~ Verslag van ZHPDiag v2015.4.1.34 - Nicolas Coolman (29-3-2015) ~ Gelanceerd door Daan (4-4-2015 16:12:50) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Het adres van de webforum : http://forum.nicolascoolman.fr ~ Vertaald door de gebruiker ~ Staat van de versie : Bijgewerkte versie. ~ Lijst wit : Ingeschakeld door het programma ~ Tot misbruik van bevoegdheden : OK ~ Gebruikersaccountbeheer (UAC) : Deactivate by user ---\\ Internet-browsers MSIE: Internet Explorer v11.0.9600.17691 GCIE: Google Chrome v41.0.2272.101 (Defaut) OBIE: Wacom WebTabletPlugin for Netscape v1.1.0.5 OBIE: Safari v5.34.57.2 ---\\ Windows productinformatie ~ Langage: Néerlandais Windows Server License Manager Script : OK Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Vista (TM) Ultimate, 64-bit Service Pack 1 (Build 6000) ---\\ Software om het systeem te beveiligen Bitdefender Total Security 2015 v18.20.0.1429 ---\\ Systeem optimalisatie software ---\\ Delen van software PeerToPeer ---\\ Software die extra aandacht behoeft Adobe Flash Player 16 NPAPI Adobe Reader XI - Nederlands ---\\ Informatie over het systeem ~ Processor: Intel64 Family 6 Model 26 Stepping 4, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 12285 MB (66% free) System Restore: Activé (Enable) System drive C: has 34 GB (25%) free of 135 GB ---\\ Verbinding met het systeem-modus ~ Computer Name: DAAN-PC ~ User Name: Daan ~ All Users Names: HomeGroupUser$, Guest, Daan, Annabel, Administrator, ~ Unselected Option: None Logged in as Administrator ---\\ Omgevingsvariabelen ~ System Unit : C:\ ~ %AppZHP% : D:\Gebruikers\Daan\AppData\Roaming\ZHP\ ~ %AppData% : D:\Gebruikers\Daan\AppData\Roaming\ ~ %Desktop% : D:\Gebruikers\Daan\Desktop\ ~ %Favorites% : D:\Gebruikers\Daan\Favorites\ ~ %LocalAppData% : D:\Gebruikers\Daan\AppData\Local\ ~ %StartMenu% : D:\Gebruikers\Daan\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Overzicht vaste en verwisselbare stations C: Hard drive, Flash drive, Thumb drive (Free 34 Go of 135 Go) D: Hard drive, Flash drive, Thumb drive (Free 25 Go of 651 Go) E: CD-ROM drive (Not Inserted) F: CD-ROM drive (Free 0 Go of 4 Go) G: Hard drive, Flash drive, Thumb drive (Free 1 Go of 1 Go) H: Hard drive, Flash drive, Thumb drive (Free 1 Go of 1 Go) I: Hard drive, Flash drive, Thumb drive (Free 31 Go of 930 Go) K: Floppy drive, Flash card reader, USB Key (Not Inserted) L: Floppy drive, Flash card reader, USB Key (Free 0 Go of 8 Go) M: Floppy drive, Flash card reader, USB Key (Not Inserted) N: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Staat van het Windows Beveiligingscentrum [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified ~ Security Center: 46 Legitimates Filtered in 00mn 00s ---\\ Zoeken naar bepaalde algemene bestanden [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Verkenner.) (.25-2-2011 - 7:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Toepassing Opstarten.) (.14-7-2009 - 2:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.36F99BD8A0F09BDBB7850A138845A014] - (.Microsoft Corporation - Internetuitbreidingen voor Win32.) (.20-2-2015 - 2:28:25.) -- C:\Windows\System32\wininet.dll [2358784] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Toepassing Windows-aanmelden.) (.17-7-2014 - 3:07:24.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing-bibliotheek.) (.20-11-2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30-5-2014 - 7:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14-7-2009 - 2:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14-7-2009 - 0:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20-11-2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20-11-2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20-11-2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14-7-2009 - 0:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14-7-2009 - 1:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27-4-2011 - 3:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20-11-2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT-bestandssysteemstuurprogramma.) (.24-1-2014 - 3:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14-7-2009 - 1:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20-11-2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20-11-2010 - 12:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14-7-2009 - 1:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11-11-2014 - 2:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.20-11-2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Status van de verborgen bestanden (verborgen/totaal) ~ Mes images (My Pictures) : 3/25324 ~ Mes musiques (My Musics) : 25/301 ~ Mes Videos (My Videos) : 1/837 ~ Mes Favoris (My Favorites) : 1/6 ~ Mes Documents (My Documents) : 2/92012 ~ Mon Bureau (My Desktop) : 2/15203 ~ Menu demarrer (Programs) : 1/44 ~ Hidden Files: Scanned in 00mn 04s ---\\ Gestarte processen [MD5.89D2706FCD45E33CECFBD46BCBAD7E16] - (.Microsoft Corporation - Tablet PC Input Panel Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe [10240] [PID.3636] [MD5.8AC4EE71659F54D17BFF01965C4F37E0] - (.TeamViewer GmbH - TeamViewer 10.) -- c:\program files (x86)\teamviewer\TeamViewer.exe [16765200] [PID.5372] [MD5.EC58C1A9A3281CE0C8FCC05BDBFECB37] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816] [PID.5512] [MD5.85F9466A6A73693858A5D34CD8EED744] - (.Dropbox, Inc. - Dropbox.) -- D:\Gebruikers\Daan\AppData\Roaming\Dropbox\bin\Dropbox.exe [42560368] [PID.5596] [MD5.A16852B04C0A5654B0B8DFD5E1A25718] - (.MagicISO, Inc. - MagicISO Virtual CD/DVD Manager.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe [576000] [PID.5692] [MD5.1C86D0C84FF3870A3E13808B853C040A] - (.Apple Inc. - AirPort-basisstationagent.) -- C:\Program Files (x86)\AirPort\APAgent.exe [771360] [PID.5724] [MD5.61C6C887A22065A630E46820BA6B8940] - (.Citrix Systems, Inc. - Citrix Connection Center.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [371896] [PID.5768] [MD5.E0A0ACAF585EF49B4216A078CB9208C0] - (.AgileBits - 1Password.) -- C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [3803408] [PID.5956] [MD5.6740F3F722B70ABAE95753311E600D9E] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe [3499920] [PID.6104] [MD5.BCAFFB153E1FD4EF6D18C442DEE28A9C] - (.Citrix Systems, Inc. - Citrix Receiver Application.) -- C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe [1144704] [PID.5316] [MD5.65CE566B99ABFE73A6843C1D6DD039D5] - (.Citrix Systems, Inc. - Citrix Receiver.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe [51128] [PID.6404] [MD5.5BBD64B48A5AAA4C8635D46A04AB0220] - (.Citrix Systems, Inc. - Citrix Connection Manager.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe [871608] [PID.6664] [MD5.1A1BC75EDF9DA08A68E9A0996E09CC40] - (.Mamut ASA - No Comment.) -- C:\Program Files (x86)\Mamut\Mamut.exe [40675937] [PID.6468] [MD5.1F85A80EBC4C4C1D562094F5AB231077] - (.Adobe Systems Incorporated - Adobe IPC Broker.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe [769904] [PID.6796] [MD5.9B6145F78620F411AC2C1A645A21F1D2] - (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [389744] [PID.8400] [MD5.F217EF2EA31D8F73504B1CD2F9787D9D] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288] [PID.7800] [MD5.6076B562F7848DED4CDB128B485B6132] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8195072] [PID.8012] [MD5.8B802B483CBDE06F62DBC04DC7AFAF8E] - (.Logitech Inc. - Logitech User mode UMVPF service.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [428640] [PID.1328] [MD5.ABDD5AD016AFFD34AD40E944CE94BF59] - (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208] [PID.2132] [MD5.9511C276FECBE39FD1E08DC6BA1CF6E9] - (.Autodesk Inc. - Autodesk Application Manager.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904] [PID.2316] [MD5.C5679E5186B2FC95BC76A8A9870D5456] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64704] [PID.2424] [MD5.DE3FF859EDF66F5E0106B23B3A4B09CE] - (.Autodesk, Inc. - AutoCAD component.