsoft Office Powerpoint 2007 Help (KB963669)–>msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}

    Update voor Microsoft Office Word 2007 Help (KB963665)–>msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}

    Visual Studio C++ 10.0 Runtime–>MsiExec.exe /I{4412F224-3849-4461-A3E9-DEEF8D252790}

    VLC media player 1.1.4–>C:\Program Files\VideoLAN\VLC\uninstall.exe

    WCF RIA Services V1.0 SP1–>MsiExec.exe /X{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}

    Web Deployment Tool–>MsiExec.exe /I{0F37D969-1260-419E-B308-EF7D29ABDE20}

    Windows Live Communications Platform–>MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}

    Windows Live Essentials–>C:\Program Files\Windows Live\Installer\wlarp.exe

    Windows Live Essentials–>MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}

    Windows Live Essentials–>MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}

    Windows Live Essentials–>MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}

    Windows Live Family Safety–>MsiExec.exe /I{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}

    Windows Live Family Safety–>MsiExec.exe /I{9C05B2CC-68D0-4B46-A9C8-40CC4BF10C33}

    Windows Live Family Safety–>MsiExec.exe /I{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}

    Windows Live Family Safety–>MsiExec.exe /I{F5A4F780-DF0C-444F-BA82-637CCF5C8052}

    Windows Live Family Safety–>MsiExec.exe /X{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}

    Windows Live Fotogalerie–>MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}

    Windows Live ID Sign-in Assistant–>MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}

    Windows Live Installer–>MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}

    Windows Live Mail–>MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}

    Windows Live Mail–>MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

    Windows Live Mail–>MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}

    Windows Live Mail–>MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}

    Windows Live Mail–>MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}

    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen–>MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F}

    Windows Live Mesh ActiveX Control for Remote Connections–>MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}

    Windows Live Mesh ActiveX control for remote connections–>MsiExec.exe /I{C5398A89-516C-4DAF-BA07-EE7949090E56}

    Windows Live Mesh–>MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}

    Windows Live Mesh–>MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

    Windows Live Mesh–>MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}

    Windows Live Mesh–>MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}

    Windows Live Mesh–>MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}

    Windows Live Messenger Companion Core–>MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

    Windows Live Messenger–>MsiExec.exe /X{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}

    Windows Live Messenger–>MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}

    Windows Live Messenger–>MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27}

    Windows Live Messenger–>MsiExec.exe /X{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}

    Windows Live Messenger–>MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}

    Windows Live MIME IFilter–>MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}

    Windows Live Movie Maker–>MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}

    Windows Live Movie Maker–>MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

    Windows Live Movie Maker–>MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}

    Windows Live Movie Maker–>MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}

    Windows Live Movie Maker–>MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83}

    Windows Live Photo Common–>MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}

    Windows Live Photo Common–>MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

    Windows Live Photo Common–>MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}

    Windows Live Photo Common–>MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}

    Windows Live Photo Common–>MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}

    Windows Live Photo Gallery–>MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}

    Windows Live Photo Gallery–>MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}

    Windows Live Photo Gallery–>MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}

    Windows Live PIMT Platform–>MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}

    Windows Live Remote Client Resources–>MsiExec.exe /I{02602409-9189-4567-BC07-562605243B69}

    Windows Live Remote Client Resources–>MsiExec.exe /I{464B3406-A4D0-4914-910F-7CA4380DCC13}

    Windows Live Remote Client Resources–>MsiExec.exe /I{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}

    Windows Live Remote Client Resources–>MsiExec.exe /I{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}

    Windows Live Remote Client–>MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}

    Windows Live Remote Service Resources–>MsiExec.exe /I{17504ED4-DB08-40A8-81C2-27D8C01581DA}

    Windows Live Remote Service Resources–>MsiExec.exe /I{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}

    Windows Live Remote Service Resources–>MsiExec.exe /I{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}

    Windows Live Remote Service Resources–>MsiExec.exe /I{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}

    Windows Live Remote Service–>MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}

    Windows Live SOXE Definitions–>MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}

    Windows Live SOXE–>MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}

    Windows Live UX Platform Language Pack–>MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}

    Windows Live UX Platform Language Pack–>MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}

    Windows Live UX Platform Language Pack–>MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}

    Windows Live UX Platform Language Pack–>MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}

    Windows Live UX Platform–>MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

    Windows Live Writer Resources–>MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}

    Windows Live Writer Resources–>MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}

    Windows Live Writer Resources–>MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}

    Windows Live Writer Resources–>MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}

    Windows Live Writer–>MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}

    Windows Live Writer–>MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}

    Windows Live Writer–>MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}

    Windows Live Writer–>MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}

    Windows Live Writer–>MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

    Windows Live Writer–>MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}

    Windows Live–>MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

    Windows Mobile Device Updater Component–>MsiExec.exe /X{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}

    Windows Movie Maker 2.6–>MsiExec.exe /X{B3DAF54F-DB25-4586-9EF1-96D24BB14088}

    Windows Phone app for desktop–>MsiExec.exe /X{9FAD9E80-F540-4ED9-930E-35CF40B14701}

    WinRAR–>C:\Program Files\WinRAR\uninstall.exe

    Workspace Macro 4.6–>“C:\Program Files\Workspace Macro 4.6\Uninstall.exe” “C:\Program Files\Workspace Macro 4.6\install.log”

    Zune Language Pack (CHS)–>MsiExec.exe /X{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}

    Zune Language Pack (CHT)–>MsiExec.exe /X{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}

    Zune Language Pack (CSY)–>MsiExec.exe /X{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}

    Zune Language Pack (DAN)–>MsiExec.exe /X{8B112338-2B08-4851-AF84-E7CAD74CEB32}

    Zune Language Pack (DEU)–>MsiExec.exe /X{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}

    Zune Language Pack (ELL)–>MsiExec.exe /X{3589A659-F732-4E65-A89A-5438C332E59D}

    Zune Language Pack (ESP)–>MsiExec.exe /X{6B33492E-FBBC-4EC3-8738-09E16E395A10}

    Zune Language Pack (FIN)–>MsiExec.exe /X{B4870774-5F3A-46D9-9DFE-06FB5599E26B}

    Zune Language Pack (FRA)–>MsiExec.exe /X{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}

    Zune Language Pack (HUN)–>MsiExec.exe /X{C6BE19C6-B102-4038-B2A6-1C313872DBB4}

    Zune Language Pack (IND)–>MsiExec.exe /X{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}

