djdanvan

:ciao:Beste PCH, Ik heb mijn oude computer (windXP) gekuist maar iets te ijverig geweest. Bij het opstarten krijg ik steeds de melding "NTLDR ontbreekt" Druk op CTRL+ALT+DEL om op te starten. Ik heb nog altijd de originele installatie schijf van XP Wie kan mij verder helpen aub? groeten djdanvan

Dank u kweezie wabbit, Via de gedownloade handleiding de juiste manier gevonden. Alles uitgevoerd zoals HP beschreven heeft en alles werkt weer zoal voorheen. Waarvoor hartelijk dank. djdanvan

Model dv7-4080sb product XC248EA#UUG Serial CNF025CXLP

Beste PCH, Ik heb hier een laptop van HP die ik graag terug naar fabrieksinstellingen zo willen plaatsen. Het is een HP pavilion dv7 met Win7 Ik heb een opstart DVD van Win7 64 bits Wie wil mij helpen? Dank u djdanvan

Beste, Na wat zoekwerk en instelwerk is het mij gelukt om drie camera's via het netwerk van overal te benaderen. Dit met een gratis account aan te maken bij "no-ip ddns server". Alles werkt prima. groeten djdanvan

Betse PCH, Ik heb mij een set Camera's aangeschaft en heb ze binneshuis geinstalleerd met een vast IP-adres op mijn persoonlijk netwerkje. Die werken perfect en kunnen probleemloos benaderd van binnen mijn netwerk. Nu de vraag heeft er iemand ervaring om dit van buiten uit te benaderen? Volgens de lectuur bestaat er een DynDNS (server) waar je gratis kan abonneren om zo je steeds wisselend IP-adres te kunnen volgen. Mijn Provider is Telenet. Wie kan mij verder helpen? groeten djdanvan

@clarkie, Stom van mij, maar ik had dit nu toch wel vergeten hoe het moest, maar dat komt waarschijnlijk door het te vele vocht van tijdens de jaarwisseling zeker? Alléé, nog maar eens de mooie uitleg gelezen en ja t'zit er weer in. hartelijk dank. djdanvan

@clarkie, Nee, een .pps is niet de vergelijken maar het principe blijft het zelfde. Maar toch bedankt u heeft mij de juiste info gegeven.Alles wordt weergegeven zoals ik het wilde. Bedankt clarkie. grts djdanvan

Beste PCH, Ik werk met Outlook 2010, Ik ben bezig geweest mijn adressen te synchroniseren met mijn iPad. Maar plots zijn alle adressen verdwenen. Gelukkig een back-up ter beschikking van over enkele weken terug. Maar nergens vind ik hoe ik deze moet importeren? Wie kan mij op het juiste spoor helpen? dank u djdanvan

@clarkie, Ik open dit met Publisher 2010 ik bewerkt dit eventueel en sla het op als xxxxxxx.pub op screen is de ontwerp modus (in het programma staat nu de bewerkte file.) Als ik dit opent komt dit terug in deze modus, en dat wil ik nu juist niet. Ik wil dit geopend zien gewoon als bewerkt bestand zoals bij PowerPoint . Hopende u hierbij wat duidelijker te zijn. grtn djdanvan

Geachte PCH Als ik een file van Publisher open komt ik steeds in de ontwerp modus terecht. i.p.v. die viewer modus, hoe los ik dit op? Dank u djdanvan

@clarkie, Allereerst prettige feestdagen. Is gelukt, .pps werken terug. ivm systeemherstelpunten stonden er maar twee 20 en 25 /12 (ook meer herstelpunten aangevinkt) herstelpunten die ik kon gebruiken, maar 20/12 was wel de goeie. Nu, wat bepaald er het aantal opgeslagen herstelpunten of kan het zijn dat er scan prog deze wissen? Ik gebruik Spy-hunter regelmatig. Sta u daarachter? grts djdanvan

@clarkie, Ja. Dit heb ik al gedaan maar tevergeefs. gts djdanva

@clarkie, Dank voor het vlugge antwoord, maar nee dit is of was niet de oplossing. Er gebeurd niets als ik de .pps wil openen. Nochtans alles staat juist bij de bestandskoppeling. gts djdanvan

Beste PCH, Op mijn desktop met Win7 speelde ik altijd de PowerPoint presentaties die als bijlage in een mail toekwamen af met PowerPoint 2010. Sinds enkele dagen geleden lukt mij dit niet meer. Als ik de presentatie opsla op een andere locatie lukt het me ook niet. Maar als ik eerst het prog. PowerPoint opent dan via bestand openen en de presentatie kies en verder bekijken als diapresentatie kan ik dit dan toch bekijken. Zoals je merkt niet de gewone weg om dit te openen. Wat kan er gebeurt zijn dat ik dit niet meer zoals vroeger kan bekijken? Graag even de hulp van PCH aub. groeten djdanvan

