~ Verslag van ZHPDiag v2014.12.24.177 - Nicolas Coolman (21-12-2014) ~ Gelanceerd door Hayel (25-12-2014 12:39:21) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Het adres van de webforum : http://forum.nicolascoolman.fr ~ Vertaald door de gebruiker ~ Staat van de versie : Bijgewerkte versie. ~ Lijst wit : Ingeschakeld door het programma ~ Tot misbruik van bevoegdheden : OK ~ Gebruikersaccountbeheer (UAC) : Deactivate by program ---\\ Internet-browsers MSIE: Internet Explorer v11.0.9600.17501 GCIE: Google Chrome v39.0.2171.95 (Defaut) ---\\ Windows productinformatie ~ Langage: Néerlandais Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Software om het systeem te beveiligen AVG 2015 v15.0.5577 Malwarebytes Anti-Malware versie 2.0.4.1028 Windows Defender W7 (Deactivate) ---\\ Systeem optimalisatie software CCleaner v5.01 ---\\ Delen van software PeerToPeer µTorrent v3.2.2.28500 =>P2P.µTorrent ---\\ Software die extra aandacht behoeft Adobe Flash Player 15 Plugin Adobe Reader X ---\\ Informatie over het systeem ~ Processor: AMD64 Family 20 Model 1 Stepping 0, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3689 MB (52% free) System Restore: Activé (Enable) System drive C: has 228 GB (50%) free of 451 GB ---\\ Verbinding met het systeem-modus ~ Computer Name: HAYEL-HP ~ User Name: Hayel ~ All Users Names: HomeGroupUser$, Hayel, Gast, Administrator, ~ Unselected Option: None Logged in as Administrator ---\\ Omgevingsvariabelen ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Hayel\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Hayel\AppData\Roaming\ ~ %Desktop% : C:\Users\Hayel\Desktop\ ~ %Favorites% : C:\Users\Hayel\Favorites\ ~ %LocalAppData% : C:\Users\Hayel\AppData\Local\ ~ %StartMenu% : C:\Users\Hayel\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Overzicht vaste en verwisselbare stations C: Hard drive, Flash drive, Thumb drive (Free 228 Go of 451 Go) D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go) E: CD-ROM drive (Not Inserted) Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) ---\\ Staat van het Windows Beveiligingscentrum ~ Security Center: 49 Legitimates Filtered in 00mn 00s ---\\ Zoeken naar bepaalde algemene bestanden [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Verkenner.) (.25-2-2011 - 7:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Toepassing Opstarten.) (.14-7-2009 - 2:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Internetuitbreidingen voor Win32.) (.22-11-2014 - 2:28:21.) -- C:\Windows\System32\wininet.dll [2358272] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Toepassing Windows-aanmelden.) (.17-7-2014 - 3:07:24.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing-bibliotheek.) (.21-11-2010 - 4:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30-5-2014 - 7:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14-7-2009 - 2:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14-7-2009 - 0:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21-11-2010 - 4:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21-11-2010 - 4:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21-11-2010 - 4:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14-7-2009 - 0:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14-7-2009 - 1:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27-4-2011 - 3:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21-11-2010 - 4:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT-bestandssysteemstuurprogramma.) (.24-1-2014 - 3:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14-7-2009 - 1:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21-11-2010 - 4:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14-7-2009 - 1:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11-11-2014 - 2:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.21-11-2010 - 4:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Status van de verborgen bestanden (verborgen/totaal) ~ Mes images (My Pictures) : 1/786 ~ Mes musiques (My Musics) : 9/1027 ~ Mes Videos (My Videos) : 1/39 ~ Mes Favoris (My Favorites) : 1/12 ~ Mes Documents (My Documents) : 1/30762 ~ Mon Bureau (My Desktop) : 1/122 ~ Menu demarrer (Programs) : 1/12 ~ Hidden Files: Scanned in 00mn 15s ---\\ Gestarte processen [MD5.5F3587E344F2990B59C941FB405CAA0F] - (.Google Inc. - Google Chrome.) -- C:\Users\Hayel\AppData\Local\Google\Chrome\Application\chrome.exe [856904] [PID.4764] [MD5.DAC8CCDF4385B1F2F347DFEBCD84A934] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Hayel\AppData\Roaming\Dropbox\bin\Dropbox.exe [39206760] [PID.4980] [MD5.8A3B69683E63808719D24E1C68C21CC7] - (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960] [PID.4332] [MD5.4312B4DD07050FC58146756634058CE8] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136] [PID.2776] [MD5.8192B2E274607D1D530F5C191698C544] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944] [PID.4612] [MD5.F5281FA7188154C928ED27911B0BA6FD] - (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184] [PID.2552] [MD5.9DEF1B844FF294FE5900711764F82B72] - (.Brother Industries, Ltd. - BrIndicator.) -- C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184] [PID.4924] [MD5.B7F55E2AE978D3D34F7876EE5D689AAE] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.5484] [MD5.88412F8968F43B7C51F8F4EAC98A0558] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8144384] [PID.2576] [MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1948] [MD5.BA5BEC7FB1EABF3FBD38924AB45C7B3A] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080] [PID.1076] [MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.1444] [MD5.8313DC0085E8D05ED6662E90C6918443] - (.Hewlett-Packard Company - SolutionsFrameworkService.) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464] [PID.2240] [MD5.2BEC76BDCD1BC080210325E7B5094834] - (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [35200] [PID.2328] [MD5.EA569D48B2E755AF6D96F03F3335D98A] - (.Realtek - RtlService MFC Application.) -- C:\Program Files (x86)\Sitecom\Sitecom WiFi USB adapter N150 Driver and Utility\RtlService.exe [36864] [PID.2416] [MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2664] [MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.2384] [MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.3768] [MD5.4F27622E46491795CFE45B971BDD116B] - (.Realtek Semiconductor Corp. - RtWLan.) -- C:\Program Files (x86)\Sitecom\Sitecom WiFi USB adapter N150 Driver and Utility\RtWlan.exe [2043904] [PID.4024] [MD5.0E03E300CB28F30843F40069563CE2AD] - (.Brother Industries, Ltd. - BrYNCSvc.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112] [PID.4996] [MD5.D2946D9F020AE76E9CEF9B4A6DF838C0] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1129760] [PID.5128] [MD5.E07F8E78D08D9269E3365C2A4F637191] - (.Hewlett-Packard Development Company L.P. - HP Connection Manager Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [1098296] [PID.3312] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, start, zoeken, extensies (G0, G1, G2) C:\Users\Hayel\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Google Chrome extensie map ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 47s ---\\ Mozilla Firefox, Plugins, start, zoeken, extensies (P2, M0, M1, M2, M3) C:\Users\Hayel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, proxybeheer (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse van lijnen F0, F1, F2, F3 - IniFiles, Autoloading programma's F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts-bestand omleiding (O1) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Toepassingen gestart door register & bestand (O4) O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Hayel\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.) O4 - HKCU\..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (.not file.) O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B0D4029434297F9E5EE81F03250863BD] . (.Google Inc. - Google Chrome.) -- C:\Users\Hayel\AppData\Local\Google\Chrome\Application\chrome.exe O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - No Comment.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe =>.EasyBits Software AS O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Wow6432Node\Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Wow6432Node\Run: [HPConnectionManager] . (.Hewlett-Packard Development Company L.P. - HPCMDelayStart Application.