    Zune Language Pack (ITA)–>MsiExec.exe /X{C5D37FFA-7483-410B-982B-91E93FD3B7DA}

    Zune Language Pack (JPN)–>MsiExec.exe /X{D8A781C9-3892-4E2E-9320-480CF896CFBB}

    Zune Language Pack (KOR)–>MsiExec.exe /X{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}

    Zune Language Pack (MSL)–>MsiExec.exe /X{76BA306B-2AA0-47C0-AB6B-F313AB56C136}

    Zune Language Pack (NLD)–>MsiExec.exe /X{6740BCB0-5863-47F4-80F4-44F394DE4FE2}

    Zune Language Pack (NOR)–>MsiExec.exe /X{5DEFD397-4012-46C3-B6DA-E8013E660772}

    Zune Language Pack (PLK)–>MsiExec.exe /X{8960A0A1-BB5A-479E-92CF-65AB9D684B43}

    Zune Language Pack (PTB)–>MsiExec.exe /X{07EEE598-5F21-4B57-B40B-46592625B3D9}

    Zune Language Pack (PTG)–>MsiExec.exe /X{5C93E291-A1CC-4E51-85C6-E194209FCDB4}

    Zune Language Pack (RUS)–>MsiExec.exe /X{57C51D56-B287-4C11-9192-EC3C46EF76A4}

    Zune Language Pack (SVE)–>MsiExec.exe /X{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}

    Zune–>C:\Program Files\Zune\ZuneSetup.exe /x

    Zune–>MsiExec.exe /X{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}

    ======System event log======

    Computer Name: Gebruiker-WDBPC

    Event Code: 7036

    Message: De WinHTTP Web Proxy Auto-Discovery Service-service heeft nu de status gestopt.

    Record Number: 442602

    Source Name: Service Control Manager

    Time Written: 20131228030024.572821-000

    Event Type: Informatie

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 7036

    Message: De Adobe Flash Player Update Service-service heeft nu de status gestopt.

    Record Number: 442601

    Source Name: Service Control Manager

    Time Written: 20131228024700.182307-000

    Event Type: Informatie

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 7036

    Message: De Adobe Flash Player Update Service-service heeft nu de status wordt uitgevoerd.

    Record Number: 442600

    Source Name: Service Control Manager

    Time Written: 20131228024700.182307-000

    Event Type: Informatie

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 7036

    Message: De WinHTTP Web Proxy Auto-Discovery Service-service heeft nu de status wordt uitgevoerd.

    Record Number: 442599

    Source Name: Service Control Manager

    Time Written: 20131228024354.563181-000

    Event Type: Informatie

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 7036

    Message: De WinHTTP Web Proxy Auto-Discovery Service-service heeft nu de status gestopt.

    Record Number: 442598

    Source Name: Service Control Manager

    Time Written: 20131228022952.371301-000

    Event Type: Informatie

    User:

    =====Application event log=====

    Computer Name: Gebruiker-WDBPC

    Event Code: 1003

    Message: De statuscontrole van de licentie door de Software Protection-service is voltooid.

    Id van toepassing=55c92734-d682-4d71-983e-d6ec3f16059f

    Licentiestatus=

    1: 01f5fc37-a99e-45c5-b65e-d762f3518ead, 1, 0 [(0 , )(1 )(2 )]

    2: 2e7d060d-4714-40f2-9896-1e4f15b612ad, 1, 0 [(0 , )(1 )(2 )]

    3: 3b965dfc-31d9-4903-886f-873a0382776c, 1, 0 [(0 , )(1 )(2 )]

    4: 586bc076-c93d-429a-afe5-a69fbc644e88, 1, 0 [(0 , )(1 )(2 )]

    5: 5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f, 1, 0 [(0 , )(1 )(2 )]

    6: 5e35dc43-389b-47c5-b889-2088b06738cb, 1, 0 [(0 , )(1 )(2 )]

    7: 6a7d5d8a-92af-4e6a-af4b-8fddaec800e5, 1, 0 [(0 , )(1 )(2 )]

    8: 9ab82e0c-ffc9-4107-baa1-c65a8bd3ccc3, 1, 0 [(0 , )(1 )(2 )]

    9: 9f83d90f-a151-4665-ae69-30b3f63ec659, 1, 1 [(0 , )(1 )(2 )]

    10: a63275f4-530c-48a7-b0d3-4f00d688d151, 1, 0 [(0 , )(1 )(2 )]

    11: b8a4bb91-69b1-460d-93f8-40e0670af04a, 1, 0 [(0 , )(1 )(2 )]

    12: d2c04e90-c3dd-4260-b0f3-f845f5d27d64, 1, 0 [(0 , )(1 )(2 )]

    13: e68b141f-4dfa-4387-b3b7-e65c4889216e, 1, 0 [(0 , )(1 )(2 )]

    14: ee4e1629-bcdc-4b42-a68f-b92e135f78d7, 1, 0 [(0 , )(1 )(2 )]

    15: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 , )(1 )(2 )]

    16: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 , )(1 )(2 )]

    Record Number: 31548

    Source Name: Microsoft-Windows-Security-SPP

    Time Written: 20111113193531.000000-000

    Event Type: Informatie

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 1066

    Message: Initialisatiestatus voor serviceobjecten.

    C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000

    C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000

    C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/2005, 0x00000000, 0x00000000

    C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000

    C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000

    C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/licenserenewal/1.0, 0x00000000, 0x00000000

    Record Number: 31547

    Source Name: Microsoft-Windows-Security-SPP

    Time Written: 20111113193531.000000-000

    Event Type: Informatie

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 1

    Message: De Windows Security Center-service is gestart.

    Record Number: 31546

    Source Name: SecurityCenter

    Time Written: 20111113193529.000000-000

    Event Type: Informatie

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 900

    Message: De Software Protection-service wordt gestart.

    Record Number: 31545

    Source Name: Microsoft-Windows-Security-SPP

    Time Written: 20111113193526.000000-000

    Event Type: Informatie

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 1003

    Message: De Windows Search-service is gestart.

    Record Number: 31544

    Source Name: Microsoft-Windows-Search

    Time Written: 20111113193342.000000-000

    Event Type: Informatie

    User:

    =====Security event log=====

    Computer Name: Gebruiker-WDBPC

    Event Code: 5058

    Message: Bewerking sleutelbestand.

    Onderwerp:

    Beveiligings-id: S-1-5-19

    Accountnaam: LOCAL SERVICE

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e5

    Cryptografieparameters:

    Naam provider: Microsoft Software Key Storage Provider

    Naam algoritme: Niet beschikbaar

    Sleutelnaam: 15d3423b-98d9-4ad6-b809-877c8bd0a240

    Sleuteltype: Computersleutel.