@ clarkie, Machtig, dat is het. thx djdanvan

clarkie, Blijkbaar ondersteunt Win7 geen gadgets meer. Ik krijg in geen geval het uurwerk op mijn bureaublad. Weet u (of iemand) een alternatief om twee (Belgie en India) uurwerken te plaatsen? gtrs djdanvan

Beste PCH, Op mijn laptop (wind 7) kan ik sinds enige tijd geen uurwerk (gadgets)meer plaatsen, ttz. datum, kalender lukt dan weer wel. Maar het uurwerk lukt niet, andere komen in een speciale verschijning te staan. Wie wil mij helpen? zie afbeelding groeten djdanvan

@iEscape, Dank, geïnstalleerd en het werkt goed. Nu afwachten als er niet te veel complicaties voordoen. Hartelijk dank djdanvan

Beste PCH, Wie weet of dit moet? als mijn iPad moet worden opgeschoond met een programma zoals Ccleaner bij een gewone computer. en met welk programma? dank u djdanvan

@juisterr, Computer werkt goed vanuit "veilige modus" maar bij normaal opstarten blijft alles op mijn bureaublad bevroren. Ik kan niets vanaf mijn bureaublad openen ook niet via de startknop de computer afsluiten. wil je me verder helpen aub? grts djdanvan

@juisterr, k'denk dat het het juiste logje is want ik heb er twee gekregen, daarom ook nog te tweede thx djdanvan Rapport de ZHPFix 2013.11.12.4 par Nicolas Coolman, Update du 12/11/2013 Fichier d'export Registre : Run by Ik at 13/11/2013 20:44:20 High Elevated Privileges : OK Windows XP Home Edition Service Pack 3 (Build 2600) Recycle Bin emptied (00mn 05s) Repair of browser shortcuts ========== Registry keys ========== REMOVES: HKLM\Software\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn REMOVES: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} REMOVES: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} REMOVES: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar ========== Folders ========== REMOVES: c:\documents and settings\all users.windows\application data\{9cd61942-8da1-4781-925c-4fe1471e0820} REMOVES: c:\documents and settings\all users.windows\application data\installmate REMOVES: c:\program files\frostwire\opencandy Deletes temporary Windows (2) (0 octets) REMOVES Flash Cookies (1) (0 octets) ========== Files ========== REMOVES: C:\Windows\Installer\2e1d42.msi Deletes temporary Windows (0) (0 octets) REMOVES Flash Cookies (0) (0 octets) ========== Other ========== NON-TREATY emptyjava ========== Summary ========== 4 : Registry keys 5 : Folders 3 : Files 1 : Other End of clean in 00mn 06s ========== Path to file report ========== C:\Documents and Settings\Ik\Application Data\ZHP\ZHPFix[R1].txt - 13/11/2013 20:44:25 [1457] ---------------------------------------------------------------------------------------------------- Rapport de ZHPFix 2013.11.12.4 par Nicolas Coolman, Update du 12/11/2013 Fichier d'export Registre : C:\Documents and Settings\Ik\Application Data\ZHP\ZHPExportRegistry-13-11-2013-20-44-26.txt Run by Ik at 13/11/2013 20:44:20 High Elevated Privileges : OK Windows XP Home Edition Service Pack 3 (Build 2600) Recycle Bin emptied (00mn 05s) Repair of browser shortcuts ========== Registry keys ========== REMOVES: HKLM\Software\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn REMOVES: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} REMOVES: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} REMOVES: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar ========== Folders ========== REMOVES: c:\documents and settings\all users.windows\application data\{9cd61942-8da1-4781-925c-4fe1471e0820} REMOVES: c:\documents and settings\all users.windows\application data\installmate REMOVES: c:\program files\frostwire\opencandy Deletes temporary Windows (2) (0 octets) REMOVES Flash Cookies (1) (0 octets) ========== Files ========== REMOVES: C:\Windows\Installer\2e1d42.msi Deletes temporary Windows (0) (0 octets) REMOVES Flash Cookies (0) (0 octets) ========== Other ========== NON-TREATY emptyjava 　 ========== Summary ========== 4 : Registry keys 5 : Folders 3 : Files 1 : Other 　 End of clean in 00mn 06s ========== Path to file report ========== C:\Documents and Settings\Ik\Application Data\ZHP\ZHPFix[R1].txt - 13/11/2013 20:44:25 [1457] - - - Updated - - - alvast dank hoor, djdanvan uit jabbeke

