Firewall
marcde
Messages postés
331
Statut
Membre
-
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
Bonjour,
merci de votre aide,
mon prob.. je n'arrive plus a activer mon firewall,
ai deja essayez de tous , et la je rame depuis deux jours sans resultat,
quand je veux l'activer je recois avertissement, faute 1068 essayez plus tard,
quoi faire merci,marcde
merci de votre aide,
mon prob.. je n'arrive plus a activer mon firewall,
ai deja essayez de tous , et la je rame depuis deux jours sans resultat,
quand je veux l'activer je recois avertissement, faute 1068 essayez plus tard,
quoi faire merci,marcde
A voir également:
- Firewall
- Comodo firewall - Télécharger - Pare-feu
- Avs firewall. - Télécharger - Contrôle parental
- Firewall builder - Télécharger - Web & Internet
- Windows firewall control - Télécharger - Optimisation
- Private firewall - Télécharger - Pare-feu
9 réponses
bonsoir afrfr37
merci pour ton aide, mais ai aussi fait support , de plus ai essayez windows fixit
rien la galere, marcde merci
merci pour ton aide, mais ai aussi fait support , de plus ai essayez windows fixit
rien la galere, marcde merci
bonjour, pourrais tu nous poster un diagnostique du pc avec un zhpdiag , merci
Ouvre ce lien et télécharge ZHPDiag :
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Enregistres le sur ton Bureau.
Une fois le téléchargement achevé
pour XP, double-clique sur ZHPDiag
pour Vista,et seven ou wind 8 tu fais un clic droit sur l'icône et exécute en tant qu'administrateur.
N'oublies pas de cocher la case qui permet de mettre un raccourci sur le Bureau.
/|\ l'outil a créé 2 icônes ZHPDiag et ZHPFix.
Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !!
Cliques sur la loupe pour lancer l'analyse.
si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire un rapport plus complet et pouvoir en faire une lecture plus approfondis
Laisses l'outil travailler, il peut être assez long
A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Fermes ZHPDiag en fin d'analyse.
Pour me le transmettre clique sur ce lien :
https://www.cjoint.com/
Clique sur "choisissez un fichier " et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt
ou directement en choisissant bureau et ZHPDiag.txt clique dessus
Clique sur Ouvrir.
Clique sur "créer le lien cjoint".
Un lien de cette forme :
http://cjoint.com/data/0KAoeRbq7Szgg.htm
est ajouté dans la page.
Copie ce lien dans ta réponse.
et si problème passe par celui ci : http://pjjoint.malekal.com/
Ouvre ce lien et télécharge ZHPDiag :
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Enregistres le sur ton Bureau.
Une fois le téléchargement achevé
pour XP, double-clique sur ZHPDiag
pour Vista,et seven ou wind 8 tu fais un clic droit sur l'icône et exécute en tant qu'administrateur.
N'oublies pas de cocher la case qui permet de mettre un raccourci sur le Bureau.
/|\ l'outil a créé 2 icônes ZHPDiag et ZHPFix.
Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !!
Cliques sur la loupe pour lancer l'analyse.
si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire un rapport plus complet et pouvoir en faire une lecture plus approfondis
Laisses l'outil travailler, il peut être assez long
A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau.
Fermes ZHPDiag en fin d'analyse.
Pour me le transmettre clique sur ce lien :
https://www.cjoint.com/
Clique sur "choisissez un fichier " et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt
ou directement en choisissant bureau et ZHPDiag.txt clique dessus
Clique sur Ouvrir.
Clique sur "créer le lien cjoint".
Un lien de cette forme :
http://cjoint.com/data/0KAoeRbq7Szgg.htm
est ajouté dans la page.
Copie ce lien dans ta réponse.
et si problème passe par celui ci : http://pjjoint.malekal.com/
bonjour, je ne sais pas si cela a fonctionner, ou si je dois copier et coller ici le scan de ZHPDiag,
merci marcde
merci marcde
Rapport de ZHPDiag v2013.5.8.70 par Nicolas Coolman, Update du 7-5-2013
Run by PC Gebruiker at 9-5-2013 11:32:26
State : Your version is update.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Anglais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
avast! Free Antivirus v8.0.1488.0
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21
---\\ System Information
~ Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 31 GB (62%) free of 49 GB
---\\ Logged in mode
~ Computer Name: MT188
~ User Name: PC Gebruiker
~ All Users Names: SUPPORT_388945a0, PC Gebruiker, HelpAssistant, Gast, ASPNET, Administrator,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\PC Gebruiker\Application Data\
~ %Desktop% : C:\Documents and Settings\PC Gebruiker\Bureaublad\
~ %Favorites% : D:\Mijn documenten\KOSTEN & MUTUALITEIT\Favorieten\
~ %LocalAppData% : C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\PC Gebruiker\Menu Start\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 31 Go of 49 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 59 Go of 63 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ CD-ROM drive (Not Inserted)
J:\ CD-ROM drive (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Search Generic System Files
[MD5.AA04F042A820BF1868E643575887E1A6] - (.Microsoft Corporation - Windows Verkenner.) (.14-4-2008 - 21:33:00.) -- C:\WINDOWS\Explorer.exe [1037312]
[MD5.6E76BF0360E68F6A62F2D87DF15EAFD9] - (.Microsoft Corporation - Internet Extensions for Win32.) (.1-11-2012 - 13:12:55.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.1247D4D5444E28519BBE31BE8AB4C029] - (.Microsoft Corporation - Toepassing Windows NT-aanmelding.) (.14-4-2008 - 21:33:20.) -- C:\WINDOWS\system32\Winlogon.exe [510464]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17-8-2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13-4-2008 - 23:10:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13-4-2008 - 23:44:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13-4-2008 - 23:10:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.8BFFFB5AC954E19DFDB96D56512AA518] - (.Microsoft Corporation - Cryptografisch FIPS-stuurprogramma.) (.14-4-2008 - 21:02:52.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13-4-2008 - 21:06:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.C43372D0682F8E32E4EC21117E089EC0] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14-4-2008 - 21:05:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13-4-2008 - 23:11:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13-4-2008 - 23:27:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13-4-2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15-7-2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13-4-2008 - 23:51:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13-4-2008 - 23:45:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.E3934CCC20A4D24F1924E13D36D2A5BD] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14-4-2008 - 21:13:20.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80256]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13-4-2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13-4-2008 - 23:02:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.4173BC66E485FD77A03C4819F60BD0DA] - (.Microsoft Corporation - Redbook Audio Filter-stuurprogramma.) (.14-4-2008 - 21:04:04.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58112]
[MD5.8AB662B3C4691E6DDF61C96BB5B7D103] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.14-4-2008 - 21:03:42.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53504]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/35
~ Mes musiques (My Musics) : 1/101
~ Mes Videos (My Videos) : 2/4
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 2/756
~ Mon Bureau (My Desktop) : 0/28
~ Menu demarrer (Programs) : 1/62
~ Hidden Files: Scanned in 00mn 00s
---\\ Running Processes
[MD5.6F702A7EA2D5F2B55CC90C333FBE9978] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1380]
[MD5.493B1D854F98D611CCA249014C6E631A] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [81920] [PID.1780]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.944]
[MD5.D168AD316F07904F2D0DCF7204E8B5E0] - (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe [225280] [PID.1688]
[MD5.7D3451CAA8DB6B50A82A780B0E15B21F] - (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe [489472] [PID.1776]
[MD5.5739F2821D49975CEDE6BF0153D0CF01] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [181664] [PID.1816]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Google Installer.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [PID.1908]
[MD5.575ED0F5DCB34E5C243D2A7EBC860484] - (.Hewlett-Packard Company - No comment.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248] [PID.1968]
[MD5.BD517C7FB119997EFFBE39D5E4B37B05] - (.Unknown owner - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936] [PID.1996]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.2036]
[MD5.35CADFC53E7D7E4336E7C9C04D66C82B] - (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe [262144] [PID.244]
[MD5.7214143221CA831CFCB9F64850DFDABA] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [1008816] [PID.292] =>Toolbar.AVGSearch
[MD5.38D198A2DD54A67120040566A38103BA] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016] [PID.304]
[MD5.F498EB87FF75980F5C31827D72FB4D53] - (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416] [PID.356]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.428]
[MD5.4715BFF9E602AC143295E95FCFB43D5A] - (.AVG Secure Search - VProtect Application.) -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe [1223344] [PID.492] =>Toolbar.AVGSearch
[MD5.1010E520B76453C6AD2D170D67A14CF3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4858456] [PID.508]
[MD5.8C36CD5BAED5CE58BAEC5D73E30508E4] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.1464]
[MD5.C1626A1DEB684E044BBC2A03623A0F18] - (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [493776] [PID.1500]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.1520]
[MD5.69DFC1256C1BC5C71C32B34BFFEA59B4] - (.3M - Post-it(R) Software Notes: System.) -- C:\Program Files\3M\PSNLite\PsnLite.exe [1622016] [PID.1592]
[MD5.18EE31923BB580B67F431D29627E1B66] - (.3M - Post-it(R) Software Notes: GiveNote.) -- C:\Program Files\3M\PSNLite\PSNGive.exe [65536] [PID.2468]
[MD5.899E8C9723A2EEF9D977A86C07561682] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7254016] [PID.716]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] https://www.google.be/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [ealchnonpofjocgofjpopjdoegbbkofj] Happy Lyrics v.1.110 (Activé)
~ Google Browser: 15 Legitimates Filtered in 00mn 10s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\prefs.js
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (.AVG Technologies - npsitesafety.) -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.1.0\npsitesafety.dll =>Toolbar.AVGSearch
~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.goole.be
~ IE Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 18
---\\ Browser Helper Objects (O2)
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG SafeGuard toolbar\15.1.0.2\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
~ BHO: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG SafeGuard toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG SafeGuard toolbar\15.1.0.2\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Orphean Key
~ Toolbar: Scanned in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] . (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] . (.Logitech Inc. - Install Helper.) -- C:\Program Files\Logitech\Video\InstallHelper.exe
O4 - HKLM\..\Run: [LogitechCameraService(E)] . (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] . (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [vProt] . (.AVG Secure Search - VProtect Application.) -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Application: Scanned in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico (.not file.)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphean Key
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ 'Reset Web Settings' hijack (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356171846841
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CS3\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CS3\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.132 195.130.130.4
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto-API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Off line netwerk-agent.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL-meldingsbestand voor de Secondary Logon.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Preloader van browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Unknown owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: (vToolbarUpdater15.1.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 9 Legitimates Filtered in 00mn 06s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: Mijn huidige introductiepagina - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoforFilesUpdate.job [282] =>P2P.GoforFiles
~ Scheduled Task: 4 Legitimates Filtered in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: PokerStars.be - (.PokerStars.be.) [HKLM] -- PokerStars.be
~ Logic: 226 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\ICSI]
[HKLM\Software\db0]
~ Key Software: 152 Legitimates Filtered in 00mn 01s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 9-5-2013 - 10:22:12 - [83,595] ----D C:\Program Files\PokerStars.BE
O43 - CFD: 5-3-2013 - 14:07:42 - [0,004] ----D C:\Documents and Settings\PC Gebruiker\Application Data\GoforFiles =>P2P.GoforFiles
O43 - CFD: 4-4-2013 - 16:47:00 - [0] ----D C:\Documents and Settings\PC Gebruiker\Application Data\Lite
O43 - CFD: 7-4-2013 - 20:44:51 - [0,015] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Bureau-accessoires
O43 - CFD: 4-5-2013 - 2:07:57 - [0,001] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Opstarten
O43 - CFD: 22-12-2012 - 21:15:15 - [0,002] ----D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\PokerStars.BE
O43 - CFD: 2-1-2013 - 15:19:22 - [0,000] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Systeembeheer
~ Program Folder: 133 Legitimates Filtered in 00mn 04s
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.A8888EF947E1A1248D189169DA5770F5] - 28-4-2013 - 13:57:29 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [202]
O44 - LFC:[MD5.DF74F5BC169556CE55C08BB13750E86C] - 5-5-2013 - 7:59:49 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.7.0_21-b11.log [3874]
O44 - LFC:[MD5.887D0703D3A3AB8A439B466916168F7A] - 9-5-2013 - 7:22:18 ---A- . (...) -- C:\WINDOWS\wiaservc.log [48]
O44 - LFC:[MD5.B7F5A6458F2BCF71547E25AB507EA97E] - 9-5-2013 - 7:22:26 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
~ Files: 28 Legitimates Filtered in 00mn 01s
---\\ Last files created in Windows Prefetcher (O45)
O45 - LFCP:[MD5.DE8B9CE05E4C52244F4E18DD9601726A] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\CAMERAASSISTANT.EXE-0F386179.pf
O45 - LFCP:[MD5.87E75C50BA9EE625FFDF7D6C9A34C66E] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\ELKCTRL.EXE-1A83F79C.pf
O45 - LFCP:[MD5.3D5C89045D0BB659408B613153F687D0] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\HPZTSB05.EXE-28EDA535.pf
O45 - LFCP:[MD5.418E77B0AE9769F5A1E14E25C4DE2580] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\LVCOMSX.EXE-0AC1D558.pf
O45 - LFCP:[MD5.2C6AF26D0341B612F4FA8018986CB4C4] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\PSNLITE.EXE-2CEFFE15.pf
O45 - LFCP:[MD5.07BF76C90DBB4E564F3B517B4EC27E47] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\VPROT.EXE-03002020.pf
O45 - LFCP:[MD5.63B32FB5047DB8F12D78EA5FC7713D7E] - 8-5-2013 - 10:04:15 ---A- - C:\WINDOWS\Prefetch\PSNGIVE.EXE-10DF56D9.pf
O45 - LFCP:[MD5.32A99C3DF02333BB5E1FBE78A8EC2CD3] - 8-5-2013 - 16:05:39 ---A- - C:\WINDOWS\Prefetch\HPZSTC05.EXE-29C9AEF3.pf
O45 - LFCP:[MD5.608543BB01BA11E72DD2D24A55D7FD37] - 8-5-2013 - 16:05:41 ---A- - C:\WINDOWS\Prefetch\HPZENG05.EXE-00C9A3B8.pf
O45 - LFCP:[MD5.A3F75BB05883B5284EC66BA5D38AD826] - 8-5-2013 - 16:05:48 ---A- - C:\WINDOWS\Prefetch\HPZSTW05.EXE-085AE7BF.pf
O45 - LFCP:[MD5.F898AEF389724B40814E58D00A7EDF51] - 8-5-2013 - 9:46:15 ---A- - C:\WINDOWS\Prefetch\FOLDERMARKER.EXE-297BF742.pf
O45 - LFCP:[MD5.11940E2B3A3F2BAC47F209ECA95EA6B7] - 8-5-2013 - 9:55:28 ---A- - C:\WINDOWS\Prefetch\HELPHOST.EXE-247D2792.pf
O45 - LFCP:[MD5.3AD167F0DC1657FB84FEAAD81EDB47CD] - 9-5-2013 - 7:23:32 ---A- - C:\WINDOWS\Prefetch\KEYTOOL.EXE-0FC29525.pf
~ Prefetcher: 88 Legitimates Filtered in 00mn 00s
---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\PCMService [Key] . (...) -- C:\Program Files\Home Cinema\PowerCinema\PCMService.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.)