    Gegevens over bewerking:

    Pad naar bestand: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\09fb936c68f34488634960e6e47a15c3_50e52602-f4af-4dca-8420-fc679d16e09e

    Bewerking: Blijvende sleutel uit bestand lezen.

    Retourcode: 0x0

    Record Number: 260756

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20130328205305.875726-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 5061

    Message: Cryptografische bewerking.

    Onderwerp:

    Beveiligings-id: S-1-5-19

    Accountnaam: LOCAL SERVICE

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e5

    Cryptografieparameters:

    Naam provider: Microsoft Software Key Storage Provider

    Naam algoritme: RSA

    Sleutelnaam: 15d3423b-98d9-4ad6-b809-877c8bd0a240

    Sleuteltype: Computersleutel.

    Cryptografische bewerking:

    Bewerking: Sleutel openen.

    Retourcode: 0x0

    Record Number: 260755

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20130328204816.058417-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 5058

    Message: Bewerking sleutelbestand.

    Onderwerp:

    Beveiligings-id: S-1-5-19

    Accountnaam: LOCAL SERVICE

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e5

    Cryptografieparameters:

    Naam provider: Microsoft Software Key Storage Provider

    Naam algoritme: Niet beschikbaar

    Sleutelnaam: 15d3423b-98d9-4ad6-b809-877c8bd0a240

    Sleuteltype: Computersleutel.

    Gegevens over bewerking:

    Pad naar bestand: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\09fb936c68f34488634960e6e47a15c3_50e52602-f4af-4dca-8420-fc679d16e09e

    Bewerking: Blijvende sleutel uit bestand lezen.

    Retourcode: 0x0

    Record Number: 260754

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20130328204816.058417-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 5061

    Message: Cryptografische bewerking.

    Onderwerp:

    Beveiligings-id: S-1-5-19

    Accountnaam: LOCAL SERVICE

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e5

    Cryptografieparameters:

    Naam provider: Microsoft Software Key Storage Provider

    Naam algoritme: RSA

    Sleutelnaam: 15d3423b-98d9-4ad6-b809-877c8bd0a240

    Sleuteltype: Computersleutel.

    Cryptografische bewerking:

    Bewerking: Sleutel openen.

    Retourcode: 0x0

    Record Number: 260753

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20130328204315.976290-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Gebruiker-WDBPC

    Event Code: 5058

    Message: Bewerking sleutelbestand.

    Onderwerp:

    Beveiligings-id: S-1-5-19

    Accountnaam: LOCAL SERVICE

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e5

    Cryptografieparameters:

    Naam provider: Microsoft Software Key Storage Provider

    Naam algoritme: Niet beschikbaar

    Sleutelnaam: 15d3423b-98d9-4ad6-b809-877c8bd0a240

    Sleuteltype: Computersleutel.

    Gegevens over bewerking:

    Pad naar bestand: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\09fb936c68f34488634960e6e47a15c3_50e52602-f4af-4dca-8420-fc679d16e09e

    Bewerking: Blijvende sleutel uit bestand lezen.

    Retourcode: 0x0

    Record Number: 260752

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20130328204315.976290-000

    Event Type: Controle geslaagd

    User:

    ======Environment variables======

    “ComSpec”=%SystemRoot%\system32\cmd.exe

    “FP_NO_HOST_CHECK”=NO

    “OS”=Windows_NT

    “Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Windows Live\Shared;;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem;c:\Program Files\Microsoft SQL Server\100\Tools\Binn;c:\Program Files\Microsoft SQL Server\100\DTS\Binn

    “PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

    “PROCESSOR_ARCHITECTURE”=x86

    “TEMP”=%SystemRoot%\TEMP

    “TMP”=%SystemRoot%\TEMP

    “USERNAME”=SYSTEM

    “windir”=%SystemRoot%

    “PSModulePath”=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

    “NUMBER_OF_PROCESSORS”=2

    “PROCESSOR_LEVEL”=6

    “PROCESSOR_IDENTIFIER”=x86 Family 6 Model 23 Stepping 10, GenuineIntel

    “PROCESSOR_REVISION”=170a

    “asl.log”=Destination=file

    “CLASSPATH”=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    “QTJAVA”=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    —————–EOF—————–

  • Annemieke

    Logfile of random's system information tool 1.09 (written by random/random)

    Run by Gebruiker at 2014-04-08 18:16:07

    Microsoft Windows 7 Home Premium Service Pack 1

    System drive C: has 822 GB (87%) free of 943 GB

    Total RAM: 3327 MB (51% free)

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 18:16:13, on 8-4-2014

    Platform: Windows 7 SP1 (WinNT 6.00.3505)

    MSIE: Internet Explorer v11.0 (11.00.9600.16521)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskhost.exe

    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

    C:\Program Files\Epson Software\Event Manager\EEventManager.exe

    C:\Program Files\iTunes\iTunesHelper.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\Zune\ZuneLauncher.exe

    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files\MyTomTom 3\MyTomTomSA.exe

    C:\Program Files\Windows Live\Messenger\msnmsgr.exe

    C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

    C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Windows\system32\wuauclt.exe

    C:\Program Files\Common Files\Java\Java Update\jucheck.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

    C:\Windows\system32\taskhost.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91NK4SPS\RSIT.exe

    C:\Program Files\trend micro\Gebruiker.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll

    O2 - BHO: ThreeShips IEHelper - {17FDB9F8-DCC4-4F6A-AE07-B16018A48469} - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

    O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

    O4 - HKLM\..\Run: “C:\Program Files\Epson Software\Event Manager\EEventManager.exe”

    O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime

    O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Zune\ZuneLauncher.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

    O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\AvastUI.exe” /nogui

    O4 - HKLM\..\Run: “C:\Program Files\Registry Helper\RegistryHelper.Exe” /boot

    O4 - HKCU\..\Run: C:\Program Files\Hide My IP\HideMyIP.exe

    O4 - HKCU\..\Run: “C:\Program Files\MyTomTom 3\MyTomTomSA.exe”

    O4 - HKCU\..\Run: “C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe” /c

    O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background

    O4 - Startup: Dropbox.lnk = Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000

    O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

    O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL

    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: Accelerated graphics

    O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab

    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE

    O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

    End of file - 9172 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Adobe Flash Player Updater.job

