Riekje

Het lijkt er op dat ik van het probleem af ben,heb A.D.W.cleaner er op gezet en de waarschuwing van A.V,G genegeerd,verwijderen aan geklikt,en de meldingen zijn foetsie, op dit moment, en hopelijk blijft dat zo.Heel hartelijk dank voor alle moeite en hulp.Groetjes Riekje.

Gelezen,kan ik zonder gevaar winspool dvr veranderen naar winspool old? - - - Updated - - - en heb je dit nodig.

Het ziet er inderdaad goed uit, maar geeft nog steeds de melding weer.en af en toe is hij retetraag,maar zal mappen met foto's naar de externe harde schijf verplaatsen en ze dan van de p.c halen,dat ruimt op,en nog een vraag heb de proefversie van AvG virusscanner er op staan,is er een betere?

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000 www.malwarebytes.org Databaseversie: v2012.11.04.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 riekje :: RIEKJE-PC [administrator] Realtime bescherming: Ingeschakeld 4-11-2012 7:23:57 mbam-log-2012-11-04 (07-23-57).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 197019 Verstreken tijd: 17 minuut/minuten, 32 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)

De site die ik tezien krijg is trend micro.ook na het scannen.en hij zegt no internet connection.

Ik heb het programma nu op het bureau blad staan,maar kan het niet als adminitator gebruiken,heb al vijf keer de gvraagde items ingetypt en op fix gedrukt krijg ik een error melding,klik op ja komt er een download pagina te voorschijn,ik zal tot de dood van deze p.c. de meldingen maar wegklikken.

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000 www.malwarebytes.org Databaseversie: v2012.11.02.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 riekje :: RIEKJE-PC [administrator] Realtime bescherming: Ingeschakeld 3-11-2012 13:57:31 mbam-log-2012-11-03 (17-41-20).txt Scantype: Volledige scan (C:\|D:\|E:\|Q:\|) Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 300579 Verstreken tijd: 1 uur/uren, 56 minuut/minuten, 13 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FoxTab PDF Creator (Adware.Agent) -> Geen actie ondernomen. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Program Files\FoxTabPDFConverter\Uninstall\Uninstall.exe (Adware.Agent) -> Geen actie ondernomen. (einde) - - - Updated - - - Dit is de laatste grote scan met dit programma.

Nee dat heb ik helaas niet.ik heb gelukkig een mail bewaard waar deze discussie opstaat,krijg geen meldingen van jullie binnen via mail,en kijk dan klik dan af en toe op de oude mail of er nog berichten zijn.

Hijjack this is nergens te vinden, hij download het programma, en gooit het er na de schijn meteen weer van af. - - - Updated - - - Ik heb geen map en geen snelkoppeling van dit programma.

Heb het drie geprobeerd zal het nog eens proberen,en anders loop ik de prachtige pier bij ons achter de dijk af , en pleur hem de waddenzee in ,misschien dat iemand er op Schiermonnikoog er wat aan heeft.

dat wil ik wel,maar hij wil niet, heb het twee keer geprobeerd,maar kan hem niet als administrator uitvoeren. - - - Updated - - - Is het normaal dat je hijjack this steeds opnieuw moet downloaden.

Deze is van hijack Sherloch Homes.

Logfile of HijackThis v1.99.1 Scan saved at 22:51:11, on 2-11-2012 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Users\riekje\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Users\riekje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6PECY4W\hijackthis[3].exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AC-Pro - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\riekje\AppData\Roaming\Complitly\AutocompletePro.dll (file missing) O2 - BHO: Hyves - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves\prxtbHyv0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll O3 - Toolbar: Hyves Toolbar - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves\prxtbHyv0.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\riekje\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: Facebook Messenger.lnk = riekje\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [iNTERNATIONAL] International O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Little%20Shop%20of%20Treasures%202/Images/stg_drm.ocx O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/armhelper.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Amazon Download Agent - Amazon.com - C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing) - - - Updated - - - Is dit um,je hebt twee verschillende hijjack this een soort sherlock holmes en een bundel dynamite. - - - Updated - - - Logfile of HijackThis v1.99.1 Scan saved at 22:51:11, on 2-11-2012 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Users\riekje\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Users\riekje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V6PECY4W\hijackthis[3].exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AC-Pro - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\riekje\AppData\Roaming\Complitly\AutocompletePro.dll (file missing) O2 - BHO: Hyves - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves\prxtbHyv0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll O3 - Toolbar: Hyves Toolbar - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves\prxtbHyv0.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\riekje\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: Facebook Messenger.lnk = riekje\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [iNTERNATIONAL] International O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Little%20Shop%20of%20Treasures%202/Images/stg_drm.ocx O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/armhelper.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Amazon Download Agent - Amazon.com - C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc (file missing) O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

Kreeg van u ook geen melding in de mail.

Daar heb ik na de laatste plaatsing van de logjes niets meer van gehoord,een week terug,nu probreer ik mij in te loggen maar dat lukt niet.

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000 www.malwarebytes.org Databaseversie: v2012.11.02.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 riekje :: RIEKJE-PC [administrator] Realtime bescherming: Uitgeschakeld 2-11-2012 21:32:33 mbam-log-2012-11-02 (21-32-33).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 197515 Verstreken tijd: 20 minuut/minuten, 45 seconde(n) Geheugenprocessen gedetecteerd: 1 C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 1132 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 16 HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{8830ddf0-3042-404d-a62c-384a85e34833} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Data: C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 3 C:\Users\riekje\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 62 C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Zal worden verwijderd tijdens het herstarten. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38d1315d0cfe6dd33f29c9a545f94053 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38d1315d0cfe6dd33f29c9a545f94053_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aeee69848edcb080584c8630e879efda (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aeee69848edcb080584c8630e879efda_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\c20c8afdee8aca0f44f34efd75ad85a7 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\c20c8afdee8aca0f44f34efd75ad85a7_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f254e56f8c066ef3bf0783e046dc7ecd (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f254e56f8c066ef3bf0783e046dc7ecd_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fb348dd30bf6edae1f50a9726091317f (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fb348dd30bf6edae1f50a9726091317f_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e797b807b4545245d85048f0398296a9 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e797b807b4545245d85048f0398296a9_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6f8b3140943075f95ae0c74c1a13b752_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\7c7286eb62db29577cb0a83609846adc (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\7c7286eb62db29577cb0a83609846adc_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\924d47e6f7775d82becea30059272aae (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\924d47e6f7775d82becea30059272aae_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) - - - Updated - - - Dit moet hem zijn.Er staat in quarataine geplaatst,da zijn ze er toch nog niet vanaf?

