Ongeldige installatiekopie

[kape]

Ga naar Start - Alle programma's - Bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor “uitvoeren als administrator” om het opdrachtprompt te openen.

Tik in: sc stop “Boonty Games”en druk op Enter.

Tik in: sc delete “Boonty Games” en druk op Enter.

Tik in: sc stop BOONTY en druk op Enter.

Tik in: sc delete BOONTY en druk op Enter.

Tik in: sc stop iWinTrusted en druk op Enter.

Tik in: sc delete iWinTrusted en druk op Enter.

Tik in: sc stop “Web Assistant Updater” en druk op Enter.

Tik in: sc delete “Web Assistant Updater” en druk op Enter.

Tik in exit en druk Enter.

Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search?

affID=110824&tt=161012_lehcoz_4212_2&babsrc=HP_ss&mntrId=528134290000000000000624d2281f9b

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

Homepage}

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file)

R3 - URLSearchHook: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - (no file)

R3 - URLSearchHook: (no name) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - (no file)

R3 - URLSearchHook: (no name) - {f92a9fe4-2850-4198-b9d5-279880e49b16} - (no file)

R3 - URLSearchHook: Hyves Toolbar - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files

\Hyves\prxtbHyv0.dll

R3 - URLSearchHook: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)

O2 - BHO: AC-Pro - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\riekje\AppData\Roaming \Complitly\AutocompletePro.dll

O2 - BHO: Hyves - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves\prxtbHyv0.dll

O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)

O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly

\DealPlyIE.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files

\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll

O3 - Toolbar: Hyves Toolbar - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves

\prxtbHyv0.dll

O4 - HKLM\..\Run: [browser companion helper] C:\Program Files\BrowserCompanion\BCHelper.exe /T=3/CHI=ibgfbdggapddbjjbopabhlhianklajie

O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\riekje\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files

\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm

O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-

Pro\Utils\BabylonIEPI.dll/Action.htm

O8 - Extra context menu item: Zoek op het web - C:\Program Files\SweetIM\Toolbars\Internet

Explorer\resources\menuext.html

O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}

- C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-

B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Little%20Shop

%20of%20Treasures%202/Images/stg_drm.ocx

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program

%20Files/Vacation%20Quest%20-%20The%20Hawaiian%20Islands/Images/armhelper.ocx

O20 - AppInit_DLLs: c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

[Riekje]

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000

www.malwarebytes.org

Databaseversie: v2012.11.02.05

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 8.0.7601.17514

riekje :: RIEKJE-PC [administrator]

Realtime bescherming: Uitgeschakeld

2-11-2012 9:22:14

mbam-log-2012-11-02 (09-56-38).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 197509

Verstreken tijd: 19 minuut/minuten, 59 seconde(n)

Geheugenprocessen gedetecteerd: 1

C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 1132 -> Geen actie ondernomen.

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 17

HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\TypeLib\{8830ddf0-3042-404d-a62c-384a85e34833} (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Geen actie ondernomen.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Geen actie ondernomen.

HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Geen actie ondernomen.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Geen actie ondernomen.

HKCU\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Geen actie ondernomen.

Registerwaarden gedetecteerd: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Data: C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie -> Geen actie ondernomen.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 3

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Geen actie ondernomen.

Bestanden gedetecteerd: 62

C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38d1315d0cfe6dd33f29c9a545f94053 (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38d1315d0cfe6dd33f29c9a545f94053_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aeee69848edcb080584c8630e879efda (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aeee69848edcb080584c8630e879efda_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\c20c8afdee8aca0f44f34efd75ad85a7 (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\c20c8afdee8aca0f44f34efd75ad85a7_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f254e56f8c066ef3bf0783e046dc7ecd (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f254e56f8c066ef3bf0783e046dc7ecd_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fb348dd30bf6edae1f50a9726091317f (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fb348dd30bf6edae1f50a9726091317f_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e797b807b4545245d85048f0398296a9 (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e797b807b4545245d85048f0398296a9_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6f8b3140943075f95ae0c74c1a13b752_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\7c7286eb62db29577cb0a83609846adc (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\7c7286eb62db29577cb0a83609846adc_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\924d47e6f7775d82becea30059272aae (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\924d47e6f7775d82becea30059272aae_expire (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_NL (PUP.Blabbers) -> Geen actie ondernomen.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Geen actie ondernomen.

(einde)

- - - Updated - - -

OTL Extras logfile created on: 22-10-2012 21:45:35 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\riekje\Desktop

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,87 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 61,97% Memory free

5,74 Gb Paging File | 4,33 Gb Available in Paging File | 75,41% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 79,12 Gb Total Space | 18,19 Gb Free Space | 22,99% Space Free | Partition Type: NTFS

Drive D: | 116,29 Gb Total Space | 108,40 Gb Free Space | 93,22% Space Free | Partition Type: NTFS

Drive E: | 36,01 Gb Total Space | 29,86 Gb Free Space | 82,93% Space Free | Partition Type: NTFS

Computer Name: RIEKJE-PC | User Name: riekje | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{046681BF-CC00-43A6-BF2D-A55C2297ED85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{0975F42D-7224-4A5E-BFF2-72D6D476C35A}" = lport=10243 | protocol=6 | dir=in | app=system |

"{0F5DA6A1-3F31-4321-86BB-475DCB6298CD}" = rport=139 | protocol=6 | dir=out | app=system |

"{10B7CD4B-EEC8-4AA6-98EA-146DE7B99CE7}" = lport=137 | protocol=17 | dir=in | app=system |

"{23E99662-42B3-43FD-AE06-AC614E9325DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{3030BA0B-F1C6-4F4F-8211-6E6F74BE63AE}" = rport=138 | protocol=17 | dir=out | app=system |

"{314B241B-6EEC-446B-B37F-9EC3756F32DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{32FFE1B9-F3BD-4B7B-9053-57C1524E3607}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{466C1F0D-B6DE-44D3-8360-B85CCCB83114}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{5327CB8E-D58E-4984-9021-6F18A032120E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{537320EB-4F31-4412-BF4C-773CE0DF7E4E}" = lport=2869 | protocol=6 | dir=in | app=system |

"{55E74D7D-95D0-46AB-9C0B-BFD047AFA073}" = rport=137 | protocol=17 | dir=out | app=system |

"{6372A4E2-935D-4A3B-93AE-A062FD3FF12D}" = lport=445 | protocol=6 | dir=in | app=system |

"{8438F4C3-2107-4A1E-9FF9-1EF6536F5299}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{87915D19-C094-4EE4-B91C-E6ABE2537954}" = lport=138 | protocol=17 | dir=in | app=system |

"{954CA03D-84F9-4C78-AA5D-835DA6D5D6B6}" = lport=139 | protocol=6 | dir=in | app=system |

"{96A7AA11-152C-4744-B084-F268DD4AAD91}" = lport=2869 | protocol=6 | dir=in | app=system |

"{9D1FD60B-DB9B-4ADB-9507-506210CCE0C9}" = rport=445 | protocol=6 | dir=out | app=system |

"{A3F3B6F1-2D47-49AA-9D44-6E4EAA9E1AAE}" = rport=10243 | protocol=6 | dir=out | app=system |

"{BE6EED5C-8065-48EA-BBE5-2EA75033CBEF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{C88D3624-663E-4A7F-97D0-425F9C356076}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{CA84AED5-95B2-4749-9DE8-FDB9723F9DCF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{E21D0755-ED69-4FD6-9752-EC194C3BA77F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{E7657399-FC01-4B4A-A059-2DC23F40780B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{F069DF24-A601-4722-BFBE-D2827AC525A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06F3D4B9-9867-43F8-97A2-92F4D74853FF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{07EB8BCA-68B4-432B-A521-68A9289A9ECE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |

"{0C5BDE41-EC79-4387-A926-003653D0928C}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{0F2ECAAF-98E4-4D37-A702-98C17B5316F1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{122A5391-54E3-4D56-BD37-314D9C3861D9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |

"{1314EF02-3228-496D-A055-DD86528B60BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |

"{13F8FA52-5B54-4F3E-9DB6-81319FCB79F6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{15FF4AD3-F62F-4DA4-8741-CBF4360281B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{1F53D693-C314-4B18-A594-0A68590EB987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |

"{212E87A8-5819-4BF6-BC6C-C8DA38FAC7B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |

"{2405FADF-76A3-486B-A203-43AE532CE49D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe |

"{2BA6C6EB-C5E3-43E2-A009-308F56A75795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{2C8442BA-44B5-4EF5-91FA-7278D14364B1}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{2F996F8D-4787-43B0-97FA-B35A4522555C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{31708739-C3F8-40A1-A1F7-86610AF6FC96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |

"{31E8D64A-66D2-49FE-A6E4-2F3E80B02B2A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |

"{336F315B-6EF6-4833-96C1-E60295FB62CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |

"{34CA3DC9-3506-4061-9F0C-71269337B5D7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{390D10F2-8587-43F4-AC79-25C75CF88B12}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |

"{396247E4-E6E5-422C-BD38-7C683D618A99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{3A0A4AE2-036F-4BF4-AF43-4F7E858D4CD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{3BF6FCA2-7175-4C09-AA98-CF2B7D10F4EE}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{3E6B66FD-B039-40B2-9E65-77B544B796F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{401F2731-2209-48D7-B12B-F231F0C909E5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |

"{42A1C96F-3A4A-4E04-9074-62549601DB69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |

"{4825AC74-8AC9-4AFE-89C1-8F4E817377C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{48E55754-9A04-4290-A853-17FFBEE268BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |

"{4E37E248-937A-4DB5-8C53-2D98829EADD7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{554FB7DC-A30F-4871-A725-052A3501C645}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |

"{5BF6DE59-F78F-4335-B76A-29C6F4AD37A0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{5C930309-AABD-4C2D-AA62-D6870DF581F1}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{6138B188-1817-4C10-915C-35B3989B10B1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |

"{65A15577-A0CF-4CE9-99E5-8E471244E6EB}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{6B6AA344-2B21-4106-83B2-7B025AA97711}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{6C7B9B9F-37C4-4231-9A2C-5D8284F6BE15}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{6CD0757B-2E11-43A2-9AC5-3D43095DAA16}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |

"{70A5E152-5C00-495F-82CB-01E9A09A7D65}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |

"{7153E0CA-F571-41F2-9530-E3BC21130B10}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |

"{7430CD1D-1E91-4DAE-A422-234314EEDCC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{74551ADB-75AA-41E1-A6F8-EF2F647617CA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{81D0578F-6017-4478-A829-905188F3E3C6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |

"{897217A5-CEBC-491B-9107-7492F170D34A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{914A5B3A-5EEF-40A8-9975-32AA8AF7073B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |

"{915B30B7-1664-466E-84AF-017F9FFFFAE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |

"{93ECF209-D37E-4D16-91CC-55B00238681C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |

"{95A2BC72-1F09-454F-9F5C-6E08C9533E54}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe |

"{993A6890-CC90-4A46-8783-29654001D778}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |

"{9F1033C8-96C9-4F1C-A8AD-899CF1C8EEE2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{A00108EF-1537-4EC8-B0B6-E740C1EF166D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |

"{A064CDCE-01FD-4EA2-ABB8-3D022EBB6A54}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{A1C8D78F-662F-4C78-BD1B-77FC001AC01F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{A58C4590-2BF9-4DB1-A43C-AE539276BDC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{A97E69DD-677B-4218-874D-7137A5164D77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{AC0B38B7-AC3A-4E5A-A32E-166F05445748}" = protocol=58 | dir=in | app=system |

"{ACD19689-B098-441C-A16F-84ABD412D7A4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{AE6FB950-CBD5-4E1E-8E06-35947E488C46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |

"{AF3FB95A-A093-48F9-A836-ABAE6EDCBF2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |

"{B0C3C83E-1729-456B-A220-E52D54A557C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{B36919B9-84E5-46B3-9883-55DB5418CAD9}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{B469CE5F-9B1E-4C20-9AB6-6199F9AFC2D7}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |

"{B6F57D26-35AD-46ED-8835-28D21FCD70D1}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{BB78AB63-FA9C-4596-ACBD-3DC15F322074}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |

"{BB8EEDB2-3670-4D2D-96F3-61143DA26CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |

"{C03A6A7C-C78D-4D40-AFA9-F7BCD9F6A297}" = protocol=6 | dir=out | app=system |

"{C2E239C3-FBEB-4120-BA14-5EB7F5FFD155}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |

"{C751C994-D9C2-411E-A57B-4474E48B528D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D0648ACC-88BD-46A9-AF40-B6C05B4C0379}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |

"{D69A05EA-02C4-4090-98CB-B300BAE99B29}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{DB750363-DA35-4BB8-8FB3-EC5901568197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{DE179EC6-82DB-4460-8800-50F805F62243}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{DFB4810A-F1DC-4105-A85D-594090005554}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{E1EC5BC5-AD4D-41B2-AD0B-E2C9DDE43CB5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |

"{E33F969C-582F-4D0C-9797-D4997E35A598}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{EDA7A2CC-0BC8-494F-8DA6-77245A6F91B8}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{EF8649B1-11DB-4771-AE2B-3B0299F1AF11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |

"{F290B1DB-BCEE-4C36-A0D5-EF775509ECA5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{F579A7B9-8FBD-4BC5-8372-25CDA589E1BE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{F694CB72-4FA9-4056-8F8A-3C9D4358CC03}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |

"{F78FEBDF-A17A-4054-800A-D052E59196E0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{F936C584-23EF-409D-993F-7614A107DE50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{013C4AC1-64FB-46EA-9320-D34CEB65BDBC}" = AVG 2013

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources

"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in

"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials

"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety

"{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly

"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003

"{90140000-006D-0413-0000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010

"{90260413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components

"{90A40413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components

"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

"{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}" = Windows Live Messenger

"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.3.115

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1043-7B44-A95000000001}" = Adobe Reader 9.5.1 - Nederlands

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6

"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail

"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack

"{DD92BCB0-B554-4F04-9CB1-DAB1AE81CE53}" = AVG 2013

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EF90CC06-F94A-4456-B344-79452D0F51F4}" = IncrediMail

"{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Akamai" = Akamai NetSession Interface

"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader

"AVG" = AVG 2013

"BFGC" = Big Fish Games: Game Manager

"BFG-Farmington Tales" = Farmington Tales

"CCleaner" = CCleaner

"Complitly_is1" = Complitly

"DVD Decrypter" = DVD Decrypter (Remove Only)

"Easy Taalcursus Spaans" = Easy Taalcursus Spaans

"eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.406

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923

"Google Chrome" = Google Chrome

"Hyves Desktop 2.4" = Hyves Desktop

"Hyves Toolbar" = Hyves Toolbar

"IncrediMail" = IncrediMail 2.0

"InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5.5

"iWinArcade" = iWin Games (remove only)

"Juliette's Fashion Empire Free Trial_is1" = Juliette's Fashion Empire Free Trial

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.5

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.65.1.1000

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010

"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator

"Picasa 3" = Picasa 3

"Recuva" = Recuva

"Sale Frenzy" = Sale Frenzy (verwijderen)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WildTangent wildgames Master Uninstall" = WildTangent Games