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001Core.job

    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001UA.job

    =========Mozilla firefox=========

    ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\o6lbv8gv.default

    “wrc@avast.com”=C:\Program Files\AVAST Software\Avast\WebRep\FF

    “Description”=Adobe® Flash® Player 12.0.0.77 Plugin

    “Path”=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

    “Description”=

    “Path”=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

    “Description”=

    “Path”=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

    “Description”=

    “Path”=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

    “Description”=Oracle® Next Generation Java™ Plug-In

    “Path”=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

    “Description”=McAfee Mss Plugin

    “Path”=C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll

    “Description”=

    “Path”=disabled

    “Description”=Ag Player Plugin

    “Path”=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

    “Description”=WLPG Install MIME type

    “Path”=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

    “Description”=WLPG Install MIME type

    “Path”=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

    “Description”=WLPG Install MIME type

    “Path”=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

    “Description”=WLPG Install MIME type

    “Path”=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

    “Description”=

    “Path”=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll

    “Description”=Google Update

    “Path”=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

    “Description”=Google Update

    “Path”=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

    “Description”=Handles PDFs in-place in Firefox

    “Path”=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

    ======Registry dump======

    MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll

    ThreeShips IE Helper - C:\Program Files\Common Files\Threeships Shared\DLL\ThreeShipsIEHelper.dll

    Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll

    avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

    Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll

    Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

    “RtHDVCpl”=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

    “EEventManager”=C:\Program Files\Epson Software\Event Manager\EEventManager.exe

    “QuickTime Task”=C:\Program Files\QuickTime\QTTask.exe

    “iTunesHelper”=C:\Program Files\iTunes\iTunesHelper.exe

    “SunJavaUpdateSched”=C:\Program Files\Common Files\Java\Java Update\jusched.exe

    “Zune Launcher”=C:\Program Files\Zune\ZuneLauncher.exe

    “GrooveMonitor”=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

    “Adobe ARM”=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    “AvastUI.exe”=C:\Program Files\AVAST Software\Avast\AvastUI.exe

    “Registry Helper”=C:\Program Files\Registry Helper\RegistryHelper.Exe /boot

    “HideMyIP”=C:\Program Files\Hide My IP\HideMyIP.exe

    “MyTomTomSA.exe”=C:\Program Files\MyTomTom 3\MyTomTomSA.exe

    “Google Update”=C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe

    “msnmsgr”=C:\Program Files\Windows Live\Messenger\msnmsgr.exe

    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

    McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

    C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

    Dropbox.lnk - C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll

    “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    “SecurityProviders”=credssp.dll