OTL Extras logfile created on: 22-10-2012 21:45:35 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\riekje\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 2,87 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 61,97% Memory free 5,74 Gb Paging File | 4,33 Gb Available in Paging File | 75,41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 79,12 Gb Total Space | 18,19 Gb Free Space | 22,99% Space Free | Partition Type: NTFS Drive D: | 116,29 Gb Total Space | 108,40 Gb Free Space | 93,22% Space Free | Partition Type: NTFS Drive E: | 36,01 Gb Total Space | 29,86 Gb Free Space | 82,93% Space Free | Partition Type: NTFS Computer Name: RIEKJE-PC | User Name: riekje | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{046681BF-CC00-43A6-BF2D-A55C2297ED85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0975F42D-7224-4A5E-BFF2-72D6D476C35A}" = lport=10243 | protocol=6 | dir=in | app=system | "{0F5DA6A1-3F31-4321-86BB-475DCB6298CD}" = rport=139 | protocol=6 | dir=out | app=system | "{10B7CD4B-EEC8-4AA6-98EA-146DE7B99CE7}" = lport=137 | protocol=17 | dir=in | app=system | "{23E99662-42B3-43FD-AE06-AC614E9325DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3030BA0B-F1C6-4F4F-8211-6E6F74BE63AE}" = rport=138 | protocol=17 | dir=out | app=system | "{314B241B-6EEC-446B-B37F-9EC3756F32DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{32FFE1B9-F3BD-4B7B-9053-57C1524E3607}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{466C1F0D-B6DE-44D3-8360-B85CCCB83114}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{5327CB8E-D58E-4984-9021-6F18A032120E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{537320EB-4F31-4412-BF4C-773CE0DF7E4E}" = lport=2869 | protocol=6 | dir=in | app=system | "{55E74D7D-95D0-46AB-9C0B-BFD047AFA073}" = rport=137 | protocol=17 | dir=out | app=system | "{6372A4E2-935D-4A3B-93AE-A062FD3FF12D}" = lport=445 | protocol=6 | dir=in | app=system | "{8438F4C3-2107-4A1E-9FF9-1EF6536F5299}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{87915D19-C094-4EE4-B91C-E6ABE2537954}" = lport=138 | protocol=17 | dir=in | app=system | "{954CA03D-84F9-4C78-AA5D-835DA6D5D6B6}" = lport=139 | protocol=6 | dir=in | app=system | "{96A7AA11-152C-4744-B084-F268DD4AAD91}" = lport=2869 | protocol=6 | dir=in | app=system | "{9D1FD60B-DB9B-4ADB-9507-506210CCE0C9}" = rport=445 | protocol=6 | dir=out | app=system | "{A3F3B6F1-2D47-49AA-9D44-6E4EAA9E1AAE}" = rport=10243 | protocol=6 | dir=out | app=system | "{BE6EED5C-8065-48EA-BBE5-2EA75033CBEF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C88D3624-663E-4A7F-97D0-425F9C356076}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CA84AED5-95B2-4749-9DE8-FDB9723F9DCF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E21D0755-ED69-4FD6-9752-EC194C3BA77F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E7657399-FC01-4B4A-A059-2DC23F40780B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F069DF24-A601-4722-BFBE-D2827AC525A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06F3D4B9-9867-43F8-97A2-92F4D74853FF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{07EB8BCA-68B4-432B-A521-68A9289A9ECE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{0C5BDE41-EC79-4387-A926-003653D0928C}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{0F2ECAAF-98E4-4D37-A702-98C17B5316F1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{122A5391-54E3-4D56-BD37-314D9C3861D9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{1314EF02-3228-496D-A055-DD86528B60BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe | "{13F8FA52-5B54-4F3E-9DB6-81319FCB79F6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{15FF4AD3-F62F-4DA4-8741-CBF4360281B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1F53D693-C314-4B18-A594-0A68590EB987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{212E87A8-5819-4BF6-BC6C-C8DA38FAC7B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{2405FADF-76A3-486B-A203-43AE532CE49D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe | "{2BA6C6EB-C5E3-43E2-A009-308F56A75795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2C8442BA-44B5-4EF5-91FA-7278D14364B1}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{2F996F8D-4787-43B0-97FA-B35A4522555C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{31708739-C3F8-40A1-A1F7-86610AF6FC96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | "{31E8D64A-66D2-49FE-A6E4-2F3E80B02B2A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{336F315B-6EF6-4833-96C1-E60295FB62CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | "{34CA3DC9-3506-4061-9F0C-71269337B5D7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{390D10F2-8587-43F4-AC79-25C75CF88B12}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{396247E4-E6E5-422C-BD38-7C683D618A99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3A0A4AE2-036F-4BF4-AF43-4F7E858D4CD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{3BF6FCA2-7175-4C09-AA98-CF2B7D10F4EE}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{3E6B66FD-B039-40B2-9E65-77B544B796F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{401F2731-2209-48D7-B12B-F231F0C909E5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{42A1C96F-3A4A-4E04-9074-62549601DB69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{4825AC74-8AC9-4AFE-89C1-8F4E817377C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{48E55754-9A04-4290-A853-17FFBEE268BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{4E37E248-937A-4DB5-8C53-2D98829EADD7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{554FB7DC-A30F-4871-A725-052A3501C645}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | "{5BF6DE59-F78F-4335-B76A-29C6F4AD37A0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{5C930309-AABD-4C2D-AA62-D6870DF581F1}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{6138B188-1817-4C10-915C-35B3989B10B1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{65A15577-A0CF-4CE9-99E5-8E471244E6EB}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{6B6AA344-2B21-4106-83B2-7B025AA97711}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{6C7B9B9F-37C4-4231-9A2C-5D8284F6BE15}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{6CD0757B-2E11-43A2-9AC5-3D43095DAA16}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{70A5E152-5C00-495F-82CB-01E9A09A7D65}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{7153E0CA-F571-41F2-9530-E3BC21130B10}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | "{7430CD1D-1E91-4DAE-A422-234314EEDCC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{74551ADB-75AA-41E1-A6F8-EF2F647617CA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{81D0578F-6017-4478-A829-905188F3E3C6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{897217A5-CEBC-491B-9107-7492F170D34A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{914A5B3A-5EEF-40A8-9975-32AA8AF7073B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe | "{915B30B7-1664-466E-84AF-017F9FFFFAE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | "{93ECF209-D37E-4D16-91CC-55B00238681C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{95A2BC72-1F09-454F-9F5C-6E08C9533E54}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe | "{993A6890-CC90-4A46-8783-29654001D778}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{9F1033C8-96C9-4F1C-A8AD-899CF1C8EEE2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{A00108EF-1537-4EC8-B0B6-E740C1EF166D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{A064CDCE-01FD-4EA2-ABB8-3D022EBB6A54}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{A1C8D78F-662F-4C78-BD1B-77FC001AC01F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A58C4590-2BF9-4DB1-A43C-AE539276BDC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A97E69DD-677B-4218-874D-7137A5164D77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AC0B38B7-AC3A-4E5A-A32E-166F05445748}" = protocol=58 | dir=in | app=system | "{ACD19689-B098-441C-A16F-84ABD412D7A4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{AE6FB950-CBD5-4E1E-8E06-35947E488C46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | "{AF3FB95A-A093-48F9-A836-ABAE6EDCBF2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{B0C3C83E-1729-456B-A220-E52D54A557C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B36919B9-84E5-46B3-9883-55DB5418CAD9}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{B469CE5F-9B1E-4C20-9AB6-6199F9AFC2D7}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{B6F57D26-35AD-46ED-8835-28D21FCD70D1}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{BB78AB63-FA9C-4596-ACBD-3DC15F322074}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{BB8EEDB2-3670-4D2D-96F3-61143DA26CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{C03A6A7C-C78D-4D40-AFA9-F7BCD9F6A297}" = protocol=6 | dir=out | app=system | "{C2E239C3-FBEB-4120-BA14-5EB7F5FFD155}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{C751C994-D9C2-411E-A57B-4474E48B528D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D0648ACC-88BD-46A9-AF40-B6C05B4C0379}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{D69A05EA-02C4-4090-98CB-B300BAE99B29}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{DB750363-DA35-4BB8-8FB3-EC5901568197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{DE179EC6-82DB-4460-8800-50F805F62243}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{DFB4810A-F1DC-4105-A85D-594090005554}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{E1EC5BC5-AD4D-41B2-AD0B-E2C9DDE43CB5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{E33F969C-582F-4D0C-9797-D4997E35A598}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{EDA7A2CC-0BC8-494F-8DA6-77245A6F91B8}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{EF8649B1-11DB-4771-AE2B-3B0299F1AF11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | "{F290B1DB-BCEE-4C36-A0D5-EF775509ECA5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F579A7B9-8FBD-4BC5-8372-25CDA589E1BE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F694CB72-4FA9-4056-8F8A-3C9D4358CC03}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{F78FEBDF-A17A-4054-800A-D052E59196E0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{F936C584-23EF-409D-993F-7614A107DE50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{013C4AC1-64FB-46EA-9320-D34CEB65BDBC}" = AVG 