juisterr, Hieronder het gevraagde logje, maar dan wel vanuit veilige modus. grts djdanvan ~ Report of ZHPDiag v2013.11.13.29 - Nicolas Coolman (12/11/2013) ~ Launched by Ik (13/11/2013 18:57:38) ~ Web site address : http://nicolascoolman.webs.com ~ Free support forums for disinfection : http://nicolascoolman.webs.com/apps/links/ ~ Translated by ~ Version State : ~ White List : Activate by program ~ Elevation of privilege : OK ~ User Account Control : Not Found ---\\ Internet browsers MSIE: Internet Explorer v8.0.6001.18702 (Defaut) GCIE: Google Chrome v30.0.1599.101 ---\\ Windows product information ~ Langage: Anglais Windows XP Home Edition Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : KO ---\\ System protection software Malwarebytes Anti-Malware versie 1.75.0.1300 Spybot - Search & Destroy v1.6.2 ---\\ System optimization software CCleaner v4.07 =>Piriform Ltd ---\\ Sharing software PeerToPeer FrostWire 4.18.1 v4.18.1.0 ---\\ Surveillance software Adobe Flash Player 11 Plugin Adobe Reader 9.5.1 - Nederlands ---\\ Information on the system ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot) Total RAM: 1023 MB (68% free) System Restore: Activé (Enable) System drive C: has 76 GB (65%) free of 116 GB ---\\ Connection to the system mode ~ Computer Name: OLIVIER ~ User Name: Ik ~ All Users Names: SUPPORT_388945a0, Ik, HelpAssistant, Gast, ASPNET, Administrator, ~ Unselected Option: None Logged in as Administrator ---\\ Environment variables ~ System Unit : C:\ ~ %AppZHP% : C:\Documents and Settings\Ik\Application Data\ZHP\ ~ %AppData% : C:\Documents and Settings\Ik\Application Data\ ~ %Desktop% : C:\Documents and Settings\Ik\Bureaublad\ ~ %Favorites% : C:\Documents and Settings\Ik\Favorieten\ ~ %LocalAppData% : C:\Documents and Settings\Ik\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Ik\Menu Start\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumeration of the disk units C: Hard drive, Flash drive, Thumb drive (Free 76 Go of 116 Go) D: Hard drive, Flash drive, Thumb drive (Free 35 Go of 116 Go) E: Floppy drive, Flash card reader, USB Key (Not Inserted) F: Floppy drive, Flash card reader, USB Key (Not Inserted) G: Floppy drive, Flash card reader, USB Key (Not Inserted) H: Floppy drive, Flash card reader, USB Key (Not Inserted) I: CD-ROM drive (Not Inserted) ---\\ State of the Windows Security Center [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 44 Legitimates Filtered in 00mn 00s ---\\ Search Generic System Files [MD5.AA04F042A820BF1868E643575887E1A6] - (.Microsoft Corporation - Windows Verkenner.) (.14/04/2008 - 21:33:00.) -- C:\WINDOWS\Explorer.exe [1037312] [MD5.C1466A8E803261BB11FC25EF096E4E3D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/05/2012 - 16:09:47.) -- C:\WINDOWS\system32\wininet.dll [916992] [MD5.1247D4D5444E28519BBE31BE8AB4C029] - (.Microsoft Corporation - Toepassing Windows NT-aanmelding.) (.14/04/2008 - 21:33:20.) -- C:\WINDOWS\system32\Winlogon.exe [510464] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 23:10:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 23:44:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 23:10:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.8BFFFB5AC954E19DFDB96D56512AA518] - (.Microsoft Corporation - Cryptografisch FIPS-stuurprogramma.) (.14/04/2008 - 21:02:52.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 21:06:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.C43372D0682F8E32E4EC21117E089EC0] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14/04/2008 - 21:05:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 23:11:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 23:27:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 23:51:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 23:45:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.E3934CCC20A4D24F1924E13D36D2A5BD] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14/04/2008 - 21:13:20.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80256] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 23:02:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.4173BC66E485FD77A03C4819F60BD0DA] - (.Microsoft Corporation - Redbook Audio Filter-stuurprogramma.) (.14/04/2008 - 21:04:04.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58112] [MD5.8AB662B3C4691E6DDF61C96BB5B7D103] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.14/04/2008 - 21:03:42.