~ SMSR Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA-client voor 32-bits platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI-verificatiepakket.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA-client voor 32-bits platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI-verificatiepakket.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Legitimates Filtered in 00mn 00s
---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13-4-2008 - 23:06:40 ----- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\Drivers\amdagp.sys [43008]
O58 - SDL:[MD5.D9813A015C5CA62411B8E0A0167D00F2] - 4-8-2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Last modified or created user files (O61)
O61 - LFC: 6-5-2013 - 11:22:23 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_52460537496024.xml [9914]
O61 - LFC: 6-5-2013 - 11:52:58 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar Cache\7.4.3607.2246\fr\translate_languages.json.content [1505]
O61 - LFC: 6-5-2013 - 11:54:35 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_58245429107594.xml [7876]
O61 - LFC: 6-5-2013 - 11:54:37 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_58251754660840.xml [8332]
O61 - LFC: 6-5-2013 - 11:56:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_58676661028684.xml [6565]
O61 - LFC: 6-5-2013 - 11:58:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_59028314826664.xml [7313]
O61 - LFC: 6-5-2013 - 11:59:09 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_59064044676240.xml [6858]
O61 - LFC: 6-5-2013 - 12:31:08 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_64807173806854.xml [17504]
O61 - LFC: 6-5-2013 - 13:01:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_70335209672388.xml [6144]
O61 - LFC: 6-5-2013 - 13:17:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_73222186757880.xml [9192]
O61 - LFC: 6-5-2013 - 13:18:07 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_73244479217100.xml [19790]
O61 - LFC: 6-5-2013 - 14:34:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_87048897881492.xml [6365]
O61 - LFC: 6-5-2013 - 15:00:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_91623364145868.xml [8817]
O61 - LFC: 6-5-2013 - 15:14:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_94139712160914.xml [13511]
O61 - LFC: 6-5-2013 - 15:22:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_95529271524202.xml [8338]
O61 - LFC: 6-5-2013 - 15:23:36 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_95779753864712.xml [9623]
O61 - LFC: 6-5-2013 - 15:24:51 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_96003639424994.xml [7992]
O61 - LFC: 6-5-2013 - 15:43:24 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_99335884108092.xml [8446]
O61 - LFC: 6-5-2013 - 15:45:09 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\00 TWOO\elle\07 6-05 a 12h08.docx [10634]
O61 - LFC: 6-5-2013 - 17:36:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_119619603391424.xml [13305]
O61 - LFC: 6-5-2013 - 17:36:24 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_119626886564972.xml [16572]
O61 - LFC: 6-5-2013 - 19:58:02 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_145062402182668.xml [9238]
O61 - LFC: 6-5-2013 - 19:58:06 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\00 TWOO\moi\05 6-05-2013.docx [12187]
O61 - LFC: 6-5-2013 - 19:58:14 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_145099295324672.xml [7118]
O61 - LFC: 6-5-2013 - 20:08:48 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\prefs.js [13563]
O61 - LFC: 6-5-2013 - 20:21:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_2034565376344.xml [15491]
O61 - LFC: 6-5-2013 - 20:30:26 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_3693020635702.xml [5227]
O61 - LFC: 6-5-2013 - 21:08:20 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_3615541906506.xml [11853]
O61 - LFC: 6-5-2013 - 21:12:36 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_4380747575090.xml [5801]
O61 - LFC: 6-5-2013 - 21:17:17 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\avg.docx [9988]
O61 - LFC: 6-5-2013 - 21:21:47 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_692087340114.xml [3003]
O61 - LFC: 6-5-2013 - 21:23:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\AVG SafeGuard toolbar\SiteSafety\l_2013_05_06_01_23_14.db [613968]
O61 - LFC: 6-5-2013 - 21:23:15 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\AVG SafeGuard toolbar\DNT\dt.dat [26900]
O61 - LFC: 6-5-2013 - 21:28:52 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1963882187474.xml [6493]
O61 - LFC: 6-5-2013 - 21:28:53 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat [7474]
O61 - LFC: 6-5-2013 - 21:54:01 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_6478715379812.xml [15725]
O61 - LFC: 6-5-2013 - 21:54:02 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_6483336639622.xml [11678]
O61 - LFC: 6-5-2013 - 22:03:53 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\HelpCtr\HelpSessionHistory.dat [15858]
O61 - LFC: 6-5-2013 - 6:35:52 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1007781563526.xml [2973]
O61 - LFC: 6-5-2013 - 6:37:00 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1212745895284.xml [10189]
O61 - LFC: 6-5-2013 - 6:44:02 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\04 PRET RESTANT\PRET.xlsx [11393]
O61 - LFC: 6-5-2013 - 7:49:40 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_14263156181586.xml [25905]
O61 - LFC: 6-5-2013 - 7:52:42 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_14805683564704.xml [12418]
O61 - LFC: 6-5-2013 - 8:53:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_25698006956646.xml [8950]
O61 - LFC: 7-5-2013 - 0:18:37 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_32446695196578.xml [12091]
O61 - LFC: 7-5-2013 - 0:35:17 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_35440772727556.xml [11501]
O61 - LFC: 7-5-2013 - 10:12:25 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_30318244535288.xml [6702]
O61 - LFC: 7-5-2013 - 10:13:08 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_30448150088546.xml [10532]
O61 - LFC: 7-5-2013 - 10:30:39 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_33593306750472.xml [13736]
O61 - LFC: 7-5-2013 - 10:49:52 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_37045830787116.xml [7920]
O61 - LFC: 7-5-2013 - 11:05:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_39825946536972.xml [13659]
O61 - LFC: 7-5-2013 - 11:07:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_40206277802044.xml [7617]
O61 - LFC: 7-5-2013 - 11:13:43 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_41328625518836.xml [7361]
O61 - LFC: 7-5-2013 - 11:13:48 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_41341412967742.xml [18340]
O61 - LFC: 7-5-2013 - 11:28:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_44062147191134.xml [8077]
O61 - LFC: 7-5-2013 - 11:30:23 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_44321868348498.xml [6193]
O61 - LFC: 7-5-2013 - 11:51:43 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_48152482547188.xml [9640]
O61 - LFC: 7-5-2013 - 11:52:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_48284768334972.xml [28173]
O61 - LFC: 7-5-2013 - 11:52:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Internet Explorer\tabiconcache.dat [17894]
O61 - LFC: 7-5-2013 - 12:04:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_50420193822364.xml [11859]
O61 - LFC: 7-5-2013 - 12:26:30 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_54399475788250.xml [17266]
O61 - LFC: 7-5-2013 - 12:27:18 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_54541298575912.xml [8290]
O61 - LFC: 7-5-2013 - 12:31:23 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_55275393990324.xml [6815]
O61 - LFC: 7-5-2013 - 12:37:17 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\00 TWOO\elle\08 7-05-2013.docx [11340]
O61 - LFC: 7-5-2013 - 12:55:01 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\danny fisher its a sin to tell a lie.wma [1354921]
O61 - LFC: 7-5-2013 - 13:01:44 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\LYRIC\gladys knight.docx [13396]
O61 - LFC: 7-5-2013 - 13:03:58 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\dee dee sharp The Night.wma [2579082]
O61 - LFC: 7-5-2013 - 13:03:59 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\gladys knight Tell Her You're Mine.wma [2405800]
O61 - LFC: 7-5-2013 - 13:04:00 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\CD 01 20 TITRE\02 gladys knight tell her you're mine.wma [2405800]
O61 - LFC: 7-5-2013 - 13:04:02 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\CD 01 20 TITRE\17 dee dee sharp the night.wma [2579082]
O61 - LFC: 7-5-2013 - 13:04:33 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_61231458340694.xml [17616]
O61 - LFC: 7-5-2013 - 13:53:31 -SHA- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\Thumbs.db [7680]
O61 - LFC: 7-5-2013 - 13:58:24 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_70901593693858.xml [8967]
O61 - LFC: 7-5-2013 - 14:22:26 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_75217442620900.xml [13242]
O61 - LFC: 7-5-2013 - 14:23:23 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_75388902926274.xml [11148]
O61 - LFC: 7-5-2013 - 14:27:02 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_76044974840368.xml [8063]
O61 - LFC: 7-5-2013 - 14:31:31 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_76850424176584.xml [10729]
O61 - LFC: 7-5-2013 - 14:38:36 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_78120574534756.xml [9926]
O61 - LFC: 7-5-2013 - 14:45:08 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_79295659130216.xml [13052]
O61 - LFC: 7-5-2013 - 14:48:22 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_79876215507286.xml [5836]
O61 - LFC: 7-5-2013 - 15:05:31 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_2818635423872.xml [18131]
O61 - LFC: 7-5-2013 - 15:06:18 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_2958947386382.xml [7265]
O61 - LFC: 7-5-2013 - 15:08:15 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.url [208]
O61 - LFC: 7-5-2013 - 15:18:47 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_5200820064766.xml [21094]
O61 - LFC: 7-5-2013 - 15:28:25 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_561051216232.xml [6563]
O61 - LFC: 7-5-2013 - 15:28:48 ---A- C:\Documents and Settings\PC Gebruiker\Bureaublad\SeniorenNet.url [518]
O61 - LFC: 7-5-2013 - 15:32:05 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1217441362108.xml [12863]
O61 - LFC: 7-5-2013 - 15:34:10 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1593960622944.xml [7192]
O61 - LFC: 7-5-2013 - 15:43:33 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [1831]
O61 - LFC: 7-5-2013 - 15:43:45 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOCK [0]
O61 - LFC: 7-5-2013 - 15:44:02 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_3364741699812.xml [9427]
O61 - LFC: 7-5-2013 - 15:44:09 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [13312]
O61 - LFC: 7-5-2013 - 15:44:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000005.sst [231]
O61 - LFC: 7-5-2013 - 15:44:40 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs [17408]
O61 - LFC: 7-5-2013 - 15:56:03 -SHA- C:\Documents and Settings\PC Gebruiker\IECompatCache\index.dat [65536]
O61 - LFC: 7-5-2013 - 15:56:03 -SHA- C:\Documents and Settings\PC Gebruiker\PrivacIE\index.dat [14483456]