    “ConsentPromptBehaviorAdmin”=0

    “ConsentPromptBehaviorUser”=3

    “EnableLUA”=0

    “EnableUIADesktopToggle”=0

    “PromptOnSecureDesktop”=0

    “dontdisplaylastusername”=0

    “legalnoticecaption”=

    “legalnoticetext”=

    “shutdownwithoutlogon”=1

    “undockwithoutlogon”=1

    “NoDriveTypeAutoRun”=145

    “vidc.mrle”=msrle32.dll

    “vidc.msvc”=msvidc32.dll

    “msacm.imaadpcm”=imaadp32.acm

    “msacm.msg711”=msg711.acm

    “msacm.msgsm610”=msgsm32.acm

    “msacm.msadpcm”=msadp32.acm

    “midimapper”=midimap.dll

    “wavemapper”=msacm32.drv

    “vidc.uyvy”=msyuv.dll

    “vidc.yuy2”=msyuv.dll

    “vidc.yvyu”=msyuv.dll

    “vidc.iyuv”=iyuv_32.dll

    “vidc.i420”=iyuv_32.dll

    “vidc.yvu9”=tsbyuv.dll

    “msacm.l3acm”=C:\Windows\System32\l3codeca.acm

    “vidc.cvid”=iccvid.dll

    “msacm.siren”=sirenacm.dll

    “wave”=wdmaud.drv

    “midi”=wdmaud.drv

    “mixer”=wdmaud.drv

    “aux”=wdmaud.drv

    “wave1”=wdmaud.drv

    “midi1”=wdmaud.drv

    “mixer1”=wdmaud.drv

    “aux1”=wdmaud.drv

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1

    ======List of files/folders created in the last 1 month======

    2014-04-08 18:16:08 —-D—- C:\Program Files\trend micro

    2014-04-08 18:16:07 —-D—- C:\rsit

    2014-04-08 18:13:24 —-A—- C:\Windows\system32\drivers\lbrf.sys

    2014-04-08 15:35:15 —-A—- C:\Windows\system32\drivers\MBAMSwissArmy.sys

    2014-04-08 15:34:51 —-D—- C:\Program Files\Malwarebytes Anti-Malware

    2014-04-08 15:34:51 —-A—- C:\Windows\system32\drivers\mwac.sys

    2014-04-08 15:34:51 —-A—- C:\Windows\system32\drivers\mbamchameleon.sys

    2014-04-08 15:34:51 —-A—- C:\Windows\system32\drivers\mbam.sys

    2014-04-08 12:33:06 —-A—- C:\Windows\system32\HideMyIpSRVOff.ini

    2014-04-08 12:33:06 —-A—- C:\Windows\system32\HideMyIpSRV.ini

    2014-04-08 12:33:06 —-A—- C:\Windows\system32\drivers\hmip.sys

    2014-04-08 12:32:17 —-D—- C:\ProgramData\Registry Helper

    2014-04-08 12:31:55 —-D—- C:\Program Files\Mega Browse

    2014-04-02 18:33:58 —-A—- C:\Windows\avastSS.scr

    2014-03-19 09:51:58 —-D—- C:\Program Files\Mozilla Firefox

    2014-03-14 03:05:32 —-A—- C:\Windows\system32\qedit.dll

    2014-03-14 03:05:32 —-A—- C:\Windows\system32\MsSpellCheckingFacility.exe

    2014-03-14 03:05:32 —-A—- C:\Windows\system32\jsproxy.dll

    2014-03-14 03:05:32 —-A—- C:\Windows\system32\jscript9diag.dll

    2014-03-14 03:05:32 —-A—- C:\Windows\system32\iernonce.dll

    2014-03-14 03:05:32 —-A—- C:\Windows\system32\ieetwproxystub.dll

    2014-03-14 03:05:32 —-A—- C:\Windows\system32\ieetwcollectorres.dll

    2014-03-14 03:05:32 —-A—- C:\Windows\system32\ieetwcollector.exe

    2014-03-14 03:05:31 —-A—- C:\Windows\system32\wininet.dll

    2014-03-14 03:05:31 —-A—- C:\Windows\system32\ieapfltr.dll

    2014-03-14 03:05:30 —-A—- C:\Windows\system32\ieUnatt.exe

    2014-03-14 03:05:30 —-A—- C:\Windows\system32\ieui.dll

    2014-03-14 03:05:30 —-A—- C:\Windows\system32\iertutil.dll

    2014-03-14 03:05:29 —-A—- C:\Windows\system32\mshtml.dll

    2014-03-14 03:05:29 —-A—- C:\Windows\system32\jscript9.dll

    2014-03-14 03:05:28 —-A—- C:\Windows\system32\urlmon.dll

    2014-03-14 03:05:28 —-A—- C:\Windows\system32\msfeeds.dll

    2014-03-14 03:05:27 —-A—- C:\Windows\system32\msrating.dll

    2014-03-14 03:05:27 —-A—- C:\Windows\system32\iesetup.dll

    2014-03-14 03:05:27 —-A—- C:\Windows\system32\ie4uinit.exe

    2014-03-14 03:05:26 —-A—- C:\Windows\system32\ieframe.dll

    2014-03-14 03:05:19 —-A—- C:\Windows\system32\wwansvc.dll

    2014-03-14 03:05:18 —-A—- C:\Windows\system32\win32k.sys

    2014-03-14 03:05:17 —-A—- C:\Windows\system32\WindowsCodecs.dll

    2014-03-14 03:05:16 —-A—- C:\Windows\system32\wer.dll

    ======List of files/folders modified in the last 1 month======

    2014-04-08 18:16:13 —-D—- C:\Windows\Prefetch

    2014-04-08 18:16:09 —-D—- C:\Windows\Temp

    2014-04-08 18:16:08 —-RD—- C:\Program Files

    2014-04-08 18:13:24 —-D—- C:\Windows\system32\drivers

    2014-04-08 18:13:24 —-D—- C:\Windows\debug

    2014-04-08 15:34:51 —-D—- C:\ProgramData\Malwarebytes

    2014-04-08 14:56:04 —-D—- C:\Windows\system32\NDF

    2014-04-08 14:48:47 —-D—- C:\Windows\system32\config

    2014-04-08 14:35:13 —-D—- C:\Users\Gebruiker\AppData\Roaming\Dropbox

    2014-04-08 14:33:18 —-D—- C:\Program Files\Google

    2014-04-08 12:42:12 —-D—- C:\ProgramData

    2014-04-08 12:42:11 —-SHD—- C:\Windows\Installer

    2014-04-08 12:33:06 —-D—- C:\Windows\System32

    2014-04-05 18:06:48 —-D—- C:\Windows\inf

    2014-04-05 18:06:48 —-A—- C:\Windows\system32\PerfStringBackup.INI

    2014-04-04 15:51:29 —-SHD—- C:\System Volume Information

    2014-04-02 18:38:30 —-D—- C:\Program Files\Mozilla Maintenance Service

    2014-04-02 18:34:08 —-D—- C:\Windows\system32\Tasks

    2014-04-02 18:33:59 —-D—- C:\Windows

    2014-04-02 18:33:58 —-A—- C:\Windows\system32\aswBoot.exe

    2014-04-01 18:43:38 —-D—- C:\Users\Gebruiker\AppData\Roaming\Belastingdienst

    2014-03-19 04:00:42 —-D—- C:\Windows\system32\MRT

    2014-03-19 04:00:38 —-A—- C:\Windows\system32\MRT.exe

    2014-03-14 04:21:18 —-D—- C:\Windows\winsxs

    2014-03-14 04:19:38 —-D—- C:\Program Files\Microsoft Silverlight

    2014-03-14 04:18:25 —-D—- C:\Program Files\Internet Explorer

    2014-03-14 04:02:20 —-D—- C:\ProgramData\Microsoft Help

    2014-03-14 03:05:12 —-D—- C:\Windows\system32\catroot

    2014-03-14 03:05:03 —-D—- C:\Windows\system32\catroot2

    2014-03-12 09:47:04 —-A—- C:\Windows\system32\FlashPlayerApp.exe

    2014-03-12 09:47:02 —-A—- C:\Windows\system32\FlashPlayerInstaller.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys

    R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys

    R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys

    R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys

    R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys

    R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys

    R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys

    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys

    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys

    R2 hmip;hmip; \??\C:\Windows\system32\Drivers\hmip.sys

    R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys

    R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys

    R3 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys

    R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys

    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys

    R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys

    R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys

    R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys

    S0 tyfjeca;tyfjeca; C:\Windows\System32\drivers\lbrf.sys

    S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys

    S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys

    S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys

    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys

    S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys

    S3 catchme;catchme; \??\C:\Users\GEBRUI~1\AppData\Local\Temp\catchme.sys

    S3 E1G60;Stuurprogramma voor Intel(R) PRO/1000 NDIS 6-adapter; C:\Windows\system32\DRIVERS\E1G60I32.sys

    S3 FIXUSTOR;FIXUSTOR; C:\Windows\system32\DRIVERS\fixustor.sys

    S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys

    S3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys

    S3 nvamacpi;nvamacpi; C:\Windows\system32\DRIVERS\NVAMACPI.sys

    S3 nvgts;nvgts; C:\Windows\system32\DRIVERS\nvgts.sys

    S3 nvrd32;nvrd32; C:\Windows\system32\DRIVERS\nvrd32.sys

    S3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys

    S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys

    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys

    S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys

    S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys

    S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\drivers\usb8023x.sys

    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys

    S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys

    S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys

    S3 ViaC7;Stuurprogramma voor VIA C7-processor; C:\Windows\system32\DRIVERS\viac7.sys

    S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUsb.sys

    S4 RsFx0151;RsFx0151 Driver; C:\Windows\system32\DRIVERS\RsFx0151.sys

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

    R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe

    R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe

    R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE

    R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE

    R2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe

    R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

    R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

    R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe

    R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

    S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe

    S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe

    S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe

    S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

    S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

    S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe

    S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe

    S3 ZuneNetworkSvc;Zune Network Sharing Service; C:\Program Files\Zune\ZuneNss.exe

    S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; C:\Program Files\Zune\ZuneWlanCfgSvc.exe

    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE

    S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

    S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

    S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

    S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE

    S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

    S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

    —————–EOF—————–

  • Ben

    Hallo,

    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.

    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

    Download Zoek.exe naar het bureaublad.

    * Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.

    Zoek.exe uitvoeren

    Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

    * Dubbelklik vervolgens op Zoek.exe om de tool te starten.

    * Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

    * Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:

    * Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

    firefoxlook;

    emptyclsid;

    torpigcheck;

    C:\Program Files\Common Files\Threeships Shared;fs

    {17FDB9F8-DCC4-4F6A-AE07-B16018A48469};c

    ;r

    “Registry Helper”=-;r

    C:\Program Files\Registry Helper;fs

    C:\Program Files\Mega Browse;fs

    emptyfolderscheck;delete

    chromelook;

    standardsearch;

    filesrcm;

    autoclean;

    startupall;

    * Klik nu op de knop "Run script".

    * Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    * Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    * Post het geopende logje in het volgende bericht.

  • fazantje

    Hoi Annemieke,

    Ik heb even beide topics samengevoegd.

    Groet,

    Huib;).

  • Annemieke

    Hallo Huib, hierbij het logje. Alvast bedankt voor je snelle hulp.

    Zoek.exe v5.0.0.0 Updated 07-March-2014

    Tool run by Gebruiker on di 08-04-2014 at 23:06:03,18.

    Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86

    Running in: Normal Mode Internet Access Detected

    Launched: C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\86198DA1\zoek.exe

    ==== System Restore Info ======================

    8-4-2014 23:07:24 Zoek.exe System Restore Point Created Succesfully.

    ==== Torpig Check ======================

    HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll

    HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll

    ==== Empty Folders Check ======================

    C:\Program Files\MSXML 4.0 deleted successfully

    C:\Program Files\VS Revo Group deleted successfully

    C:\Users\Gebruiker\AppData\Local\WMTools Downloaded Files deleted successfully

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-350242244-4206258913-3113474944-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17FDB9F8-DCC4-4F6A-AE07-B16018A48469} deleted successfully

    HKEY_USERS\S-1-5-21-350242244-4206258913-3113474944-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{17FDB9F8-DCC4-4F6A-AE07-B16018A48469} deleted successfully

    HKEY_CLASSES_ROOT\CLSID\{17FDB9F8-DCC4-4F6A-AE07-B16018A48469} deleted successfully

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17FDB9F8-DCC4-4F6A-AE07-B16018A48469} deleted successfully

    ==== Deleting CLSID Registry Values ======================

    ==== Running Processes ======================

    C:\Windows\System32\smss.exe

    C:\Windows\system32\csrss.exe

    C:\Windows\system32\csrss.exe

    C:\Windows\system32\wininit.exe

    C:\Windows\system32\winlogon.exe

    C:\Windows\system32\services.exe

    C:\Windows\system32\lsass.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\nvvsvc.exe

    C:\Windows\system32\atiesrxx.exe

    C:\Windows\system32\atieclxx.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\taskhost.exe

    C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

    C:\Program Files\Epson Software\Event Manager\EEventManager.exe

    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    C:\Program Files\iTunes\iTunesHelper.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files\Zune\ZuneLauncher.exe

    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

    C:\Program Files\AVAST Software\Avast\AvastUI.exe

    C:\Program Files\MyTomTom 3\MyTomTomSA.exe

    C:\Program Files\Bonjour\mDNSResponder.exe

    C:\Program Files\Common Files\EPSON\EPW3 SSRP\E_S50ST7.EXE

    C:\Program Files\Common Files\EPSON\EPW3 SSRP\E_S50RP7.EXE

    C:\Program Files\Windows Live\Messenger\msnmsgr.exe

    C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

    c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

    C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

    C:\Program Files\Mega Browse\updateMegaBrowse.exe

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files\iPod\bin\iPodService.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Program Files\Windows Media Player\wmpnetwk.exe

    C:\Windows\System32\WUDFHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Program Files\Common Files\Java\Java Update\jucheck.exe

    C:\Program Files\Google\Update\GoogleUpdate.exe

    C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

    C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

    C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\system32\wuauclt.exe

    C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\86198DA1\zoek.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\system32\svchost.exe -k GPSvcGroup

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Windows\System32\svchost.exe -k secsvcs

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalServicePeerNet

    ==== Deleting Services ======================

    ==== Registry Fix Code ======================

    Windows Registry Editor Version 5.00

    “Registry Helper”=-

    ==== Deleting Files \ Folders ======================

    C:\Program Files\Registry Helper not found

    C:\Program Files\Common Files\Threeships Shared deleted

    C:\PROGRA~2\Registry Helper deleted

    C:\Windows\system32\RegistryHelperLM.ocx deleted

    “C:\Users\Gebruiker\AppData\Local\7u0e06n00xgnl5ldoo1g1o6qk21mu1075445lp” deleted

    “C:\ProgramData\-ysKRUsGOnUQhtAV” deleted

    “C:\ProgramData\-ysKRUsGOnUQhtAVr” deleted

    “C:\ProgramData\7u0e06n00xgnl5ldoo1g1o6qk21mu1075445lp” deleted

    “C:\Program Files\Mega Browse\updateMegaBrowse.exe” deleted

    “C:\Program Files\Mega Browse\updateMegaBrowse.exe” deleted

    “C:\Program Files\Mega Browse” not deleted

    “C:\Program Files\Mega Browse” not deleted

    ==== System Specs ======================

    Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)

    Memory (RAM): 3328 MB

    CPU Info: Pentium(R) Dual-Core CPU E6500 @ 2.93GHz

    CPU Speed: 2932,1 MHz

    Sound Card: Luidsprekers (Realtek High Defi |

    Realtek Digital Output (Realtek |

    Display Adapters: ATI Radeon HD 5400 Series | ATI Radeon HD 5400 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

    Monitors: 1x; BenQ GL2240 (Analog) |

    Screen Resolution: 1920 X 1080 - 32 bit

    Network: Network Present

    Network Adapters: Realtek PCIe GBE Family Controller #2

    CD / DVD Drives: 1x (D: | ) D: PIONEER DVD-RW DVR-218L

    Ports: COM1 LPT Port NOT Present.

    Mouse: 16 Button Wheel Mouse Present

    Hard Disks: C: 921,2GB

    Hard Disks - Free: C: 802,8GB

    Manufacturer *: American Megatrends Inc.