2013 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety "{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4 "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441 "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003 "{90140000-006D-0413-0000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010 "{90260413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components "{90A40413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit "{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}" = Windows Live Messenger "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.3.115 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1043-7B44-A95000000001}" = Adobe Reader 9.5.1 - Nederlands "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6 "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DD92BCB0-B554-4F04-9CB1-DAB1AE81CE53}" = AVG 2013 "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EF90CC06-F94A-4456-B344-79452D0F51F4}" = IncrediMail "{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Akamai" = Akamai NetSession Interface "Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader "AVG" = AVG 2013 "BFGC" = Big Fish Games: Game Manager "BFG-Farmington Tales" = Farmington Tales "CCleaner" = CCleaner "Complitly_is1" = Complitly "DVD Decrypter" = DVD Decrypter (Remove Only) "Easy Taalcursus Spaans" = Easy Taalcursus Spaans "eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.406 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923 "Google Chrome" = Google Chrome "Hyves Desktop 2.4" = Hyves Desktop "Hyves Toolbar" = Hyves Toolbar "IncrediMail" = IncrediMail 2.0 "InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5.5 "iWinArcade" = iWin Games (remove only) "Juliette's Fashion Empire Free Trial_is1" = Juliette's Fashion Empire Free Trial "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.5 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.65.1.1000 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010 "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "Picasa 3" = Picasa 3 "Recuva" = Recuva "Sale Frenzy" = Sale Frenzy (verwijderen) "SynTPDeinstKey" = Synaptics Pointing Device Driver "WildTangent wildgames Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "WTA-64d9b810-f85c-4142-a3ec-be3ff445983e" = Live Novels Jane Austin's Pride and Prejudice "WTA-c7ca7ef2-a3ab-44ae-939a-46395d8ed57c" = House of Wonders - Kitty Kat Wedding "Zylom Games Player Plugin" = Zylom Games Player Plugin ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FoxTab PDF Creator" = FoxTab PDF Creator "Free YouTube to Mp3 Converter" = Free YouTube to Mp3 Converter ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 20-10-2012 3:09:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 3:13:15 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:44:01 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:50:36 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:58:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 6:00:22 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 6:11:25 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 21-10-2012 9:56:36 | Computer Name = riekje-PC | Source = VSS | ID = 8194 Description = Error - 21-10-2012 15:44:33 | Computer Name = riekje-PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: bfgclient.exe, versie: 3.0.1.60, tijdstempel: 0x4e4de6a7 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel: 0x4ec49b60 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0003224d Id van proces met fout: 0x16d8 Starttijd van toepassing met fout: 0x01cdafc46d61e1d6 Pad naar toepassing met fout: C:\Program Files\bfgclient\bfgclient.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: bc1d6e3e-1bb7-11e2-bdc9-001e33a1233e Error - 21-10-2012 15:57:02 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11704 Description = [ System Events ] Error - 21-10-2012 15:39:00 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 15:51:20 | Computer Name = riekje-PC | Source = EventLog | ID = 6008 Description = De vorige afsluiting van het systeem om 21:48:35 op ?21-?10-?2012 is onverwacht gebeurd. Error - 21-10-2012 15:51:25 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 15:51:47 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:37:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:39:36 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:59:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 22-10-2012 2:03:38 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 22-10-2012 2:03:42 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7023 Description = De Function Discovery Resource Publication-service is gestopt met de volgende foutcode: %%-2147014847. Error - 22-10-2012 10:10:05 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. < End of report > - - - Updated - - - OTL Extras logfile created on: 22-10-2012 21:45:35 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\riekje\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 2,87 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 61,97% Memory free 5,74 Gb Paging File | 4,33 Gb Available in Paging File | 75,41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 79,12 Gb Total Space | 18,19 Gb Free Space | 22,99% Space Free | Partition Type: NTFS Drive D: | 116,29 Gb Total Space | 108,40 Gb Free Space | 93,22% Space Free | Partition Type: NTFS Drive E: | 36,01 Gb Total Space | 29,86 Gb Free Space | 82,93% Space Free | Partition Type: NTFS Computer Name: RIEKJE-PC | User Name: riekje | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{046681BF-CC00-43A6-BF2D-A55C2297ED85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0975F42D-7224-4A5E-BFF2-72D6D476C35A}" = lport=10243 | protocol=6 | dir=in | app=system | "{0F5DA6A1-3F31-4321-86BB-475DCB6298CD}" = rport=139 | protocol=6 | dir=out | app=system | "{10B7CD4B-EEC8-4AA6-98EA-146DE7B99CE7}" = lport=137 | protocol=17 | dir=in | app=system | "{23E99662-42B3-43FD-AE06-AC614E9325DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3030BA0B-F1C6-4F4F-8211-6E6F74BE63AE}" = rport=138 | protocol=17 | dir=out | app=system | "{314B241B-6EEC-446B-B37F-9EC3756F32DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{32FFE1B9-F3BD-4B7B-9053-57C1524E3607}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{466C1F0D-B6DE-44D3-8360-B85CCCB83114}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{5327CB8E-D58E-4984-9021-6F18A032120E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{537320EB-4F31-4412-BF4C-773CE0DF7E4E}" = lport=2869 | protocol=6 | dir=in | app=system | "{55E74D7D-95D0-46AB-9C0B-BFD047AFA073}" = rport=137 | protocol=17 | dir=out | app=system | "{6372A4E2-935D-4A3B-93AE-A062FD3FF12D}" = lport=445 | protocol=6 | dir=in | app=system | "{8438F4C3-2107-4A1E-9FF9-1EF6536F5299}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{87915D19-C094-4EE4-B91C-E6ABE2537954}" = lport=138 | protocol=17 | dir=in | app=system | "{954CA03D-84F9-4C78-AA5D-835DA6D5D6B6}" = lport=139 | protocol=6 | dir=in | app=system | "{96A7AA11-152C-4744-B084-F268DD4AAD91}" = lport=2869 | protocol=6 | dir=in | app=system | "{9D1FD60B-DB9B-4ADB-9507-506210CCE0C9}" = rport=445 | protocol=6 | dir=out | app=system | "{A3F3B6F1-2D47-49AA-9D44-6E4EAA9E1AAE}" = rport=10243 | protocol=6 | dir=out | app=system | "{BE6EED5C-8065-48EA-BBE5-2EA75033CBEF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C88D3624-663E-4A7F-97D0-425F9C356076}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CA84AED5-95B2-4749-9DE8-FDB9723F9DCF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E21D0755-ED69-4FD6-9752-EC194C3BA77F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E7657399-FC01-4B4A-A059-2DC23F40780B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F069DF24-A601-4722-BFBE-D2827AC525A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06F3D4B9-9867-43F8-97A2-92F4D74853FF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{07EB8BCA-68B4-432B-A521-68A9289A9ECE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{0C5BDE41-EC79-4387-A926-003653D0928C}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{0F2ECAAF-98E4-4D37-A702-98C17B5316F1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{122A5391-54E3-4D56-BD37-314D9C3861D9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{1314EF02-3228-496D-A055-DD86528B60BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe | "{13F8FA52-5B54-4F3E-9DB6-81319FCB79F6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{15FF4AD3-F62F-4DA4-8741-CBF4360281B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1F53D693-C314-4B18-A594-0A68590EB987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{212E87A8-5819-4BF6-BC6C-C8DA38FAC7B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{2405FADF-76A3-486B-A203-43AE532CE49D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe | "{2BA6C6EB-C5E3-43E2-A009-308F56A75795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2C8442BA-44B5-4EF5-91FA-7278D14364B1}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{2F996F8D-4787-43B0-97FA-B35A4522555C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{31708739-C3F8-40A1-A1F7-86610AF6FC96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | "{31E8D64A-66D2-49FE-A6E4-2F3E80B02B2A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{336F315B-6EF6-4833-96C1-E60295FB62CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | "{34CA3DC9-3506-4061-9F0C-71269337B5D7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{390D10F2-8587-43F4-AC79-25C75CF88B12}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{396247E4-E6E5-422C-BD38-7C683D618A99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3A0A4AE2-036F-4BF4-AF43-4F7E858D4CD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{3BF6FCA2-7175-4C09-AA98-CF2B7D10F4EE}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{3E6B66FD-B039-40B2-9E65-77B544B796F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{401F2731-2209-48D7-B12B-F231F0C909E5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{42A1C96F-3A4A-4E04-9074-62549601DB69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{4825AC74-8AC9-4AFE-89C1-8F4E817377C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{48E55754-9A04-4290-A853-17FFBEE268BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{4E37E248-937A-4DB5-8C53-2D98829EADD7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{554FB7DC-A30F-4871-A725-052A3501C645}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | "{5BF6DE59-F78F-4335-B76A-29C6F4AD37A0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{5C930309-AABD-4C2D-AA62-D6870DF581F1}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{6138B188-1817-4C10-915C-35B3989B10B1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{65A15577-A0CF-4CE9-99E5-8E471244E6EB}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{6B6AA344-2B21-4106-83B2-7B025AA97711}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{6C7B9B9F-37C4-4231-9A2C-5D8284F6BE15}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{6CD0757B-2E11-43A2-9AC5-3D43095DAA16}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{70A5E152-5C00-495F-82CB-01E9A09A7D65}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{7153E0CA-F571-41F2-9530-E3BC21130B10}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | "{7430CD1D-1E91-4DAE-A422-234314EEDCC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{74551ADB-75AA-41E1-A6F8-EF2F647617CA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{81D0578F-6017-4478-A829-905188F3E3C6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{897217A5-CEBC-491B-9107-7492F170D34A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{914A5B3A-5EEF-40A8-9975-32AA8AF7073B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe | "{915B30B7-1664-466E-84AF-017F9FFFFAE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | "{93ECF209-D37E-4D16-91CC-55B00238681C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{95A2BC72-1F09-454F-9F5C-6E08C9533E54}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe | "{993A6890-CC90-4A46-8783-29654001D778}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{9F1033C8-96C9-4F1C-A8AD-899CF1C8EEE2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{A00108EF-1537-4EC8-B0B6-E740C1EF166D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{A064CDCE-01FD-4EA2-ABB8-3D022EBB6A54}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{A1C8D78F-662F-4C78-BD1B-77FC001AC01F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A58C4590-2BF9-4DB1-A43C-AE539276BDC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A97E69DD-677B-4218-874D-7137A5164D77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AC0B38B7-AC3A-4E5A-A32E-166F05445748}" = protocol=58 | dir=in | app=system | "{ACD19689-B098-441C-A16F-84ABD412D7A4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{AE6FB950-CBD5-4E1E-8E06-35947E488C46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | "{AF3FB95A-A093-48F9-A836-ABAE6EDCBF2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{B0C3C83E-1729-456B-A220-E52D54A557C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B36919B9-84E5-46B3-9883-55DB5418CAD9}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{B469CE5F-9B1E-4C20-9AB6-6199F9AFC2D7}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{B6F57D26-35AD-46ED-8835-28D21FCD70D1}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{BB78AB63-FA9C-4596-ACBD-3DC15F322074}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{BB8EEDB2-3670-4D2D-96F3-61143DA26CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{C03A6A7C-C78D-4D40-AFA9-F7BCD9F6A297}" = protocol=6 | dir=out | app=system | "{C2E239C3-FBEB-4120-BA14-5EB7F5FFD155}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{C751C994-D9C2-411E-A57B-4474E48B528D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D0648ACC-88BD-46A9-AF40-B6C05B4C0379}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{D69A05EA-02C4-4090-98CB-B300BAE99B29}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{DB750363-DA35-4BB8-8FB3-EC5901568197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{DE179EC6-82DB-4460-8800-50F805F62243}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{DFB4810A-F1DC-4105-A85D-594090005554}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{E1EC5BC5-AD4D-41B2-AD0B-E2C9DDE43CB5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{E33F969C-582F-4D0C-9797-D4997E35A598}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{EDA7A2CC-0BC8-494F-8DA6-77245A6F91B8}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{EF8649B1-11DB-4771-AE2B-3B0299F1AF11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | "{F290B1DB-BCEE-4C36-A0D5-EF775509ECA5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F579A7B9-8FBD-4BC5-8372-25CDA589E1BE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F694CB72-4FA9-4056-8F8A-3C9D4358CC03}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{F78FEBDF-A17A-4054-800A-D052E59196E0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{F936C584-23EF-409D-993F-7614A107DE50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{013C4AC1-64FB-46EA-9320-D34CEB65BDBC}" = AVG 2013 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety "{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4 "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441 "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003 "{90140000-006D-0413-0000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010 "{90260413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components "{90A40413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit "{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}" = Windows Live Messenger "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.3.115 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1043-7B44-A95000000001}" = Adobe Reader 9.5.1 - Nederlands "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6 "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DD92BCB0-B554-4F04-9CB1-DAB1AE81CE53}" = AVG 2013 "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EF90CC06-F94A-4456-B344-79452D0F51F4}" = IncrediMail "{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Akamai" = Akamai NetSession Interface "Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader "AVG" = AVG 2013 "BFGC" = Big Fish Games: Game Manager "BFG-Farmington Tales" = Farmington Tales "CCleaner" = CCleaner "Complitly_is1" = Complitly "DVD Decrypter" = DVD Decrypter (Remove Only) "Easy Taalcursus Spaans" = Easy Taalcursus Spaans "eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.406 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923 "Google Chrome" = Google Chrome "Hyves Desktop 2.4" = Hyves Desktop "Hyves Toolbar" = Hyves Toolbar "IncrediMail" = IncrediMail 2.0 "InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5.5 "iWinArcade" = iWin Games (remove only) "Juliette's Fashion Empire Free Trial_is1" = Juliette's Fashion Empire Free Trial "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.5 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.65.1.1000 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010 "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "Picasa 3" = Picasa 3 "Recuva" = Recuva "Sale Frenzy" = Sale Frenzy (verwijderen) "SynTPDeinstKey" = Synaptics Pointing Device Driver "WildTangent wildgames Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "WTA-64d9b810-f85c-4142-a3ec-be3ff445983e" = Live Novels Jane Austin's Pride and Prejudice "WTA-c7ca7ef2-a3ab-44ae-939a-46395d8ed57c" = House of Wonders - Kitty Kat Wedding "Zylom Games Player Plugin" = Zylom Games Player Plugin ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FoxTab PDF Creator" = FoxTab PDF Creator "Free YouTube to Mp3 Converter" = Free YouTube to Mp3 Converter ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 20-10-2012 3:09:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 3:13:15 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:44:01 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:50:36 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:58:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 6:00:22 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 6:11:25 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 21-10-2012 9:56:36 | Computer Name = riekje-PC | Source = VSS | ID = 8194 Description = Error - 21-10-2012 15:44:33 | Computer Name = riekje-PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: bfgclient.exe, versie: 3.0.1.60, tijdstempel: 0x4e4de6a7 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel: 0x4ec49b60 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0003224d Id van proces met fout: 0x16d8 Starttijd van toepassing met fout: 0x01cdafc46d61e1d6 Pad naar toepassing met fout: C:\Program Files\bfgclient\bfgclient.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: bc1d6e3e-1bb7-11e2-bdc9-001e33a1233e Error - 21-10-2012 15:57:02 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11704 Description = [ System Events ] Error - 21-10-2012 15:39:00 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 15:51:20 | Computer Name = riekje-PC | Source = EventLog | ID = 6008 Description = De vorige afsluiting van het systeem om 21:48:35 op ?21-?10-?2012 is onverwacht gebeurd. Error - 21-10-2012 15:51:25 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 15:51:47 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:37:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:39:36 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:59:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 22-10-2012 2:03:38 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 22-10-2012 2:03:42 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7023 Description = De Function Discovery Resource Publication-service is gestopt met de volgende foutcode: %%-2147014847. Error - 22-10-2012 10:10:05 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. < End of report >