"WinLiveSuite" = Windows Live Essentials

"WTA-64d9b810-f85c-4142-a3ec-be3ff445983e" = Live Novels Jane Austin's Pride and Prejudice

"WTA-c7ca7ef2-a3ab-44ae-939a-46395d8ed57c" = House of Wonders - Kitty Kat Wedding

"Zylom Games Player Plugin" = Zylom Games Player Plugin

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"FoxTab PDF Creator" = FoxTab PDF Creator

"Free YouTube to Mp3 Converter" = Free YouTube to Mp3 Converter

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 20-10-2012 3:09:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 3:13:15 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:44:01 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:50:36 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:58:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 6:00:22 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 6:11:25 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 21-10-2012 9:56:36 | Computer Name = riekje-PC | Source = VSS | ID = 8194

Description =

Error - 21-10-2012 15:44:33 | Computer Name = riekje-PC | Source = Application Error | ID = 1000

Description = Naam van toepassing met fout: bfgclient.exe, versie: 3.0.1.60, tijdstempel:

0x4e4de6a7 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:

0x4ec49b60 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0003224d Id van proces met

fout: 0x16d8 Starttijd van toepassing met fout: 0x01cdafc46d61e1d6 Pad naar toepassing

met fout: C:\Program Files\bfgclient\bfgclient.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll

Rapport-id:

bc1d6e3e-1bb7-11e2-bdc9-001e33a1233e

Error - 21-10-2012 15:57:02 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11704

Description =

[ System Events ]

Error - 21-10-2012 15:39:00 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 15:51:20 | Computer Name = riekje-PC | Source = EventLog | ID = 6008

Description = De vorige afsluiting van het systeem om 21:48:35 op ?21-?10-?2012

is onverwacht gebeurd.

Error - 21-10-2012 15:51:25 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 15:51:47 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:37:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:39:36 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:59:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 22-10-2012 2:03:38 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 22-10-2012 2:03:42 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7023

Description = De Function Discovery Resource Publication-service is gestopt met

de volgende foutcode: %%-2147014847.

Error - 22-10-2012 10:10:05 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

< End of report >

- - - Updated - - -

OTL Extras logfile created on: 22-10-2012 21:45:35 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\riekje\Desktop

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,87 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 61,97% Memory free

5,74 Gb Paging File | 4,33 Gb Available in Paging File | 75,41% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 79,12 Gb Total Space | 18,19 Gb Free Space | 22,99% Space Free | Partition Type: NTFS

Drive D: | 116,29 Gb Total Space | 108,40 Gb Free Space | 93,22% Space Free | Partition Type: NTFS

Drive E: | 36,01 Gb Total Space | 29,86 Gb Free Space | 82,93% Space Free | Partition Type: NTFS

Computer Name: RIEKJE-PC | User Name: riekje | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{046681BF-CC00-43A6-BF2D-A55C2297ED85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{0975F42D-7224-4A5E-BFF2-72D6D476C35A}" = lport=10243 | protocol=6 | dir=in | app=system |

"{0F5DA6A1-3F31-4321-86BB-475DCB6298CD}" = rport=139 | protocol=6 | dir=out | app=system |

"{10B7CD4B-EEC8-4AA6-98EA-146DE7B99CE7}" = lport=137 | protocol=17 | dir=in | app=system |

"{23E99662-42B3-43FD-AE06-AC614E9325DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{3030BA0B-F1C6-4F4F-8211-6E6F74BE63AE}" = rport=138 | protocol=17 | dir=out | app=system |

"{314B241B-6EEC-446B-B37F-9EC3756F32DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{32FFE1B9-F3BD-4B7B-9053-57C1524E3607}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{466C1F0D-B6DE-44D3-8360-B85CCCB83114}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{5327CB8E-D58E-4984-9021-6F18A032120E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{537320EB-4F31-4412-BF4C-773CE0DF7E4E}" = lport=2869 | protocol=6 | dir=in | app=system |

"{55E74D7D-95D0-46AB-9C0B-BFD047AFA073}" = rport=137 | protocol=17 | dir=out | app=system |

"{6372A4E2-935D-4A3B-93AE-A062FD3FF12D}" = lport=445 | protocol=6 | dir=in | app=system |

"{8438F4C3-2107-4A1E-9FF9-1EF6536F5299}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{87915D19-C094-4EE4-B91C-E6ABE2537954}" = lport=138 | protocol=17 | dir=in | app=system |

"{954CA03D-84F9-4C78-AA5D-835DA6D5D6B6}" = lport=139 | protocol=6 | dir=in | app=system |

"{96A7AA11-152C-4744-B084-F268DD4AAD91}" = lport=2869 | protocol=6 | dir=in | app=system |

"{9D1FD60B-DB9B-4ADB-9507-506210CCE0C9}" = rport=445 | protocol=6 | dir=out | app=system |

"{A3F3B6F1-2D47-49AA-9D44-6E4EAA9E1AAE}" = rport=10243 | protocol=6 | dir=out | app=system |

"{BE6EED5C-8065-48EA-BBE5-2EA75033CBEF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{C88D3624-663E-4A7F-97D0-425F9C356076}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{CA84AED5-95B2-4749-9DE8-FDB9723F9DCF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{E21D0755-ED69-4FD6-9752-EC194C3BA77F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{E7657399-FC01-4B4A-A059-2DC23F40780B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{F069DF24-A601-4722-BFBE-D2827AC525A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06F3D4B9-9867-43F8-97A2-92F4D74853FF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{07EB8BCA-68B4-432B-A521-68A9289A9ECE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |

"{0C5BDE41-EC79-4387-A926-003653D0928C}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{0F2ECAAF-98E4-4D37-A702-98C17B5316F1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{122A5391-54E3-4D56-BD37-314D9C3861D9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |

"{1314EF02-3228-496D-A055-DD86528B60BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |

"{13F8FA52-5B54-4F3E-9DB6-81319FCB79F6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{15FF4AD3-F62F-4DA4-8741-CBF4360281B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{1F53D693-C314-4B18-A594-0A68590EB987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |

"{212E87A8-5819-4BF6-BC6C-C8DA38FAC7B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |

"{2405FADF-76A3-486B-A203-43AE532CE49D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe |

"{2BA6C6EB-C5E3-43E2-A009-308F56A75795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{2C8442BA-44B5-4EF5-91FA-7278D14364B1}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{2F996F8D-4787-43B0-97FA-B35A4522555C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{31708739-C3F8-40A1-A1F7-86610AF6FC96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |

"{31E8D64A-66D2-49FE-A6E4-2F3E80B02B2A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |

"{336F315B-6EF6-4833-96C1-E60295FB62CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |

"{34CA3DC9-3506-4061-9F0C-71269337B5D7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{390D10F2-8587-43F4-AC79-25C75CF88B12}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |

"{396247E4-E6E5-422C-BD38-7C683D618A99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{3A0A4AE2-036F-4BF4-AF43-4F7E858D4CD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{3BF6FCA2-7175-4C09-AA98-CF2B7D10F4EE}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{3E6B66FD-B039-40B2-9E65-77B544B796F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{401F2731-2209-48D7-B12B-F231F0C909E5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |

"{42A1C96F-3A4A-4E04-9074-62549601DB69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |

"{4825AC74-8AC9-4AFE-89C1-8F4E817377C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{48E55754-9A04-4290-A853-17FFBEE268BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |

"{4E37E248-937A-4DB5-8C53-2D98829EADD7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{554FB7DC-A30F-4871-A725-052A3501C645}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |

"{5BF6DE59-F78F-4335-B76A-29C6F4AD37A0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{5C930309-AABD-4C2D-AA62-D6870DF581F1}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{6138B188-1817-4C10-915C-35B3989B10B1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |

"{65A15577-A0CF-4CE9-99E5-8E471244E6EB}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{6B6AA344-2B21-4106-83B2-7B025AA97711}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{6C7B9B9F-37C4-4231-9A2C-5D8284F6BE15}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{6CD0757B-2E11-43A2-9AC5-3D43095DAA16}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |

"{70A5E152-5C00-495F-82CB-01E9A09A7D65}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |

"{7153E0CA-F571-41F2-9530-E3BC21130B10}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |

"{7430CD1D-1E91-4DAE-A422-234314EEDCC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{74551ADB-75AA-41E1-A6F8-EF2F647617CA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{81D0578F-6017-4478-A829-905188F3E3C6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |

"{897217A5-CEBC-491B-9107-7492F170D34A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{914A5B3A-5EEF-40A8-9975-32AA8AF7073B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |

"{915B30B7-1664-466E-84AF-017F9FFFFAE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |

"{93ECF209-D37E-4D16-91CC-55B00238681C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |

"{95A2BC72-1F09-454F-9F5C-6E08C9533E54}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe |

"{993A6890-CC90-4A46-8783-29654001D778}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |

"{9F1033C8-96C9-4F1C-A8AD-899CF1C8EEE2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{A00108EF-1537-4EC8-B0B6-E740C1EF166D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |

"{A064CDCE-01FD-4EA2-ABB8-3D022EBB6A54}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{A1C8D78F-662F-4C78-BD1B-77FC001AC01F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{A58C4590-2BF9-4DB1-A43C-AE539276BDC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{A97E69DD-677B-4218-874D-7137A5164D77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{AC0B38B7-AC3A-4E5A-A32E-166F05445748}" = protocol=58 | dir=in | app=system |

"{ACD19689-B098-441C-A16F-84ABD412D7A4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{AE6FB950-CBD5-4E1E-8E06-35947E488C46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |

"{AF3FB95A-A093-48F9-A836-ABAE6EDCBF2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |

"{B0C3C83E-1729-456B-A220-E52D54A557C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{B36919B9-84E5-46B3-9883-55DB5418CAD9}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{B469CE5F-9B1E-4C20-9AB6-6199F9AFC2D7}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |

"{B6F57D26-35AD-46ED-8835-28D21FCD70D1}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{BB78AB63-FA9C-4596-ACBD-3DC15F322074}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |

"{BB8EEDB2-3670-4D2D-96F3-61143DA26CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |

"{C03A6A7C-C78D-4D40-AFA9-F7BCD9F6A297}" = protocol=6 | dir=out | app=system |

"{C2E239C3-FBEB-4120-BA14-5EB7F5FFD155}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |

"{C751C994-D9C2-411E-A57B-4474E48B528D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D0648ACC-88BD-46A9-AF40-B6C05B4C0379}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |

"{D69A05EA-02C4-4090-98CB-B300BAE99B29}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{DB750363-DA35-4BB8-8FB3-EC5901568197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{DE179EC6-82DB-4460-8800-50F805F62243}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{DFB4810A-F1DC-4105-A85D-594090005554}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{E1EC5BC5-AD4D-41B2-AD0B-E2C9DDE43CB5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |

"{E33F969C-582F-4D0C-9797-D4997E35A598}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{EDA7A2CC-0BC8-494F-8DA6-77245A6F91B8}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{EF8649B1-11DB-4771-AE2B-3B0299F1AF11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |

"{F290B1DB-BCEE-4C36-A0D5-EF775509ECA5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{F579A7B9-8FBD-4BC5-8372-25CDA589E1BE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{F694CB72-4FA9-4056-8F8A-3C9D4358CC03}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |

"{F78FEBDF-A17A-4054-800A-D052E59196E0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{F936C584-23EF-409D-993F-7614A107DE50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{013C4AC1-64FB-46EA-9320-D34CEB65BDBC}" = AVG 2013

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources

"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in

"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials

"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety

"{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly

"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003

"{90140000-006D-0413-0000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010

"{90260413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components

"{90A40413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components

"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

"{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}" = Windows Live Messenger

"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.3.115

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1043-7B44-A95000000001}" = Adobe Reader 9.5.1 - Nederlands

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6

"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail

"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack

"{DD92BCB0-B554-4F04-9CB1-DAB1AE81CE53}" = AVG 2013

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EF90CC06-F94A-4456-B344-79452D0F51F4}" = IncrediMail

"{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Akamai" = Akamai NetSession Interface

"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader

"AVG" = AVG 2013

"BFGC" = Big Fish Games: Game Manager

"BFG-Farmington Tales" = Farmington Tales

"CCleaner" = CCleaner

"Complitly_is1" = Complitly

"DVD Decrypter" = DVD Decrypter (Remove Only)

"Easy Taalcursus Spaans" = Easy Taalcursus Spaans

"eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.406

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923

"Google Chrome" = Google Chrome

"Hyves Desktop 2.4" = Hyves Desktop

"Hyves Toolbar" = Hyves Toolbar

"IncrediMail" = IncrediMail 2.0

"InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5.5

"iWinArcade" = iWin Games (remove only)

"Juliette's Fashion Empire Free Trial_is1" = Juliette's Fashion Empire Free Trial

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.5

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.65.1.1000

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010

"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator

"Picasa 3" = Picasa 3

"Recuva" = Recuva

"Sale Frenzy" = Sale Frenzy (verwijderen)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WildTangent wildgames Master Uninstall" = WildTangent Games

"WinLiveSuite" = Windows Live Essentials

"WTA-64d9b810-f85c-4142-a3ec-be3ff445983e" = Live Novels Jane Austin's Pride and Prejudice

"WTA-c7ca7ef2-a3ab-44ae-939a-46395d8ed57c" = House of Wonders - Kitty Kat Wedding

"Zylom Games Player Plugin" = Zylom Games Player Plugin

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"FoxTab PDF Creator" = FoxTab PDF Creator

"Free YouTube to Mp3 Converter" = Free YouTube to Mp3 Converter

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 20-10-2012 3:09:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 3:13:15 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:44:01 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:50:36 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:58:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 6:00:22 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 6:11:25 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 21-10-2012 9:56:36 | Computer Name = riekje-PC | Source = VSS | ID = 8194

Description =

Error - 21-10-2012 15:44:33 | Computer Name = riekje-PC | Source = Application Error | ID = 1000

Description = Naam van toepassing met fout: bfgclient.exe, versie: 3.0.1.60, tijdstempel:

0x4e4de6a7 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:

0x4ec49b60 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0003224d Id van proces met

fout: 0x16d8 Starttijd van toepassing met fout: 0x01cdafc46d61e1d6 Pad naar toepassing

met fout: C:\Program Files\bfgclient\bfgclient.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll

Rapport-id:

bc1d6e3e-1bb7-11e2-bdc9-001e33a1233e

Error - 21-10-2012 15:57:02 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11704

Description =

[ System Events ]

Error - 21-10-2012 15:39:00 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 15:51:20 | Computer Name = riekje-PC | Source = EventLog | ID = 6008

Description = De vorige afsluiting van het systeem om 21:48:35 op ?21-?10-?2012

is onverwacht gebeurd.

Error - 21-10-2012 15:51:25 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 15:51:47 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:37:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:39:36 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:59:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 22-10-2012 2:03:38 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 22-10-2012 2:03:42 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7023

Description = De Function Discovery Resource Publication-service is gestopt met

de volgende foutcode: %%-2147014847.

Error - 22-10-2012 10:10:05 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

< End of report >

[Riekje]

Volgens mij heb ik er alles dubbel opgezet.hopelijk heb je zo alle goede dingen anders moet ik de hijjack nog eens doen.En bij de opdrachtpomp kwam steeds de melding zit niet in het systeem.