    BIOS Info: AT/AT COMPATIBLE | 09/06/10 | - 20100906

    Time Zone: West-Europa (standaardtijd)

    Motherboard *: FOXCONN G41MX 2.0/G41MX-K 2.0

    Country: Nederland

    Language: NLD

    ==== System Specs (Software) ======================

    Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)

    Anti-Spyware: Windows Defender disabled (Outdated)

    Anti-Spyware: avast! Antivirus disabled (Outdated)

    Default Browser: Firefox 28.0

    Internet Explorer Version: 11.0.9600.16521

    Mozilla Firefox version: 28.0 (x86 nl)

    Google Chrome version: 33.0.1750.154

    Adobe Reader version: 10.1.9.22

    Sun Java version: 1.6.0_30 (32-bit)

    Flash Player version: 12.0.0.77

    ==== Files Recently Created / Modified ======================

    ====== C:\Windows ====

    2014-04-02 16:33:58 E1CBFDE5CAD6C373946A0D2C238E6522 43152 —-a-w- C:\Windows\avastSS.scr

    ====== C:\Users\GEBRUI~1\AppData\Local\Temp ====

    2014-04-02 16:46:59 2A41794807AC53FCE19AF0EF2900525A 73728 —-a-w- C:\Users\Gebruiker\AppData\Local\temp\VistaInfo32.dll

    ====== Java Cache =====

    ====== C:\Windows\system32 =====

    2014-04-08 10:33:06 C06FDA2871834781EB5A1C135FFA2907 4216 —-a-w- C:\Windows\System32\HideMyIpSRVOff.ini

    2014-04-08 10:33:06 571A602B17CCC0B7632025E41F2A9EC9 7976 —-a-w- C:\Windows\System32\HideMyIpSRV.ini

    ====== C:\Windows\system32\drivers =====

    2014-04-08 16:13:24 C97E0F487690FB0C7221168465982810 52440 —-a-w- C:\Windows\System32\drivers\lbrf.sys

    2014-04-08 13:35:15 661B911FA04E73FB073FF9B1C9BD2E05 107736 —-a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

    2014-04-08 13:34:51 2BB23932978D623D3D395AEAB1825BF1 73432 —-a-w- C:\Windows\System32\drivers\mbamchameleon.sys

    2014-04-08 13:34:51 18898A87CBA96DEA2074C19E140938A8 51416 —-a-w- C:\Windows\System32\drivers\mwac.sys

    2014-04-08 13:34:51 0C6EA0109CFEDF441F06D031E9A8D1A9 23256 —-a-w- C:\Windows\System32\drivers\mbam.sys

    2014-04-08 10:33:06 EA8FD4A29C542C0214682967021E703D 25448 —-a-w- C:\Windows\System32\drivers\hmip.sys

    ====== C:\Windows\Tasks ======

    ====== C:\Windows\Temp ======

    ======= C:\Program Files =====

    2014-04-08 16:16:08 ——– d—–w- C:\Program Files\trend micro

    2014-04-08 10:31:55 ——– d—–w- C:\Program Files\Mega Browse

    ======= C: =====

    ====== C:\Users\Gebruiker\AppData\Roaming ======

    ====== C:\Users\Gebruiker ======

    2014-04-08 10:31:31 BFDD6C26DD83230B064B481AB1F835D9 2808288 —-a-w- C:\Users\Gebruiker\Downloads\hide-my-ip-5.3 .exe

    2014-03-27 11:46:09 6463A4FA57AEE1597C26EC75DFD911D2 2836400 —-a-w- C:\Users\Gebruiker\Downloads\ib2013_win_setup (1).exe

    ====== C: exe-files ==

    2014-04-08 16:16:08 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Gebruiker.exe

    2014-04-08 10:31:31 BFDD6C26DD83230B064B481AB1F835D9 2808288 —-a-w- C:\Users\Gebruiker\Downloads\hide-my-ip-5.3 .exe

    2014-04-06 08:23:57 8CF79CEF7C135781C74E23D010598313 544 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-350242244-4206258913-3113474944-1001\$IHY47XU.exe

    2014-04-06 08:23:24 BFDD6C26DD83230B064B481AB1F835D9 2808288 —-a-w- C:\$RECYCLE.BIN\S-1-5-21-350242244-4206258913-3113474944-1001\$RHY47XU.exe

    === C: other files ==

    2014-04-08 16:13:24 C97E0F487690FB0C7221168465982810 52440 —-a-w- C:\Windows\System32\drivers\lbrf.sys

    2014-04-08 13:35:15 661B911FA04E73FB073FF9B1C9BD2E05 107736 —-a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys

    2014-04-08 13:34:51 2BB23932978D623D3D395AEAB1825BF1 73432 —-a-w- C:\Windows\System32\drivers\mbamchameleon.sys

    2014-04-08 13:34:51 18898A87CBA96DEA2074C19E140938A8 51416 —-a-w- C:\Windows\System32\drivers\mwac.sys

    2014-04-08 13:34:51 0C6EA0109CFEDF441F06D031E9A8D1A9 23256 —-a-w- C:\Windows\System32\drivers\mbam.sys

    2014-04-08 10:33:06 EA8FD4A29C542C0214682967021E703D 25448 —-a-w- C:\Windows\System32\drivers\hmip.sys

    ==== Startup Registry Enabled ======================

    “HideMyIP”=“C:\Program Files\Hide My IP\HideMyIP.exe”

    “MyTomTomSA.exe”=“C:\Program Files\MyTomTom 3\MyTomTomSA.exe”

    “Google Update”=“C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c”

    “msnmsgr”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background”

    “RtHDVCpl”=“C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe”

    “EEventManager”=“C:\Program Files\Epson Software\Event Manager\EEventManager.exe”

    “QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe -atboottime”

    “iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe”

    “SunJavaUpdateSched”=“C:\Program Files\Common Files\Java\Java Update\jusched.exe”

    “Zune Launcher”=“C:\Program Files\Zune\ZuneLauncher.exe”

    “GrooveMonitor”=“C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”

    “Adobe ARM”=“C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

    “AvastUI.exe”=“C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui”

    “HideMyIP”=“C:\Program Files\Hide My IP\HideMyIP.exe”

    “MyTomTomSA.exe”=“C:\Program Files\MyTomTom 3\MyTomTomSA.exe”

    “Google Update”=“C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c”

    “msnmsgr”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background”

    ==== Startup Registry Disabled ======================

    “key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”

    “item”=“StartCCC”

    “hkey”=“HKLM”

    “command”=“\”C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\“ MSRun”

    ==== Startup Folders ======================

    2012-09-02 08:42:42 1068 —-a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

    2013-09-15 19:11:47 2020 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

    ==== Task Scheduler Jobs ======================

    C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files\Google\Update\GoogleUpdate.exe

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a——

    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001Core.job –a—— C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe

    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001UA.job –a—— C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe

    ==== Other Scheduled Tasks ======================

    “C:\Windows\system32\tasks\Adobe Flash Player Updater”

    “C:\Windows\system32\tasks\CCleanerSkipUAC”

    “C:\Windows\system32\tasks\CreateChoiceProcessTask”

    “C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore”

    “C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA”

    “C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001Core”

    “C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-350242244-4206258913-3113474944-1001UA”

    “C:\Windows\system32\tasks\User_Feed_Synchronization-{C0EC20FE-5E2A-4F2E-877A-B4664F4C0E12}”

    “C:\Windows\system32\tasks\{6BB10655-1436-479B-9A2D-F810841947F7}”

    “C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate”