Volgens mij heb ik er alles dubbel opgezet.hopelijk heb je zo alle goede dingen anders moet ik de hijjack nog eens doen.En bij de opdrachtpomp kwam steeds de melding zit niet in het systeem.

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000 www.malwarebytes.org Databaseversie: v2012.11.02.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 8.0.7601.17514 riekje :: RIEKJE-PC [administrator] Realtime bescherming: Uitgeschakeld 2-11-2012 9:22:14 mbam-log-2012-11-02 (09-56-38).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 197509 Verstreken tijd: 19 minuut/minuten, 59 seconde(n) Geheugenprocessen gedetecteerd: 1 C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 1132 -> Geen actie ondernomen. Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 17 HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Geen actie ondernomen. HKCR\TypeLib\{8830ddf0-3042-404d-a62c-384a85e34833} (PUP.Blabbers) -> Geen actie ondernomen. HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Geen actie ondernomen. HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Geen actie ondernomen. HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Geen actie ondernomen. HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Geen actie ondernomen. HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Geen actie ondernomen. HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Geen actie ondernomen. HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Geen actie ondernomen. HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Geen actie ondernomen. HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Geen actie ondernomen. HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Geen actie ondernomen. HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Geen actie ondernomen. HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Geen actie ondernomen. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Geen actie ondernomen. HKCU\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Geen actie ondernomen. Registerwaarden gedetecteerd: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Data: C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie -> Geen actie ondernomen. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 3 C:\Users\riekje\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Geen actie ondernomen. Bestanden gedetecteerd: 62 C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38d1315d0cfe6dd33f29c9a545f94053 (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38d1315d0cfe6dd33f29c9a545f94053_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aeee69848edcb080584c8630e879efda (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aeee69848edcb080584c8630e879efda_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\c20c8afdee8aca0f44f34efd75ad85a7 (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\c20c8afdee8aca0f44f34efd75ad85a7_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f254e56f8c066ef3bf0783e046dc7ecd (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f254e56f8c066ef3bf0783e046dc7ecd_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fb348dd30bf6edae1f50a9726091317f (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fb348dd30bf6edae1f50a9726091317f_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e797b807b4545245d85048f0398296a9 (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e797b807b4545245d85048f0398296a9_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6f8b3140943075f95ae0c74c1a13b752_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\7c7286eb62db29577cb0a83609846adc (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\7c7286eb62db29577cb0a83609846adc_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\924d47e6f7775d82becea30059272aae (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\924d47e6f7775d82becea30059272aae_expire (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_NL (PUP.Blabbers) -> Geen actie ondernomen. C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Geen actie ondernomen. (einde) - - - Updated - - - OTL Extras logfile created on: 22-10-2012 21:45:35 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\riekje\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 2,87 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 61,97% Memory free 5,74 Gb Paging File | 4,33 Gb Available in Paging File | 75,41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 79,12 Gb Total Space | 18,19 Gb Free Space | 22,99% Space Free | Partition Type: NTFS Drive D: | 116,29 Gb Total Space | 108,40 Gb Free Space | 93,22% Space Free | Partition Type: NTFS Drive E: | 36,01 Gb Total Space | 29,86 Gb Free Space | 82,93% Space Free | Partition Type: NTFS Computer Name: RIEKJE-PC | User Name: riekje | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{046681BF-CC00-43A6-BF2D-A55C2297ED85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0975F42D-7224-4A5E-BFF2-72D6D476C35A}" = lport=10243 | protocol=6 | dir=in | app=system | "{0F5DA6A1-3F31-4321-86BB-475DCB6298CD}" = rport=139 | protocol=6 | dir=out | app=system | "{10B7CD4B-EEC8-4AA6-98EA-146DE7B99CE7}" = lport=137 | protocol=17 | dir=in | app=system | "{23E99662-42B3-43FD-AE06-AC614E9325DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3030BA0B-F1C6-4F4F-8211-6E6F74BE63AE}" = rport=138 | protocol=17 | dir=out | app=system | "{314B241B-6EEC-446B-B37F-9EC3756F32DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{32FFE1B9-F3BD-4B7B-9053-57C1524E3607}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{466C1F0D-B6DE-44D3-8360-B85CCCB83114}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{5327CB8E-D58E-4984-9021-6F18A032120E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{537320EB-4F31-4412-BF4C-773CE0DF7E4E}" = lport=2869 | protocol=6 | dir=in | app=system | "{55E74D7D-95D0-46AB-9C0B-BFD047AFA073}" = rport=137 | protocol=17 | dir=out | app=system | "{6372A4E2-935D-4A3B-93AE-A062FD3FF12D}" = lport=445 | protocol=6 | dir=in | app=system | "{8438F4C3-2107-4A1E-9FF9-1EF6536F5299}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{87915D19-C094-4EE4-B91C-E6ABE2537954}" = lport=138 | protocol=17 | dir=in | app=system | "{954CA03D-84F9-4C78-AA5D-835DA6D5D6B6}" = lport=139 | protocol=6 | dir=in | app=system | "{96A7AA11-152C-4744-B084-F268DD4AAD91}" = lport=2869 | protocol=6 | dir=in | app=system | "{9D1FD60B-DB9B-4ADB-9507-506210CCE0C9}" = rport=445 | protocol=6 | dir=out | app=system | "{A3F3B6F1-2D47-49AA-9D44-6E4EAA9E1AAE}" = rport=10243 | protocol=6 | dir=out | app=system | "{BE6EED5C-8065-48EA-BBE5-2EA75033CBEF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C88D3624-663E-4A7F-97D0-425F9C356076}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CA84AED5-95B2-4749-9DE8-FDB9723F9DCF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E21D0755-ED69-4FD6-9752-EC194C3BA77F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E7657399-FC01-4B4A-A059-2DC23F40780B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F069DF24-A601-4722-BFBE-D2827AC525A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06F3D4B9-9867-43F8-97A2-92F4D74853FF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{07EB8BCA-68B4-432B-A521-68A9289A9ECE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{0C5BDE41-EC79-4387-A926-003653D0928C}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{0F2ECAAF-98E4-4D37-A702-98C17B5316F1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{122A5391-54E3-4D56-BD37-314D9C3861D9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{1314EF02-3228-496D-A055-DD86528B60BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe | "{13F8FA52-5B54-4F3E-9DB6-81319FCB79F6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{15FF4AD3-F62F-4DA4-8741-CBF4360281B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1F53D693-C314-4B18-A594-0A68590EB987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{212E87A8-5819-4BF6-BC6C-C8DA38FAC7B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{2405FADF-76A3-486B-A203-43AE532CE49D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe | "{2BA6C6EB-C5E3-43E2-A009-308F56A75795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2C8442BA-44B5-4EF5-91FA-7278D14364B1}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{2F996F8D-4787-43B0-97FA-B35A4522555C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{31708739-C3F8-40A1-A1F7-86610AF6FC96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | "{31E8D64A-66D2-49FE-A6E4-2F3E80B02B2A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{336F315B-6EF6-4833-96C1-E60295FB62CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | "{34CA3DC9-3506-4061-9F0C-71269337B5D7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{390D10F2-8587-43F4-AC79-25C75CF88B12}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{396247E4-E6E5-422C-BD38-7C683D618A99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3A0A4AE2-036F-4BF4-AF43-4F7E858D4CD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{3BF6FCA2-7175-4C09-AA98-CF2B7D10F4EE}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{3E6B66FD-B039-40B2-9E65-77B544B796F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{401F2731-2209-48D7-B12B-F231F0C909E5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{42A1C96F-3A4A-4E04-9074-62549601DB69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{4825AC74-8AC9-4AFE-89C1-8F4E817377C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{48E55754-9A04-4290-A853-17FFBEE268BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{4E37E248-937A-4DB5-8C53-2D98829EADD7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{554FB7DC-A30F-4871-A725-052A3501C645}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | "{5BF6DE59-F78F-4335-B76A-29C6F4AD37A0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{5C930309-AABD-4C2D-AA62-D6870DF581F1}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{6138B188-1817-4C10-915C-35B3989B10B1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{65A15577-A0CF-4CE9-99E5-8E471244E6EB}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{6B6AA344-2B21-4106-83B2-7B025AA97711}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{6C7B9B9F-37C4-4231-9A2C-5D8284F6BE15}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{6CD0757B-2E11-43A2-9AC5-3D43095DAA16}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{70A5E152-5C00-495F-82CB-01E9A09A7D65}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{7153E0CA-F571-41F2-9530-E3BC21130B10}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | "{7430CD1D-1E91-4DAE-A422-234314EEDCC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{74551ADB-75AA-41E1-A6F8-EF2F647617CA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{81D0578F-6017-4478-A829-905188F3E3C6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{897217A5-CEBC-491B-9107-7492F170D34A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{914A5B3A-5EEF-40A8-9975-32AA8AF7073B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe | "{915B30B7-1664-466E-84AF-017F9FFFFAE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | "{93ECF209-D37E-4D16-91CC-55B00238681C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{95A2BC72-1F09-454F-9F5C-6E08C9533E54}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe | "{993A6890-CC90-4A46-8783-29654001D778}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{9F1033C8-96C9-4F1C-A8AD-899CF1C8EEE2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{A00108EF-1537-4EC8-B0B6-E740C1EF166D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{A064CDCE-01FD-4EA2-ABB8-3D022EBB6A54}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{A1C8D78F-662F-4C78-BD1B-77FC001AC01F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A58C4590-2BF9-4DB1-A43C-AE539276BDC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A97E69DD-677B-4218-874D-7137A5164D77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AC0B38B7-AC3A-4E5A-A32E-166F05445748}" = protocol=58 | dir=in | app=system | "{ACD19689-B098-441C-A16F-84ABD412D7A4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{AE6FB950-CBD5-4E1E-8E06-35947E488C46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | "{AF3FB95A-A093-48F9-A836-ABAE6EDCBF2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{B0C3C83E-1729-456B-A220-E52D54A557C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B36919B9-84E5-46B3-9883-55DB5418CAD9}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{B469CE5F-9B1E-4C20-9AB6-6199F9AFC2D7}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{B6F57D26-35AD-46ED-8835-28D21FCD70D1}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{BB78AB63-FA9C-4596-ACBD-3DC15F322074}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{BB8EEDB2-3670-4D2D-96F3-61143DA26CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{C03A6A7C-C78D-4D40-AFA9-F7BCD9F6A297}" = protocol=6 | dir=out | app=system | "{C2E239C3-FBEB-4120-BA14-5EB7F5FFD155}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{C751C994-D9C2-411E-A57B-4474E48B528D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D0648ACC-88BD-46A9-AF40-B6C05B4C0379}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{D69A05EA-02C4-4090-98CB-B300BAE99B29}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{DB750363-DA35-4BB8-8FB3-EC5901568197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{DE179EC6-82DB-4460-8800-50F805F62243}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{DFB4810A-F1DC-4105-A85D-594090005554}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{E1EC5BC5-AD4D-41B2-AD0B-E2C9DDE43CB5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{E33F969C-582F-4D0C-9797-D4997E35A598}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{EDA7A2CC-0BC8-494F-8DA6-77245A6F91B8}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{EF8649B1-11DB-4771-AE2B-3B0299F1AF11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | "{F290B1DB-BCEE-4C36-A0D5-EF775509ECA5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F579A7B9-8FBD-4BC5-8372-25CDA589E1BE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F694CB72-4FA9-4056-8F8A-3C9D4358CC03}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{F78FEBDF-A17A-4054-800A-D052E59196E0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{F936C584-23EF-409D-993F-7614A107DE50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{013C4AC1-64FB-46EA-9320-D34CEB65BDBC}" = AVG 2013 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety "{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4 "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441 "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003 "{90140000-006D-0413-0000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010 "{90260413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components "{90A40413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit "{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}" = Windows Live Messenger "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.3.115 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1043-7B44-A95000000001}" = Adobe Reader 9.5.1 - Nederlands "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6 "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DD92BCB0-B554-4F04-9CB1-DAB1AE81CE53}" = AVG 2013 "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EF90CC06-F94A-4456-B344-79452D0F51F4}" = IncrediMail "{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Akamai" = Akamai NetSession Interface "Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader "AVG" = AVG 2013 "BFGC" = Big Fish Games: Game Manager "BFG-Farmington Tales" = Farmington Tales "CCleaner" = CCleaner "Complitly_is1" = Complitly "DVD Decrypter" = DVD Decrypter (Remove Only) "Easy Taalcursus Spaans" = Easy Taalcursus Spaans "eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.406 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923 "Google Chrome" = Google Chrome "Hyves Desktop 2.4" = Hyves Desktop "Hyves Toolbar" = Hyves Toolbar "IncrediMail" = IncrediMail 2.0 "InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5.5 "iWinArcade" = iWin Games (remove only) "Juliette's Fashion Empire Free Trial_is1" = Juliette's Fashion Empire Free Trial "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.5 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.65.1.1000 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010 "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "Picasa 3" = Picasa 3 "Recuva" = Recuva "Sale Frenzy" = Sale Frenzy (verwijderen) "SynTPDeinstKey" = Synaptics Pointing Device Driver "WildTangent wildgames Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "WTA-64d9b810-f85c-4142-a3ec-be3ff445983e" = Live Novels Jane Austin's Pride and Prejudice "WTA-c7ca7ef2-a3ab-44ae-939a-46395d8ed57c" = House of Wonders - Kitty Kat Wedding "Zylom Games Player Plugin" = Zylom Games Player Plugin ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FoxTab PDF Creator" = FoxTab PDF Creator "Free YouTube to Mp3 Converter" = Free YouTube to Mp3 Converter ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 20-10-2012 3:09:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 3:13:15 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:44:01 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:50:36 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:58:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 6:00:22 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 6:11:25 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 21-10-2012 9:56:36 | Computer Name = riekje-PC | Source = VSS | ID = 8194 Description = Error - 21-10-2012 15:44:33 | Computer Name = riekje-PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: bfgclient.exe, versie: 3.0.1.60, tijdstempel: 0x4e4de6a7 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel: 0x4ec49b60 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0003224d Id van proces met fout: 0x16d8 Starttijd van toepassing met fout: 0x01cdafc46d61e1d6 Pad naar toepassing met fout: C:\Program Files\bfgclient\bfgclient.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: bc1d6e3e-1bb7-11e2-bdc9-001e33a1233e Error - 21-10-2012 15:57:02 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11704 Description = [ System Events ] Error - 21-10-2012 15:39:00 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 15:51:20 | Computer Name = riekje-PC | Source = EventLog | ID = 6008 Description = De vorige afsluiting van het systeem om 21:48:35 op ?21-?10-?2012 is onverwacht gebeurd. Error - 21-10-2012 15:51:25 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 15:51:47 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:37:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:39:36 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:59:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 22-10-2012 2:03:38 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 22-10-2012 2:03:42 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7023 Description = De Function Discovery Resource Publication-service is gestopt met de volgende foutcode: %%-2147014847. Error - 22-10-2012 10:10:05 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. < End of report > - - - Updated - - - OTL Extras logfile created on: 22-10-2012 21:45:35 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\riekje\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 2,87 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 61,97% Memory free 5,74 Gb Paging File | 4,33 Gb Available in Paging File | 75,41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 79,12 Gb Total Space | 18,19 Gb Free Space | 22,99% Space Free | Partition Type: NTFS Drive D: | 116,29 Gb Total Space | 108,40 Gb Free Space | 93,22% Space Free | Partition Type: NTFS Drive E: | 36,01 Gb Total Space | 29,86 Gb Free Space | 82,93% Space Free | Partition Type: NTFS Computer Name: RIEKJE-PC | User Name: riekje | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{046681BF-CC00-43A6-BF2D-A55C2297ED85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0975F42D-7224-4A5E-BFF2-72D6D476C35A}" = lport=10243 | protocol=6 | dir=in | app=system | "{0F5DA6A1-3F31-4321-86BB-475DCB6298CD}" = rport=139 | protocol=6 | dir=out | app=system | "{10B7CD4B-EEC8-4AA6-98EA-146DE7B99CE7}" = lport=137 | protocol=17 | dir=in | app=system | "{23E99662-42B3-43FD-AE06-AC614E9325DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3030BA0B-F1C6-4F4F-8211-6E6F74BE63AE}" = rport=138 | protocol=17 | dir=out | app=system | "{314B241B-6EEC-446B-B37F-9EC3756F32DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{32FFE1B9-F3BD-4B7B-9053-57C1524E3607}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{466C1F0D-B6DE-44D3-8360-B85CCCB83114}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{5327CB8E-D58E-4984-9021-6F18A032120E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{537320EB-4F31-4412-BF4C-773CE0DF7E4E}" = lport=2869 | protocol=6 | dir=in | app=system | "{55E74D7D-95D0-46AB-9C0B-BFD047AFA073}" = rport=137 | protocol=17 | dir=out | app=system | "{6372A4E2-935D-4A3B-93AE-A062FD3FF12D}" = lport=445 | protocol=6 | dir=in | app=system | "{8438F4C3-2107-4A1E-9FF9-1EF6536F5299}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{87915D19-C094-4EE4-B91C-E6ABE2537954}" = lport=138 | protocol=17 | dir=in | app=system | "{954CA03D-84F9-4C78-AA5D-835DA6D5D6B6}" = lport=139 | protocol=6 | dir=in | app=system | "{96A7AA11-152C-4744-B084-F268DD4AAD91}" = lport=2869 | protocol=6 | dir=in | app=system | "{9D1FD60B-DB9B-4ADB-9507-506210CCE0C9}" = rport=445 | protocol=6 | dir=out | app=system | "{A3F3B6F1-2D47-49AA-9D44-6E4EAA9E1AAE}" = rport=10243 | protocol=6 | dir=out | app=system | "{BE6EED5C-8065-48EA-BBE5-2EA75033CBEF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C88D3624-663E-4A7F-97D0-425F9C356076}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{CA84AED5-95B2-4749-9DE8-FDB9723F9DCF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E21D0755-ED69-4FD6-9752-EC194C3BA77F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{E7657399-FC01-4B4A-A059-2DC23F40780B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F069DF24-A601-4722-BFBE-D2827AC525A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06F3D4B9-9867-43F8-97A2-92F4D74853FF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{07EB8BCA-68B4-432B-A521-68A9289A9ECE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{0C5BDE41-EC79-4387-A926-003653D0928C}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{0F2ECAAF-98E4-4D37-A702-98C17B5316F1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{122A5391-54E3-4D56-BD37-314D9C3861D9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{1314EF02-3228-496D-A055-DD86528B60BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe | "{13F8FA52-5B54-4F3E-9DB6-81319FCB79F6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{15FF4AD3-F62F-4DA4-8741-CBF4360281B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1F53D693-C314-4B18-A594-0A68590EB987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{212E87A8-5819-4BF6-BC6C-C8DA38FAC7B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{2405FADF-76A3-486B-A203-43AE532CE49D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe | "{2BA6C6EB-C5E3-43E2-A009-308F56A75795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2C8442BA-44B5-4EF5-91FA-7278D14364B1}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{2F996F8D-4787-43B0-97FA-B35A4522555C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{31708739-C3F8-40A1-A1F7-86610AF6FC96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | "{31E8D64A-66D2-49FE-A6E4-2F3E80B02B2A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{336F315B-6EF6-4833-96C1-E60295FB62CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | "{34CA3DC9-3506-4061-9F0C-71269337B5D7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{390D10F2-8587-43F4-AC79-25C75CF88B12}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{396247E4-E6E5-422C-BD38-7C683D618A99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3A0A4AE2-036F-4BF4-AF43-4F7E858D4CD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{3BF6FCA2-7175-4C09-AA98-CF2B7D10F4EE}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{3E6B66FD-B039-40B2-9E65-77B544B796F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{401F2731-2209-48D7-B12B-F231F0C909E5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{42A1C96F-3A4A-4E04-9074-62549601DB69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{4825AC74-8AC9-4AFE-89C1-8F4E817377C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{48E55754-9A04-4290-A853-17FFBEE268BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{4E37E248-937A-4DB5-8C53-2D98829EADD7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{554FB7DC-A30F-4871-A725-052A3501C645}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | "{5BF6DE59-F78F-4335-B76A-29C6F4AD37A0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{5C930309-AABD-4C2D-AA62-D6870DF581F1}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{6138B188-1817-4C10-915C-35B3989B10B1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{65A15577-A0CF-4CE9-99E5-8E471244E6EB}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{6B6AA344-2B21-4106-83B2-7B025AA97711}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe | "{6C7B9B9F-37C4-4231-9A2C-5D8284F6BE15}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{6CD0757B-2E11-43A2-9AC5-3D43095DAA16}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{70A5E152-5C00-495F-82CB-01E9A09A7D65}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{7153E0CA-F571-41F2-9530-E3BC21130B10}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | "{7430CD1D-1E91-4DAE-A422-234314EEDCC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{74551ADB-75AA-41E1-A6F8-EF2F647617CA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{81D0578F-6017-4478-A829-905188F3E3C6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{897217A5-CEBC-491B-9107-7492F170D34A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe | "{914A5B3A-5EEF-40A8-9975-32AA8AF7073B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe | "{915B30B7-1664-466E-84AF-017F9FFFFAE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | "{93ECF209-D37E-4D16-91CC-55B00238681C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{95A2BC72-1F09-454F-9F5C-6E08C9533E54}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe | "{993A6890-CC90-4A46-8783-29654001D778}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe | "{9F1033C8-96C9-4F1C-A8AD-899CF1C8EEE2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{A00108EF-1537-4EC8-B0B6-E740C1EF166D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{A064CDCE-01FD-4EA2-ABB8-3D022EBB6A54}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe | "{A1C8D78F-662F-4C78-BD1B-77FC001AC01F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A58C4590-2BF9-4DB1-A43C-AE539276BDC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A97E69DD-677B-4218-874D-7137A5164D77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{AC0B38B7-AC3A-4E5A-A32E-166F05445748}" = protocol=58 | dir=in | app=system | "{ACD19689-B098-441C-A16F-84ABD412D7A4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{AE6FB950-CBD5-4E1E-8E06-35947E488C46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | "{AF3FB95A-A093-48F9-A836-ABAE6EDCBF2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{B0C3C83E-1729-456B-A220-E52D54A557C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B36919B9-84E5-46B3-9883-55DB5418CAD9}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{B469CE5F-9B1E-4C20-9AB6-6199F9AFC2D7}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{B6F57D26-35AD-46ED-8835-28D21FCD70D1}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{BB78AB63-FA9C-4596-ACBD-3DC15F322074}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{BB8EEDB2-3670-4D2D-96F3-61143DA26CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{C03A6A7C-C78D-4D40-AFA9-F7BCD9F6A297}" = protocol=6 | dir=out | app=system | "{C2E239C3-FBEB-4120-BA14-5EB7F5FFD155}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | "{C751C994-D9C2-411E-A57B-4474E48B528D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D0648ACC-88BD-46A9-AF40-B6C05B4C0379}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | "{D69A05EA-02C4-4090-98CB-B300BAE99B29}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe | "{DB750363-DA35-4BB8-8FB3-EC5901568197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{DE179EC6-82DB-4460-8800-50F805F62243}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe | "{DFB4810A-F1DC-4105-A85D-594090005554}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe | "{E1EC5BC5-AD4D-41B2-AD0B-E2C9DDE43CB5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{E33F969C-582F-4D0C-9797-D4997E35A598}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe | "{EDA7A2CC-0BC8-494F-8DA6-77245A6F91B8}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe | "{EF8649B1-11DB-4771-AE2B-3B0299F1AF11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | "{F290B1DB-BCEE-4C36-A0D5-EF775509ECA5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F579A7B9-8FBD-4BC5-8372-25CDA589E1BE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F694CB72-4FA9-4056-8F8A-3C9D4358CC03}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{F78FEBDF-A17A-4054-800A-D052E59196E0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{F936C584-23EF-409D-993F-7614A107DE50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{013C4AC1-64FB-46EA-9320-D34CEB65BDBC}" = AVG 2013 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety "{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4 "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441 "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly "{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003 "{90140000-006D-0413-0000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010 "{90260413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components "{90A40413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit "{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}" = Windows Live Messenger "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.3.115 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1043-7B44-A95000000001}" = Adobe Reader 9.5.1 - Nederlands "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6 "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DD92BCB0-B554-4F04-9CB1-DAB1AE81CE53}" = AVG 2013 "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EF90CC06-F94A-4456-B344-79452D0F51F4}" = IncrediMail "{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Akamai" = Akamai NetSession Interface "Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader "AVG" = AVG 2013 "BFGC" = Big Fish Games: Game Manager "BFG-Farmington Tales" = Farmington Tales "CCleaner" = CCleaner "Complitly_is1" = Complitly "DVD Decrypter" = DVD Decrypter (Remove Only) "Easy Taalcursus Spaans" = Easy Taalcursus Spaans "eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.406 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923 "Google Chrome" = Google Chrome "Hyves Desktop 2.4" = Hyves Desktop "Hyves Toolbar" = Hyves Toolbar "IncrediMail" = IncrediMail 2.0 "InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5.5 "iWinArcade" = iWin Games (remove only) "Juliette's Fashion Empire Free Trial_is1" = Juliette's Fashion Empire Free Trial "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.5 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.65.1.1000 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010 "Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator "Picasa 3" = Picasa 3 "Recuva" = Recuva "Sale Frenzy" = Sale Frenzy (verwijderen) "SynTPDeinstKey" = Synaptics Pointing Device Driver "WildTangent wildgames Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "WTA-64d9b810-f85c-4142-a3ec-be3ff445983e" = Live Novels Jane Austin's Pride and Prejudice "WTA-c7ca7ef2-a3ab-44ae-939a-46395d8ed57c" = House of Wonders - Kitty Kat Wedding "Zylom Games Player Plugin" = Zylom Games Player Plugin ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FoxTab PDF Creator" = FoxTab PDF Creator "Free YouTube to Mp3 Converter" = Free YouTube to Mp3 Converter ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 20-10-2012 3:09:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 3:13:15 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:44:01 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:50:36 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 5:58:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 6:00:22 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 20-10-2012 6:11:25 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706 Description = Error - 21-10-2012 9:56:36 | Computer Name = riekje-PC | Source = VSS | ID = 8194 Description = Error - 21-10-2012 15:44:33 | Computer Name = riekje-PC | Source = Application Error | ID = 1000 Description = Naam van toepassing met fout: bfgclient.exe, versie: 3.0.1.60, tijdstempel: 0x4e4de6a7 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel: 0x4ec49b60 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0003224d Id van proces met fout: 0x16d8 Starttijd van toepassing met fout: 0x01cdafc46d61e1d6 Pad naar toepassing met fout: C:\Program Files\bfgclient\bfgclient.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: bc1d6e3e-1bb7-11e2-bdc9-001e33a1233e Error - 21-10-2012 15:57:02 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11704 Description = [ System Events ] Error - 21-10-2012 15:39:00 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 15:51:20 | Computer Name = riekje-PC | Source = EventLog | ID = 6008 Description = De vorige afsluiting van het systeem om 21:48:35 op ?21-?10-?2012 is onverwacht gebeurd. Error - 21-10-2012 15:51:25 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 15:51:47 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:37:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:39:36 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 21-10-2012 16:59:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 22-10-2012 2:03:38 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. Error - 22-10-2012 2:03:42 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7023 Description = De Function Discovery Resource Publication-service is gestopt met de volgende foutcode: %%-2147014847. Error - 22-10-2012 10:10:05 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006 Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: %%5. < End of report >