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192] [PID.2500] [MD5.1F79342D9EB530A48742F651E570983A] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176] [PID.2576] [MD5.E4938E0A376CF0B9D989EE5C0A146891] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520] [PID.2608] [MD5.A2555605CD54DE880BDB6994B69DB617] - (.Google Inc. - Hostproces.) -- C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe [56648] [PID.2676] [MD5.543080D7653128B1FA7CD8F7DB22BADB] - (.Mediafour Corporation - M4LIC.EXE.) -- C:\Program Files (x86)\Common Files\Mediafour\M4LIC.exe [205312] [PID.2828] [MD5.BBD7B94FF4E14DA798E862EE671242DC] - (.Mamut ASA - SynchronizationWindowsService.) -- C:\Program Files (x86)\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe [11776] [PID.2968] [MD5.ED2DD63D5BAB83DDD03A66B7FE65B9FD] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.MAMUT\MSSQL\Binn\sqlservr.exe [42884448] [PID.3048] [MD5.4263DCF845B089E397C7C3BFC74F04FE] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29263712] [PID.3048] [MD5.7D67C07C63796775CC5492BCFEAFF125] - (.Microsoft Corporation - SQL Browser Service EXE.) -- C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [267616] [PID.3284] [MD5.E1E13735B6D2FE4FFEAEB91989B9C46F] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176] [PID.3492] [MD5.635686E528F2C9CB916EC1BB04EE6AD1] - (...) -- C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736] [PID.3720] [MD5.83BB030C71C9727DCFB2737005772C4E] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe [232264] [PID.1988] [MD5.D4921E6B4636B0D806A73B89437224BD] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\tv_w32.exe [229136] [PID.6148] ~ Processes Running: Scanned in 00mn 02s ---\\ Mozilla Firefox, Plugins, start, zoeken, extensies (P2, M0, M1, M2, M3) D:\Gebruikers\Daan\AppData\Roaming\Mozilla\Firefox\Profiles\5ks1hkq9.default\prefs.js D:\Gebruikers\Daan\AppData\Roaming\Mozilla\Firefox\Profiles\unczujh0.annabel\prefs.js M2 - MFEP: prefs.js [Daan - 5ks1hkq9.default\de-DE@dictionaries.addons.mozilla.org] [] Deutsches Wörterbuch v2.0.4 (..) M2 - MFEP: prefs.js [Daan - 5ks1hkq9.default\en-US@dictionaries.addons.mozilla.org] [] United States English Spellchecker v7.0.1 (..) M2 - MFEP: prefs.js [Daan - 5ks1hkq9.default\FavIconReloader@mozilla.org] [] FavIconReloader v0.8 (..) M2 - MFEP: Extension [Daan - 5ks1hkq9.default] {66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi M2 - MFEP: Extension [Daan - 5ks1hkq9.default] {a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi M2 - MFEP: Extension [Daan - 5ks1hkq9.default] {B97F57B9-1B42-4aed-9475-0022600C62DC}.xpi M2 - MFEP: Extension [Daan - 5ks1hkq9.default] {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi =>PUP.EasyYoutube M2 - MFEP: Extension [Daan - 5ks1hkq9.default] {fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi M2 - MFEP: Extension [Daan - unczujh0.annabel] {66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi M2 - MFEP: Extension [Daan - unczujh0.annabel] {a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi M2 - MFEP: Extension [Daan - unczujh0.annabel] {B97F57B9-1B42-4aed-9475-0022600C62DC}.xpi M2 - MFEP: Extension [Daan - unczujh0.annabel] {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi =>PUP.EasyYoutube M2 - MFEP: Extension [Daan - unczujh0.annabel] {fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi ~ Firefox Browser: 32 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, proxybeheer (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse van lijnen F0, F1, F2, F3 - IniFiles, Autoloading programma's F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts-bestand omleiding (O1) ~ Le fichier hôte est sain (The hosts file is clean) (197) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper-objecten vanuit browser (O2) O2 - BHO: 1Password [64Bits] - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} . (.AgileBits - 1Password.) -- C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll ~ BHO: 18 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer werkbalken (O3) O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll O3 - Toolbar: Bitdefender Wallet - [HKLM]{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender - Bitdefender Password Manager Internet Explo.) -- C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{66BD2442-241B-44CD-8C7A-B51037053CDB} Orphan sleutel ~ Toolbar: Scanned in 00mn 00s ---\\ Toepassingen gestart door register & bestand (O4) O4 - HKLM\..