    ==== Folders in C:\PROGRA~2 0-6 Months Old ======================

    2014-02-04 09:52:48 ——– d—–w- C:\PROGRA~2\Applications

    2014-02-15 16:42:27 ——– d–h–w- C:\PROGRA~2\CanonBJ

    ==== Firefox Extensions Registry ======================

    “wrc@avast.com”=“C:\Program Files\AVAST Software\Avast\WebRep\FF”

    ==== Firefox Extensions ======================

    AppDir: C:\Program Files\Mozilla Firefox

    - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\o6lbv8gv.default

    E83B541C71965CFA1DEFF846CD6E9ECD - C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll - Google Update

    E83B541C71965CFA1DEFF846CD6E9ECD - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll - Google Update

    95812430959AE88CDD0301AB3A71913B - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash

    01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In

    FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash

    63EE2015B877A2E472CC59E05291AA39 - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll - McAfee Security Scanner +

    3220B1254AEF7A191187EC03F51B3D61 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

    B2576571746839180833E048AC2CCA5C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

    209F58DECE7A511BB81A7A172F4346E8 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - Foxit Reader Plugin for Mozilla

    D493C8FC0D0FD015BB9765658D77346E - C:\Users\Gebruiker\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

    C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

    FF030B5F429A1A8C18821E4595599C1F - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.300.12

    CCC24FAA47C47E66BE61BF22603C5E3A - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U30

    758C26A8A3234C19C3F2C6AA9EC23BD9 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7

    FC87F6A96443408FE636A9356718B2C0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7

    D7E7D310047D3D9B066C2DE222ED85CA - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7

    0CA96D03F6AC56F99112B64142410369 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7

    6A25A9DAF515EF034DA370B26AF23797 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7

    74864AB70F2C0B647228AD93CDE5F22D - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7

    733761D31F87D3538264069E4C974556 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7

    2DEE3CBE9DB65124C49A6366D0B042A3 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

    D8A3FDE47CBDC2D6DFAC14243050526B - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.4

    28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight

    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

    bopakagnckmlgajfccecajhnimjiiedh - No path found

    gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

    YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

    MSS+ Extension - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh

    Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

    Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

    Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

    ==== Chrome Fix ======================

    C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully

    ==== Set IE to Default ======================

    Old Values:

    “Start Page”=“http://www.google.nl/”

    New Values:

    “Start Page”=“http://www.google.nl/”

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

    “DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”

    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR”

    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully

    ==== HijackThis Entries ======================

    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

    O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

    O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

    O4 - HKLM\..\Run: “C:\Program Files\Epson Software\Event Manager\EEventManager.exe”

    O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime

    O4 - HKLM\..\Run: “C:\Program Files\iTunes\iTunesHelper.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Zune\ZuneLauncher.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”

    O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

    O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\AvastUI.exe” /nogui

    O4 - HKCU\..\Run: C:\Program Files\Hide My IP\HideMyIP.exe

    O4 - HKCU\..\Run: “C:\Program Files\MyTomTom 3\MyTomTomSA.exe”

    O4 - HKCU\..\Run: “C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe” /c

    O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background

    O4 - Startup: Dropbox.lnk = Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000

    O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

    O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL

    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

    O11 - Options group: Accelerated graphics

    O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab

    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE

    O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

    ==== Empty IE Cache ======================

    C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3URXYV7E will be deleted at reboot

    C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\86198DA1 will be deleted at reboot

    C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4S2Z038 will be deleted at reboot

    ==== Empty FireFox Cache ======================

    C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\o6lbv8gv.default\Cache emptied successfully

    ==== Empty Chrome Cache ======================

    C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=19 folders=10 1836447 bytes)

    ==== Empty Temp Folders ======================

    C:\Users\Default\AppData\Local\temp emptied successfully

    C:\Users\Default User\AppData\Local\temp emptied successfully

    C:\Users\Gebruiker\AppData\Local\temp will be emptied at reboot

    C:\Users\Public\AppData\Local\temp emptied successfully

    C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

    C:\Windows\Temp will be emptied at reboot

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied

    C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== Deleting Files / Folders ======================

    “C:\Program Files\Mega Browse” not found

    “C:\Program Files\Mega Browse” not found

    “C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3URXYV7E” deleted

    “C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\86198DA1” not found

    “C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4S2Z038” deleted

    ==== EOF on di 08-04-2014 at 23:31:08,39 ======================

  • Ben

    Hallo,

    Download AdwCleaner by Xplode naar het bureaublad.

    * Sluit alle openstaande vensters.

    * Dubbelklik op AdwCleaner om hem te starten.

    * Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren,

    * Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

    * Klik vervolgens op Scan.

    * Klik vervolgens op Clean als er items zijn gevonden.

    * Klik bij Herstarten Noodzakelijk op OK

    Nadat de PC opnieuw is opgestart, opent meestal een logfile.

    Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner.txt

    Post aansluitend de inhoud van dit log in je volgende bericht.

  • Annemieke

    Hallo Ben, hierbij de log van adwcleaner:

    # AdwCleaner v3.023 - Report created 09/04/2014 at 10:06:02

    # Updated 01/04/2014 by Xplode

    # Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

    # Username : Gebruiker - GEBRUIKER-WDBPC

    # Running from : C:\Users\Gebruiker\Downloads\adwcleaner (2).exe

    # Option : Clean

    ***** *****

    ***** *****

    File Deleted : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\o6lbv8gv.default\user.js

    ***** *****

    ***** *****

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_microsoft-silverlight_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_microsoft-silverlight_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-movie-maker_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-movie-maker_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E6CD411-CE62-4584-97FF-6AFBCF6900AF}

    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

    ***** *****

    -\\ Internet Explorer v11.0.9600.16521

    -\\ Mozilla Firefox v28.0 (nl)

    -\\ Google Chrome v

    *************************

    AdwCleaner.txt - -

    AdwCleaner.txt - -

    ########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########

  • fazantje

    Hoi Annemieke,

    Hoe staat het nu met jou probleem?

    Groetjes Huib;)

  • Annemieke

    Hallo Huib,

    Geen pop-ups meer…….lijkt er dus goed uit te zien.

    Bedankt,

    Annemieke

  • Ben

    Hallo,

    Dat is dan mooi:

    Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:

    Download Delfix by Xplode naar het bureaublad.

    Dubbelklik op Delfix.exe om de tool te starten.

    Zet nu vinkjes voor de volgende items:

    * Remove disinfection tools

    * Create registry backup

    * Purge System Restore

    * Reset system settings

    Klik nu op "Run" en wacht geduldig tot de tool gereed is.

    Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.

    Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.