Rundll32 foutmelding

Mako · 9 maart 2013

Hoi Patricia,

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll (file missing)

O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll (file missing)

O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll (file missing)

O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - eBay, de wereldwijde online handelsplaats (file missing)

O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - Amazon.co.uk: Low Prices in Electronics, Books, Sports Equipment & more (file missing)

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Indien je PartyPoker als extra knop bij Internet Explorer wil behouden selecteer je de O9 lijnen hierboven niet.

Ik laat hierboven ook heel wat lijnen met betrekking tot Bearshare verwijderen. Dit omdat het programma gekend staat aan de oorzaak te liggen van vele infecties. Niet het programma zelf, maar de bronnen die aangesproken worden om bepaalde bestanden te downloaden zijn heel vaak van malafide oorsprong.

Mocht Bearshare tussen jouw geïnstalleerde programma's aanwezig zijn mag je dit daar eveneens verwijderen (Start - Configuratiescherm - Programma's)

9 maart 2013 aangepast door Mako

Patricia2504 · 9 maart 2013

Hai Mako,

Helaas heeft dit niet gewerkt... ik ben vanavond druk geweest met mijn pc opschonen, is er iets wat ik dan nogmaals moet doen? moet ik iets anders proberen? Wat doet het dll bestandje eigenlijk? Als het iets is wat nergens invloed op heeft, dan kan ik het ook gewoon zo laten toch?

groetjes Patricia

Ps Complimenten voor alle hulp! echt supertof!

Mako · 9 maart 2013

Hoi,

Al bovenstaande heeft jammer genoeg nog geen effect gehad op de rundll32 foutmelding. De regeltje die je in het bericht hierboven moest aanvinken hebben te maken met een opschoning van het systeem waarbij we wat spyware/malware hebben verwijderd. Er is echter nog 1 iets waar iets hersteld moet worden, ik zou dit eerst willen aanpakken.

Van zodra dit hersteld is gaan we nog wat dieper in op het rundll32 probleem .

Kan je ondertussen al even meegeven om welke foutmelding het precies gaat? Wat krijg je te zien?

Open een kladblok document en plak daarin onderstaande inhoud:

reg export "HKLM\software\microsoft\windows nt\currentversion\windows" %systemdrive%\regexport.txt /y
start notepad %systemdrive%\regexport.txt

Ga naar Bestand - Opslaan als

Kies bij 'Opslaan als' voor alle bestanden

Sla het bestand op op je bureaublad als Regexport.bat

Sluit het venster en dubbelklik op Regexport.bat op je bureaublad

Plaats de inhoud van het geopende kladblokdocument in je volgende bericht.

Groet,

Mako

9 maart 2013 aangepast door Mako

Patricia2504 · 10 maart 2013

Hallo,

Hierbij de originele foutmelding, en de foutmelding die ik krijg als ik het .bat bestand probeer te openen.

Groetjes Patricia

- - - Updated - - -

Als admin uitvoeren heeft toch een nader resultaat;):

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=""

"LoadAppInit_DLLs"=dword:00000001

"IconServiceLib"="IconCodecService.dll"

"DdeSendTimeout"=dword:00000000

"DesktopHeapLogging"=dword:00000001

"GDIProcessHandleQuota"=dword:00002710

"ShutdownWarningDialogTimeout"=dword:ffffffff

"USERPostMessageLimit"=dword:00002710

"USERProcessHandleQuota"=dword:00002710

@="mnmsrvc"

"DeviceNotSelectedTimeout"="15"

"Spooler"="yes"

"TransmissionRetryTimeout"="90"

"USERNestedWindowLimit"=dword:00000032

Mako · 11 maart 2013

Hallo Patricia,

Dat is best vreemd. Dit geeft een andere vermelding dan het logje van HijackThis.

Download OTL naar je Bureaublad
- Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
- Zet een vinkje bij Scan All Users.
- Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
  - Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
  - Kopieer (Bewerken->Alles selecteren, Bewerken->Kopiëren) en plak (Bewerken->Alles selecteren, Bewerken->Plakken) de inhoud van deze twee bestanden één voor één in je volgende bericht.

[*]Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Klik op de knop "Options" en vink nu de onderstaande optie aan.
- Installed Programs
[*] Klik daarna op de knop "Run script".

[*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

[*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

[*] Post nu de inhoud van het geopende logje in het volgende bericht.

Patricia2504 · 11 maart 2013

OTL.txt:

OTL logfile created on: 11-3-2013 21:33:41 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patricia\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19400)

Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

1,99 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,73% Memory free

4,22 Gb Paging File | 2,70 Gb Available in Paging File | 63,98% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 74,22 Gb Total Space | 21,49 Gb Free Space | 28,95% Space Free | Partition Type: NTFS

Drive E: | 73,36 Gb Total Space | 19,25 Gb Free Space | 26,25% Space Free | Partition Type: NTFS

Computer Name: PC_VAN_PATRICIA | User Name: Patricia | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-03-11 21:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patricia\Desktop\OTL (1).com

PRC - [2012-12-18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012-12-11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe

PRC - [2012-11-30 03:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe

PRC - [2012-10-30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe

PRC - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe

PRC - [2012-10-22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe

PRC - [2012-10-22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe

PRC - [2012-03-01 15:03:40 | 001,277,952 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCcUxSys.exe

PRC - [2012-03-01 14:58:30 | 000,368,640 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCtrlCntr.exe

PRC - [2011-12-13 09:06:44 | 002,678,784 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe

PRC - [2011-11-15 18:41:18 | 000,249,856 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe

PRC - [2009-08-06 16:56:38 | 000,541,976 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe

PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009-03-13 14:13:48 | 001,773,568 | ---- | M] (Sitecom Europe BV) -- C:\Program Files\Sitecom\Common\RaUI.exe

PRC - [2009-02-23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files\MagicDisc\MagicDisc.exe

PRC - [2008-05-13 15:12:54 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Sitecom\Common\RegistryWriter.exe