[kape]

Bij Malwarebytes zou de melding "Geen actie ondernomen" er op kunnen wijzen dat je niet gekozen hebt voor verwijderen. En dat is wel degelijk nodig om de bende rotzooi die dit programma ontdekt heeft effectief van de PC te halen. Wil je Malwarebytes nog eens opnieuw laten runnen en dan wel degelijk kiezen voor "verwijderen". Hang daarna een nieuw logje van Malwarebytes in je volgende bericht.

[Riekje]

OTL Extras logfile created on: 22-10-2012 21:45:35 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\riekje\Desktop

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,87 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 61,97% Memory free

5,74 Gb Paging File | 4,33 Gb Available in Paging File | 75,41% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 79,12 Gb Total Space | 18,19 Gb Free Space | 22,99% Space Free | Partition Type: NTFS

Drive D: | 116,29 Gb Total Space | 108,40 Gb Free Space | 93,22% Space Free | Partition Type: NTFS

Drive E: | 36,01 Gb Total Space | 29,86 Gb Free Space | 82,93% Space Free | Partition Type: NTFS

Computer Name: RIEKJE-PC | User Name: riekje | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{046681BF-CC00-43A6-BF2D-A55C2297ED85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{0975F42D-7224-4A5E-BFF2-72D6D476C35A}" = lport=10243 | protocol=6 | dir=in | app=system |

"{0F5DA6A1-3F31-4321-86BB-475DCB6298CD}" = rport=139 | protocol=6 | dir=out | app=system |

"{10B7CD4B-EEC8-4AA6-98EA-146DE7B99CE7}" = lport=137 | protocol=17 | dir=in | app=system |

"{23E99662-42B3-43FD-AE06-AC614E9325DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{3030BA0B-F1C6-4F4F-8211-6E6F74BE63AE}" = rport=138 | protocol=17 | dir=out | app=system |

"{314B241B-6EEC-446B-B37F-9EC3756F32DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{32FFE1B9-F3BD-4B7B-9053-57C1524E3607}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{466C1F0D-B6DE-44D3-8360-B85CCCB83114}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{5327CB8E-D58E-4984-9021-6F18A032120E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{537320EB-4F31-4412-BF4C-773CE0DF7E4E}" = lport=2869 | protocol=6 | dir=in | app=system |

"{55E74D7D-95D0-46AB-9C0B-BFD047AFA073}" = rport=137 | protocol=17 | dir=out | app=system |

"{6372A4E2-935D-4A3B-93AE-A062FD3FF12D}" = lport=445 | protocol=6 | dir=in | app=system |

"{8438F4C3-2107-4A1E-9FF9-1EF6536F5299}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{87915D19-C094-4EE4-B91C-E6ABE2537954}" = lport=138 | protocol=17 | dir=in | app=system |

"{954CA03D-84F9-4C78-AA5D-835DA6D5D6B6}" = lport=139 | protocol=6 | dir=in | app=system |

"{96A7AA11-152C-4744-B084-F268DD4AAD91}" = lport=2869 | protocol=6 | dir=in | app=system |

"{9D1FD60B-DB9B-4ADB-9507-506210CCE0C9}" = rport=445 | protocol=6 | dir=out | app=system |

"{A3F3B6F1-2D47-49AA-9D44-6E4EAA9E1AAE}" = rport=10243 | protocol=6 | dir=out | app=system |

"{BE6EED5C-8065-48EA-BBE5-2EA75033CBEF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{C88D3624-663E-4A7F-97D0-425F9C356076}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{CA84AED5-95B2-4749-9DE8-FDB9723F9DCF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{E21D0755-ED69-4FD6-9752-EC194C3BA77F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{E7657399-FC01-4B4A-A059-2DC23F40780B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{F069DF24-A601-4722-BFBE-D2827AC525A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06F3D4B9-9867-43F8-97A2-92F4D74853FF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{07EB8BCA-68B4-432B-A521-68A9289A9ECE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |

"{0C5BDE41-EC79-4387-A926-003653D0928C}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{0F2ECAAF-98E4-4D37-A702-98C17B5316F1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{122A5391-54E3-4D56-BD37-314D9C3861D9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |

"{1314EF02-3228-496D-A055-DD86528B60BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |

"{13F8FA52-5B54-4F3E-9DB6-81319FCB79F6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{15FF4AD3-F62F-4DA4-8741-CBF4360281B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{1F53D693-C314-4B18-A594-0A68590EB987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |

"{212E87A8-5819-4BF6-BC6C-C8DA38FAC7B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |

"{2405FADF-76A3-486B-A203-43AE532CE49D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe |

"{2BA6C6EB-C5E3-43E2-A009-308F56A75795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{2C8442BA-44B5-4EF5-91FA-7278D14364B1}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{2F996F8D-4787-43B0-97FA-B35A4522555C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{31708739-C3F8-40A1-A1F7-86610AF6FC96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |

"{31E8D64A-66D2-49FE-A6E4-2F3E80B02B2A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |

"{336F315B-6EF6-4833-96C1-E60295FB62CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |

"{34CA3DC9-3506-4061-9F0C-71269337B5D7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{390D10F2-8587-43F4-AC79-25C75CF88B12}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |

"{396247E4-E6E5-422C-BD38-7C683D618A99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{3A0A4AE2-036F-4BF4-AF43-4F7E858D4CD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{3BF6FCA2-7175-4C09-AA98-CF2B7D10F4EE}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{3E6B66FD-B039-40B2-9E65-77B544B796F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{401F2731-2209-48D7-B12B-F231F0C909E5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |

"{42A1C96F-3A4A-4E04-9074-62549601DB69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |

"{4825AC74-8AC9-4AFE-89C1-8F4E817377C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{48E55754-9A04-4290-A853-17FFBEE268BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |

"{4E37E248-937A-4DB5-8C53-2D98829EADD7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{554FB7DC-A30F-4871-A725-052A3501C645}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |

"{5BF6DE59-F78F-4335-B76A-29C6F4AD37A0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{5C930309-AABD-4C2D-AA62-D6870DF581F1}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{6138B188-1817-4C10-915C-35B3989B10B1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |

"{65A15577-A0CF-4CE9-99E5-8E471244E6EB}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{6B6AA344-2B21-4106-83B2-7B025AA97711}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{6C7B9B9F-37C4-4231-9A2C-5D8284F6BE15}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{6CD0757B-2E11-43A2-9AC5-3D43095DAA16}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |

"{70A5E152-5C00-495F-82CB-01E9A09A7D65}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |

"{7153E0CA-F571-41F2-9530-E3BC21130B10}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |

"{7430CD1D-1E91-4DAE-A422-234314EEDCC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{74551ADB-75AA-41E1-A6F8-EF2F647617CA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{81D0578F-6017-4478-A829-905188F3E3C6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |

"{897217A5-CEBC-491B-9107-7492F170D34A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{914A5B3A-5EEF-40A8-9975-32AA8AF7073B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |

"{915B30B7-1664-466E-84AF-017F9FFFFAE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |

"{93ECF209-D37E-4D16-91CC-55B00238681C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |

"{95A2BC72-1F09-454F-9F5C-6E08C9533E54}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe |

"{993A6890-CC90-4A46-8783-29654001D778}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |

"{9F1033C8-96C9-4F1C-A8AD-899CF1C8EEE2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{A00108EF-1537-4EC8-B0B6-E740C1EF166D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |

"{A064CDCE-01FD-4EA2-ABB8-3D022EBB6A54}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{A1C8D78F-662F-4C78-BD1B-77FC001AC01F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{A58C4590-2BF9-4DB1-A43C-AE539276BDC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{A97E69DD-677B-4218-874D-7137A5164D77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{AC0B38B7-AC3A-4E5A-A32E-166F05445748}" = protocol=58 | dir=in | app=system |