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] Orphan sleutel O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe O4 - HKLM\..\Wow6432Node\Run: [BrStsInd00] . (.Brother Industries, Ltd. - BrIndicator.) -- C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows-bureaubladgadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows-bureaubladgadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1956934913-172480106-3488795705-1002\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Hayel\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-1956934913-172480106-3488795705-1002\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (.not file.) O4 - HKUS\S-1-5-21-1956934913-172480106-3488795705-1002\..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (.not file.) O4 - HKUS\S-1-5-21-1956934913-172480106-3488795705-1002\..\Run: [GoogleChromeAutoLaunch_B0D4029434297F9E5EE81F03250863BD] . (.Google Inc. - Google Chrome.) -- C:\Users\Hayel\AppData\Local\Google\Chrome\Application\chrome.exe O4 - HKUS\S-1-5-21-1956934913-172480106-3488795705-1002\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd ~ Application: Scanned in 00mn 00s ---\\ Knoppen op de werkbalk "belangrijkste instrumenten" Internet Explorer (O9) O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Site in vertrouwde Zone d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains] *.modthesims.info ~ IE Zone Confiance: Scanned in 00mn 00s ---\\ Domeinadres van de DNS (O17) wijzigen O17 - HKLM\System\CCS\Services\Tcpip\..\{00F55613-6C44-4972-BC51-900A43CBFF76}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{808B1ABE-AC25-4319-9636-6EAAA92B92F2}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{00F55613-6C44-4972-BC51-900A43CBFF76}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{808B1ABE-AC25-4319-9636-6EAAA92B92F2}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{00F55613-6C44-4972-BC51-900A43CBFF76}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{808B1ABE-AC25-4319-9636-6EAAA92B92F2}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 ~ Domain: Scanned in 00mn 00s ---\\ Aanvullend Protocol (O18) O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) -- O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Taken die zijn gepland in de automatische modus (O39) [MD5.00000000000000000000000000000000] [APT] [{1E87617E-A2ED-4F2F-955E-3D48CCA6235D}] (...) -- C:\Program Files (x86)\Cybertek Games\Artist Colony\ArtistColonyRelease_.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{23B75997-B86F-4D6F-ACEC-FC369823669A}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{45057FCE-5784-48BE-8176-D9D00AF56C3C}\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{3DD433DA-55BB-480E-B51D-73A06BBBDE1F}] (...) -- C:\Program Files (x86)\Mad Scientist Productions\TS3 Install Helper Monkey\InstallHelper.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{81296AD9-09F0-4C62-9194-209505554DAE}] (...) -- C:\Users\Hayel\Downloads\Nancy Drew And The Final Scene\Setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{A41887D3-385E-4F75-91C0-DA60B7D3C774}] (...) -- C:\Users\Hayel\Downloads\Burger Bustle 2 Ellie's Organics Setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{CEFB3239-72E7-42B6-A644-EF2414424F3E}] (...) -- C:\Users\Hayel\Downloads\Sims3_1.38.151.018002_from_1.36.45.017002.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D146C396-73F6-4092-9B6A-6231CBCC6123}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{3BBFD444-5FAB-49F6-98B1-A1954E831399}\Sims3EP06Setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{EE2B209D-F77D-4006-8CD9-147CA623BC6C}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F0C5FA8F-D97C-4923-A307-F0912128522E}] (...) -- C:\Program Files (x86)\Cybertek Games\Artist Colony\ArtistColonyRelease_.exe (.not file.) [0] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [940] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1002Core [1014] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1002UA [1066] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1006Core [1032] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1006UA [1084] O39 - APT: - (..) -- C:\Windows\System32\Tasks\HPCeeScheduleForHAYEL-HP$ [342] O39 - APT: APT: - (..) -- C:\Windows\System32\System32\Tasks\HPCeeScheduleForHAYEL-HP$ [342] - (..) -- C:\Windows\System32\Tasks\HPCeeScheduleForHayel [332] ~ Scheduled Task: 48 Legitimates Filtered in 00mn 09s ---\\ Geïnstalleerde software (O42) O42 - Logiciel: Sitecom WiFi USB adapter N150 Driver and Utility - (.Sitecom Europe BV.) [HKLM][64Bits] -- {9C049499-055C-4a0c-A916-1D8CA1FF45EB} ~ Logic: 53 Legitimates Filtered in 00mn 02s ---\\ HKCU & HKLM Software Keys [HKCU\Software\IncrediMail] [HKCU\Software\JLGBTT] [HKCU\Software\TEMPI] [HKCU\Software\iWin] [HKCU\Software\アプリケーション ウィザードで生成されたローカル アプリケーション] [HKLM\Software\Wow6432Node\Her Interactive, Inc.] ~ Key Software: 379 Legitimates Filtered in 00mn 02s ---\\ 'Inhoud van mappen programma's, ProgramFiles, ProgramData, AppData (O43) O43 - CFD: 2-3-2014 - 15:59:12 - [] ----D C:\Program Files (x86)\Archie - Riverdale Rescue O43 - CFD: 2-2-2014 - 18:40:32 - [] ----D C:\Program Files (x86)\Belastingdienst O43 - CFD: 21-4-2014 - 12:15:44 - [] ----D C:\Program Files (x86)\Sitecom O43 - CFD: 15-4-2012 - 12:53:52 - [] ----D C:\Program Files (x86)\WMC - Twice in a Blue Moon O43 - CFD: 25-2-2014 - 20:06:09 - [] -SH-D C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} O43 - CFD: 15-1-2014 - 21:30:59 - [] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} O43 - CFD: 24-12-2014 - 14:15:04 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star O43 - CFD: 24-12-2014 - 14:15:02 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music and Media O43 - CFD: 24-12-2014 - 14:14:59 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sitecom WiFi USB adapter N150 Utility O43 - CFD: 8-6-2011 - 21:41:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theft Protection O43 - CFD: 9-3-2014 - 15:31:20 - [] ----D C:\Users\Hayel\AppData\Roaming\Belastingdienst O43 - CFD: 8-5-2014 - 13:11:17 - [] ----D C:\Users\Hayel\AppData\Roaming\Five-BN Games O43 - CFD: 4-1-2012 - 14:28:51 - [] ----D C:\Users\Hayel\AppData\Roaming\InImages O43 - CFD: 21-4-2014 - 14:31:06 - [] ----D C:\Users\Hayel\AppData\Roaming\library_dir O43 - CFD: 21-9-2013 - 18:17:07 - [] ----D C:\Users\Hayel\AppData\Roaming\PathToSuccess O43 - CFD: 3-1-2012 - 13:24:23 - [] ----D C:\Users\Hayel\AppData\Roaming\Peace Craft O43 - CFD: 24-12-2012 - 18:35:52 - [] ----D C:\Users\Hayel\AppData\Roaming\PoivY O43 - CFD: 24-12-2014 - 14:51:18 - [] -SH-D C:\Users\Hayel\AppData\Local\EmieBrowserModeList O43 - CFD: 24-12-2014 - 14:14:56 - [0] ----D C:\Users\Hayel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMC - Twice in a Blue Moon ~ Program Folder: 322 Legitimates Filtered in 00mn 02s ---\\ Meest recente bestanden gewijzigd of gemaakt op Windows en System32 (O44) O44 - LFC:[MD5.533ABCEEE0C35A693835CC3212A9F791] - 24-12-2014 - 14:02:48 ---A- . (...) -- C:\Windows\PowerReg.dat [227] O44 - LFC:[MD5.99070266633566021A4B9109156CE319] - 24-12-2014 - 15:07:40 ---A- . (...) -- C:\Windows\ntbtlog.txt [94256] O44 - LFC:[MD5.80E8A9D877445CD90EC72B630704AF0A] - 24-12-2014 - 16:21:42 ---A- . (...) -- C:\Windows\UniFish3.exe [45568] O44 - LFC:[MD5.8839B2592E3B5B8C87548EE5A71B8F9C] - 24-12-2014 - 18:52:17 ---A- . (...) -- C:\zoek-results2014-12-24-175217.log [52432] O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 24-12-2014 - 21:26:19 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064] O44 - LFC:[MD5.C9218A8C2CCAF16BFE7C22A8A3955AB3] - 24-12-2014 - 22:22:52 ---A- . (...) -- C:\zoek-results.log [20014] ~ Files: 75 Legitimates Filtered in 00mn 05s ---\\ Laatste bestanden die zijn gemaakt in Windows Prefetcher (O45) O45 - LFCP:[MD5.AF6E46F50F76D9C92119DF27C06F65CF] - 24-12-2014 - 14:29:59 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-AE62E46F.pf =>P2P.