PRC - [2008-01-25 15:43:22 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe

PRC - [2008-01-25 11:22:14 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe

PRC - [2008-01-25 10:24:08 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

PRC - [2008-01-22 20:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe

PRC - [2008-01-22 14:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

PRC - [2008-01-22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe

PRC - [2008-01-21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

PRC - [2008-01-17 16:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

PRC - [2008-01-17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

PRC - [2008-01-16 18:06:52 | 002,573,640 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe

PRC - [2008-01-09 14:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe

PRC - [2008-01-09 10:38:44 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe

PRC - [2007-12-29 09:06:02 | 000,430,080 | ---- | M] () -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe

PRC - [2007-12-25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe

PRC - [2007-12-25 13:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe

PRC - [2007-12-03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe

PRC - [2007-11-27 17:13:44 | 000,385,024 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

PRC - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe

PRC - [2007-10-29 14:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

PRC - [2007-10-25 17:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe

PRC - [2007-10-04 18:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

PRC - [2007-09-28 16:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

PRC - [2007-08-23 11:55:06 | 000,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe

PRC - [2007-02-12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe

PRC - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

========== Modules (No Company Name) ==========

MOD - [2012-11-30 03:07:48 | 000,100,248 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

MOD - [2012-11-30 03:06:58 | 001,263,512 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

MOD - [2012-05-06 11:20:14 | 003,449,856 | ---- | M] () -- C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\ffdshow\ffdshow.ax

MOD - [2011-11-24 19:25:48 | 000,094,208 | ---- | M] () -- C:\Program Files\ControlCenter4\BrCcLDut.dll

MOD - [2009-02-27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll

MOD - [2008-09-16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

MOD - [2008-01-22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe

MOD - [2007-12-29 09:06:02 | 000,430,080 | ---- | M] () -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe

MOD - [2007-12-25 12:03:40 | 000,015,184 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll

MOD - [2007-12-14 21:40:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll

MOD - [2007-12-14 21:28:38 | 004,726,784 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll

MOD - [2007-09-13 14:11:18 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll

MOD - [2006-12-01 18:55:42 | 000,009,216 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll

MOD - [2006-10-10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll

MOD - [2006-10-07 11:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll

MOD - [2005-07-22 21:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll

MOD - [2004-09-09 17:13:00 | 000,364,544 | ---- | M] () -- C:\Program Files\PIXELA\Everio MediaBrowser\pxl_m17n_tool.dll

========== Services (SafeList) ==========

SRV - [2013-03-09 10:53:34 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013-02-27 07:36:12 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013-01-08 12:53:48 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-12-18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)

SRV - [2011-11-15 18:41:18 | 000,249,856 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)

SRV - [2008-05-13 15:12:54 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Sitecom\Common\RegistryWriter.exe -- (RalinkRegistryWriter)

SRV - [2008-01-21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)

SRV - [2008-01-19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2008-01-17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)

SRV - [2007-12-25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)

SRV - [2007-12-03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)

SRV - [2007-11-21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)

SRV - [2007-09-28 16:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)

SRV - [2007-02-12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)

SRV - [2006-08-23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva190.sys -- (XDva190)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2012-11-15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)

DRV - [2012-10-22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)

DRV - [2012-10-15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)

DRV - [2012-10-02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)

DRV - [2012-09-21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)

DRV - [2012-09-21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)

DRV - [2012-09-21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)

DRV - [2012-09-19 10:02:06 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)

DRV - [2012-09-19 10:02:06 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)

DRV - [2012-09-14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)

DRV - [2009-04-03 23:04:10 | 000,718,336 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)

DRV - [2009-04-02 20:51:10 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)

DRV - [2009-04-02 20:51:06 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2009-02-24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)

DRV - [2008-02-01 11:46:08 | 000,187,904 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService)

DRV - [2008-01-22 20:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)

DRV - [2008-01-21 15:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)

DRV - [2008-01-15 10:34:58 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)

DRV - [2007-12-26 14:11:30 | 000,131,584 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)

DRV - [2007-12-17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)

DRV - [2007-11-29 16:47:36 | 000,074,240 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)

DRV - [2007-11-29 09:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)

DRV - [2007-11-09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)

DRV - [2007-10-18 14:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)

DRV - [2007-10-17 22:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

DRV - [2007-10-02 11:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)

DRV - [2007-09-26 05:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)

DRV - [2007-06-06 15:21:32 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)

DRV - [2007-04-09 16:13:00 | 000,008,192 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem)

DRV - [2006-11-02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)

DRV - [2006-11-02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2006-10-23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)

DRV - [2006-10-18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV - [2006-10-10 19:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)

DRV - [2005-01-07 05:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Google

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

IE - HKLM\..\SearchScopes\{0B61EE45-94A3-4ABC-AD58-13F5C92EDAB5}: "URL" = http://www.google.nl/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://www.startsearcher.com/?q={searchTerms}&src=IETB'>http://www.startsearcher.com/?q={searchTerms}&src=IETB

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=4840196129054184&q={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 19 1D CA C2 C7 CD 01 [binary data]

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\..\SearchScopes\{0B61EE45-94A3-4ABC-AD58-13F5C92EDAB5}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\..\SearchScopes\{73ccfd25-abe2-4bdf-ac5d-28a470a4d234}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=294&systemid=2&q={searchTerms}

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://www.startsearcher.com/?q={searchTerms}&src=IE

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=4840196129054184&q={searchTerms}

IE - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B2d3fbcf7-be69-4433-8858-c621a8d0e58d%7D:6.0.0.12442

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Patricia\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Patricia\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010-09-20 18:37:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-09 11:14:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-03-09 10:53:36 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-03-09 10:53:13 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\OApps\firefoxaddon

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-03-09 10:53:36 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-03-09 10:53:13 | 000,000,000 | ---D | M]

[2012-11-23 21:14:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patricia\AppData\Roaming\mozilla\Extensions