O61 - LFC: 7-5-2013 - 15:56:42 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar DNS data\data [73777]
O61 - LFC: 7-5-2013 - 16:02:43 -SHA- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Desktop.htt [2716]
O61 - LFC: 7-5-2013 - 16:02:48 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_6733396964862.xml [8467]
O61 - LFC: 7-5-2013 - 7:32:35 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1615828071594.xml [8525]
O61 - LFC: 7-5-2013 - 7:32:56 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1680527690336.xml [7368]
O61 - LFC: 7-5-2013 - 7:44:03 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_3677108121170.xml [9270]
O61 - LFC: 7-5-2013 - 7:51:47 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_5065186159512.xml [11985]
O61 - LFC: 7-5-2013 - 8:22:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_10525713901258.xml [12620]
O61 - LFC: 7-5-2013 - 8:57:16 ---A- C:\Documents and Settings\PC Gebruiker\Bureaublad\PC banking.url [284]
O61 - LFC: 7-5-2013 - 8:58:41 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_17077103548488.xml [9215]
O61 - LFC: 8-5-2013 - 10:09:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History [57344]
O61 - LFC: 8-5-2013 - 10:09:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History-journal [512]
O61 - LFC: 8-5-2013 - 10:19:32 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites [20480]
O61 - LFC: 8-5-2013 - 10:19:32 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal [12824]
O61 - LFC: 8-5-2013 - 10:20:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage [3072]
O61 - LFC: 8-5-2013 - 10:20:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage-journal [3608]
O61 - LFC: 8-5-2013 - 11:07:00 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll [15584]
O61 - LFC: 8-5-2013 - 14:25:21 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\03 MAA 1430.52.lnk [729]
O61 - LFC: 8-5-2013 - 14:26:10 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\B 02 JAN 2014.lnk [724]
O61 - LFC: 8-5-2013 - 14:26:33 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\03 FRAIS.lnk [446]
O61 - LFC: 8-5-2013 - 14:26:33 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\B 01 MAI 2013.lnk [724]
O61 - LFC: 8-5-2013 - 15:02:08 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\03 FRAIS\B 01 MAI 2013.xlsx [46784]
O61 - LFC: 8-5-2013 - 15:02:13 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk [2547]
O61 - LFC: 8-5-2013 - 16:06:21 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\DAK.xlsx [11943]
O61 - LFC: 8-5-2013 - 16:14:01 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\DAK KONTICH.lnk [600]
O61 - LFC: 8-5-2013 - 16:14:20 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\Classeur1.lnk [590]
O61 - LFC: 8-5-2013 - 16:21:22 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML [10600]
O61 - LFC: 8-5-2013 - 16:25:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.groupon.be_0.localstorage [3072]
O61 - LFC: 8-5-2013 - 16:25:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.groupon.be_0.localstorage-journal [3608]
O61 - LFC: 8-5-2013 - 16:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.musicbiatch.com_0.localstorage [1197056]
O61 - LFC: 8-5-2013 - 16:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.musicbiatch.com_0.localstorage-journal [3608]
O61 - LFC: 8-5-2013 - 16:32:43 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [3072]
O61 - LFC: 8-5-2013 - 16:32:43 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [3608]
O61 - LFC: 8-5-2013 - 16:43:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.doob.fm_0.localstorage [148480]
O61 - LFC: 8-5-2013 - 16:43:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.doob.fm_0.localstorage-journal [16384]
O61 - LFC: 8-5-2013 - 16:50:34 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\07 moi.docx [11157]
O61 - LFC: 8-5-2013 - 16:50:34 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\07 moi.lnk [573]
O61 - LFC: 8-5-2013 - 16:54:52 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\01 favorieten moi.lnk [597]
O61 - LFC: 8-5-2013 - 16:54:52 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\cadillacs the i'll never let you go.lnk [1027]
O61 - LFC: 8-5-2013 - 16:55:21 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Media Player\009A11D5.wpl [403]
O61 - LFC: 8-5-2013 - 16:55:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb [5046272]
O61 - LFC: 8-5-2013 - 16:55:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb [1230]
O61 - LFC: 8-5-2013 - 9:50:29 ---A- C:\Documents and Settings\PC Gebruiker\UserData\index.dat [32768]
O61 - LFC: 8-5-2013 - 9:50:35 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\places.sqlite [10485760]
O61 - LFC: 9-5-2013 - 10:00:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old [145]
O61 - LFC: 9-5-2013 - 10:00:17 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG.old [151]
O61 - LFC: 9-5-2013 - 10:00:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts [12288]
O61 - LFC: 9-5-2013 - 10:00:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts-journal [12824]
O61 - LFC: 9-5-2013 - 10:00:40 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old [272]
O61 - LFC: 9-5-2013 - 10:04:25 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download [850304]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom [8509788]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1474726]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist [134920]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist [19956]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist [4768]
O61 - LFC: 9-5-2013 - 10:04:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 9-5-2013 - 10:04:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]
O61 - LFC: 9-5-2013 - 10:06:17 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists [270044]
O61 - LFC: 9-5-2013 - 10:18:10 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity [554]
O61 - LFC: 9-5-2013 - 10:22:01 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\ZHPDiag.lnk [512]
O61 - LFC: 9-5-2013 - 10:23:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Session [562059]
O61 - LFC: 9-5-2013 - 10:23:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Tabs [83615]
O61 - LFC: 9-5-2013 - 10:29:06 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 9-5-2013 - 10:29:06 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000073 [238]
O61 - LFC: 9-5-2013 - 10:29:07 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG [145]
O61 - LFC: 9-5-2013 - 10:29:07 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [120832]
O61 - LFC: 9-5-2013 - 10:29:07 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal [4624]
O61 - LFC: 9-5-2013 - 10:29:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000220.sst [146]
O61 - LFC: 9-5-2013 - 10:29:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 9-5-2013 - 10:29:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000217 [401]
O61 - LFC: 9-5-2013 - 10:29:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor [25600]
O61 - LFC: 9-5-2013 - 10:29:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal [15992]
O61 - LFC: 9-5-2013 - 10:29:14 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
O61 - LFC: 9-5-2013 - 10:29:14 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-002710 [1167]
O61 - LFC: 9-5-2013 - 10:29:15 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG [151]
O61 - LFC: 9-5-2013 - 10:29:16 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Managed Mode Settings [8]
O61 - LFC: 9-5-2013 - 10:29:39 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [548864]
O61 - LFC: 9-5-2013 - 10:29:39 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal [16384]
O61 - LFC: 9-5-2013 - 10:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [1294336]
O61 - LFC: 9-5-2013 - 10:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 9-5-2013 - 10:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-05 [1134592]
O61 - LFC: 9-5-2013 - 10:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-05-journal [16384]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Session [24861]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Tabs [9260]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History [794624]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache [84866]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [109729]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [780]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links [131072]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Local State [32664]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
O61 - LFC: 9-5-2013 - 7:22:05 -SHA- C:\Documents and Settings\PC Gebruiker\IETldCache\index.dat [262144]
O61 - LFC: 9-5-2013 - 7:27:04 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\IdentityCRL\production\MetaConfig.xml [163]
O61 - LFC: 9-5-2013 - 7:33:38 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\3M\PSNotes\PSNData [8704]
O61 - LFC: 9-5-2013 - 8:52:04 -SHA- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1801674531-1604221776-725345543-1004\Credentials [6818]
O61 - LFC: 9-5-2013 - 8:57:26 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk [2593]
O61 - LFC: 9-5-2013 - 8:58:41 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\08 elle 9-05.docx [11226]
O61 - LFC: 9-5-2013 - 8:58:41 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\08 elle 9-05.lnk [605]
~ 810 Fichiers temporaires (Temporary files)
~ 38 Fichiers cookies (Cookies files)
~ Files: 735 Legitimates Filtered in 00mn 06s
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 30-8-2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 9-12-2005 - Unknown owner (LVPrcMon) .(...) - LEGACY_LVPRCMON
O64 - Services: CurCS - 6-5-2013 - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe (vToolbarUpdater15.1.0) .(.AVG Secure Search - ToolbarU Application.) - LEGACY_VTOOLBARUPDATER15.1.0 =>Toolbar.AVGSearch
~ Legacy: 133 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chr
Run by PC Gebruiker at 9-5-2013 11:32:26
State : Your version is update.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Anglais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
avast! Free Antivirus v8.0.1488.0
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21
---\\ System Information
~ Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 31 GB (62%) free of 49 GB
---\\ Logged in mode
~ Computer Name: MT188
~ User Name: PC Gebruiker
~ All Users Names: SUPPORT_388945a0, PC Gebruiker, HelpAssistant, Gast, ASPNET, Administrator,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\PC Gebruiker\Application Data\
~ %Desktop% : C:\Documents and Settings\PC Gebruiker\Bureaublad\
~ %Favorites% : D:\Mijn documenten\KOSTEN & MUTUALITEIT\Favorieten\
~ %LocalAppData% : C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\PC Gebruiker\Menu Start\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 31 Go of 49 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 59 Go of 63 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ CD-ROM drive (Not Inserted)
J:\ CD-ROM drive (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Search Generic System Files
[MD5.AA04F042A820BF1868E643575887E1A6] - (.Microsoft Corporation - Windows Verkenner.) (.14-4-2008 - 21:33:00.) -- C:\WINDOWS\Explorer.exe [1037312]