"{ACD19689-B098-441C-A16F-84ABD412D7A4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{AE6FB950-CBD5-4E1E-8E06-35947E488C46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |

"{AF3FB95A-A093-48F9-A836-ABAE6EDCBF2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |

"{B0C3C83E-1729-456B-A220-E52D54A557C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{B36919B9-84E5-46B3-9883-55DB5418CAD9}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{B469CE5F-9B1E-4C20-9AB6-6199F9AFC2D7}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |

"{B6F57D26-35AD-46ED-8835-28D21FCD70D1}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{BB78AB63-FA9C-4596-ACBD-3DC15F322074}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |

"{BB8EEDB2-3670-4D2D-96F3-61143DA26CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |

"{C03A6A7C-C78D-4D40-AFA9-F7BCD9F6A297}" = protocol=6 | dir=out | app=system |

"{C2E239C3-FBEB-4120-BA14-5EB7F5FFD155}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |

"{C751C994-D9C2-411E-A57B-4474E48B528D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D0648ACC-88BD-46A9-AF40-B6C05B4C0379}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |

"{D69A05EA-02C4-4090-98CB-B300BAE99B29}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{DB750363-DA35-4BB8-8FB3-EC5901568197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{DE179EC6-82DB-4460-8800-50F805F62243}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{DFB4810A-F1DC-4105-A85D-594090005554}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{E1EC5BC5-AD4D-41B2-AD0B-E2C9DDE43CB5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |

"{E33F969C-582F-4D0C-9797-D4997E35A598}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{EDA7A2CC-0BC8-494F-8DA6-77245A6F91B8}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{EF8649B1-11DB-4771-AE2B-3B0299F1AF11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |

"{F290B1DB-BCEE-4C36-A0D5-EF775509ECA5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{F579A7B9-8FBD-4BC5-8372-25CDA589E1BE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{F694CB72-4FA9-4056-8F8A-3C9D4358CC03}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |

"{F78FEBDF-A17A-4054-800A-D052E59196E0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{F936C584-23EF-409D-993F-7614A107DE50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{013C4AC1-64FB-46EA-9320-D34CEB65BDBC}" = AVG 2013

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources

"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in

"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials

"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety

"{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly

"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003

"{90140000-006D-0413-0000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010

"{90260413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components

"{90A40413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components

"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

"{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}" = Windows Live Messenger

"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.3.115

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1043-7B44-A95000000001}" = Adobe Reader 9.5.1 - Nederlands

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6

"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail

"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack

"{DD92BCB0-B554-4F04-9CB1-DAB1AE81CE53}" = AVG 2013

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EF90CC06-F94A-4456-B344-79452D0F51F4}" = IncrediMail

"{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Akamai" = Akamai NetSession Interface

"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader

"AVG" = AVG 2013

"BFGC" = Big Fish Games: Game Manager

"BFG-Farmington Tales" = Farmington Tales

"CCleaner" = CCleaner

"Complitly_is1" = Complitly

"DVD Decrypter" = DVD Decrypter (Remove Only)

"Easy Taalcursus Spaans" = Easy Taalcursus Spaans

"eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.406

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923

"Google Chrome" = Google Chrome

"Hyves Desktop 2.4" = Hyves Desktop

"Hyves Toolbar" = Hyves Toolbar

"IncrediMail" = IncrediMail 2.0

"InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5.5

"iWinArcade" = iWin Games (remove only)

"Juliette's Fashion Empire Free Trial_is1" = Juliette's Fashion Empire Free Trial

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.5

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.65.1.1000

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010

"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator

"Picasa 3" = Picasa 3

"Recuva" = Recuva

"Sale Frenzy" = Sale Frenzy (verwijderen)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WildTangent wildgames Master Uninstall" = WildTangent Games

"WinLiveSuite" = Windows Live Essentials

"WTA-64d9b810-f85c-4142-a3ec-be3ff445983e" = Live Novels Jane Austin's Pride and Prejudice

"WTA-c7ca7ef2-a3ab-44ae-939a-46395d8ed57c" = House of Wonders - Kitty Kat Wedding

"Zylom Games Player Plugin" = Zylom Games Player Plugin

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"FoxTab PDF Creator" = FoxTab PDF Creator

"Free YouTube to Mp3 Converter" = Free YouTube to Mp3 Converter

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 20-10-2012 3:09:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 3:13:15 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:44:01 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:50:36 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:58:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 6:00:22 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 6:11:25 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 21-10-2012 9:56:36 | Computer Name = riekje-PC | Source = VSS | ID = 8194

Description =

Error - 21-10-2012 15:44:33 | Computer Name = riekje-PC | Source = Application Error | ID = 1000

Description = Naam van toepassing met fout: bfgclient.exe, versie: 3.0.1.60, tijdstempel:

0x4e4de6a7 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:

0x4ec49b60 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0003224d Id van proces met

fout: 0x16d8 Starttijd van toepassing met fout: 0x01cdafc46d61e1d6 Pad naar toepassing

met fout: C:\Program Files\bfgclient\bfgclient.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll

Rapport-id:

bc1d6e3e-1bb7-11e2-bdc9-001e33a1233e

Error - 21-10-2012 15:57:02 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11704

Description =

[ System Events ]

Error - 21-10-2012 15:39:00 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 15:51:20 | Computer Name = riekje-PC | Source = EventLog | ID = 6008

Description = De vorige afsluiting van het systeem om 21:48:35 op ?21-?10-?2012

is onverwacht gebeurd.

Error - 21-10-2012 15:51:25 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 15:51:47 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:37:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:39:36 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:59:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 22-10-2012 2:03:38 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 22-10-2012 2:03:42 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7023

Description = De Function Discovery Resource Publication-service is gestopt met

de volgende foutcode: %%-2147014847.

Error - 22-10-2012 10:10:05 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

< End of report >

- - - Updated - - -

OTL Extras logfile created on: 22-10-2012 21:45:35 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\riekje\Desktop

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

2,87 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 61,97% Memory free

5,74 Gb Paging File | 4,33 Gb Available in Paging File | 75,41% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 79,12 Gb Total Space | 18,19 Gb Free Space | 22,99% Space Free | Partition Type: NTFS

Drive D: | 116,29 Gb Total Space | 108,40 Gb Free Space | 93,22% Space Free | Partition Type: NTFS

Drive E: | 36,01 Gb Total Space | 29,86 Gb Free Space | 82,93% Space Free | Partition Type: NTFS

Computer Name: RIEKJE-PC | User Name: riekje | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{046681BF-CC00-43A6-BF2D-A55C2297ED85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{0975F42D-7224-4A5E-BFF2-72D6D476C35A}" = lport=10243 | protocol=6 | dir=in | app=system |

"{0F5DA6A1-3F31-4321-86BB-475DCB6298CD}" = rport=139 | protocol=6 | dir=out | app=system |

"{10B7CD4B-EEC8-4AA6-98EA-146DE7B99CE7}" = lport=137 | protocol=17 | dir=in | app=system |

"{23E99662-42B3-43FD-AE06-AC614E9325DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{3030BA0B-F1C6-4F4F-8211-6E6F74BE63AE}" = rport=138 | protocol=17 | dir=out | app=system |

"{314B241B-6EEC-446B-B37F-9EC3756F32DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{32FFE1B9-F3BD-4B7B-9053-57C1524E3607}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{466C1F0D-B6DE-44D3-8360-B85CCCB83114}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{5327CB8E-D58E-4984-9021-6F18A032120E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{537320EB-4F31-4412-BF4C-773CE0DF7E4E}" = lport=2869 | protocol=6 | dir=in | app=system |