[2012-11-28 20:24:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patricia\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions

[2013-03-07 21:03:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patricia\AppData\Roaming\mozilla\Firefox\Profiles\augfb63k.default\extensions

[2013-03-07 21:03:35 | 000,000,000 | ---D | M] (Widevine Media Optimizer) -- C:\Users\Patricia\AppData\Roaming\mozilla\Firefox\Profiles\augfb63k.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}

[2012-11-28 20:24:45 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\Patricia\AppData\Roaming\mozilla\firefox\profiles\0\extensions\torntv@torntv.com.xpi

[2013-03-09 22:18:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013-03-09 10:53:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

[2013-03-09 10:53:36 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2008-09-04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll

[2006-07-31 16:07:16 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll

[2013-02-16 04:23:41 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2013-02-16 04:23:41 | 000,002,616 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml

[2013-02-16 04:23:41 | 000,004,771 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml

[2011-06-12 19:18:48 | 000,002,497 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

[2013-02-16 04:23:41 | 000,001,262 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: Google

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Patricia\AppData\Local\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Patricia\AppData\Local\Google\Chrome\Application\25.0.1364.152\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Patricia\AppData\Local\Google\Chrome\Application\25.0.1364.152\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll

CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll

CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll

CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Zylom Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll

CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Patricia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

CHR - Extension: Vivienne Westwood = C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhehaklopgggapefjdijagkgbgeapkb\2_0\

CHR - Extension: YouTube = C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Zoeken = C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Gmail = C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: ::1 localhost

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKU\S-1-5-21-3440755375-3460264489-238472258-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [brStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)

O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe ()

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)

O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [iTSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)

O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found

O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [smoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)

O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)

O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-3440755375-3460264489-238472258-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe ()

O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

O4 - Startup: C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

O4 - Startup: C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediacontrole Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)

O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.21\AMVConverter\grab.html ()

O13 - gopher Prefix: missing

O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} http://navigram.com/engine/v911/Navigram.cab (Navigram Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.17.2)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{448FC8AB-BF9F-4303-8430-3C70CB66A4E8}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56B3506A-9100-44C1-98EB-7554DE17F272}: DhcpNameServer = 62.179.104.196 213.46.228.196

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{691E82A7-BABA-4FAC-AE63-09F941B5F819}: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Patricia\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg

O24 - Desktop BackupWallPaper: C:\Users\Patricia\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013-03-11 21:33:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Patricia\Desktop\OTL (1).com

[2013-03-10 10:53:57 | 000,000,000 | ---D | C] -- C:\Users\Patricia\Documents\Bluetooth

[2013-03-09 21:22:08 | 000,000,000 | ---D | C] -- C:\Users\Patricia\Documents\FormatFactory

[2013-03-09 21:19:42 | 000,000,000 | ---D | C] -- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory

[2013-03-09 21:19:27 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime

[2013-03-09 10:53:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2013-03-08 14:37:19 | 000,000,000 | ---D | C] -- C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2013-03-08 14:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2013-03-08 10:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

[2013-03-07 21:02:41 | 000,000,000 | ---D | C] -- C:\Users\Patricia\AppData\Local\Macromedia

[2013-03-07 21:01:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2013-03-07 21:01:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2013-03-05 17:03:31 | 000,000,000 | ---D | C] -- C:\Users\Patricia\AppData\Roaming\IDM

[2013-03-02 22:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT Registry Optimizer

[2013-03-02 22:54:27 | 000,000,000 | ---D | C] -- C:\Program Files\NT Registry Optimizer

[2013-02-14 20:21:41 | 000,000,000 | ---D | C] -- C:\Users\Patricia\Desktop\SCHOOL

[2013-02-14 14:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker 2.6

[2013-02-14 13:33:22 | 000,000,000 | ---D | C] -- C:\Users\Patricia\AppData\Local\{07DDF123-15F4-41EE-AF5E-C39A3352676E}

[2013-02-13 20:46:55 | 000,000,000 | ---D | C] -- C:\Users\Patricia\Desktop\WhatsApp Video

[2013-02-13 20:46:18 | 000,000,000 | ---D | C] -- C:\Users\Patricia\Desktop\WhatsApp Images

[2013-02-13 20:41:46 | 000,000,000 | ---D | C] -- C:\Users\Patricia\Desktop\Books

[2013-02-11 21:35:09 | 000,000,000 | ---D | C] -- C:\Users\Patricia\.freemind

[2013-02-11 21:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind

[2013-02-11 21:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\FreeMind

[2013-02-10 19:59:04 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

[2013-02-10 19:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2013-02-10 19:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2013-02-10 19:55:32 | 000,000,000 | ---D | C] -- C:\Users\Patricia\AppData\Local\{FD3DA13C-48AF-41FD-B86A-450491604ED5}

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-03-11 21:35:59 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013-03-11 21:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patricia\Desktop\OTL (1).com

[2013-03-11 21:01:59 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3440755375-3460264489-238472258-1000UA.job

[2013-03-11 19:57:26 | 000,002,635 | ---- | M] () -- C:\Users\Patricia\Desktop\Microsoft Office Word 2003.lnk

[2013-03-11 19:45:00 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013-03-11 19:45:00 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013-03-11 19:34:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013-03-11 18:02:00 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3440755375-3460264489-238472258-1000Core.job

[2013-03-11 09:45:02 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\BearShareNAG.job

[2013-03-11 09:44:56 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys

[2013-03-10 11:00:49 | 000,000,144 | ---- | M] () -- C:\Users\Patricia\Desktop\regexport.bat

[2013-03-10 10:50:16 | 000,371,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013-03-09 22:20:26 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2013-03-09 21:28:22 | 000,049,664 | ---- | M] () -- C:\Users\Patricia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013-03-09 21:19:45 | 000,000,996 | ---- | M] () -- C:\Users\Patricia\Desktop\Format Factory.lnk