[MD5.6E76BF0360E68F6A62F2D87DF15EAFD9] - (.Microsoft Corporation - Internet Extensions for Win32.) (.1-11-2012 - 13:12:55.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.1247D4D5444E28519BBE31BE8AB4C029] - (.Microsoft Corporation - Toepassing Windows NT-aanmelding.) (.14-4-2008 - 21:33:20.) -- C:\WINDOWS\system32\Winlogon.exe [510464]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17-8-2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13-4-2008 - 23:10:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13-4-2008 - 23:44:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13-4-2008 - 23:10:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.8BFFFB5AC954E19DFDB96D56512AA518] - (.Microsoft Corporation - Cryptografisch FIPS-stuurprogramma.) (.14-4-2008 - 21:02:52.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13-4-2008 - 21:06:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.C43372D0682F8E32E4EC21117E089EC0] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14-4-2008 - 21:05:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13-4-2008 - 23:11:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13-4-2008 - 23:27:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13-4-2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15-7-2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13-4-2008 - 23:51:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13-4-2008 - 23:45:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.E3934CCC20A4D24F1924E13D36D2A5BD] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14-4-2008 - 21:13:20.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80256]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13-4-2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13-4-2008 - 23:02:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.4173BC66E485FD77A03C4819F60BD0DA] - (.Microsoft Corporation - Redbook Audio Filter-stuurprogramma.) (.14-4-2008 - 21:04:04.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58112]
[MD5.8AB662B3C4691E6DDF61C96BB5B7D103] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.14-4-2008 - 21:03:42.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53504]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/35
~ Mes musiques (My Musics) : 1/101
~ Mes Videos (My Videos) : 2/4
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 2/756
~ Mon Bureau (My Desktop) : 0/28
~ Menu demarrer (Programs) : 1/62
~ Hidden Files: Scanned in 00mn 00s
---\\ Running Processes
[MD5.6F702A7EA2D5F2B55CC90C333FBE9978] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1380]
[MD5.493B1D854F98D611CCA249014C6E631A] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [81920] [PID.1780]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.944]
[MD5.D168AD316F07904F2D0DCF7204E8B5E0] - (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe [225280] [PID.1688]
[MD5.7D3451CAA8DB6B50A82A780B0E15B21F] - (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe [489472] [PID.1776]
[MD5.5739F2821D49975CEDE6BF0153D0CF01] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [181664] [PID.1816]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Google Installer.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [PID.1908]
[MD5.575ED0F5DCB34E5C243D2A7EBC860484] - (.Hewlett-Packard Company - No comment.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248] [PID.1968]
[MD5.BD517C7FB119997EFFBE39D5E4B37B05] - (.Unknown owner - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936] [PID.1996]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.2036]
[MD5.35CADFC53E7D7E4336E7C9C04D66C82B] - (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe [262144] [PID.244]
[MD5.7214143221CA831CFCB9F64850DFDABA] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [1008816] [PID.292] =>Toolbar.AVGSearch
[MD5.38D198A2DD54A67120040566A38103BA] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016] [PID.304]
[MD5.F498EB87FF75980F5C31827D72FB4D53] - (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416] [PID.356]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.428]
[MD5.4715BFF9E602AC143295E95FCFB43D5A] - (.AVG Secure Search - VProtect Application.) -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe [1223344] [PID.492] =>Toolbar.AVGSearch
[MD5.1010E520B76453C6AD2D170D67A14CF3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4858456] [PID.508]
[MD5.8C36CD5BAED5CE58BAEC5D73E30508E4] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.1464]
[MD5.C1626A1DEB684E044BBC2A03623A0F18] - (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [493776] [PID.1500]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.1520]
[MD5.69DFC1256C1BC5C71C32B34BFFEA59B4] - (.3M - Post-it(R) Software Notes: System.) -- C:\Program Files\3M\PSNLite\PsnLite.exe [1622016] [PID.1592]
[MD5.18EE31923BB580B67F431D29627E1B66] - (.3M - Post-it(R) Software Notes: GiveNote.) -- C:\Program Files\3M\PSNLite\PSNGive.exe [65536] [PID.2468]
[MD5.899E8C9723A2EEF9D977A86C07561682] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7254016] [PID.716]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] https://www.google.be/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [ealchnonpofjocgofjpopjdoegbbkofj] Happy Lyrics v.1.110 (Activé)
~ Google Browser: 15 Legitimates Filtered in 00mn 10s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\prefs.js
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (.AVG Technologies - npsitesafety.) -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.1.0\npsitesafety.dll =>Toolbar.AVGSearch
~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.goole.be
~ IE Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 18
---\\ Browser Helper Objects (O2)
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG SafeGuard toolbar\15.1.0.2\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
~ BHO: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG SafeGuard toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG SafeGuard toolbar\15.1.0.2\AVG SafeGuard toolbar_toolbar.dll =>Toolbar.AVGSearch
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Orphean Key
~ Toolbar: Scanned in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] . (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] . (.Logitech Inc. - Install Helper.) -- C:\Program Files\Logitech\Video\InstallHelper.exe
O4 - HKLM\..\Run: [LogitechCameraService(E)] . (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] . (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [vProt] . (.AVG Secure Search - VProtect Application.) -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Application: Scanned in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico (.not file.)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphean Key
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ 'Reset Web Settings' hijack (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356171846841
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CS3\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CS3\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.132 195.130.130.4
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto-API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Off line netwerk-agent.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL-meldingsbestand voor de Secondary Logon.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Preloader van browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Unknown owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: (vToolbarUpdater15.1.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 9 Legitimates Filtered in 00mn 06s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: Mijn huidige introductiepagina - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoforFilesUpdate.job [282] =>P2P.GoforFiles
~ Scheduled Task: 4 Legitimates Filtered in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: PokerStars.be - (.PokerStars.be.) [HKLM] -- PokerStars.be
~ Logic: 226 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\ICSI]
[HKLM\Software\db0]
~ Key Software: 152 Legitimates Filtered in 00mn 01s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 9-5-2013 - 10:22:12 - [83,595] ----D C:\Program Files\PokerStars.BE
O43 - CFD: 5-3-2013 - 14:07:42 - [0,004] ----D C:\Documents and Settings\PC Gebruiker\Application Data\GoforFiles =>P2P.GoforFiles
O43 - CFD: 4-4-2013 - 16:47:00 - [0] ----D C:\Documents and Settings\PC Gebruiker\Application Data\Lite
O43 - CFD: 7-4-2013 - 20:44:51 - [0,015] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Bureau-accessoires
O43 - CFD: 4-5-2013 - 2:07:57 - [0,001] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Opstarten
O43 - CFD: 22-12-2012 - 21:15:15 - [0,002] ----D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\PokerStars.BE
O43 - CFD: 2-1-2013 - 15:19:22 - [0,000] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Systeembeheer
~ Program Folder: 133 Legitimates Filtered in 00mn 04s
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.A8888EF947E1A1248D189169DA5770F5] - 28-4-2013 - 13:57:29 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [202]
O44 - LFC:[MD5.DF74F5BC169556CE55C08BB13750E86C] - 5-5-2013 - 7:59:49 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.7.0_21-b11.log [3874]
O44 - LFC:[MD5.887D0703D3A3AB8A439B466916168F7A] - 9-5-2013 - 7:22:18 ---A- . (...) -- C:\WINDOWS\wiaservc.log [48]
O44 - LFC:[MD5.B7F5A6458F2BCF71547E25AB507EA97E] - 9-5-2013 - 7:22:26 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
~ Files: 28 Legitimates Filtered in 00mn 01s
---\\ Last files created in Windows Prefetcher (O45)
O45 - LFCP:[MD5.DE8B9CE05E4C52244F4E18DD9601726A] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\CAMERAASSISTANT.EXE-0F386179.pf
O45 - LFCP:[MD5.87E75C50BA9EE625FFDF7D6C9A34C66E] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\ELKCTRL.EXE-1A83F79C.pf
O45 - LFCP:[MD5.3D5C89045D0BB659408B613153F687D0] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\HPZTSB05.EXE-28EDA535.pf
O45 - LFCP:[MD5.418E77B0AE9769F5A1E14E25C4DE2580] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\LVCOMSX.EXE-0AC1D558.pf
O45 - LFCP:[MD5.2C6AF26D0341B612F4FA8018986CB4C4] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\PSNLITE.EXE-2CEFFE15.pf
O45 - LFCP:[MD5.07BF76C90DBB4E564F3B517B4EC27E47] - 8-5-2013 - 10:04:14 ---A- - C:\WINDOWS\Prefetch\VPROT.EXE-03002020.pf
O45 - LFCP:[MD5.63B32FB5047DB8F12D78EA5FC7713D7E] - 8-5-2013 - 10:04:15 ---A- - C:\WINDOWS\Prefetch\PSNGIVE.EXE-10DF56D9.pf
O45 - LFCP:[MD5.32A99C3DF02333BB5E1FBE78A8EC2CD3] - 8-5-2013 - 16:05:39 ---A- - C:\WINDOWS\Prefetch\HPZSTC05.EXE-29C9AEF3.pf
O45 - LFCP:[MD5.608543BB01BA11E72DD2D24A55D7FD37] - 8-5-2013 - 16:05:41 ---A- - C:\WINDOWS\Prefetch\HPZENG05.EXE-00C9A3B8.pf
O45 - LFCP:[MD5.A3F75BB05883B5284EC66BA5D38AD826] - 8-5-2013 - 16:05:48 ---A- - C:\WINDOWS\Prefetch\HPZSTW05.EXE-085AE7BF.pf
O45 - LFCP:[MD5.F898AEF389724B40814E58D00A7EDF51] - 8-5-2013 - 9:46:15 ---A- - C:\WINDOWS\Prefetch\FOLDERMARKER.EXE-297BF742.pf
O45 - LFCP:[MD5.11940E2B3A3F2BAC47F209ECA95EA6B7] - 8-5-2013 - 9:55:28 ---A- - C:\WINDOWS\Prefetch\HELPHOST.EXE-247D2792.pf
O45 - LFCP:[MD5.3AD167F0DC1657FB84FEAAD81EDB47CD] - 9-5-2013 - 7:23:32 ---A- - C:\WINDOWS\Prefetch\KEYTOOL.EXE-0FC29525.pf
~ Prefetcher: 88 Legitimates Filtered in 00mn 00s
---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\PCMService [Key] . (...) -- C:\Program Files\Home Cinema\PowerCinema\PCMService.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.)