µTorrent ~ Prefetcher: 1 Legitimates Filtered in 00mn 00s ---\\ Registersleutel Shell MountPoints2 (MPSK) (O51) O51 - MPSK:{6b3c4a83-c75e-11e1-a3ee-101f74b9bcb1}\AutoRun\command. (...) -- I:\Autorun.exe (.not file.) O51 - MPSK:{9b07e282-0d26-11e1-b615-101f74b9bcb1}\AutoRun\command. (...) -- G:\SETUP.exe (.not file.) O51 - MPSK:{d6e8e24f-7297-11e1-bbdc-101f74b9bcb1}\AutoRun\command. (...) -- G:\SETUP.exe (.not file.) O51 - MPSK:{e899d930-ad5a-11e1-bb18-101f74b9bcb1}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Opsomming van het register sleutels PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 19 Legitimates Filtered in 00mn 00s ---\\ Overzicht van de drivers (SDL) (O58) O58 - SDL:14-7-2009 - 2:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10-6-2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:6-2-2013 - 7:42:08 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [102936] O58 - SDL:6-2-2013 - 7:42:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [203544] O58 - SDL:20-9-2012 - 5:35:36 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile OBEX Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudobex.sys [203104] O58 - SDL:14-7-2009 - 2:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:17-12-2010 - 12:41:36 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [520192] O58 - SDL:14-6-2010 - 9:32:54 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys [16448] O58 - SDL:25-10-2007 - 17:26:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632] O58 - SDL:14-6-2010 - 9:32:54 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16448] O58 - SDL:5-2-2013 - 9:54:40 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344] ~ Drivers: 92 Legitimates Filtered in 00mn 02s ---\\ Meest recente bestanden gewijzigd of gemaakt (gebruiker) (O61) O61 - LFC: 24-12-2014 - 12:41:32 ---A- . (...) -- C:\Users\Hayel\Downloads\RSITx64.exe [1222144] O61 - LFC: 24-12-2014 - 12:41:32 ---A- . (...) -- C:\Users\Hayel\Downloads\zoek (1).exe [1295360] O61 - LFC: 24-12-2014 - 12:41:32 ---A- . (...) -- C:\Users\Hayel\Downloads\zoek.exe [1295360] O61 - LFC: 25-12-2014 - 12:41:32 ---A- . (...) -- C:\Users\Hayel\Downloads\adwcleaner_4.106.exe [2173952] ~ 18 Fichiers temporaires (Temporary files) ~ 8 Fichiers cookies (Cookies files) ~ Files: 17 Legitimates Filtered in 00mn 05s ---\\ Lijst van cleaning tools (CLAB) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman O63 - Logiciel: RSIT - (.random/random.) ~ ADS: Scanned in 00mn 00s ---\\ Startmenu Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Hayel\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Hilal.Hayel-HP\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Zoek "infecties in internetbrowsers (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Geeft een opsomming van bestanden Crack & Keygen (KKF) (O82) C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\1save.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\autoPause.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\customCursor.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\displayMode.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\lastProfile.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\MusicVolume.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\SoundVolume.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\VOVolume.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\uTorrent\Agatha Christie-Death On The Nile-PreCracked-HIVBABY.rar.torrent =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\uTorrent\Bistro.Boulevard.v1.0.Cracked-F4CG.rar.1.torrent =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\uTorrent\Bistro.Boulevard.v1.0.Cracked-F4CG.rar.torrent =>.Crack,Keygen C:\Users\Hayel\Documents\Office\dUMb\msoe2007keygen.exe =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\1save.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\autoPause.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\customCursor.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\displayMode.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\lastProfile.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\MusicVolume.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\SoundVolume.