"{55E74D7D-95D0-46AB-9C0B-BFD047AFA073}" = rport=137 | protocol=17 | dir=out | app=system |

"{6372A4E2-935D-4A3B-93AE-A062FD3FF12D}" = lport=445 | protocol=6 | dir=in | app=system |

"{8438F4C3-2107-4A1E-9FF9-1EF6536F5299}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{87915D19-C094-4EE4-B91C-E6ABE2537954}" = lport=138 | protocol=17 | dir=in | app=system |

"{954CA03D-84F9-4C78-AA5D-835DA6D5D6B6}" = lport=139 | protocol=6 | dir=in | app=system |

"{96A7AA11-152C-4744-B084-F268DD4AAD91}" = lport=2869 | protocol=6 | dir=in | app=system |

"{9D1FD60B-DB9B-4ADB-9507-506210CCE0C9}" = rport=445 | protocol=6 | dir=out | app=system |

"{A3F3B6F1-2D47-49AA-9D44-6E4EAA9E1AAE}" = rport=10243 | protocol=6 | dir=out | app=system |

"{BE6EED5C-8065-48EA-BBE5-2EA75033CBEF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{C88D3624-663E-4A7F-97D0-425F9C356076}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{CA84AED5-95B2-4749-9DE8-FDB9723F9DCF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{E21D0755-ED69-4FD6-9752-EC194C3BA77F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{E7657399-FC01-4B4A-A059-2DC23F40780B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{F069DF24-A601-4722-BFBE-D2827AC525A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06F3D4B9-9867-43F8-97A2-92F4D74853FF}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{07EB8BCA-68B4-432B-A521-68A9289A9ECE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |

"{0C5BDE41-EC79-4387-A926-003653D0928C}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{0F2ECAAF-98E4-4D37-A702-98C17B5316F1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{122A5391-54E3-4D56-BD37-314D9C3861D9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |

"{1314EF02-3228-496D-A055-DD86528B60BF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |

"{13F8FA52-5B54-4F3E-9DB6-81319FCB79F6}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{15FF4AD3-F62F-4DA4-8741-CBF4360281B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{1F53D693-C314-4B18-A594-0A68590EB987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |

"{212E87A8-5819-4BF6-BC6C-C8DA38FAC7B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |

"{2405FADF-76A3-486B-A203-43AE532CE49D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe |

"{2BA6C6EB-C5E3-43E2-A009-308F56A75795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{2C8442BA-44B5-4EF5-91FA-7278D14364B1}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{2F996F8D-4787-43B0-97FA-B35A4522555C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{31708739-C3F8-40A1-A1F7-86610AF6FC96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |

"{31E8D64A-66D2-49FE-A6E4-2F3E80B02B2A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |

"{336F315B-6EF6-4833-96C1-E60295FB62CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |

"{34CA3DC9-3506-4061-9F0C-71269337B5D7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{390D10F2-8587-43F4-AC79-25C75CF88B12}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |

"{396247E4-E6E5-422C-BD38-7C683D618A99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{3A0A4AE2-036F-4BF4-AF43-4F7E858D4CD4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{3BF6FCA2-7175-4C09-AA98-CF2B7D10F4EE}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{3E6B66FD-B039-40B2-9E65-77B544B796F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{401F2731-2209-48D7-B12B-F231F0C909E5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |

"{42A1C96F-3A4A-4E04-9074-62549601DB69}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |

"{4825AC74-8AC9-4AFE-89C1-8F4E817377C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{48E55754-9A04-4290-A853-17FFBEE268BD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |

"{4E37E248-937A-4DB5-8C53-2D98829EADD7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

"{554FB7DC-A30F-4871-A725-052A3501C645}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |

"{5BF6DE59-F78F-4335-B76A-29C6F4AD37A0}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{5C930309-AABD-4C2D-AA62-D6870DF581F1}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{6138B188-1817-4C10-915C-35B3989B10B1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |

"{65A15577-A0CF-4CE9-99E5-8E471244E6EB}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{6B6AA344-2B21-4106-83B2-7B025AA97711}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{6C7B9B9F-37C4-4231-9A2C-5D8284F6BE15}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{6CD0757B-2E11-43A2-9AC5-3D43095DAA16}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |

"{70A5E152-5C00-495F-82CB-01E9A09A7D65}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |

"{7153E0CA-F571-41F2-9530-E3BC21130B10}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |

"{7430CD1D-1E91-4DAE-A422-234314EEDCC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{74551ADB-75AA-41E1-A6F8-EF2F647617CA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |

"{81D0578F-6017-4478-A829-905188F3E3C6}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |

"{897217A5-CEBC-491B-9107-7492F170D34A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |

"{914A5B3A-5EEF-40A8-9975-32AA8AF7073B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |

"{915B30B7-1664-466E-84AF-017F9FFFFAE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |

"{93ECF209-D37E-4D16-91CC-55B00238681C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |

"{95A2BC72-1F09-454F-9F5C-6E08C9533E54}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\shadowsvc.exe |

"{993A6890-CC90-4A46-8783-29654001D778}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |

"{9F1033C8-96C9-4F1C-A8AD-899CF1C8EEE2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{A00108EF-1537-4EC8-B0B6-E740C1EF166D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |

"{A064CDCE-01FD-4EA2-ABB8-3D022EBB6A54}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |

"{A1C8D78F-662F-4C78-BD1B-77FC001AC01F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{A58C4590-2BF9-4DB1-A43C-AE539276BDC5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{A97E69DD-677B-4218-874D-7137A5164D77}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{AC0B38B7-AC3A-4E5A-A32E-166F05445748}" = protocol=58 | dir=in | app=system |

"{ACD19689-B098-441C-A16F-84ABD412D7A4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{AE6FB950-CBD5-4E1E-8E06-35947E488C46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |

"{AF3FB95A-A093-48F9-A836-ABAE6EDCBF2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |

"{B0C3C83E-1729-456B-A220-E52D54A557C5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{B36919B9-84E5-46B3-9883-55DB5418CAD9}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{B469CE5F-9B1E-4C20-9AB6-6199F9AFC2D7}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |

"{B6F57D26-35AD-46ED-8835-28D21FCD70D1}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{BB78AB63-FA9C-4596-ACBD-3DC15F322074}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |

"{BB8EEDB2-3670-4D2D-96F3-61143DA26CDF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |

"{C03A6A7C-C78D-4D40-AFA9-F7BCD9F6A297}" = protocol=6 | dir=out | app=system |

"{C2E239C3-FBEB-4120-BA14-5EB7F5FFD155}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |

"{C751C994-D9C2-411E-A57B-4474E48B528D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D0648ACC-88BD-46A9-AF40-B6C05B4C0379}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |

"{D69A05EA-02C4-4090-98CB-B300BAE99B29}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{DB750363-DA35-4BB8-8FB3-EC5901568197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{DE179EC6-82DB-4460-8800-50F805F62243}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |

"{DFB4810A-F1DC-4105-A85D-594090005554}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |

"{E1EC5BC5-AD4D-41B2-AD0B-E2C9DDE43CB5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |

"{E33F969C-582F-4D0C-9797-D4997E35A598}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{EDA7A2CC-0BC8-494F-8DA6-77245A6F91B8}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |

"{EF8649B1-11DB-4771-AE2B-3B0299F1AF11}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |

"{F290B1DB-BCEE-4C36-A0D5-EF775509ECA5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{F579A7B9-8FBD-4BC5-8372-25CDA589E1BE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{F694CB72-4FA9-4056-8F8A-3C9D4358CC03}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |

"{F78FEBDF-A17A-4054-800A-D052E59196E0}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{F936C584-23EF-409D-993F-7614A107DE50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{013C4AC1-64FB-46EA-9320-D34CEB65BDBC}" = AVG 2013

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources

"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in

"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials

"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety

"{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly

"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D853998-1055-4E45-B99E-F5039C502831}" = Photo Notifier and Animation Creator

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003

"{90140000-006D-0413-0000-0000000FF1CE}" = Microsoft Office Klik-en-Klaar 2010

"{90260413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components

"{90A40413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components

"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

"{95140000-00AF-0413-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}" = Windows Live Messenger

"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.3.115

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1043-7B44-A95000000001}" = Adobe Reader 9.5.1 - Nederlands

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6

"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail

"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack

"{DD92BCB0-B554-4F04-9CB1-DAB1AE81CE53}" = AVG 2013

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}" = Windows Live Family Safety

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EF90CC06-F94A-4456-B344-79452D0F51F4}" = IncrediMail

"{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Akamai" = Akamai NetSession Interface

"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader

"AVG" = AVG 2013

"BFGC" = Big Fish Games: Game Manager

"BFG-Farmington Tales" = Farmington Tales

"CCleaner" = CCleaner

"Complitly_is1" = Complitly

"DVD Decrypter" = DVD Decrypter (Remove Only)

"Easy Taalcursus Spaans" = Easy Taalcursus Spaans

"eSupport UndeletePlus_is1" = eSupport UndeletePlus 3.0.2.406

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923

"Google Chrome" = Google Chrome

"Hyves Desktop 2.4" = Hyves Desktop

"Hyves Toolbar" = Hyves Toolbar

"IncrediMail" = IncrediMail 2.0

"InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}" = NTI Backup Now 5.5

"iWinArcade" = iWin Games (remove only)

"Juliette's Fashion Empire Free Trial_is1" = Juliette's Fashion Empire Free Trial

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.5

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.65.1.1000

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Office14.Click2Run" = Microsoft Office Klik-en-Klaar 2010

"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator

"Picasa 3" = Picasa 3

"Recuva" = Recuva

"Sale Frenzy" = Sale Frenzy (verwijderen)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WildTangent wildgames Master Uninstall" = WildTangent Games

"WinLiveSuite" = Windows Live Essentials

"WTA-64d9b810-f85c-4142-a3ec-be3ff445983e" = Live Novels Jane Austin's Pride and Prejudice

"WTA-c7ca7ef2-a3ab-44ae-939a-46395d8ed57c" = House of Wonders - Kitty Kat Wedding

"Zylom Games Player Plugin" = Zylom Games Player Plugin

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2825908954-875444011-2105124009-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"FoxTab PDF Creator" = FoxTab PDF Creator

"Free YouTube to Mp3 Converter" = Free YouTube to Mp3 Converter

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 20-10-2012 3:09:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 3:13:15 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:44:01 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:50:36 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 5:58:50 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 6:00:22 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 20-10-2012 6:11:25 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11706

Description =

Error - 21-10-2012 9:56:36 | Computer Name = riekje-PC | Source = VSS | ID = 8194

Description =

Error - 21-10-2012 15:44:33 | Computer Name = riekje-PC | Source = Application Error | ID = 1000

Description = Naam van toepassing met fout: bfgclient.exe, versie: 3.0.1.60, tijdstempel:

0x4e4de6a7 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:

0x4ec49b60 Uitzonderingscode: 0xc0000005 Foutoffset: 0x0003224d Id van proces met

fout: 0x16d8 Starttijd van toepassing met fout: 0x01cdafc46d61e1d6 Pad naar toepassing

met fout: C:\Program Files\bfgclient\bfgclient.exe Pad naar module met fout: C:\Windows\SYSTEM32\ntdll.dll

Rapport-id:

bc1d6e3e-1bb7-11e2-bdc9-001e33a1233e

Error - 21-10-2012 15:57:02 | Computer Name = riekje-PC | Source = MsiInstaller | ID = 11704

Description =

[ System Events ]

Error - 21-10-2012 15:39:00 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 15:51:20 | Computer Name = riekje-PC | Source = EventLog | ID = 6008

Description = De vorige afsluiting van het systeem om 21:48:35 op ?21-?10-?2012

is onverwacht gebeurd.

Error - 21-10-2012 15:51:25 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 15:51:47 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:37:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:39:36 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 21-10-2012 16:59:53 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 22-10-2012 2:03:38 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

Error - 22-10-2012 2:03:42 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7023

Description = De Function Discovery Resource Publication-service is gestopt met

de volgende foutcode: %%-2147014847.

Error - 22-10-2012 10:10:05 | Computer Name = riekje-PC | Source = Service Control Manager | ID = 7006

Description = ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege

deze fout: %%5.

< End of report >

[kape]

Dit is een logje van OTL ... maar dat heb helemaal niet gevraagd Een nieuw logje van Malwarebytes zou al veel duidelijk kunnen maken.

[Riekje]

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000

www.malwarebytes.org

Databaseversie: v2012.11.02.05

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 8.0.7601.17514

riekje :: RIEKJE-PC [administrator]

Realtime bescherming: Uitgeschakeld

2-11-2012 21:32:33

mbam-log-2012-11-02 (21-32-33).txt

Scantype: Snelle scan

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 197515

Verstreken tijd: 20 minuut/minuten, 45 seconde(n)

Geheugenprocessen gedetecteerd: 1

C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 1132 -> Zal worden verwijderd tijdens het herstarten.

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 16

HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\TypeLib\{8830ddf0-3042-404d-a62c-384a85e34833} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Data: C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=ibgfbdggapddbjjbopabhlhianklajie -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 3

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 62

C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Zal worden verwijderd tijdens het herstarten.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38d1315d0cfe6dd33f29c9a545f94053 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\38d1315d0cfe6dd33f29c9a545f94053_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aeee69848edcb080584c8630e879efda (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\aeee69848edcb080584c8630e879efda_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\c20c8afdee8aca0f44f34efd75ad85a7 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\c20c8afdee8aca0f44f34efd75ad85a7_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f254e56f8c066ef3bf0783e046dc7ecd (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f254e56f8c066ef3bf0783e046dc7ecd_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fb348dd30bf6edae1f50a9726091317f (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\fb348dd30bf6edae1f50a9726091317f_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e797b807b4545245d85048f0398296a9 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e797b807b4545245d85048f0398296a9_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\6f8b3140943075f95ae0c74c1a13b752_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\7c7286eb62db29577cb0a83609846adc (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\7c7286eb62db29577cb0a83609846adc_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\924d47e6f7775d82becea30059272aae (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\924d47e6f7775d82becea30059272aae_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_NL (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Users\riekje\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

- - - Updated - - -

Dit moet hem zijn.Er staat in quarataine geplaatst,da zijn ze er toch nog niet vanaf?

[Asus]

Ik vrees dat er dubbel werk wordt geleverd: probleem is blijkbaar ook hier in behandeling...

[Riekje]

Daar heb ik na de laatste plaatsing van de logjes niets meer van gehoord,een week terug,nu probreer ik mij in te loggen maar dat lukt niet.

[kape]

Malwarebytes heeft nu de gevonden items in quarantaine geplaatst ... d.w.z. dat ze geen invloed meer hebben op de werking van de PC en veilig opgeborgen zitten.

Wil je nu eens een nieuw logje van HijackThis plaatsen in je volgende bericht ?

Daar heb ik na de laatste plaatsing van de logjes niets meer van gehoord,een week terug,nu probreer ik mij in te loggen maar dat lukt niet.

Geen probleem, je laatste bericht daar was op 23 oktober ... we gaan hier gewoon door dan !