~ SMSR Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA-client voor 32-bits platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI-verificatiepakket.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA-client voor 32-bits platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI-verificatiepakket.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Legitimates Filtered in 00mn 00s
---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13-4-2008 - 23:06:40 ----- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\Drivers\amdagp.sys [43008]
O58 - SDL:[MD5.D9813A015C5CA62411B8E0A0167D00F2] - 4-8-2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Last modified or created user files (O61)
O61 - LFC: 6-5-2013 - 11:22:23 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_52460537496024.xml [9914]
O61 - LFC: 6-5-2013 - 11:52:58 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar Cache\7.4.3607.2246\fr\translate_languages.json.content [1505]
O61 - LFC: 6-5-2013 - 11:54:35 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_58245429107594.xml [7876]
O61 - LFC: 6-5-2013 - 11:54:37 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_58251754660840.xml [8332]
O61 - LFC: 6-5-2013 - 11:56:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_58676661028684.xml [6565]
O61 - LFC: 6-5-2013 - 11:58:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_59028314826664.xml [7313]
O61 - LFC: 6-5-2013 - 11:59:09 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_59064044676240.xml [6858]
O61 - LFC: 6-5-2013 - 12:31:08 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_64807173806854.xml [17504]
O61 - LFC: 6-5-2013 - 13:01:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_70335209672388.xml [6144]
O61 - LFC: 6-5-2013 - 13:17:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_73222186757880.xml [9192]
O61 - LFC: 6-5-2013 - 13:18:07 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_73244479217100.xml [19790]
O61 - LFC: 6-5-2013 - 14:34:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_87048897881492.xml [6365]
O61 - LFC: 6-5-2013 - 15:00:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_91623364145868.xml [8817]
O61 - LFC: 6-5-2013 - 15:14:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_94139712160914.xml [13511]
O61 - LFC: 6-5-2013 - 15:22:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_95529271524202.xml [8338]
O61 - LFC: 6-5-2013 - 15:23:36 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_95779753864712.xml [9623]
O61 - LFC: 6-5-2013 - 15:24:51 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_96003639424994.xml [7992]
O61 - LFC: 6-5-2013 - 15:43:24 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_99335884108092.xml [8446]
O61 - LFC: 6-5-2013 - 15:45:09 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\00 TWOO\elle\07 6-05 a 12h08.docx [10634]
O61 - LFC: 6-5-2013 - 17:36:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_119619603391424.xml [13305]
O61 - LFC: 6-5-2013 - 17:36:24 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_119626886564972.xml [16572]
O61 - LFC: 6-5-2013 - 19:58:02 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_145062402182668.xml [9238]
O61 - LFC: 6-5-2013 - 19:58:06 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\00 TWOO\moi\05 6-05-2013.docx [12187]
O61 - LFC: 6-5-2013 - 19:58:14 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_145099295324672.xml [7118]
O61 - LFC: 6-5-2013 - 20:08:48 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\prefs.js [13563]
O61 - LFC: 6-5-2013 - 20:21:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_2034565376344.xml [15491]
O61 - LFC: 6-5-2013 - 20:30:26 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_3693020635702.xml [5227]
O61 - LFC: 6-5-2013 - 21:08:20 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_3615541906506.xml [11853]
O61 - LFC: 6-5-2013 - 21:12:36 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_4380747575090.xml [5801]
O61 - LFC: 6-5-2013 - 21:17:17 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\avg.docx [9988]
O61 - LFC: 6-5-2013 - 21:21:47 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_692087340114.xml [3003]
O61 - LFC: 6-5-2013 - 21:23:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\AVG SafeGuard toolbar\SiteSafety\l_2013_05_06_01_23_14.db [613968]
O61 - LFC: 6-5-2013 - 21:23:15 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\AVG SafeGuard toolbar\DNT\dt.dat [26900]
O61 - LFC: 6-5-2013 - 21:28:52 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1963882187474.xml [6493]
O61 - LFC: 6-5-2013 - 21:28:53 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat [7474]
O61 - LFC: 6-5-2013 - 21:54:01 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_6478715379812.xml [15725]
O61 - LFC: 6-5-2013 - 21:54:02 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_6483336639622.xml [11678]
O61 - LFC: 6-5-2013 - 22:03:53 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\HelpCtr\HelpSessionHistory.dat [15858]
O61 - LFC: 6-5-2013 - 6:35:52 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1007781563526.xml [2973]
O61 - LFC: 6-5-2013 - 6:37:00 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1212745895284.xml [10189]
O61 - LFC: 6-5-2013 - 6:44:02 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\04 PRET RESTANT\PRET.xlsx [11393]
O61 - LFC: 6-5-2013 - 7:49:40 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_14263156181586.xml [25905]
O61 - LFC: 6-5-2013 - 7:52:42 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_14805683564704.xml [12418]
O61 - LFC: 6-5-2013 - 8:53:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_25698006956646.xml [8950]
O61 - LFC: 7-5-2013 - 0:18:37 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_32446695196578.xml [12091]
O61 - LFC: 7-5-2013 - 0:35:17 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_35440772727556.xml [11501]
O61 - LFC: 7-5-2013 - 10:12:25 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_30318244535288.xml [6702]
O61 - LFC: 7-5-2013 - 10:13:08 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_30448150088546.xml [10532]
O61 - LFC: 7-5-2013 - 10:30:39 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_33593306750472.xml [13736]
O61 - LFC: 7-5-2013 - 10:49:52 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_37045830787116.xml [7920]
O61 - LFC: 7-5-2013 - 11:05:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_39825946536972.xml [13659]
O61 - LFC: 7-5-2013 - 11:07:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_40206277802044.xml [7617]
O61 - LFC: 7-5-2013 - 11:13:43 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_41328625518836.xml [7361]
O61 - LFC: 7-5-2013 - 11:13:48 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_41341412967742.xml [18340]
O61 - LFC: 7-5-2013 - 11:28:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_44062147191134.xml [8077]
O61 - LFC: 7-5-2013 - 11:30:23 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_44321868348498.xml [6193]
O61 - LFC: 7-5-2013 - 11:51:43 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_48152482547188.xml [9640]
O61 - LFC: 7-5-2013 - 11:52:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_48284768334972.xml [28173]
O61 - LFC: 7-5-2013 - 11:52:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Internet Explorer\tabiconcache.dat [17894]
O61 - LFC: 7-5-2013 - 12:04:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_50420193822364.xml [11859]
O61 - LFC: 7-5-2013 - 12:26:30 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_54399475788250.xml [17266]
O61 - LFC: 7-5-2013 - 12:27:18 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_54541298575912.xml [8290]
O61 - LFC: 7-5-2013 - 12:31:23 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_55275393990324.xml [6815]
O61 - LFC: 7-5-2013 - 12:37:17 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\00 TWOO\elle\08 7-05-2013.docx [11340]
O61 - LFC: 7-5-2013 - 12:55:01 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\danny fisher its a sin to tell a lie.wma [1354921]
O61 - LFC: 7-5-2013 - 13:01:44 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\LYRIC\gladys knight.docx [13396]
O61 - LFC: 7-5-2013 - 13:03:58 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\dee dee sharp The Night.wma [2579082]
O61 - LFC: 7-5-2013 - 13:03:59 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\gladys knight Tell Her You're Mine.wma [2405800]
O61 - LFC: 7-5-2013 - 13:04:00 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\CD 01 20 TITRE\02 gladys knight tell her you're mine.wma [2405800]
O61 - LFC: 7-5-2013 - 13:04:02 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\CD 01 20 TITRE\17 dee dee sharp the night.wma [2579082]
O61 - LFC: 7-5-2013 - 13:04:33 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_61231458340694.xml [17616]
O61 - LFC: 7-5-2013 - 13:53:31 -SHA- C:\Documents and Settings\PC Gebruiker\Mijn documenten\Mijn muziek\01 favorieten moi\Thumbs.db [7680]
O61 - LFC: 7-5-2013 - 13:58:24 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_70901593693858.xml [8967]
O61 - LFC: 7-5-2013 - 14:22:26 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_75217442620900.xml [13242]
O61 - LFC: 7-5-2013 - 14:23:23 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_75388902926274.xml [11148]
O61 - LFC: 7-5-2013 - 14:27:02 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_76044974840368.xml [8063]
O61 - LFC: 7-5-2013 - 14:31:31 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_76850424176584.xml [10729]
O61 - LFC: 7-5-2013 - 14:38:36 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_78120574534756.xml [9926]
O61 - LFC: 7-5-2013 - 14:45:08 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_79295659130216.xml [13052]
O61 - LFC: 7-5-2013 - 14:48:22 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_79876215507286.xml [5836]
O61 - LFC: 7-5-2013 - 15:05:31 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_2818635423872.xml [18131]
O61 - LFC: 7-5-2013 - 15:06:18 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_2958947386382.xml [7265]
O61 - LFC: 7-5-2013 - 15:08:15 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.url [208]
O61 - LFC: 7-5-2013 - 15:18:47 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_5200820064766.xml [21094]
O61 - LFC: 7-5-2013 - 15:28:25 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_561051216232.xml [6563]
O61 - LFC: 7-5-2013 - 15:28:48 ---A- C:\Documents and Settings\PC Gebruiker\Bureaublad\SeniorenNet.url [518]
O61 - LFC: 7-5-2013 - 15:32:05 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1217441362108.xml [12863]
O61 - LFC: 7-5-2013 - 15:34:10 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1593960622944.xml [7192]
O61 - LFC: 7-5-2013 - 15:43:33 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [1831]
O61 - LFC: 7-5-2013 - 15:43:45 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOCK [0]
O61 - LFC: 7-5-2013 - 15:44:02 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_3364741699812.xml [9427]
O61 - LFC: 7-5-2013 - 15:44:09 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [13312]
O61 - LFC: 7-5-2013 - 15:44:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\000005.sst [231]
O61 - LFC: 7-5-2013 - 15:44:40 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs [17408]
O61 - LFC: 7-5-2013 - 15:56:03 -SHA- C:\Documents and Settings\PC Gebruiker\IECompatCache\index.dat [65536]
O61 - LFC: 7-5-2013 - 15:56:03 -SHA- C:\Documents and Settings\PC Gebruiker\PrivacIE\index.dat [14483456]
O61 - LFC: 7-5-2013 - 15:56:42 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar DNS data\data [73777]
O61 - LFC: 7-5-2013 - 16:02:43 -SHA- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Desktop.htt [2716]
O61 - LFC: 7-5-2013 - 16:02:48 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_6733396964862.xml [8467]
O61 - LFC: 7-5-2013 - 7:32:35 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1615828071594.xml [8525]
O61 - LFC: 7-5-2013 - 7:32:56 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_1680527690336.xml [7368]
O61 - LFC: 7-5-2013 - 7:44:03 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_3677108121170.xml [9270]
O61 - LFC: 7-5-2013 - 7:51:47 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_5065186159512.xml [11985]
O61 - LFC: 7-5-2013 - 8:22:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_10525713901258.xml [12620]
O61 - LFC: 7-5-2013 - 8:57:16 ---A- C:\Documents and Settings\PC Gebruiker\Bureaublad\PC banking.url [284]
O61 - LFC: 7-5-2013 - 8:58:41 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Toolbar\metrics_17077103548488.xml [9215]
O61 - LFC: 8-5-2013 - 10:09:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History [57344]
O61 - LFC: 8-5-2013 - 10:09:59 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History-journal [512]
O61 - LFC: 8-5-2013 - 10:19:32 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites [20480]
O61 - LFC: 8-5-2013 - 10:19:32 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal [12824]
O61 - LFC: 8-5-2013 - 10:20:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage [3072]
O61 - LFC: 8-5-2013 - 10:20:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.commentcamarche.net_0.localstorage-journal [3608]
O61 - LFC: 8-5-2013 - 11:07:00 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll [15584]
O61 - LFC: 8-5-2013 - 14:25:21 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\03 MAA 1430.52.lnk [729]
O61 - LFC: 8-5-2013 - 14:26:10 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\B 02 JAN 2014.lnk [724]
O61 - LFC: 8-5-2013 - 14:26:33 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\03 FRAIS.lnk [446]
O61 - LFC: 8-5-2013 - 14:26:33 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\B 01 MAI 2013.lnk [724]
O61 - LFC: 8-5-2013 - 15:02:08 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\03 FRAIS\B 01 MAI 2013.xlsx [46784]
O61 - LFC: 8-5-2013 - 15:02:13 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk [2547]
O61 - LFC: 8-5-2013 - 16:06:21 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\DAK.xlsx [11943]
O61 - LFC: 8-5-2013 - 16:14:01 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\DAK KONTICH.lnk [600]
O61 - LFC: 8-5-2013 - 16:14:20 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\Classeur1.lnk [590]
O61 - LFC: 8-5-2013 - 16:21:22 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNS.XML [10600]
O61 - LFC: 8-5-2013 - 16:25:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.groupon.be_0.localstorage [3072]
O61 - LFC: 8-5-2013 - 16:25:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.groupon.be_0.localstorage-journal [3608]
O61 - LFC: 8-5-2013 - 16:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.musicbiatch.com_0.localstorage [1197056]