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53504] ~ Generic Processes: Scanned in 00mn 00s ---\\ Hidden files state (Hidden/Total) ~ Mes images (My Pictures) : 2/18298 ~ Mes musiques (My Musics) : 1/375 ~ Mes Videos (My Videos) : 1/47 ~ Mes Favoris (My Favorites) : 1/131 ~ Mes Documents (My Documents) : 3/21664 ~ Mon Bureau (My Desktop) : 1/27 ~ Menu demarrer (Programs) : 1/46 ~ Hidden Files: Scanned in 00mn 16s ---\\ Process running [MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe [638816] [PID.1884] [MD5.65C05CC168F30145E893641A4C4167C8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8214016] [PID.520] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [user Data\Default] [jmfkcklnlgedgbglfkkgedjfmejoahla] AVG Safe Search v.12.0.0.1901 (Désactivé) G2 - GCE: Preference [user Data\Default] [ndgonipadfipmlmdfofnjnhhlgojnjdn] BittorrentBar_NL v.2.5.0.1 (Désactivé) =>P2P.BitTorrent ~ Google Browser: 12 Legitimates Filtered in 00mn 04s ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@gamersfirst.com/LiveLauncher] - (...) -- C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll (.not file.) P2 - FPN: [HKLM] [@ngm.nexoneu.com/NxGame] - (...) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NexonEU\NGM\npNxGameeu.dll (.not file.) P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (...) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (.not file.) ~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) R3 - URLSearchHook: (no name) - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} . (...) (No version) -- (.not file.) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.) ~ IE Browser: 18 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 1 ---\\ Internet Explorer toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{74198672-5F7D-4FE9-A611-4AC1D5A66A15} Orphan key O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Orphan key O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Orphan key O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Orphan key O3 - Toolbar\WebBrowser: (no name) - [HKCU]{00000000-0000-0000-0000-000000000000} Orphan key ~ Toolbar: Scanned in 00mn 00s ---\\ Auto loading programs from Registry and folders (O4) O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe O4 - HKUS\S-1-5-21-1343024091-1682526488-725345543-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1343024091-1682526488-725345543-1004\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe ~ Application: Scanned in 00mn 00s ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9) O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: SimilarWeb - {5D06ED6E-DA78-4486-A246-B131A2C39807} -- C:\Program Files\SimilarWeb\hotbtn.ico (.not file.) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Orphan key O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphan key O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Reset Web Settings' hijack (O14) O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com" ~ IE Paramètres WEB: Scanned in 00mn 00s ---\\ ActiveX Objects (Downloaded Program Files) (O16) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ((no name)) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} ((no name)) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_IKEA_Win32.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} ((no name)) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1284845097765 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} ((no name)) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} ((no name)) - http://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.134.0.cab O16 - DPF: {8C922C73-FFFA-45A3-B2C2-BC1E30074267} ((no name)) - http://www.sony.be/bravia/RegistrationAgent.cab O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} ((no name)) - http://www.extrafilm.be/ExtraFilmUploader6.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} ((no name)) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Lop.com/Domain Hijackers (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{2CC6E56C-E6FF-4700-B29C-5A26E5B9842C}: DhcpNameServer = 195.130.130.5 195.130.131.5 O17 - HKLM\System\CS1\Services\Tcpip\..\{2CC6E56C-E6FF-4700-B29C-5A26E5B9842C}: DhcpNameServer = 195.130.130.5 195.130.131.5 O17 - HKLM\System\CS3\Services\Tcpip\..\{2CC6E56C-E6FF-4700-B29C-5A26E5B9842C}: DhcpNameServer = 195.130.130.5 195.130.131.5 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.5 195.130.131.5 ~ Domain: Scanned in 00mn 00s ---\\ Extra protocols (O18) O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ AppInit_DLLs Registry value Autorun (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto-API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Off line netwerk-agent.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL-meldingsbestand voor de Secondary Logon.