[2013-03-09 20:44:24 | 003,602,936 | ---- | M] () -- C:\Windows\System32\perfh013.dat

[2013-03-09 20:44:24 | 001,505,986 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013-03-09 20:44:24 | 001,119,158 | ---- | M] () -- C:\Windows\System32\perfc013.dat

[2013-03-09 20:44:24 | 000,977,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013-03-09 10:32:48 | 000,002,529 | ---- | M] () -- C:\Users\Patricia\Desktop\HiJackThis.lnk

[2013-03-08 14:35:35 | 001,402,880 | ---- | M] () -- C:\Users\Patricia\Desktop\HiJackThis.msi

[2013-03-08 10:25:24 | 000,096,405 | ---- | M] () -- C:\Users\Patricia\Desktop\CBS.rar

[2013-03-08 10:16:47 | 000,000,857 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk

[2013-03-07 21:01:57 | 000,000,875 | ---- | M] () -- C:\Users\Patricia\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2013-03-07 21:01:57 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013-03-06 21:07:07 | 000,002,064 | ---- | M] () -- C:\Users\Patricia\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013-03-06 21:07:07 | 000,002,062 | ---- | M] () -- C:\Users\Patricia\Desktop\Google Chrome.lnk

[2013-03-03 21:10:29 | 000,001,675 | ---- | M] () -- C:\Users\Patricia\Desktop\FreeMind.lnk

[2013-03-03 21:00:48 | 000,000,112 | ---- | M] () -- C:\Users\Patricia\Desktop\RADIO.url

[2013-03-02 22:59:31 | 002,883,584 | -HS- | M] () -- C:\Users\Patricia\ntuser.bak

[2013-03-02 22:54:27 | 000,000,822 | ---- | M] () -- C:\Users\Patricia\Desktop\NTREGOPT.lnk

[2013-02-14 14:20:38 | 000,000,962 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Camera Monitor SD.lnk

[2013-02-14 14:20:38 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Everio MediaBrowser.lnk

[2013-02-10 19:59:04 | 000,001,876 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-03-10 11:00:49 | 000,000,144 | ---- | C] () -- C:\Users\Patricia\Desktop\regexport.bat

[2013-03-10 10:49:55 | 000,371,160 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2013-03-09 21:19:45 | 000,000,996 | ---- | C] () -- C:\Users\Patricia\Desktop\Format Factory.lnk

[2013-03-08 14:37:19 | 000,002,529 | ---- | C] () -- C:\Users\Patricia\Desktop\HiJackThis.lnk

[2013-03-08 14:35:34 | 001,402,880 | ---- | C] () -- C:\Users\Patricia\Desktop\HiJackThis.msi

[2013-03-08 10:25:23 | 000,096,405 | ---- | C] () -- C:\Users\Patricia\Desktop\CBS.rar

[2013-03-07 21:01:57 | 000,000,875 | ---- | C] () -- C:\Users\Patricia\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2013-03-07 21:01:57 | 000,000,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2013-03-07 21:01:57 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013-03-03 21:00:36 | 000,000,112 | ---- | C] () -- C:\Users\Patricia\Desktop\RADIO.url

[2013-03-02 22:54:27 | 000,000,822 | ---- | C] () -- C:\Users\Patricia\Desktop\NTREGOPT.lnk

[2013-02-14 20:50:51 | 000,002,635 | ---- | C] () -- C:\Users\Patricia\Desktop\Microsoft Office Word 2003.lnk

[2013-02-14 14:22:07 | 000,002,479 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk

[2013-02-11 21:32:58 | 000,001,675 | ---- | C] () -- C:\Users\Patricia\Desktop\FreeMind.lnk

[2013-02-10 19:59:04 | 000,001,876 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk

[2013-01-25 17:00:40 | 000,247,920 | ---- | C] () -- C:\Windows\System32\avutil-lav-52.dll

[2013-01-25 17:00:40 | 000,165,160 | ---- | C] () -- C:\Windows\System32\avresample-lav-1.dll

[2012-06-26 15:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll

[2012-06-26 15:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll

[2012-06-26 15:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll

[2012-06-26 15:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

[2012-06-24 14:21:36 | 000,033,758 | ---- | C] () -- C:\Users\Patricia\AppData\Local\dt.dat

[2011-12-07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll

[2011-06-24 04:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010-11-11 19:07:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010-09-11 17:29:39 | 000,000,680 | ---- | C] () -- C:\Users\Patricia\AppData\Local\d3d9caps.dat

[2010-03-19 19:17:30 | 000,000,000 | ---- | C] () -- C:\Users\Patricia\AppData\Local\prvlcl.dat

[2010-02-14 13:20:20 | 000,000,386 | ---- | C] () -- C:\Users\Patricia\AppData\Roaming\TweetDeckFast_state.xml

[2009-03-10 07:30:33 | 000,000,176 | ---- | C] () -- C:\Users\Patricia\AppData\Local\rahistory.xml

[2009-01-09 16:55:10 | 000,049,664 | ---- | C] () -- C:\Users\Patricia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-01-08 17:54:21 | 002,883,584 | -HS- | C] () -- C:\Users\Patricia\ntuser.bak

========== ZeroAccess Check ==========

[2006-11-02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012-06-08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-04-11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-04-11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2013-01-10 18:12:23 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2013-01-10 18:12:23 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

[2012-12-12 20:02:01 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\AVG2013

[2012-11-21 10:15:41 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\Azureus

[2012-12-29 16:36:23 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\Belastingdienst

[2013-03-09 22:22:02 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\BitTorrent

[2010-03-15 18:53:02 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\BoneTown

[2013-01-27 20:38:08 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\ControlCenter4

[2009-03-15 09:53:34 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\DriverCure

[2009-05-16 17:37:17 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\GrabIt

[2013-03-05 17:03:31 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\IDM

[2010-04-10 14:03:21 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\PacificPoker

[2012-11-23 21:02:01 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\Samsung