\Run: [MacDrive 8 application] . (.Mediafour Corporation - MacDrive application.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe O4 - HKLM\..\Run: [Getting started with MacDrive 8] . (.Mediafour Corporation - Get Started with MacDrive.) -- C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [Bdagent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [AdobeBridge] Orphan sleutel O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_35765335B3B5C680009F09F21956C5FA] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [AirPort Base Station Agent] . (.Apple Inc. - AirPort-basisstationagent.) -- C:\Program Files (x86)\AirPort\APAgent.exe O4 - HKLM\..\Wow6432Node\Run: [ConnectionCenter] . (.Citrix Systems, Inc. - Citrix Connection Center.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe O4 - HKLM\..\Wow6432Node\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe O4 - HKLM\..\Wow6432Node\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe O4 - HKLM\..\Wow6432Node\Run: [Agile1pAgent] . (.AgileBits - 1Password.) -- C:\Program Files (x86)\1Password 4\Agile1pAgent.exe O4 - HKLM\..\Wow6432Node\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows-bureaubladgadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows-bureaubladgadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2474986109-20418994-3047346730-1004\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKUS\S-1-5-21-2474986109-20418994-3047346730-1004\..\Run: [AdobeBridge] Orphan sleutel O4 - HKUS\S-1-5-21-2474986109-20418994-3047346730-1004\..\Run: [GoogleChromeAutoLaunch_35765335B3B5C680009F09F21956C5FA] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ~ Application: Scanned in 00mn 00s ---\\ Knoppen op de werkbalk "belangrijkste instrumenten" Internet Explorer (O9) O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.) O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office\Office15\lync.exe (.not file.) O9 - Extra button: 1Password [64Bits] - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} . (...) -- C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.ico O9 - Extra button: &Gekoppelde notities van OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.) O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Domeinadres van de DNS (O17) wijzigen O17 - HKLM\System\CCS\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CCS\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: DhcpDomain = DaanDHCP O17 - HKLM\System\CS1\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CS1\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: DhcpDomain = DaanDHCP O17 - HKLM\System\CS2\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: NameServer = 208.67.222.222,208.67.220.220 O17 - HKLM\System\CS2\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{344C265B-1EE9-44B7-91FA-F2D75758ADDF}: DhcpDomain = DaanDHCP O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 ~ Domain: Scanned in 00mn 00s ---\\ Aanvullend Protocol (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Lijst van niet-Microsoft NT services die niet uitgeschakeld zijn (O23) O23 - Service: Mamut Synchronization Service (MamutSyncService) . (.Mamut ASA - SynchronizationWindowsService.) - C:\Program Files (x86)\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe O23 - Service: MySQL (MySQL) . (...) - C:\MySQL\my.ini ~ Services: 22 Legitimates Filtered in 00mn 06s ---\\ Taken die zijn gepland in de automatische modus (O39) [MD5.29B81898034EF7692A242E49310E0411] [APT] [Trigger KMS Activation] (...) -- C:\Program Files\KMSnano\TriggerKMS.exe [54784] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [940] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2474986109-20418994-3047346730-1004Core [1020] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2474986109-20418994-3047346730-1004UA [1072] ~ Scheduled Task: 15 Legitimates Filtered in 00mn 03s ---\\ Geïnstalleerde software (O42) O42 - Logiciel: 1Password 4.3.1.560 - (.AgileBits.) [HKLM][64Bits] -- 1Password4_is1 O42 - Logiciel: Album Design Pro - (.TAOPIX Limited.) [HKCU][64Bits] -- Album Design Pro O42 - Logiciel: Capture One 7.2 - (.Phase One A/S.) [HKLM][64Bits] -- CaptureOne7_is1 O42 - Logiciel: Dialexicon Twents - (...) [HKLM][64Bits] -- ST6UNST #1 O42 - Logiciel: EOSCount ActiveX control - (.Sergey Vasilevskiy.) [HKLM][64Bits] -- {63B230BF-D745-4ECC-B773-EA25A9AFDC36} O42 - Logiciel: KMSnano 24 - (...) [HKLM][64Bits] -- KMSnano 24_is1 O42 - Logiciel: Kinderopvangtoeslag 2011 - (.Belastingdienst.) [HKLM][64Bits] -- Kinderopvangtoeslag 2011 O42 - Logiciel: Mailbird - (.Mailbird.) [HKLM][64Bits] -- {CC8E7DF3-3A64-40CA-997A-6B9D0DC25556} O42 - Logiciel: Photo Station Uploader (remove only) - (.Synology.) [HKLM][64Bits] -- Photo Station Uploader O42 - Logiciel: SmartCode VNC Manager (Enterprise Edition) 6.8 64-bit - (.SmartCode Solutions.) [HKLM][64Bits] -- {322EDE39-8BA4-4196-97C3-6D0924B8DF10} O42 - Logiciel: Windows-stuurprogrammapakket - Leaf Imaging Ltd. Image (02/11/2010 ) - (.Leaf Imaging Ltd..) [HKLM][64Bits] -- A35BD68D4A1B3E191138E3C9AA417190A9468F7E ~ Logic: 30 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Agile Web Solutions] [HKCU\Software\AgileBits] [HKCU\Software\Mamut] [HKCU\Software\SmartCode Solutions] [HKCU\Software\iExpertSoft] [HKLM\Software\MAMUT] [HKLM\Software\UlisesSoft] [HKLM\Software\Wow6432Node\MAMUT] [HKLM\Software\Wow6432Node\Mailbird] [HKLM\Software\Wow6432Node\Q34UA_BKXSW2876_ERY] [HKLM\Software\Wow6432Node\SW-Booster] =>PUP.SafeWeb [HKLM\Software\Wow6432Node\Uplus] ~ Key Software: 402 Legitimates Filtered in 00mn 00s ---\\ 'Inhoud van mappen programma's, ProgramFiles, ProgramData, AppData (O43) O43 - CFD: 3-4-2015 - 22:04:24 - [] ----D C:\Program Files (x86)\1Password 4 O43 - CFD: 17-6-2012 - 0:55:41 - [] ----D C:\Program Files (x86)\AirPort O43 - CFD: 2-7-2014 - 22:00:45 - [] ----D C:\Program Files (x86)\Album Design Pro O43 - CFD: 1-8-2011 - 11:52:41 - [] ----D C:\Program Files (x86)\Belastingdienst O43 - CFD: 9-9-2013 - 12:58:20 - [] ----D C:\Program Files (x86)\Dialexicon O43 - CFD: 1-2-2015 - 23:01:48 - [] ----D C:\Program Files (x86)\EOSCount ActiveX control O43 - CFD: 9-3-2014 - 14:18:31 - [] ----D C:\Program Files (x86)\Mailbird O43 - CFD: 30-4-2014 - 11:32:05 - [] ----D C:\Program Files (x86)\Mamut O43 - CFD: 25-10-2014 - 21:44:03 - [] ----D C:\Program Files (x86)\Pap O43 - CFD: 25-10-2014 - 21:44:02 - [] ----D C:\Program Files (x86)\Pap_Start O43 - CFD: 27-2-2015 - 13:42:23 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 O43 - CFD: 9-3-2014 - 14:18:48 - [] ----D C:\ProgramData\Mailbird O43 - CFD: 30-4-2014 - 11:31:54 - [] ----D C:\ProgramData\Public Mamut O43 - CFD: 30-11-2014 - 18:17:48 - [] ----D C:\ProgramData\PyInstaller O43 - CFD: 24-10-2014 - 9:09:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Password O43 - CFD: 2-7-2014 - 22:00:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Album Design Pro O43 - CFD: 1-8-2011 - 11:52:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst O43 - CFD: 7-9-2013 - 18:01:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dialexicon O43 - CFD: 9-1-2015 - 18:11:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud O43 - CFD: 19-2-2014 - 23:41:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano O43 - CFD: 9-3-2014 - 14:18:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird O43 - CFD: 30-4-2014 - 11:32:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mamut O43 - CFD: 6-11-2012 - 19:57:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartCode VNC Manager O43 - CFD: 14-7-2009 - 9:45:14 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 31-3-2015 - 20:31:58 - [] ----D D:\Gebruikers\Daan\AppData\Roaming\AgileBits O43 - CFD: 2-7-2014 - 22:01:35 - [] ----D D:\Gebruikers\Daan\AppData\Roaming\Album Design Pro O43 - CFD: 1-8-2011 - 11:55:25 - [] ----D D:\Gebruikers\Daan\AppData\Roaming\Belastingdienst O43 - CFD: 6-11-2012 - 19:57:44 - [] ----D D:\Gebruikers\Daan\AppData\Roaming\SmartCode Solutions O43 - CFD: 14-11-2014 - 14:22:43 - [] -SH-D D:\Gebruikers\Daan\AppData\Local\EmieBrowserModeList O43 - CFD: 19-6-2014 - 11:30:45 - [] ----D D:\Gebruikers\Daan\AppData\Local\Mailbird