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ SharedTaskScheduler (O22) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Preloader van browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Windows Active Desktop & MHTML Editor (O24) O24 - Desktop Component 0: Mijn huidige introductiepagina - file:About:Home O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Ik\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Ik\Local Settings\Application Data\Microsoft\Wallpaper1.bmp ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s ---\\ BootExecute (BEX) (O34) O34 - HKLM BootExecute: (lsdelete) - File not found ~ BEX: 3 Legitimates Filtered in 00mn 00s ---\\ Software installed (O42) O42 - Logiciel: Kruidvat fotoservice - (...) [HKLM] -- Kruidvat fotoservice ~ Logic: 167 Legitimates Filtered in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\LOGEN] [HKLM\Software\System32retsaMebuC] [HKLM\Software\WRUpdater] ~ Key Software: 192 Legitimates Filtered in 00mn 01s ---\\ Contents of the Common Files folders (O43) O43 - CFD: 19/09/2011 - 18:51:38 - [233,000] ----D C:\Program Files\Fotoservice O43 - CFD: 14/02/2013 - 20:32:09 - [4,594] ----D C:\Program Files\GUMEB.tmp O43 - CFD: 13/11/2013 - 10:11:32 - [0] ----D C:\Program Files\Pando Networks O43 - CFD: 13/11/2013 - 15:22:04 - [51,101] ----D C:\Program Files\Pixbook O43 - CFD: 2/12/2011 - 20:15:23 - [0,811] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallMate O43 - CFD: 13/11/2013 - 10:08:43 - [0] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Spotnet O43 - CFD: 6/01/2013 - 12:59:44 - [0] -SH-D C:\Documents and Settings\All Users.WINDOWS\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} O43 - CFD: 6/01/2013 - 12:59:44 - [0] --H-D C:\Documents and Settings\All Users.WINDOWS\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70} O43 - CFD: 17/02/2013 - 9:33:30 - [132,394] ----D C:\Documents and Settings\Ik\Application Data\splitscreen O43 - CFD: 24/02/2012 - 21:23:14 - [7,797] ----D C:\Documents and Settings\Ik\Local Settings\Application Data\Roblox O43 - CFD: 24/02/2012 - 21:19:31 - [18,709] ----D C:\Documents and Settings\Ik\Local Settings\Application Data\RobloxDownloads O43 - CFD: 14/02/2013 - 17:55:57 - [0] ----D C:\Documents and Settings\Ik\Local Settings\Application Data\RobloxVersions O43 - CFD: 13/11/2013 - 10:08:43 - [0] ----D C:\Documents and Settings\Ik\Local Settings\Application Data\Spotnet O43 - CFD: 18/09/2010 - 19:42:59 - [0,014] R---D C:\Documents and Settings\Ik\Menu Start\Programma's\Bureau-accessoires O43 - CFD: 1/02/2013 - 17:43:26 - [0,009] ----D C:\Documents and Settings\Ik\Menu Start\Programma's\Logen Solutions O43 - CFD: 18/09/2010 - 16:46:29 - [0] R---D C:\Documents and Settings\Ik\Menu Start\Programma's\Opstarten O43 - CFD: 20/11/2011 - 10:44:51 - [0] R---D C:\Documents and Settings\Ik\Menu Start\Programma's\Systeembeheer ~ Program Folder: 222 Legitimates Filtered in 00mn 46s ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.CB17A47D090938A02DACB066D6D5A124] - 10/11/2013 - 19:01:53 ---A- . (...) -- C:\WINDOWS\system32\rp_rules.dat [44] O44 - LFC:[MD5.8A3D5B46FF8C9CED46304F1EBB5F9AFE] - 10/11/2013 - 19:01:53 ---A- . (...) -- C:\WINDOWS\system32\rp_stats.dat [64] O44 - LFC:[MD5.2C6C03D1D116D452D85AE852346A735F] - 12/11/2013 - 18:59:35 ---A- . (...) -- C:\Boot.bak [210] O44 - LFC:[MD5.5A95B19F6F57CB11D6D818E4A08AFF34] - 12/11/2013 - 18:59:35 ---A- . (...) -- C:\WINDOWS\win.ini [582] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/11/2013 - 19:01:00 ----- . (...) -- C:\WINDOWS\Sti_Trace.log [0] O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 13/11/2013 - 10:44:42 ---A- . (...) -- C:\WINDOWS\MBR.exe [208896] O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 13/11/2013 - 10:44:42 ---A- . (...) -- C:\WINDOWS\PEV.exe [256000] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 13/11/2013 - 10:44:42 ---A- . (...) -- C:\WINDOWS\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 13/11/2013 - 10:44:42 ---A- . (...) -- C:\WINDOWS\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 13/11/2013 - 10:44:42 ---A- . (...) -- C:\WINDOWS\zip.exe [68096] O44 - LFC:[MD5.271E9B6A3AEC7BCA63D9231A4B3575C0] - 13/11/2013 - 10:46:51 RSHA- . (...) -- C:\cmldr [261936] O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 13/11/2013 - 11:03:20 ---A- . (...) -- C:\WINDOWS\system.ini [227] O44 - LFC:[MD5.37BF4F2BA1C983BC223B86CF26ECBBF9] - 13/11/2013 - 11:05:19 ---A- . (...) -- C:\ComboFix.txt [12592] O44 - LFC:[MD5.5B8A3837ACC563EA4A22350F47DAE9E2] - 13/11/2013 - 17:37:57 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.62F66373E846557CCBF3E03EB810B8E1] - 13/11/2013 - 17:59:30 ---A- . (...) -- C:\WINDOWS\wiadebug.log [216] O44 - LFC:[MD5.C5964D075A9CD5D63FE9A777014E05AA] - 13/11/2013 - 18:53:07 ---A- . (...) -- C:\aaw7boot.log [469494] O44 - LFC:[MD5.BED04E53B8319B49A60507864554A498] - 13/11/2013 - 18:53:22 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [163188] ~ Files: 33 Legitimates Filtered in 00mn 06s ---\\ Last files created in Windows Prefetcher (O45) O45 - LFCP:[MD5.5FEBE954025CF587D5BCECE913984404] - 13/11/2013 - 15:06:50 ---A- - C:\WINDOWS\Prefetch\MPN20.EXE-17D42507.pf O45 - LFCP:[MD5.DE6DEDDD3213F43F9343FBC4F188B38A] - 13/11/2013 - 15:20:29 ---A- - C:\WINDOWS\Prefetch\_IU14D2O.TMP-25DAF620.pf O45 - LFCP:[MD5.74D9E7D067E626B416829C49450E0BC9] - 13/11/2013 - 15:22:18 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-13F09820.pf O45 - LFCP:[MD5.522FACC5CC243ABBD1910804EA3CB39D] - 13/11/2013 - 17:38:27 ---A- - C:\WINDOWS\Prefetch\ATI2SGAG.EXE-034D00DE.pf O45 - LFCP:[MD5.E4A74DBA2FC6906F4654B1DFCEAAAD03] - 13/11/2013 - 9:09:03 ---A- - C:\WINDOWS\Prefetch\AD-AWAREADMIN.EXE-102E374C.pf O45 - LFCP:[MD5.4DA852CD8FBE8DFF3E4319F96C4C5C46] - 13/11/2013 - 9:09:03 ---A- - C:\WINDOWS\Prefetch\THREATWORK.EXE-0F50642D.pf O45 - LFCP:[MD5.9B5717277ACCA24A01875C0CB77AB90E] - 13/11/2013 - 9:17:58 ---A- - C:\WINDOWS\Prefetch\AAWTRAY.EXE-1858AE3F.pf ~ Prefetcher: 77 Legitimates Filtered in 00mn 00s ---\\ Operations and functions at Windows Explorer startup (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ System Drivers List (SDL) (O58) O58 - SDL:[MD5.9612CC2E08F8185179F2C225860BF942] - 4/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main-stuurprogramma.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528] O58 - SDL:[MD5.D9813A015C5CA62411B8E0A0167D00F2] - 4/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9029] ~ Drivers: 6 Legitimates Filtered in 00mn 00s ---\\ Last modified or created user files (O61) O61 - LFC: 10/11/2013 - 18:59:28 -S-A- . (...) -- C:\Documents and Settings\Ik\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1343024091-1682526488-725345543-1004\ed024c1d62d832874946823704b45fe1_1e5812ec-0789-4e94-b7c4-4a68eee66903 [1333] O61 - LFC: 12/11/2013 - 18:59:28 ---A- . (...) -- C:\Documents and Settings\Ik\Application Data\Microsoft\Windows\Themes\Custom.theme [6089] O61 - LFC: 12/11/2013 - 18:59:28 -S-A- . (...) -- C:\Documents and Settings\Ik\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1343024091-1682526488-725345543-1004\88204f700c93dff7e059dd09a004fe10_1e5812ec-0789-4e94-b7c4-4a68eee66903 [1333] O61 - LFC: 12/11/2013 - 18:59:28 -SHA- . (...) -- C:\Documents and Settings\Ik\Application Data\Microsoft\Internet Explorer\Desktop.htt [2692] O61 - LFC: 12/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Cookies [6144] O61 - LFC: 12/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOCK [0] O61 - LFC: 12/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old [46] O61 - LFC: 12/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\Databases.db [7168] O61 - LFC: 12/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG.old [142] O61 - LFC: 12/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\GPUCache\data_0 [8192] O61 - LFC: 12/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\GPUCache\data_1 [270336] O61 - LFC: 12/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\GPUCache\data_2 [8192] O61 - LFC: 12/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\GPUCache\data_3 [8192] O61 - LFC: 12/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\GPUCache\index [262512] O61 - LFC: 12/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data [12288] O61 - LFC: 12/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [13312] O61 - LFC: 12/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old [264] O61 - LFC: 12/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts [12288] O61 - LFC: 12/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC: 12/11/2013 - 18:59:35 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Microsoft\Wallpaper1.bmp [13381686] O61 - LFC: 13/11/2013 - 18:59:27 -S-A- . (...) -- C:\Documents and Settings\Ik\Application Data\Microsoft\Crypto\RSA\S-1-5-21-1343024091-1682526488-725345543-1004\4f43b932a506a45fe55a18df0dc0703f_1e5812ec-0789-4e94-b7c4-4a68eee66903 [1333] O61 - LFC: 13/11/2013 - 18:59:28 -SHA- . (...) -- C:\Documents and Settings\Ik\Application Data\Microsoft\Internet Explorer\UserData\index.dat [32768] O61 - LFC: 13/11/2013 - 18:59:29 ---A- . (...) -- C:\Documents and Settings\Ik\Application Data\ZHP\HOSTS.txt [27] =>.Nicolas Coolman O61 - LFC: 13/11/2013 - 18:59:29 ---A- . (...) -- C:\Documents and Settings\Ik\Application Data\ZHP\Log.txt [19563] =>.Nicolas Coolman O61 - LFC: 13/11/2013 - 18:59:29 ---A- . (...) -- C:\Documents and Settings\Ik\Application Data\ZHP\TestsZHPDiag.txt [3109] =>.Nicolas Coolman O61 - LFC: 13/11/2013 - 18:59:29 ---A- . (...) -- C:\Documents and Settings\Ik\Bureaublad\adaware.txt [40390] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Bureaublad\PC Helpforum - Gratis hulp bij computer problemen.url [178] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Bureaublad\ZHPDiag.lnk [1523] =>.Nicolas Coolman O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Bureaublad\ZHPFix.lnk [1628] =>.Nicolas Coolman O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Bureaublad\adaware2.txt [40392] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Bureaublad\mbam-log-2013-11-12 (18-08-13).txt [45088] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History [57344] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History-journal [512] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks [47598] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [80896] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal [4640] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Session [69477] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Tabs [45676] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG [259] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT [16] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG [264] O61 - LFC: 13/11/2013 - 18:59:30 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\chrome_shutdown_ms.txt [5] O61 - LFC: 13/11/2013 - 18:59:30 -SHA- . (...) -- C:\Documents and Settings\Ik\Bureaublad\Wat nog op uw Buroblad stond\2011_06_27\Thumbs.db [16384] O61 - LFC: 13/11/2013 - 18:59:30 -SHA- . (...) -- C:\Documents and Settings\Ik\IECompatCache\index.dat [147456] O61 - LFC: 13/11/2013 - 18:59:30 -SHA- . (...) -- C:\Documents and Settings\Ik\IETldCache\index.dat [262144] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-000019 [354] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [90112] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons-journal [16384] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\History [110592] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache [884] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal [16384] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.be_0.localstorage [3072] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_www.google.be_0.localstorage-journal [3608] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Managed Mode Settings [8] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor [16384] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal [3608] O61 - LFC: 13/11/2013 - 18:59:31 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs [11264] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs-journal [4640] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [87176] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [272] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000838 [434] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites [20480] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal [12824] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links [131072] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [86016] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal [10792] O61 - LFC: 13/11/2013 - 18:59:32 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Local State [56526] O61 - LFC: 13/11/2013 - 18:59:33 ---A- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat [18420] O61 - LFC: 13/11/2013 - 18:59:33 -SHA- . (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1343024091-1682526488-725345543-1004\Credentials [2986] O61 - LFC: 13/11/2013 - 18:59:36 -SHA- . (...) -- C:\Documents and Settings\Ik\PrivacIE\index.dat [16187392] ~ 3 Fichiers temporaires (Temporary files) ~ 15 Fichiers cookies (Cookies files) ~ Files: 217 Legitimates Filtered in 00mn 21s ---\\ List all tools cleaner (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ List all legacy services(LALS) (O64) O64 - Services: CurCS - 18/02/2013 - C:\WINDOWS\system32\drivers\avgtpx86.sys (avgtp) .