[2009-03-11 18:02:16 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\SystemRequirementsLab

[2009-09-15 15:04:48 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\TeamViewer

[2009-08-15 10:13:49 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\The Ringtone Maker Plus

[2009-03-13 17:26:13 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\Toshiba

[2012-12-12 19:58:25 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\TuneUp Software

[2009-07-29 16:03:23 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1

[2013-02-01 20:00:56 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\Yammer

[2009-01-21 18:47:53 | 000,000,000 | ---D | M] -- C:\Users\Patricia\AppData\Roaming\Zylom

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:1C6D843F

< End of report >

Extra.txt:

OTL Extras logfile created on: 11-3-2013 21:33:41 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patricia\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.19400)

Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

1,99 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,73% Memory free

4,22 Gb Paging File | 2,70 Gb Available in Paging File | 63,98% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 74,22 Gb Total Space | 21,49 Gb Free Space | 28,95% Space Free | Partition Type: NTFS

Drive E: | 73,36 Gb Total Space | 19,25 Gb Free Space | 26,25% Space Free | Partition Type: NTFS

Computer Name: PC_VAN_PATRICIA | User Name: Patricia | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{01D85B2B-8991-4371-8248-CBA18EDA9D6B}" = lport=10243 | protocol=6 | dir=in | app=system |

"{0B5488CB-8FD6-46C1-9D4F-FCE13A7E69F5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{16FFA861-EE27-408C-AC4F-20311F141C2A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{1B78A6BB-673C-4A30-873E-4D1913114257}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{1C59ADA0-7583-4955-B542-6CDCED8A0D3D}" = rport=445 | protocol=6 | dir=out | app=system |

"{24E05A79-E574-4F0B-BEE0-030EC73CC2CC}" = lport=2869 | protocol=6 | dir=in | app=system |

"{2C4C592C-03A6-49E6-BC96-EA1202383C34}" = rport=138 | protocol=17 | dir=out | app=system |

"{2ED34111-BF9C-4198-8338-6E91FF13C1A4}" = lport=138 | protocol=17 | dir=in | app=system |

"{3B2921A6-6672-4EAC-B57D-B7F3DD38DD01}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{3C58C208-B6E5-47DF-9EAB-C454EB3BD8A5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{4196CC47-DB3C-4DC7-B8C3-9CEE58630589}" = lport=2869 | protocol=6 | dir=in | app=system |

"{42AA4736-3546-43C0-848B-176231708266}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{487ABBCA-D716-4593-8849-ABC57504EE5D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{62C26E1E-6370-40BE-BE37-0F13FD214239}" = rport=10243 | protocol=6 | dir=out | app=system |

"{65839214-EBBA-47B4-95FD-779AA547AC69}" = rport=139 | protocol=6 | dir=out | app=system |

"{794527DB-FFFE-426C-B320-5DA30515DFA4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{8339C021-6236-4B74-9ED4-E8CFA5D30681}" = rport=137 | protocol=17 | dir=out | app=system |

"{83555315-B5E8-44B5-ADB5-406FBE0645BD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{90C7CB10-E5F4-404A-A729-DD3C5B225F1E}" = lport=139 | protocol=6 | dir=in | app=system |

"{943C99FF-95DA-4701-B374-C96D80F45048}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{9E0CA647-415F-4F2F-B7F5-ABBF5F7EEF22}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A3FD3E54-15FC-4065-8E46-6E97A9BD5EBE}" = lport=2869 | protocol=6 | dir=in | app=system |

"{B3247899-4EDB-4F0C-8C7E-DB3DD44171C9}" = lport=137 | protocol=17 | dir=in | app=system |

"{BA5853D3-FE5F-4C32-B2F7-854708A41D45}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |

"{BF04854C-6EA5-4EE1-A123-3043C90323D9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{DCB59502-3016-4882-93F6-A4566CAAC1FC}" = lport=445 | protocol=6 | dir=in | app=system |

"{DE8BCFEE-A18B-4043-8147-F56ED750C7C2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{048B3A55-EC36-41B1-B993-F07139501B9E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |

"{05B67DF2-B355-48B9-BD19-D4C98A57AB7A}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"{0B85ABB1-5AAB-4850-AF93-EB9DA0248230}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |

"{0C211F92-233F-4D4D-A73E-EF54D7DB5B8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{1EB379B8-3ABB-4372-9264-D91C6975E8E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{1F083580-0485-4372-9080-3B91661538B0}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |

"{22B8DDB3-EFA8-40BB-A8BC-F5B2214F027A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{28B71F3B-37F2-404F-891F-E058BCB20BE3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{30F720E3-DC2A-4748-AE21-DE9AC4B2176F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |

"{33B9131B-0DD2-4CFC-8129-3F84A008457E}" = dir=in | app=e:\telefoon\allshare\allshareagent.exe |

"{3A19AFE7-ABB4-4E02-B198-3BE314517775}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{419BC981-5E00-4B12-997C-E56EF18D52F3}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"{4423EB20-9DA0-4A80-8CDC-E0A9BABCD433}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{4451B803-1721-4D09-A704-F6C152134DED}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |

"{490FA996-4143-4558-91BC-CC9BA65FF1C3}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |

"{4A0EE5E0-26E0-4999-8076-7F90629920CA}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{4D0521E3-4378-48E3-BE65-6B32C1FC1F16}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"{51F47CDC-36FE-4BEC-81AE-B2D72B0C1C18}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\mediabar\datamngr\toolbar\dtuser.exe |

"{604650C4-240A-422D-AB8A-22C957EE3C5A}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |

"{6394CE1B-5B43-419A-9396-193E863884AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{678C5ABC-47E4-425D-8428-BCA54365D749}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{6BFE19B5-B12B-4DD2-A409-17D2C64AC5B5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{71103478-DAAA-4908-8369-EE25704433B7}" = dir=in | app=e:\telefoon\allshare\allsharedms\allsharedms.exe |

"{71300B73-7A76-4C3D-BD4A-2CF270858C96}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |

"{71689831-B057-45E7-94AA-093F7E373942}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |

"{80B69AAE-DDEF-4E3E-936C-3F505419A0EF}" = protocol=6 | dir=out | app=system |

"{95B1697D-2A16-4A99-ACF6-0271D966CFF1}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |

"{97BBA228-5717-420F-AB39-D1C3340B1EFA}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{9CBE6579-E477-435C-9D40-5923832065EA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{A4D76F29-0139-40A0-B32B-172C59044445}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{A9F53155-625D-43AF-A7A4-1A4D36ABC674}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{AC343EC2-B86B-46DD-9A9F-24008EF065DF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{AC5DFFB0-5D5D-4948-8646-2525ED853D6A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{AED102B8-3F6F-408E-8355-773744E76D24}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{B31F9CCD-6283-4B50-9AB1-C3A2C9DE4015}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{B836AD3F-B288-466A-9E5E-DE3480316F0B}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\mediabar\datamngr\toolbar\dtuser.exe |

"{B9055FB4-33EB-4C61-9B28-C66B4E703402}" = dir=in | app=e:\telefoon\allshare\allshare.exe |

"{C5395BFD-5101-4222-9368-DBA1894196BB}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{CA8D0D94-D53D-41C6-8833-9F7FDE12AC3F}" = protocol=6 | dir=out | app=system |

"{CD1D7123-BEBC-4CD4-94C2-D8DDBF8ED3F0}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |

"{CFEA7C1B-CE53-4648-9765-3BF00DC4420B}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |

"{D1C3CE1F-7C6F-4590-A0DC-6F194BF05D0B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{D1E07D43-279A-40AB-A352-6E5627ED6E32}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{DEBFD1BE-A300-4CBB-B6DE-4D6BF0830985}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{DF513641-500D-4F5A-A774-7440D8F1DC3F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{E5FDD348-82DC-4BFE-AE35-9DA70720CFCB}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |

"TCP Query User{127BFD46-14B6-4710-B88C-5E445552E108}J:\downloads\call-of-duty-5\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=j:\downloads\call-of-duty-5\call of duty - world at war\codwaw.exe |

"TCP Query User{1B28FEFF-8A52-474E-9B82-D719485F9A7E}J:\downloads\call-of-duty-5\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=j:\downloads\call-of-duty-5\call of duty - world at war\codwawmp.exe |

"TCP Query User{596C4025-10CE-4714-8C34-4FD94B08295A}C:\program files\sabnzbd\sabnzbd.exe" = protocol=6 | dir=in | app=c:\program files\sabnzbd\sabnzbd.exe |

"TCP Query User{A6516EC8-DBBE-4D9F-B166-C66FBE47DC2C}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"TCP Query User{D71FBAE6-60BF-422E-94B2-01495F5CD214}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{0B669DE4-D7F2-4945-9DE9-F70F2D1DA552}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"UDP Query User{391C3AFC-290D-40D2-9842-DB0B0118EF79}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{4880227D-8AB6-4A22-B51B-CD722C274D6B}C:\program files\sabnzbd\sabnzbd.exe" = protocol=17 | dir=in | app=c:\program files\sabnzbd\sabnzbd.exe |

"UDP Query User{568B4024-F42D-472F-A384-E8C8DDB954CE}J:\downloads\call-of-duty-5\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=j:\downloads\call-of-duty-5\call of duty - world at war\codwaw.exe |

"UDP Query User{C46EC9CB-713D-4033-B5B0-1DF46654528C}J:\downloads\call-of-duty-5\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=j:\downloads\call-of-duty-5\call of duty - world at war\codwawmp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}" = Windows Live UX Platform Language Pack

"{0F1A2E4E-E2EE-4806-B7CE-356D83A3CDEB}" = Windows Live Family Safety

"{101738D7-D805-37A9-BB91-1F2C351782BF}" = Microsoft .NET Framework 3.5 Language Pack SP1 - nld

"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information

"{241DBC8D-14E3-4240-8EE5-3AC35086B638}" = AVG 2013

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack

"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java 6 Update 37

"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17

"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials

"{2FF959E3-FFE4-46C4-96DA-03F26BCFEFCC}" = Brother MFL-Pro Suite DCP-J140W

"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{372B31CF-77FB-4E29-860C-A0EA2985AB7F}" = O2Micro Flash Memory Card Reader Driver (x86)

"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh

"{3F62782D-2798-4540-B493-F6472197900E}" = Microsoft Search Enhancement Pack

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup

"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)

"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR

"{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}" = Everio MediaBrowser

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger

"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6F8CBBFB-7986-4140-91EC-D8C7F1EC8DF3}" = AVG 2013

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree

"{7C4E0BED-7965-4C38-B68E-D896E75A727A}" = Kabobo

"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer

"{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion

"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}" = Windows Live Remote Service Resources

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = Media Player Utilities 4.21

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90110413-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Editie 2003

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{95120000-00AF-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Dutch)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)

"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Geluiddemper v. cd/dvd-station

"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Nederlands

"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser

"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator

"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver

"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker

"{CBDF64B0-8CAB-45C7-B3B2-4637C9F88769}" = HDMI Control Manager

"{CD19EDD9-1632-4002-9212-7478E4BA0423}" = Windows Live Sync

"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility

"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail

"{D8AEC024-E476-17FE-6D37-9EB1565F06F3}" = TweetDeck

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher

"{E91E8912-769D-42F0-8408-0E329443BABC}" = Wireless Network 300N Adapter

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}" = Windows Live Remote Client Resources

"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support

"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety

"{F9696333-6EAA-445E-92D7-7026FA8B01C3}" = TOSHIBA-handleidingen

"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10

"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"Aangifte inkomstenbelasting 2008" = Aangifte inkomstenbelasting 2008