O43 - CFD: 1-8-2011 - 10:29:55 - [] ----D D:\Gebruikers\Daan\AppData\Local\Mamut ASA ~ Program Folder: 266 Legitimates Filtered in 00mn 01s ---\\ Meest recente bestanden gewijzigd of gemaakt op Windows en System32 (O44) O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 3-4-2015 - 20:36:13 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064] O44 - LFC:[MD5.9D8A0C6EBFC80857706F3C4554D474A4] - 4-4-2015 - 8:05:05 ---A- . (...) -- C:\bdlog.txt [218879] ~ Files: 19 Legitimates Filtered in 00mn 07s ---\\ Registersleutel Shell MountPoints2 (MPSK) (O51) O51 - MPSK:{f0f286b3-9a3a-11e4-805a-001fd0af0570}\AutoRun\command. (.Autodesk, Inc. - Autodesk component.) -- F:\Setup.exe ~ Keys: Scanned in 00mn 00s ---\\ Opsomming van het register sleutels PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Opsomming van de registersleutel PoliciesExplorer (CÖKVI) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s ---\\ Overzicht van de drivers (SDL) (O58) O58 - SDL:3-8-2012 - 10:36:52 ---A- . (.Windows (R) Win 7 DDK provider - Synology Virtual USB Hub.) -- C:\Windows\System32\Drivers\busenum.sys [55776] O58 - SDL:14-7-2009 - 2:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10-6-2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:1-3-2013 - 2:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600] O58 - SDL:14-7-2009 - 2:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:28-7-2014 - 13:52:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784] O58 - SDL:8-2-2010 - 5:45:06 ---A- . (.WiFi Media Connect - WiFi Media Connect Virtual Audio Device.) -- C:\Windows\System32\Drivers\wfmcvad.sys [24064] ~ Drivers: 73 Legitimates Filtered in 00mn 02s ---\\ Meest recente bestanden gewijzigd of gemaakt (gebruiker) (O61) O61 - LFC: 2-4-2015 - 16:14:58 ---A- . (...) -- D:\Gebruikers\Daan\Downloads\zoek.exe [1305600] O61 - LFC: 31-3-2015 - 16:14:56 ---A- . (...) -- D:\Gebruikers\Daan\Downloads\RSITx64.exe [1222144] O61 - LFC: 4-4-2015 - 16:13:41 ---A- . (...) -- D:\Gebruikers\Daan\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] O61 - LFC: 4-4-2015 - 16:13:41 ---A- . (...) -- D:\Gebruikers\Daan\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [200] ~ 3599 Fichiers temporaires (Temporary files) ~ 264 Fichiers cookies (Cookies files) ~ Files: 13 Legitimates Filtered in 02mn 19s ---\\ Lijst van cleaning tools (CLAB) (O63) O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman O63 - Logiciel: RSIT - (.random/random.) ~ ADS: Scanned in 00mn 00s ---\\ Bestandsassociaties mogelijk aangepast (O67) O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 12 Legitimates Filtered in 00mn 00s ---\\ Startmenu Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.SRWare - SRWare Iron.) -- C:\Program Files (x86)\SRWare Iron\iron.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe ~ Keys: Scanned in 00mn 00s ---\\ Zoek "infecties in internetbrowsers (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Geeft een opsomming van bestanden Crack & Keygen (KKF) (O82) D:\Gebruikers\Daan\AppData\Roaming\uTorrent\MacDrive-v8.0.5.31-Keygen.included.zip.torrent =>.Crack,Keygen D:\Gebruikers\Daan\Backup\Oude computer\Installatieprogramma's\Avast virusscanners\alwilavastprofessionalv4.0.160keygennanet.zip =>.Crack,Keygen D:\Gebruikers\Daan\Installatieprogramma's\MacDrive-v8.0.5.31-Keygen.included\keygen.exe =>.Crack,Keygen D:\Gebruikers\Daan\Installatieprogramma's\MacDrive-v8.0.5.31-Keygen.included\macdrive_8.0.5.31_en_setup.exe =>.Crack,Keygen D:\Gebruikers\Daan\Installatieprogramma's\MacDrive-v8.0.5.31-Keygen.included\macdrive_8.0.7.38_en_setup.exe =>.Crack,Keygen D:\Gebruikers\Daan\Installatieprogramma's\SketchUp Pro 2014 14.0.4900 (Cracked files) [ChingLiu]\Cracked Files\LayOut.exe =>.Crack,Keygen D:\Gebruikers\Daan\Installatieprogramma's\SketchUp Pro 2014 14.0.4900 (Cracked files) [ChingLiu]\Cracked Files\SketchUp.exe =>.Crack,Keygen D:\Gebruikers\Daan\Installatieprogramma's\SketchUp Pro 2014 14.0.4900 (Cracked files) [ChingLiu]\Cracked Files\Style Builder.exe =>.Crack,Keygen D:\Gebruikers\Daan\Installatieprogramma's\SketchUp Pro 2014 14.0.4900 (Cracked files) [ChingLiu]\SketchUpPro-en.exe =>.Crack,Keygen I:\Daan\Installatieprogramma's\Adobe\Adobe Acrobat 7.0\Adobe_Acrobat_7.0_Professional_incl_KeyGen_MESS_WITH_THE_BEST_DIE_LIKE_THE_REST-PARADOX\Adobe Acrobat 7.0 Professional\AcroPro.msi =>.Crack,Keygen I:\Daan\Installatieprogramma's\Adobe\Adobe Acrobat 7.0\Adobe_Acrobat_7.0_Professional_incl_KeyGen_MESS_WITH_THE_BEST_DIE_LIKE_THE_REST-PARADOX\Adobe Acrobat 7.0 Professional\instmsiw.exe =>.Crack,Keygen I:\Daan\Installatieprogramma's\Adobe\Adobe Acrobat 7.0\Adobe_Acrobat_7.0_Professional_incl_KeyGen_MESS_WITH_THE_BEST_DIE_LIKE_THE_REST-PARADOX\Adobe Acrobat 7.0 Professional\setup.exe =>.Crack,Keygen I:\Daan\Installatieprogramma's\Adobe\Adobe Acrobat 7.0\Adobe_Acrobat_7.0_Professional_incl_KeyGen_MESS_WITH_THE_BEST_DIE_LIKE_THE_REST-PARADOX\Adobe_Acrobat_7.0_Professional_Keygen\pdx-ac7p.exe =>.Crack,Keygen I:\Daan\Installatieprogramma's\Adobe\Adobe After Effects 7.0\Adobe After Effect 7.0 Pro keygen.exe =>.Crack,Keygen I:\Daan\Installatieprogramma's\Adobe\Adobe Premiere 2 Pro\Adobe.Premiere.Pro.v2.0.WinXP.Incl.Keygen-SSG.ZIP =>.Crack,Keygen I:\Daan\Installatieprogramma's\Adobe\Adobe Premiere 2 Pro\keygen.exe =>.Crack,Keygen I:\Daan\Installatieprogramma's\Adobe\Adobe Premiere 2 Pro\MAGNiTUDE\keygen.exe =>.Crack,Keygen ~ Files: Scanned in 02mn 06s ---\\ Bepaalde zoekopdracht in de hoofdmap van het systeem (SPRF) (O84) [MD5.4EC00461303ECB83AF7D400FC6736662] [SPRF][13-3-2015] (...) -- C:\ProgramData\1426278950.bdinstall.bin [3325785] [MD5.015A355A7890A08DFB38868F8A45610A] [SPRF][18-3-2014] (...) -- D:\Gebruikers\Daan\Desktop\xf-adsk2015_x64.exe [329216] ~ Files: 3 Legitimates Filtered in 00mn 00s ---\\ Lijst van uitzonderingen in de firewall (FirewallRules) (O87) O87 - FAEL: "{F99B9FDD-B29A-47BE-AAD1-CCDA54CA06AF}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{57EB23BD-97E3-4000-B97F-C178B05592DC}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{B1082A0E-A63B-487A-89BF-F7766AC4167C}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- D:\Gebruikers\Daan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{485D31A1-B386-42D6-99B6-0048DAB3327F}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- D:\Gebruikers\Daan\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Firewall: 4 Legitimates Filtered in 00mn 01s ---\\ Search Tracing Registry Key (O100) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent ~ BTK: 237 Legitimates Filtered in 00mn 00s ---\\ Algemene toestand van niet-Microsoft services (GSR) (SR = Running, SS = gestopt) SS - | Demand 6-2-2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 9-12-2014 78144 | (BdDesktopParental) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe SS - | Demand 12-1-2015 1357104 | (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe SS - | Auto 18-10-2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 18-10-2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 7-3-2014 326496 | (MailbirdUpdater.exe) . (.Mailbird.) - C:\Program Files (x86)\Mailbird\MailbirdUpdater.exe SS - | Demand 30-9-2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 4-12-2012 79872 | (PostgreSQL_For_OpenERP) . (.PostgreSQL Global Development Group.) - C:\Program Files (x86)\OpenERP 7.0-20130131-000102\PostgreSQL\bin\pg_ctl.exe SS - | Demand 1-3-2013 118520 | (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe SS - | Disabled 8-7-2013 94624 | (SafeBox) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe SS - | Auto 2-1-2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 19-2-2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SS - | Demand 14-7-2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 22-12-2013 576904 | (AdAppMgrSvc) . (.Autodesk Inc..) - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe SR - | Auto 12-9-2014 64704 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 18-8-2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 19-1-2015 77128 | (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 7-2-2014 31192 | (Autodesk Content Service) . (.Autodesk, Inc..) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe SR - | Auto 30-8-2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 8-3-2015 56648 | (chromoting) . (.Google Inc..) - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.36\remoting_host.exe SR - | Auto 19-12-2006 94208 | (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION.) - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe SR - | Auto 13-9-2009 128512 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe SR - | Demand 13-2-2015 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 29-7-2009 205312 | (M4LIC) . (.Mediafour Corporation.) - C:\Program Files (x86)\Common Files\Mediafour\M4LIC.exe SR - | Auto 7-1-2010 218112 | (MacDrive8Service) . (.Mediafour Corporation.) - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe SR - | Auto 14-11-2013 11776 | (MamutSyncService) . (.Mamut ASA.) - C:\Program Files (x86)\Mamut\Bin\Mamut.synchronizationservice.synchronizationwindowsservice.exe SR - | Auto 18-8-2011 8888 | (MySQL) . (...) - C:\MySQL\my.ini SR - | Auto 15-11-2010 5716848 | (TabletServiceWacom) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe SR - | Auto 17-2-2015 5436176 | (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe SR - | Auto 1-4-2011 428640 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe SR - | Auto 27-10-2014 67320 | (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe SR - | Auto 25-2-2014 248736 | (UsbClientService) . (...) - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe SR - | Auto 17-3-2015 1547936 | (VSSERV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe SR - | Auto 22-7-1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14-7-2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 12s ---\\ Onderzoek gelijktijdige op de Master Boot Record (MBR) (O80) Run by Daan at 4-4-2015 16:18:28 ~ OS 64 not supported by MBR tool ~ MBR: 0 Legitimates Filtered in 00mn 00s ---\\ Onderzoek de Master Boot Record op Infecties (MBRCheck) (O80) Written by ad13, http://ad13.geekstog Run by Daan at 4-4-2015 16:18:30 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Extra scan (O88) Database Version : 13008 - (29-3-2015) Clés trouvées (Keys found) : 6 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 2 Fichiers trouvés (Files found) : 1 [HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\Toolbar] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\TVersitybar] =>Toolbar.Conduit [HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent [HKLM\Software\Classes\Toolbar.CT2548838] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Toolbar.CT2548838] =>Toolbar.Conduit D:\Gebruikers\Daan\AppData\Roaming\Mozilla\Firefox\Profiles\5ks1hkq9.default] {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi\extensions\M2 - MFEP: Extension [Daan - 5ks1hkq9.default] {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi =>PUP.EasyYoutube^ D:\Gebruikers\Daan\AppData\Roaming\Mozilla\Firefox\Profiles\unczujh0.annabel] {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi\extensions\M2 - MFEP: Extension [Daan - unczujh0.annabel] {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi =>PUP.EasyYoutube^ [HKLM\Software\Wow6432Node\SW-Booster] =>PUP.SafeWeb^ ~ Additionnel Scan: 576852 Items scanned in 01mn 22s ---\\ Additional information about modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, proxybeheer (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper-objecten vanuit browser (O2) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer werkbalken (O3) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Toepassingen gestart door register & bestand (O4) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Registersleutel Shell MountPoints2 (MPSK) (O51) ~ AMI: 5 Legitimates Filtered in 00mn 00s ---\\ Samenvatting van detecties gevonden op uw werkstation http://www.nicolascoolman.fr/blog/ =>PUP.EasyYoutube http://nicolascoolman.fr/pup-safeweb =>PUP.SafeWeb http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit http://www.nicolascoolman.fr/blog/ =>Adware.Agent ~ MSI: 4 link(s) detected in 00mn 00s ~ 995 Legitimates filtered by white list End of the scan (586 lines in 07mn 04s)(17.5)