(.AVG Technologies - No Comment.) - LEGACY_AVGTP ~ Legacy: 143 Legitimates Filtered in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 10 Legitimates Filtered in 00mn 00s ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {1C9DD383-2A29-43A1-ADD7-6F1D2B521DD6} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Crack & Keygen Files (CKF) (O82) C:\Documents and Settings\Ik\Application Data\.minecraft\Minecraft Beta Cracked.exe C:\Documents and Settings\Ik\Application Data\.minecraft\Minecraft Beta Cracked.exe ~ Files: Scanned in 01mn 17s ---\\ Search Particular Root Folder (SPRF) (O84) [MD5.1FFB2EBE1F95C5E5AEC1512EA686049C] [sPRF][29/08/2012] (...) -- C:\Documents and Settings\Ik\Local Settings\Application Data\dt.dat [27520] [MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [sPRF][28/02/2012] (...) -- C:\Documents and Settings\Ik\Application Data\PnkBstrK.sys [138056] [MD5.8C27D71B2F6719136407C525ECF18D51] [sPRF][25/10/2013] (...) -- C:\Documents and Settings\Ik\Bureaublad\adwcleaner.exe [1060070] [MD5.B4F3EDB46D7D06E0466B5DF57F10158E] [sPRF][25/08/2009] (...) -- C:\Documents and Settings\Ik\Bureaublad\revosetup.exe [1079272] ~ Files: 12 Legitimates Filtered in 00mn 00s ---\\ Product Upgrade Codes (PUC) (O90) O90 - PUC: "342C9E3FE221B6D4CA1C1EEF0CF2C61A" . (.Command and ConquerTM Generals Zero Hour.) -- C:\WINDOWS\Installer\{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}\ARPPRODUCTICON.exe ~ Update Products: 127 Legitimates Filtered in 00mn 00s ---\\ Windows Installer Scan (WIS) (O93) (NTFS) [MD5.86D7C17939A45DF9A3D5669AB51916DE] [WIS][15/08/2011] (.Bandoo Media Inc. - iLivid Installation.) -- C:\Windows\Installer\2e1d42.msi [262656] =>Adware.Bandoo [MD5.B83FA5714D167811B82497D826F598AD] [WIS][25/12/2010] (.Movavi - Movavi Video Converter 10.) -- C:\Windows\Installer\319ade.msi [11216896] [MD5.A066516E9D30D50C8C454E30227899B5] [WIS][1/02/2013] (.SoftTruck - CargoWiz.) -- C:\Windows\Installer\50129c.msi [10836992] [MD5.EB1EF515E4EDA542BA37AEFC2E0EE6D8] [WIS][1/02/2013] (.Logen Solutions - CUBEMA~1|CubeMaster Enterprise Edition 30 Days Trial.) -- C:\Windows\Installer\694914.msi [11066880] ~ WIS: 142 Legitimates Filtered in 00mn 11s ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 10/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SS - | Auto 11/02/2010 602112 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SS - | Auto 10/02/2010 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe SS - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SS - | Auto 10/04/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 10/04/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 16/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe SS - | Demand 9/09/2012 821648 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 23/09/2012 1737728 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe SS - | Auto 28/02/2012 75136 | (PnkBstrA) . (...) - C:\WINDOWS\system32\PnkBstrA.exe ~ Services: Scanned in 00mn 12s ---\\ Search Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Ik at 13/11/2013 19:01:14 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys 1 nt!IofCallDriver[0x804E13B9] >> \Device\Harddisk0\DR0[0x8675CAB8] kernel: MBR read successfully user & kernel MBR OK ~ MBR: 13 Legitimates Filtered in 00mn 02s ---\\ Search Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Ik at 13/11/2013 19:01:16 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 12994 - (12/11/2013) Clés trouvées (Keys found) : 5 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 4 Fichiers trouvés (Files found) : 1 [HKLM\Software\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn] =>P2P.BitTorrent^ [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}] =>Toolbar.TuneUp [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E0C8759C69912A4485AD49572CE7CA3] =>Adware.Bandoo [HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DVDVideoSoftTB Toolbar] =>Toolbar.DVDVideoSoft C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn =>P2P.BitTorrent^ C:\Documents and Settings\All Users.WINDOWS\Application Data\{9CD61942-8DA1-4781-925C-4FE1471E0820} =>Toolbar.Conduit C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallMate =>PUP.Tarma C:\Program Files\FrostWire\OpenCandy =>Adware.OpenCandy C:\Windows\Installer\2e1d42.msi =>Adware.Bandoo^ ~ Additionnel Scan: 289648 Items scanned in 00mn 18s ---\\ Summary of the detections found on your workstation ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma ~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy ~ MSI: 5 link(s) detected in 00mn 18s ~ 1366 Legitimates filtered by white list End of the scan (590 lines in 03mn 57s)(2)

Juisterr, Dank voor het vlugge antwoord. Als het niet lukt mag dit ook in veilige modus? grts djdanvan

@passer, Nee het is niet van vandaag het is al enige tijd. Ik heb nu mijn huidige virusscanner verwijderd en ik was van plan er een nieuwe versie er op te plaatsen maar blijkbaar lukt het niet van een map op het bureaublad te openen. Zoals ik in mijn vorig berichtje al aangaf. Ik laat hem eens verder werken tot hij moe wordt? Nog een vraagje aan PCH? Mag ik mijn virusscanner install. vanuit veilige modus? Grts djdanvan