O61 - LFC: 8-5-2013 - 16:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.musicbiatch.com_0.localstorage-journal [3608]
O61 - LFC: 8-5-2013 - 16:32:43 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [3072]
O61 - LFC: 8-5-2013 - 16:32:43 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal [3608]
O61 - LFC: 8-5-2013 - 16:43:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.doob.fm_0.localstorage [148480]
O61 - LFC: 8-5-2013 - 16:43:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.doob.fm_0.localstorage-journal [16384]
O61 - LFC: 8-5-2013 - 16:50:34 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\07 moi.docx [11157]
O61 - LFC: 8-5-2013 - 16:50:34 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\07 moi.lnk [573]
O61 - LFC: 8-5-2013 - 16:54:52 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\01 favorieten moi.lnk [597]
O61 - LFC: 8-5-2013 - 16:54:52 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\cadillacs the i'll never let you go.lnk [1027]
O61 - LFC: 8-5-2013 - 16:55:21 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Media Player\009A11D5.wpl [403]
O61 - LFC: 8-5-2013 - 16:55:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb [5046272]
O61 - LFC: 8-5-2013 - 16:55:21 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb [1230]
O61 - LFC: 8-5-2013 - 9:50:29 ---A- C:\Documents and Settings\PC Gebruiker\UserData\index.dat [32768]
O61 - LFC: 8-5-2013 - 9:50:35 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\places.sqlite [10485760]
O61 - LFC: 9-5-2013 - 10:00:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old [145]
O61 - LFC: 9-5-2013 - 10:00:17 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG.old [151]
O61 - LFC: 9-5-2013 - 10:00:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts [12288]
O61 - LFC: 9-5-2013 - 10:00:28 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts-journal [12824]
O61 - LFC: 9-5-2013 - 10:00:40 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old [272]
O61 - LFC: 9-5-2013 - 10:04:25 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download [850304]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom [8509788]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1474726]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist [134920]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist [19956]
O61 - LFC: 9-5-2013 - 10:04:27 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist [4768]
O61 - LFC: 9-5-2013 - 10:04:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies [6144]
O61 - LFC: 9-5-2013 - 10:04:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576]
O61 - LFC: 9-5-2013 - 10:06:17 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists [270044]
O61 - LFC: 9-5-2013 - 10:18:10 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity [554]
O61 - LFC: 9-5-2013 - 10:22:01 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\ZHPDiag.lnk [512]
O61 - LFC: 9-5-2013 - 10:23:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Session [562059]
O61 - LFC: 9-5-2013 - 10:23:55 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Tabs [83615]
O61 - LFC: 9-5-2013 - 10:29:06 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16]
O61 - LFC: 9-5-2013 - 10:29:06 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000073 [238]
O61 - LFC: 9-5-2013 - 10:29:07 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG [145]
O61 - LFC: 9-5-2013 - 10:29:07 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [120832]
O61 - LFC: 9-5-2013 - 10:29:07 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal [4624]
O61 - LFC: 9-5-2013 - 10:29:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\000220.sst [146]
O61 - LFC: 9-5-2013 - 10:29:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16]
O61 - LFC: 9-5-2013 - 10:29:12 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000217 [401]
O61 - LFC: 9-5-2013 - 10:29:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor [25600]
O61 - LFC: 9-5-2013 - 10:29:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal [15992]
O61 - LFC: 9-5-2013 - 10:29:14 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT [16]
O61 - LFC: 9-5-2013 - 10:29:14 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-002710 [1167]
O61 - LFC: 9-5-2013 - 10:29:15 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG [151]
O61 - LFC: 9-5-2013 - 10:29:16 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Managed Mode Settings [8]
O61 - LFC: 9-5-2013 - 10:29:39 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [548864]
O61 - LFC: 9-5-2013 - 10:29:39 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal [16384]
O61 - LFC: 9-5-2013 - 10:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [1294336]
O61 - LFC: 9-5-2013 - 10:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons-journal [16384]
O61 - LFC: 9-5-2013 - 10:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-05 [1134592]
O61 - LFC: 9-5-2013 - 10:29:57 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2013-05-journal [16384]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Session [24861]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Tabs [9260]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History [794624]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache [84866]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal [16384]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [109729]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [780]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links [131072]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Local State [32664]
O61 - LFC: 9-5-2013 - 10:30:13 ---A- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\chrome_shutdown_ms.txt [4]
O61 - LFC: 9-5-2013 - 7:22:05 -SHA- C:\Documents and Settings\PC Gebruiker\IETldCache\index.dat [262144]
O61 - LFC: 9-5-2013 - 7:27:04 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\IdentityCRL\production\MetaConfig.xml [163]
O61 - LFC: 9-5-2013 - 7:33:38 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\3M\PSNotes\PSNData [8704]
O61 - LFC: 9-5-2013 - 8:52:04 -SHA- C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1801674531-1604221776-725345543-1004\Credentials [6818]
O61 - LFC: 9-5-2013 - 8:57:26 ---A- C:\Documents and Settings\PC Gebruiker\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk [2593]
O61 - LFC: 9-5-2013 - 8:58:41 ---A- C:\Documents and Settings\PC Gebruiker\Mijn documenten\08 elle 9-05.docx [11226]
O61 - LFC: 9-5-2013 - 8:58:41 ---A- C:\Documents and Settings\PC Gebruiker\Onlangs geopend\08 elle 9-05.lnk [605]
~ 810 Fichiers temporaires (Temporary files)
~ 38 Fichiers cookies (Cookies files)
~ Files: 735 Legitimates Filtered in 00mn 06s
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 30-8-2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 9-12-2005 - Unknown owner (LVPrcMon) .(...) - LEGACY_LVPRCMON
O64 - Services: CurCS - 6-5-2013 - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe (vToolbarUpdater15.1.0) .(.AVG Secure Search - ToolbarU Application.) - LEGACY_VTOOLBARUPDATER15.1.0 =>Toolbar.AVGSearch
~ Legacy: 133 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chr
tu as pas lu la procédure ou je m'explique mal car je disais bien
Pour me le transmettre clique sur ce lien :
https://www.cjoint.com/
Clique sur "choisissez un fichier " et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt
ou directement en choisissant bureau et ZHPDiag.txt clique dessus
Clique sur Ouvrir.
Clique sur "créer le lien cjoint".
Un lien de cette forme :
http://cjoint.com/data/0KAoeRbq7Szgg.htm
est ajouté dans la page.
Copie ce lien dans ta réponse.
et si problème passe par celui ci : http://pjjoint.malekal.com/
Pour me le transmettre clique sur ce lien :
https://www.cjoint.com/
Clique sur "choisissez un fichier " et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt
ou directement en choisissant bureau et ZHPDiag.txt clique dessus
Clique sur Ouvrir.
Clique sur "créer le lien cjoint".
Un lien de cette forme :
http://cjoint.com/data/0KAoeRbq7Szgg.htm
est ajouté dans la page.
Copie ce lien dans ta réponse.
et si problème passe par celui ci : http://pjjoint.malekal.com/
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Je vous remercie de m'aider, mais ne suis pas spécialiste pc,
espere que les fichier ou dossier neerlandais ne soient pas un probleme,
Voila, je clic sur choisir un fichier, ensuite,
Clic, (c :)
Clic, document and settings
Clic, pc gebruiker, ( pc utilisateur)
Clic, bureau
Clic, ZHPDiag
Clic, ouvrir, la je le vois a cote de choisir fichier
Clic, créer le lien cjoint en bas de page,
Je recois une autre page, j'ai copier le lien et suis revenu en page accueil et collé dans cadre en bas et clic créer le lien cjoint
Je reconnaît que je n'arrive pas a bien suivre
espere que les fichier ou dossier neerlandais ne soient pas un probleme,
Voila, je clic sur choisir un fichier, ensuite,
Clic, (c :)
Clic, document and settings
Clic, pc gebruiker, ( pc utilisateur)
Clic, bureau
Clic, ZHPDiag
Clic, ouvrir, la je le vois a cote de choisir fichier
Clic, créer le lien cjoint en bas de page,
Je recois une autre page, j'ai copier le lien et suis revenu en page accueil et collé dans cadre en bas et clic créer le lien cjoint
Je reconnaît que je n'arrive pas a bien suivre
bonjour, passes adwcleaner et malwarebytes !!
1) passes adwcleaner mode SUPPRESSION
Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
si problème avec la sécurité de internet explorer regarde se lien : http://general-changelog-team.fr/fr/accueil/58-multilangue/securite/214-fausse-alerte-du-filtre-smartscreen-sur-le-telechargement-d-adwcleaner
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
2) fais un examen complet de ton pc avec malwarebytes
!! ATTENTION !!! près de 2 heures de scan !!!
Télécharge Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
si problème essais avec celui ci : https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installation, alors télécharge le ici :COMCTL32.OCX
. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Une fois la mise à jour terminée
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Sélectionnes tous les disques si proposés
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc si il le fait pas lui même
. une fois redémarré double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
1) passes adwcleaner mode SUPPRESSION
Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
si problème avec la sécurité de internet explorer regarde se lien : http://general-changelog-team.fr/fr/accueil/58-multilangue/securite/214-fausse-alerte-du-filtre-smartscreen-sur-le-telechargement-d-adwcleaner
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
2) fais un examen complet de ton pc avec malwarebytes
!! ATTENTION !!! près de 2 heures de scan !!!
Télécharge Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
si problème essais avec celui ci : https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installation, alors télécharge le ici :COMCTL32.OCX
. enregistres le sur le bureau
. Double cliques sur le fichier téléchargé pour lancer le processus d'installation.
. si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
. Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
. Une fois la mise à jour terminée
. rend-toi dans l'onglet, Recherche
. Sélectionnes Exécuter un examen complet
. Sélectionnes tous les disques si proposés
. Cliques sur Rechercher
. Le scan démarre.
. A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
. Cliques sur Ok pour poursuivre.
. Si des malwares ont été détectés, cliques sur Afficher les résultats
. Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
. Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse.
. redemarre le pc si il le fait pas lui même
. une fois redémarré double-cliques sur malwarebytes
. rends toi dans l'onglet rapport/log
. tu cliques dessus pour l'afficher une fois affiché
. tu cliques sur edition en haut du boc notes,et puis sur sélectionner tous
. tu recliques sur edition et puis sur copier et tu reviens sur le forum et dans ta réponse
. tu cliques droit dans le cadre de la reponse et coller
Si tu as besoin d'aide regarde ce tutoriel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
ci joint log malware, riendetecter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.05.10.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
PC Gebruiker :: MT188 [administrateur]
10-5-2013 13:35:47
mbam-log-2013-05-10 (13-35-47).txt
Type d'examen: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 258833
Temps écoulé: 1 heure(s), 4 minute(s), 57 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.05.10.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
PC Gebruiker :: MT188 [administrateur]
10-5-2013 13:35:47
mbam-log-2013-05-10 (13-35-47).txt
Type d'examen: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 258833
Temps écoulé: 1 heure(s), 4 minute(s), 57 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
sorry, pensais avoir fait,
Adwcleaner v2.300 - rapport 10/05/2013
Actualiser le 28/04/2013 Xpode
Systeme d'exploitation: Microsoft Windows XP Service Pack 3 (32 bits)
Utilisateur: utilisateur DU PC -
Mode de démarrage: mode Normal
lancé à partir de/ C:/Document and Settings/utilisateur pc/mes document/Downoads/adwcleaner
option (suprimer)
*****(services)*****
*****(fichiers/dossiers)*****
Supprimer au demarage : c:/program files/common files/ AVG Secure Search
*****(registre)*****
*****(browsers)*****
-\\ Internet Explorer v8.0.6001.18702
(ok) Le registre ne contient aucune entrée non autorisé.
-\\ Mozilla Firefox v19.0.2 (fr)
File : C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\prefs.js
(ok) Le registre ne contient aucune entrée non autorisé.
-\\ Google Chrome v26.0.1410.64
File : C:\Documents and Settings\utilisateur pc \Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
(ok) Le registre ne contient aucune entrée non autorisé
AdwCleaner[S5].txt - [404 octets] - [10/05/2013 20:39:57]
AdwCleaner[S6].txt - [1189 octets] - [10/05/2013 20:41:23]
########## EOF - C:\AdwCleaner[S6].txt - [1249 octets] ##########
Adwcleaner v2.300 - rapport 10/05/2013
Actualiser le 28/04/2013 Xpode
Systeme d'exploitation: Microsoft Windows XP Service Pack 3 (32 bits)
Utilisateur: utilisateur DU PC -
Mode de démarrage: mode Normal
lancé à partir de/ C:/Document and Settings/utilisateur pc/mes document/Downoads/adwcleaner
option (suprimer)
*****(services)*****
*****(fichiers/dossiers)*****
Supprimer au demarage : c:/program files/common files/ AVG Secure Search
*****(registre)*****
*****(browsers)*****
-\\ Internet Explorer v8.0.6001.18702
(ok) Le registre ne contient aucune entrée non autorisé.
-\\ Mozilla Firefox v19.0.2 (fr)
File : C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\prefs.js
(ok) Le registre ne contient aucune entrée non autorisé.