Ik hoop dat dit het is,wat werkt het trouwens geweldig in deze modus,super snel en geen irritante meldingen.

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:51:46, on 1-11-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe C:\Windows\helppane.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Program Files\IncrediMail\Bin\ImApp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\riekje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N315RRQL \HijackThis[2].exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search? affID=110824&tt=161012_lehcoz_4212_2&babsrc=HP_ss&mntrId=528134290000000000000624d2281f9b R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Homepage} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file) R3 - URLSearchHook: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - (no file) R3 - URLSearchHook: (no name) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - (no file) R3 - URLSearchHook: (no name) - {f92a9fe4-2850-4198-b9d5-279880e49b16} - (no file) R3 - URLSearchHook: Hyves Toolbar - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files \Hyves\prxtbHyv0.dll R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) O2 - BHO: AC-Pro - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\riekje\AppData\Roaming \Complitly\AutocompletePro.dll O2 - BHO: Hyves - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves\prxtbHyv0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games \iWinGamesHookIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file) O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon \Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly \DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files \Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files \AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll O3 - Toolbar: Hyves Toolbar - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves \prxtbHyv0.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google \Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader \Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support \APSDaemon.exe" O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKCU\..\Run: [Facebook Update] "C:\Users\riekje\AppData\Local\Facebook\Update \FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Facebook Messenger.lnk = riekje\AppData\Local\Facebook\Messenger \2.1.4651.0\FacebookMessenger.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C: \PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows \system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C: \PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\riekje\AppData\Roaming \DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files \Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon- Pro\Utils\BabylonIEPI.dll/Action.htm O8 - Extra context menu item: Zoek op het web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer \WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer \WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5- B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live \wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live \wlidnsp.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Little%20Shop %20of%20Treasures%202/Images/stg_drm.ocx O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program %20Files/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/armhelper.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live \Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Amazon Download Agent - Amazon.com - C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar \ToolbarBroker.exe (file missing) O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG \AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG \AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG \AVG2013\avgwdsvc.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service \Boonty.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C: \Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files \Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google \Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files \Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iWinTrusted - iWin Inc. - C:\Program Files\iWin Games\iWinTrusted.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib \NMIndexingService.exe (file missing) O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C: \Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant \ExtensionUpdaterService.exe -- End of file - 12469 bytes

Hij vertikt het en downlod niet ,zal het morgen eens proberen. Je hoort het wel ga eerst ff lekkerslapen Weltrusten.

Hij zegt doe het zelf, maar ik doe het niet.

P.c geeft aan dat hijack this onveilig is .

Sinds een anderhalve week krijg ik bij elke handeling ongeldige installatie copie te zien,heb al systeemherstel gedaan,verschillende virus scanners p.c. bevat nul virussen,maar hoe kom ik van dit vervelende probleem af.