"Aangifte inkomstenbelasting 2009" = Aangifte inkomstenbelasting 2009

"Aangifte inkomstenbelasting 2010" = Aangifte inkomstenbelasting 2010

"Aangifte inkomstenbelasting 2011" = Aangifte inkomstenbelasting 2011

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"AVG" = AVG 2013

"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind

"BearShare 2 MediaBar" = MediaBar

"BitTorrent" = BitTorrent

"CCleaner" = CCleaner

"CNXT_AUDIO_HDA" = Conexant HD Audio

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179" = HDAUDIO Soft Data Fax Modem with SmartCP

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"DivX Setup" = DivX Setup

"DVD Shrink_is1" = DVD Shrink 3.2

"FairUse Wizard 2" = FairUse Wizard 2

"FormatFactory" = FormatFactory 3.0.1

"HDMI" = Intel® Graphics Media Accelerator Driver

"Huur- en zorgtoeslag 2010" = Huur- en zorgtoeslag 2010

"Huur- en zorgtoeslag 2011" = Huur- en zorgtoeslag 2011

"InstallShield_{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password

"InstallShield_{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup

"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder

"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher

"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"Kinderopvangtoeslag 2010" = Kinderopvangtoeslag 2010

"Kinderopvangtoeslag 2011" = Kinderopvangtoeslag 2011

"MagicDisc 2.7.106" = MagicDisc 2.7.106

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versie 1.70.0.1100

"Microsoft .NET Framework 3.5 Language Pack SP1 - nld" = Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

"Mozilla Firefox 19.0.2 (x86 nl)" = Mozilla Firefox 19.0.2 (x86 nl)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"NTREGOPT_is1" = NTREGOPT 1.1j

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"SystemRequirementsLab" = System Requirements Lab

"TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1" = TweetDeck

"Verzoek of wijziging voorlopige aanslag 2010" = Verzoek of wijziging voorlopige aanslag 2010

"Verzoek of wijziging voorlopige aanslag 2011" = Verzoek of wijziging voorlopige aanslag 2011

"Verzoek of wijziging voorlopige aanslag 2012" = Verzoek of wijziging voorlopige aanslag 2012

"Verzoek of wijziging voorlopige aanslag 2013" = Verzoek of wijziging voorlopige aanslag 2013

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3440755375-3460264489-238472258-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{B7961CCE-CF36-4858-BC1A-D06D3D25ECE5}_is1" = Albelli Fotoboeken

"BitTorrent" = BitTorrent

"Dream Chronicles 2 - The Eternal Maze Deluxe" = Dream Chronicles 2 - The Eternal Maze Deluxe

"Google Chrome" = Google Chrome

"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0

"optimizer_ie" = Widevine Media Optimizer IE 6.0.0

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 27-2-2013 0:47:18 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/02/27 05:47:18.773]: [00002636]: SendSKeySettingToDevice::

Snmp Load Error[0] To[192.168.0.104]

Error - 27-2-2013 7:15:50 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/02/27 12:15:50.688]: [00002636]: SendSKeySettingToDevice::

Snmp Load Error[0] To[192.168.0.104]

Error - 27-2-2013 17:23:18 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/02/27 22:23:18.711]: [00002636]: SendSKeySettingToDevice::

Snmp Load Error[0] To[192.168.0.104]

Error - 27-2-2013 21:06:12 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/02/28 02:06:12.441]: [00002636]: SendSKeySettingToDevice::

Snmp Load Error[0] To[192.168.0.104]

Error - 28-2-2013 10:58:02 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/02/28 15:58:02.221]: [00002636]: GetDeviceIpAddress:

GetAddressByName [bRW0080928F7449] Error

Error - 28-2-2013 11:02:05 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/02/28 16:02:05.470]: [00002636]: GetDeviceIpAddress:

GetAddressByName [bRW0080928F7449] Error

Error - 28-2-2013 13:17:15 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/02/28 18:17:15.190]: [00002636]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.0.104]

Error - 28-2-2013 18:44:14 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/02/28 23:44:14.868]: [00002636]: GetDeviceIpAddress:

GetAddressByName [bRW0080928F7449] Error

Error - 28-2-2013 19:31:36 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/01 00:31:36.431]: [00002636]: GetDeviceIpAddress:

GetAddressByName [bRW0080928F7449] Error

Error - 28-2-2013 20:36:25 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/01 01:36:25.678]: [00002636]: SendSKeySettingToDevice::

Snmp Load Error[0] To[192.168.0.104]

Error - 1-3-2013 0:49:31 | Computer Name = PC_van_Patricia | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/01 05:49:31.408]: [00002636]: SendSKeySettingToDevice::

Snmp Load Error[0] To[192.168.0.104]

[ System Events ]

Error - 4-2-2009 13:59:20 | Computer Name = PC_van_Patricia | Source = Service Control Manager | ID = 7011

Description =

Error - 9-2-2009 15:52:24 | Computer Name = PC_van_Patricia | Source = EventLog | ID = 6008

Description = De vorige afsluiting van het systeem om 18:58:30 op 7-2-2009 is onverwacht

gebeurd.

Error - 9-2-2009 15:52:26 | Computer Name = PC_van_Patricia | Source = HTTP | ID = 15016

Description =

Error - 9-2-2009 15:54:01 | Computer Name = PC_van_Patricia | Source = Service Control Manager | ID = 7000

Description =

Error - 12-2-2009 22:08:51 | Computer Name = PC_van_Patricia | Source = HTTP | ID = 15016

Description =

Error - 12-2-2009 22:10:14 | Computer Name = PC_van_Patricia | Source = Service Control Manager | ID = 7000

Description =

Error - 12-2-2009 22:11:14 | Computer Name = PC_van_Patricia | Source = Service Control Manager | ID = 7011

Description =

Error - 12-2-2009 22:11:44 | Computer Name = PC_van_Patricia | Source = Service Control Manager | ID = 7011

Description =

Error - 12-2-2009 23:53:27 | Computer Name = PC_van_Patricia | Source = Dhcp | ID = 1002

Description = De IP-adreslease 213.93.3.40 voor de netwerkkaart met netwerkadres

001E68A6F03A is geweigerd door de DHCP-server 192.168.100.1. De DHCP-server heeft

een DHCPNACK-bericht verzonden.