-\\ Google Chrome v26.0.1410.64
File : C:\Documents and Settings\utilisateur pc \Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
(ok) Le registre ne contient aucune entrée non autorisé
AdwCleaner[S5].txt - [404 octets] - [10/05/2013 20:39:57]
AdwCleaner[S6].txt - [1189 octets] - [10/05/2013 20:41:23]
########## EOF - C:\AdwCleaner[S6].txt - [1249 octets] ##########
bonjour, le log
Rapport de ZHPDiag v2013.5.8.70 par Nicolas Coolman, Update du 7-5-2013
Run by PC Gebruiker at 11-5-2013 11:21:19
State : A new version is available.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Anglais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
avast! Free Antivirus v8.0.1488.0
Malwarebytes Anti-Malware version 1.75.0.1300
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21
---\\ System Information
~ Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 30 GB (62%) free of 49 GB
---\\ Logged in mode
~ Computer Name: MT188
~ User Name: PC Gebruiker
~ All Users Names: SUPPORT_388945a0, PC Gebruiker, HelpAssistant, Gast, ASPNET, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\PC Gebruiker\Application Data\
~ %Desktop% : C:\Documents and Settings\PC Gebruiker\Bureaublad\
~ %Favorites% : D:\Mijn documenten\KOSTEN & MUTUALITEIT\Favorieten\
~ %LocalAppData% : C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\PC Gebruiker\Menu Start\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 30 Go of 49 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 59 Go of 63 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ CD-ROM drive (Not Inserted)
J:\ CD-ROM drive (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Search Generic System Files
[MD5.AA04F042A820BF1868E643575887E1A6] - (.Microsoft Corporation - Windows Verkenner.) (.14-4-2008 - 21:33:00.) -- C:\WINDOWS\Explorer.exe [1037312]
[MD5.6E76BF0360E68F6A62F2D87DF15EAFD9] - (.Microsoft Corporation - Internet Extensions for Win32.) (.1-11-2012 - 13:12:55.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.1247D4D5444E28519BBE31BE8AB4C029] - (.Microsoft Corporation - Toepassing Windows NT-aanmelding.) (.14-4-2008 - 21:33:20.) -- C:\WINDOWS\system32\Winlogon.exe [510464]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17-8-2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13-4-2008 - 23:10:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13-4-2008 - 23:44:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13-4-2008 - 23:10:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.8BFFFB5AC954E19DFDB96D56512AA518] - (.Microsoft Corporation - Cryptografisch FIPS-stuurprogramma.) (.14-4-2008 - 21:02:52.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13-4-2008 - 21:06:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.C43372D0682F8E32E4EC21117E089EC0] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14-4-2008 - 21:05:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13-4-2008 - 23:11:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13-4-2008 - 23:27:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13-4-2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15-7-2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13-4-2008 - 23:51:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13-4-2008 - 23:45:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.E3934CCC20A4D24F1924E13D36D2A5BD] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14-4-2008 - 21:13:20.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80256]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13-4-2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13-4-2008 - 23:02:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.4173BC66E485FD77A03C4819F60BD0DA] - (.Microsoft Corporation - Redbook Audio Filter-stuurprogramma.) (.14-4-2008 - 21:04:04.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58112]
[MD5.8AB662B3C4691E6DDF61C96BB5B7D103] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.14-4-2008 - 21:03:42.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53504]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/35
~ Mes musiques (My Musics) : 1/107
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 2/389
~ Mon Bureau (My Desktop) : 0/14
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 01s
---\\ Running Processes
[MD5.6F702A7EA2D5F2B55CC90C333FBE9978] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1412]
[MD5.493B1D854F98D611CCA249014C6E631A] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [81920] [PID.1704]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.992]
[MD5.5739F2821D49975CEDE6BF0153D0CF01] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [181664] [PID.1776]
[MD5.575ED0F5DCB34E5C243D2A7EBC860484] - (.Hewlett-Packard Company - No comment.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248] [PID.1808]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1828]
[MD5.D168AD316F07904F2D0DCF7204E8B5E0] - (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe [225280] [PID.160]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.236]
[MD5.7D3451CAA8DB6B50A82A780B0E15B21F] - (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe [489472] [PID.244]
[MD5.35CADFC53E7D7E4336E7C9C04D66C82B] - (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe [262144] [PID.296]
[MD5.38D198A2DD54A67120040566A38103BA] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016] [PID.304]
[MD5.F498EB87FF75980F5C31827D72FB4D53] - (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416] [PID.1932]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.1928]
[MD5.1010E520B76453C6AD2D170D67A14CF3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4858456] [PID.324]
[MD5.BD517C7FB119997EFFBE39D5E4B37B05] - (.Unknown owner - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936] [PID.444]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.512]
[MD5.7214143221CA831CFCB9F64850DFDABA] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [1008816] [PID.108] =>Toolbar.AVGSearch
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.1092]
[MD5.8C36CD5BAED5CE58BAEC5D73E30508E4] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.1320]
[MD5.C1626A1DEB684E044BBC2A03623A0F18] - (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [493776] [PID.1360]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.1392]
[MD5.69DFC1256C1BC5C71C32B34BFFEA59B4] - (.3M - Post-it(R) Software Notes: System.) -- C:\Program Files\3M\PSNLite\PsnLite.exe [1622016] [PID.2352]
[MD5.18EE31923BB580B67F431D29627E1B66] - (.3M - Post-it(R) Software Notes: GiveNote.) -- C:\Program Files\3M\PSNLite\PSNGive.exe [65536] [PID.2724]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1312720] [PID.2124]
[MD5.899E8C9723A2EEF9D977A86C07561682] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7254016] [PID.3064]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] https://www.google.be/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [ealchnonpofjocgofjpopjdoegbbkofj] Happy Lyrics v.1.110 (Activé)
~ Google Browser: 9 Legitimates Filtered in 00mn 06s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\prefs.js
~ Firefox Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.goole.be
~ IE Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 18
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Orphean Key
~ Toolbar: Scanned in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] . (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] . (.Logitech Inc. - Install Helper.) -- C:\Program Files\Logitech\Video\InstallHelper.exe
O4 - HKLM\..\Run: [LogitechCameraService(E)] . (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] . (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Application: Scanned in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico (.not file.)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphean Key
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ 'Reset Web Settings' hijack (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356171846841
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CS3\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CS3\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.132 195.130.130.4
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto-API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Off line netwerk-agent.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL-meldingsbestand voor de Secondary Logon.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Preloader van browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Unknown owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: (vToolbarUpdater15.1.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 11 Legitimates Filtered in 00mn 07s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: Mijn huidige introductiepagina - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoforFilesUpdate.job [282] =>P2P.GoforFiles
~ Scheduled Task: 4 Legitimates Filtered in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: PokerStars.be - (.PokerStars.be.) [HKLM] -- PokerStars.be
~ Logic: 227 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\ICSI]
[HKLM\Software\db0]
~ Key Software: 152 Legitimates Filtered in 00mn 01s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 10-5-2013 - 15:43:52 - [83,662] ----D C:\Program Files\PokerStars.BE
O43 - CFD: 5-3-2013 - 14:07:42 - [0,004] ----D C:\Documents and Settings\PC Gebruiker\Application Data\GoforFiles =>P2P.GoforFiles
O43 - CFD: 4-4-2013 - 16:47:00 - [0] ----D C:\Documents and Settings\PC Gebruiker\Application Data\Lite
O43 - CFD: 7-4-2013 - 20:44:51 - [0,015] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Bureau-accessoires
O43 - CFD: 4-5-2013 - 2:07:57 - [0,001] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Opstarten
O43 - CFD: 22-12-2012 - 21:15:15 - [0,002] ----D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\PokerStars.BE
O43 - CFD: 2-1-2013 - 15:19:22 - [0,000] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Systeembeheer
~ Program Folder: 134 Legitimates Filtered in 00mn 31s
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.400B9C39EB44AEDF934B054F3D810EF9] - 11-5-2013 - 7:36:03 ---A- . (...) -- C:\WINDOWS\wiaservc.log [49]
O44 - LFC:[MD5.E3AB7F24C8D1576A3309DA1506490ECB] - 11-5-2013 - 7:36:05 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.A8888EF947E1A1248D189169DA5770F5] - 28-4-2013 - 13:57:29 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [202]
O44 - LFC:[MD5.DF74F5BC169556CE55C08BB13750E86C] - 5-5-2013 - 7:59:49 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.7.0_21-b11.log [3874]
~ Files: 28 Legitimates Filtered in 00mn 26s
---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\PCMService [Key] . (...) -- C:\Program Files\Home Cinema\PowerCinema\PCMService.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.)
~ SMSR Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA-client voor 32-bits platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI-verificatiepakket.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA-client voor 32-bits platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI-verificatiepakket.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Legitimates Filtered in 00mn 00s
---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13-4-2008 - 23:06:40 ----- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\Drivers\amdagp.sys [43008]
O58 - SDL:[MD5.D9813A015C5CA62411B8E0A0167D00F2] - 4-8-2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9029]
~ Drivers: Scanned in 00mn 00s
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 30-8-2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 9-12-2005 - Unknown owner (LVPrcMon) .(...) - LEGACY_LVPRCMON
O64 - Services: CurCS - 6-5-2013 - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe (vToolbarUpdater15.1.0) .(.AVG Secure Search - ToolbarU Application.) - LEGACY_VTOOLBARUPDATER15.1.0 =>Toolbar.AVGSearch
~ Legacy: 136 Legitimates Filtered in 00mn 01s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {980D9047-23A7-4D99-8E02-BD799A209CE9} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: winmgmt (winmgmt) . (...) -- C:\DOCUME~1\PCGEBR~1\wgsdgsdgdsgsd.dll [0]
~ Services: 39 Legitimates Filtered in 00mn 00s
---\\ Additionnal Scan (O88)
Database Version : v2.11971 - (7-5-2013)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKCU\Software\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKLM\Software\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
~ Additionnel Scan: 198159 Items scanned in 00mn 38s
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 2-5-2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30-8-2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14-4-2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 25-12-2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 25-12-2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 20-4-2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 4-4-2013 181664 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 24-7-2005 53248 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 9-12-2005 81920 | (LVPrcSrv) . (.Logitech Inc..) - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
SR - | Auto 4-4-2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 4-4-2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 18-3-2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 167936 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Auto 2-10-2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SR - | Auto 6-5-2013 1008816 | (vToolbarUpdater15.1.0) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SS - | Demand 12-11-2001 20480 | (x10nets) . (.X10.) - C:\Program Files\Common Files\X10\Common\X10nets.exe
~ Services: Scanned in 00mn 00s
~ 822 Legitimates filtered by white list
End of the scan (468 lines in 02mn 08s)(0)
Rapport de ZHPDiag v2013.5.8.70 par Nicolas Coolman, Update du 7-5-2013
Run by PC Gebruiker at 11-5-2013 11:21:19
State : A new version is available.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Anglais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
avast! Free Antivirus v8.0.1488.0
Malwarebytes Anti-Malware version 1.75.0.1300
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21
---\\ System Information
~ Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 30 GB (62%) free of 49 GB
---\\ Logged in mode
~ Computer Name: MT188
~ User Name: PC Gebruiker
~ All Users Names: SUPPORT_388945a0, PC Gebruiker, HelpAssistant, Gast, ASPNET, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\PC Gebruiker\Application Data\
~ %Desktop% : C:\Documents and Settings\PC Gebruiker\Bureaublad\
~ %Favorites% : D:\Mijn documenten\KOSTEN & MUTUALITEIT\Favorieten\
~ %LocalAppData% : C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\PC Gebruiker\Menu Start\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 30 Go of 49 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 59 Go of 63 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ CD-ROM drive (Not Inserted)
J:\ CD-ROM drive (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Search Generic System Files
[MD5.AA04F042A820BF1868E643575887E1A6] - (.Microsoft Corporation - Windows Verkenner.) (.14-4-2008 - 21:33:00.) -- C:\WINDOWS\Explorer.exe [1037312]