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\Gogii\VaultCracker\BigFishGames\data\VOVolume.dat =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\uTorrent\Agatha Christie-Death On The Nile-PreCracked-HIVBABY.rar.torrent =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\uTorrent\Bistro.Boulevard.v1.0.Cracked-F4CG.rar.1.torrent =>.Crack,Keygen C:\Users\Hayel\AppData\Roaming\uTorrent\Bistro.Boulevard.v1.0.Cracked-F4CG.rar.torrent =>.Crack,Keygen C:\Users\Hayel\Documents\Office\dUMb\msoe2007keygen.exe =>.Crack,Keygen ~ Files: Scanned in 00mn 59s ---\\ Lijst van uitzonderingen in de firewall (FirewallRules) (O87) O87 - FAEL: "TCP Query User{8FD25C05-6E6E-4C61-863C-C1D225423E1B}C:\program files (x86)\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe =>P2P.BitTorrent O87 - FAEL: "UDP Query User{4037C35C-5D02-40A5-B69C-40B6C1B8EA8C}C:\program files (x86)\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe =>P2P.BitTorrent O87 - FAEL: "TCP Query User{3BA8A833-70C8-4F5F-BAD6-F1E9DA7E6FBA}C:\program files (x86)\utorrent\utorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe =>P2P.BitTorrent O87 - FAEL: "UDP Query User{9A2D3C75-1AA4-4F9D-8927-10DA0494864F}C:\program files (x86)\utorrent\utorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files (x86)\utorrent\utorrent.exe =>P2P.BitTorrent O87 - FAEL: "{9792125F-1470-44B2-9F37-AFA4C6FFB57E}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{319E455A-742D-4671-808E-18A7FA78B8F1}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Firewall: 6 Legitimates Filtered in 00mn 04s ---\\ Algemene toestand van niet-Microsoft services (GSR) (SR = Running, SS = gestopt) SS - | Demand 10-12-2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Auto 9-11-2014 3488784 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe SS - | Demand 12-10-2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe SS - | Auto 7-7-2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 7-7-2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 14-7-2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 19-12-2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 28-2-2011 203776 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 28-9-2011 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe SR - | Auto 9-11-2014 298080 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe SR - | Demand 26-10-2012 282112 | (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe SR - | Auto 10-7-1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS SR - | Auto 4-11-2013 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co SR - | Auto 11-10-2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe SR - | Demand 13-9-2011 1098296 | (hpCMSrv) . (.Hewlett-Packard Development Company L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe SR - | Demand 13-5-2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe SR - | Auto 1-4-2014 49464 | (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe SR - | Auto 5-3-2012 35200 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe SR - | Auto 10-7-2013 2413056 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe SR - | Auto 16-4-2010 36864 | (Realtek11nSU) . (.Realtek.) - C:\Program Files (x86)\Sitecom\Sitecom WiFi USB adapter N150 Driver and Utility\RtlService.exe SR - | Auto 17-12-2010 276992 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe SR - | Auto 10-7-1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14-7-2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 24s ---\\ Onderzoek gelijktijdige op de Master Boot Record (MBR) (O80) Run by Hayel at 25-12-2014 12:43:12 ~ OS 64 not supported by MBR tool ~ MBR: 0 Legitimates Filtered in 00mn 00s ---\\ Onderzoek de Master Boot Record op Infecties (MBRCheck) (O80) Written by ad13, http://ad13.geekstog Run by Hayel at 25-12-2014 12:43:14 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Extra scan (O88) Database Version : 13026 - (21-12-2014) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKCU\Software\iwin] =>Adware.iWinArcade ~ Additionnel Scan: 306581 Items scanned in 01mn 02s ---\\ Additional information about modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, proxybeheer (R5) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Toepassingen gestart door register & bestand (O4) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Registersleutel Shell MountPoints2 (MPSK) (O51) ~ AMI: 3 Legitimates Filtered in 00mn 00s ---\\ Samenvatting van detecties gevonden op uw werkstation http://nicolascoolman.fr/adware-iwinarcade =>Adware.iWinArcade ~ MSI: 1 link(s) detected in 00mn 00s ~ 1119 Legitimates filtered by white list End of the scan (503 lines in 04mn 57s)(24)