Error - 12-2-2009 23:53:58 | Computer Name = PC_van_Patricia | Source = Dhcp | ID = 1000

Description = Uw computer heeft de lease verloren van het IP-adres 192.168.100.2

op de netwerkkaart met netwerkadres 001E68A6F03A.

< End of report >

Zoek results:

Zoek.exe Version 4.0.0.2 Updated 11-March-2013

Tool run by Patricia on ma 11-03-2013 at 21:48:31,27.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Installed Programs ======================

Aangifte inkomstenbelasting 2008

Aangifte inkomstenbelasting 2009

Aangifte inkomstenbelasting 2010

Aangifte inkomstenbelasting 2011

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.6) - Nederlands

Adobe Shockwave Player 11.5

Albelli Fotoboeken

Apple Application Support

Apple Software Update

AVG 2013

BitTorrent

Bluetooth Stack for Windows by Toshiba

Brother MFL-Pro Suite DCP-J140W

Camera Assistant Software for Toshiba

CCleaner

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Compatibility Pack for the 2007 Office system

Conexant HD Audio

D3DX10

DivX Converter

DivX Plus DirectShow Filters

DivX Setup

DivX Version Checker

Dream Chronicles 2 - The Eternal Maze Deluxe

DVD MovieFactory for TOSHIBA

DVD Shrink 3.2

Everio MediaBrowser

FairUse Wizard 2

FormatFactory 3.0.1

FreeMind

Geluiddemper v. cd/dvd-station

Google Chrome

HDAUDIO Soft Data Fax Modem with SmartCP

HDMI Control Manager

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

Huur- en zorgtoeslag 2010

Huur- en zorgtoeslag 2011

Intel® Graphics Media Accelerator Driver

Java 7 Update 17

Java Auto Updater

Java 6 Update 3

Java 6 Update 37

Junk Mail filter update

Kabobo

Kinderopvangtoeslag 2010

Kinderopvangtoeslag 2011

MagicDisc 2.7.106

Malwarebytes Anti-Malware versie 1.70.0.1100

Marvell Miniport Driver

Media Player Utilities 4.21

MediaBar

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 3.5 Language Pack SP1 - nld

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft Application Error Reporting

Microsoft Office Live Add-in 1.5

Microsoft Office Outlook Connector

Microsoft Office PowerPoint Viewer 2007 (Dutch)

Microsoft Office Professional Editie 2003

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XML Parser

Mozilla Firefox 19.0.2 (x86 nl)

Mozilla Maintenance Service

MSVCRT

Nero Burning ROM 10

Nero BurningROM 10 Help (CHM)

Nero BurnRights 10 Help (CHM)

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

NetWaiting

NTREGOPT 1.1j

O2Micro Flash Memory Card Reader Driver (x86)

Picture Package Music Transfer

QuickTime

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

Security Update for Windows Media Encoder (KB2447961)

Security Update for Windows Media Encoder (KB954156)

Security Update for Windows Media Encoder (KB979332)

Segoe UI

SkypeT 6.1

Sony Picture Utility

Synaptics Pointing Device Driver

System Requirements Lab

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

TOSHIBA-handleidingen

TOSHIBA Assist

TOSHIBA ConfigFree

TOSHIBA Disc Creator

TOSHIBA DVD PLAYER

TOSHIBA Extended Tiles for Windows Mobility Center

TOSHIBA Hardware Setup

Toshiba Online Product Information

TOSHIBA Recovery Disc Creator

TOSHIBA SD Memory Utilities

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TRDCReminder

TRORDCLauncher

TweetDeck

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

VC80CRTRedist - 8.0.50727.6195

Verzoek of wijziging voorlopige aanslag 2010

Verzoek of wijziging voorlopige aanslag 2011

Verzoek of wijziging voorlopige aanslag 2012

Verzoek of wijziging voorlopige aanslag 2013

Widevine Media Optimizer Chrome 6.0.0

Widevine Media Optimizer IE 6.0.0

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Encoder 9 Series

Windows Media Player Firefox Plugin

Windows Movie Maker 2.6

WinRAR archiver

Wireless Network 300N Adapter

12 maart 2013 aangepast door Mako
Dubbellogs verwijderd

Mako · 13 maart 2013

Hoi,

Krijg je deze foutmeldingen bijna uitsluitend als je de computer afsluit? Of kan dit echt op de meest willekeurige momenten voorkomen?

Ga naar Start - Configuratiescherm - Programma's en verwijder onderstaand programma:

MediaBar

Download MalwareBytes' Anti-Malware en sla het op je bureaublad op.

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg dat er na de installatie een vinkje is geplaatst bij:

Update MalwareBytes' Anti-Malware
Start MalwareBytes' Anti-Malware

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)

Het venster met de vraag of je de "Evaluatie wil starten" mag je in principe weigeren, deze kan je later ook nog inschakelen.
Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
Druk vervolgens op "Scannen" om de scan te starten.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Patricia2504 · 13 maart 2013

Hallo Mako,

De foutmedling komt het meeste voor als ik "switch" tussen harde schijven (c en e) en andere media aansluit, zoals camera of mobiele telefoon. het komt op de meest willekeurige momenten voor.

Malwarebytes Anti-Malware 1.70.0.1100

Malwarebytes : Free anti-malware download

Databaseversie: v2013.03.13.10

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 8.0.6001.19400

Patricia :: PC_VAN_PATRICIA [administrator]

13-3-2013 18:53:34

mbam-log-2013-03-13 (18-53-34).txt

Scan type: Snelle scan

Uitgeschakelde scan opties: P2P

Objecten gescand: 203069

Verstreken tijd: 48 minuut/minuten, 26 seconde(n)

Geheugenprocessen gedetecteerd: 0