[MD5.6E76BF0360E68F6A62F2D87DF15EAFD9] - (.Microsoft Corporation - Internet Extensions for Win32.) (.1-11-2012 - 13:12:55.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.1247D4D5444E28519BBE31BE8AB4C029] - (.Microsoft Corporation - Toepassing Windows NT-aanmelding.) (.14-4-2008 - 21:33:20.) -- C:\WINDOWS\system32\Winlogon.exe [510464]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17-8-2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13-4-2008 - 23:10:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13-4-2008 - 23:44:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13-4-2008 - 23:10:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.8BFFFB5AC954E19DFDB96D56512AA518] - (.Microsoft Corporation - Cryptografisch FIPS-stuurprogramma.) (.14-4-2008 - 21:02:52.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13-4-2008 - 21:06:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.C43372D0682F8E32E4EC21117E089EC0] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14-4-2008 - 21:05:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13-4-2008 - 23:11:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13-4-2008 - 23:27:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13-4-2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15-7-2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13-4-2008 - 23:51:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13-4-2008 - 23:45:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.E3934CCC20A4D24F1924E13D36D2A5BD] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14-4-2008 - 21:13:20.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80256]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13-4-2008 - 23:49:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13-4-2008 - 23:02:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.4173BC66E485FD77A03C4819F60BD0DA] - (.Microsoft Corporation - Redbook Audio Filter-stuurprogramma.) (.14-4-2008 - 21:04:04.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58112]
[MD5.8AB662B3C4691E6DDF61C96BB5B7D103] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.14-4-2008 - 21:03:42.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53504]
~ Generic Processes: Scanned in 00mn 00s
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/35
~ Mes musiques (My Musics) : 1/107
Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 2/389
~ Mon Bureau (My Desktop) : 0/14
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 01s
---\\ Running Processes
[MD5.6F702A7EA2D5F2B55CC90C333FBE9978] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808] [PID.1412]
[MD5.493B1D854F98D611CCA249014C6E631A] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [81920] [PID.1704]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.992]
[MD5.5739F2821D49975CEDE6BF0153D0CF01] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [181664] [PID.1776]
[MD5.575ED0F5DCB34E5C243D2A7EBC860484] - (.Hewlett-Packard Company - No comment.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248] [PID.1808]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.1828]
[MD5.D168AD316F07904F2D0DCF7204E8B5E0] - (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe [225280] [PID.160]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.236]
[MD5.7D3451CAA8DB6B50A82A780B0E15B21F] - (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe [489472] [PID.244]
[MD5.35CADFC53E7D7E4336E7C9C04D66C82B] - (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe [262144] [PID.296]
[MD5.38D198A2DD54A67120040566A38103BA] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016] [PID.304]
[MD5.F498EB87FF75980F5C31827D72FB4D53] - (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [188416] [PID.1932]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.1928]
[MD5.1010E520B76453C6AD2D170D67A14CF3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [4858456] [PID.324]
[MD5.BD517C7FB119997EFFBE39D5E4B37B05] - (.Unknown owner - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936] [PID.444]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.512]
[MD5.7214143221CA831CFCB9F64850DFDABA] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [1008816] [PID.108] =>Toolbar.AVGSearch
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.1092]
[MD5.8C36CD5BAED5CE58BAEC5D73E30508E4] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.1320]
[MD5.C1626A1DEB684E044BBC2A03623A0F18] - (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [493776] [PID.1360]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.1392]
[MD5.69DFC1256C1BC5C71C32B34BFFEA59B4] - (.3M - Post-it(R) Software Notes: System.) -- C:\Program Files\3M\PSNLite\PsnLite.exe [1622016] [PID.2352]
[MD5.18EE31923BB580B67F431D29627E1B66] - (.3M - Post-it(R) Software Notes: GiveNote.) -- C:\Program Files\3M\PSNLite\PSNGive.exe [65536] [PID.2724]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1312720] [PID.2124]
[MD5.899E8C9723A2EEF9D977A86C07561682] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7254016] [PID.3064]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] https://www.google.be/?gws_rd=ssl
G2 - GCE: Preference [User Data\Default] [ealchnonpofjocgofjpopjdoegbbkofj] Happy Lyrics v.1.110 (Activé)
~ Google Browser: 9 Legitimates Filtered in 00mn 06s
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\PC Gebruiker\Application Data\Mozilla\Firefox\Profiles\0ilg3qmk.default\prefs.js
~ Firefox Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.goole.be
~ IE Browser: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 18
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Orphean Key
~ Toolbar: Scanned in 00mn 00s
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] . (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] . (.Logitech Inc. - Install Helper.) -- C:\Program Files\Logitech\Video\InstallHelper.exe
O4 - HKLM\..\Run: [LogitechCameraService(E)] . (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] . (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [Gadwin PrintScreen] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O4 - HKUS\S-1-5-21-1801674531-1604221776-725345543-1004\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Application: Scanned in 00mn 00s
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico (.not file.)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Orphean Key
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ 'Reset Web Settings' hijack (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356171846841
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CS3\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpNameServer = 195.130.131.132 195.130.130.4
O17 - HKLM\System\CS3\Services\Tcpip\..\{FF4E71E6-4137-470A-A87E-FFDFEFB83852}: DhcpDomain = telenet.be
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.131.132 195.130.130.4
~ Domain: Scanned in 00mn 00s
---\\ Extra protocols (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto-API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Off line netwerk-agent.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL-meldingsbestand voor de Secondary Logon.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Algemeen DLL-bestand voor het ontvangen van.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Preloader van browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser-bibliotheek voor gebruikersin.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Unknown owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: (vToolbarUpdater15.1.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 11 Legitimates Filtered in 00mn 07s
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: Mijn huidige introductiepagina - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\PC Gebruiker\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoforFilesUpdate.job [282] =>P2P.GoforFiles
~ Scheduled Task: 4 Legitimates Filtered in 00mn 00s
---\\ Software installed (O42)
O42 - Logiciel: PokerStars.be - (.PokerStars.be.) [HKLM] -- PokerStars.be
~ Logic: 227 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\GoforFiles] =>P2P.GoforFiles
[HKLM\Software\ICSI]
[HKLM\Software\db0]
~ Key Software: 152 Legitimates Filtered in 00mn 01s
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 10-5-2013 - 15:43:52 - [83,662] ----D C:\Program Files\PokerStars.BE
O43 - CFD: 5-3-2013 - 14:07:42 - [0,004] ----D C:\Documents and Settings\PC Gebruiker\Application Data\GoforFiles =>P2P.GoforFiles
O43 - CFD: 4-4-2013 - 16:47:00 - [0] ----D C:\Documents and Settings\PC Gebruiker\Application Data\Lite
O43 - CFD: 7-4-2013 - 20:44:51 - [0,015] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Bureau-accessoires
O43 - CFD: 4-5-2013 - 2:07:57 - [0,001] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Opstarten
O43 - CFD: 22-12-2012 - 21:15:15 - [0,002] ----D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\PokerStars.BE
O43 - CFD: 2-1-2013 - 15:19:22 - [0,000] R---D C:\Documents and Settings\PC Gebruiker\Menu Start\Programma's\Systeembeheer
~ Program Folder: 134 Legitimates Filtered in 00mn 31s
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.400B9C39EB44AEDF934B054F3D810EF9] - 11-5-2013 - 7:36:03 ---A- . (...) -- C:\WINDOWS\wiaservc.log [49]
O44 - LFC:[MD5.E3AB7F24C8D1576A3309DA1506490ECB] - 11-5-2013 - 7:36:05 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.A8888EF947E1A1248D189169DA5770F5] - 28-4-2013 - 13:57:29 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [202]
O44 - LFC:[MD5.DF74F5BC169556CE55C08BB13750E86C] - 5-5-2013 - 7:59:49 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.7.0_21-b11.log [3874]
~ Files: 28 Legitimates Filtered in 00mn 26s
---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\PCMService [Key] . (...) -- C:\Program Files\Home Cinema\PowerCinema\PCMService.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.)
~ SMSR Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA-client voor 32-bits platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI-verificatiepakket.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - DPA-client voor 32-bits platforms.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI-verificatiepakket.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Legitimates Filtered in 00mn 00s
---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 13-4-2008 - 23:06:40 ----- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\Drivers\amdagp.sys [43008]
O58 - SDL:[MD5.D9813A015C5CA62411B8E0A0167D00F2] - 4-8-2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9029]
~ Drivers: Scanned in 00mn 00s
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 30-8-2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 9-12-2005 - Unknown owner (LVPrcMon) .(...) - LEGACY_LVPRCMON
O64 - Services: CurCS - 6-5-2013 - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe (vToolbarUpdater15.1.0) .(.AVG Secure Search - ToolbarU Application.) - LEGACY_VTOOLBARUPDATER15.1.0 =>Toolbar.AVGSearch
~ Legacy: 136 Legitimates Filtered in 00mn 01s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 17 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {980D9047-23A7-4D99-8E02-BD799A209CE9} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: winmgmt (winmgmt) . (...) -- C:\DOCUME~1\PCGEBR~1\wgsdgsdgdsgsd.dll [0]
~ Services: 39 Legitimates Filtered in 00mn 00s
---\\ Additionnal Scan (O88)
Database Version : v2.11971 - (7-5-2013)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKCU\Software\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
[HKLM\Software\AVG SafeGuard toolbar] =>Toolbar.AVGSafeGuard
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
~ Additionnel Scan: 198159 Items scanned in 00mn 38s
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 2-5-2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30-8-2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14-4-2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 25-12-2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 25-12-2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 20-4-2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 4-4-2013 181664 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 24-7-2005 53248 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 9-12-2005 81920 | (LVPrcSrv) . (.Logitech Inc..) - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
SR - | Auto 4-4-2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 4-4-2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 18-3-2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 167936 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Auto 2-10-2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SR - | Auto 6-5-2013 1008816 | (vToolbarUpdater15.1.0) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SS - | Demand 12-11-2001 20480 | (x10nets) . (.X10.) - C:\Program Files\Common Files\X10\Common\X10nets.exe
~ Services: Scanned in 00mn 00s
~ 822 Legitimates filtered by white list
End of the scan (468 lines in 02mn 08s)(0)
bonjour, passes combofix afin d'être sur que plus rien sur le zhpdiag je vois rien mais bon des fois que et puis après tu nous dira si ton pare feu est ok !!
tu suis bien la procédure tu acceptes si proposer l'installation de la console de récuppération !!
Avant d'utiliser ComboFix :
Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :
si tu as ce genre de d'outils sur ton pc Utilise Defogger pour les désactiver temporairement : sinon passe directement à combofix
. Télécharge Defogger (de jpshortstuff)sur ton Bureau
. Lance le
Une fenêtre apparait : clique sur "Disable"
. Fais redémarrer l'ordinateur si l'outil te le demande
Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"
Tutoriel officiel prends le temps de le regarder : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
et
note bien cette manipe https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix#restore car des fois après combofix la connection internet est déactivée
Télécharge Combofix.exe de sUBs sur ton Bureau,
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Déconnectes toi d'internet et désactives ton antivirus et toutes protection résidente, pour que Combofix puisse s'exécuter normalement.
Doubles clique sur Combofix.exe
Mets le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
tu ne touches pas au pc pendant qu'il travail sauf pour répondre quand il te le demande.
si il te propose d'installer la console de récuppération accepte cela permet à l'outil de nettoyer certain fichiers système , et de réparrer si besion !!
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
Réactives la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à Internet.
Note : Le rapport se trouve également là : C:\Combofix.txt
tu suis bien la procédure tu acceptes si proposer l'installation de la console de récuppération !!
Avant d'utiliser ComboFix :
Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :
si tu as ce genre de d'outils sur ton pc Utilise Defogger pour les désactiver temporairement : sinon passe directement à combofix
. Télécharge Defogger (de jpshortstuff)sur ton Bureau
. Lance le
Une fenêtre apparait : clique sur "Disable"
. Fais redémarrer l'ordinateur si l'outil te le demande
Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"
Tutoriel officiel prends le temps de le regarder : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
et
note bien cette manipe https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix#restore car des fois après combofix la connection internet est déactivée
Télécharge Combofix.exe de sUBs sur ton Bureau,
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Déconnectes toi d'internet et désactives ton antivirus et toutes protection résidente, pour que Combofix puisse s'exécuter normalement.
Doubles clique sur Combofix.exe
Mets le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.
tu ne touches pas au pc pendant qu'il travail sauf pour répondre quand il te le demande.
si il te propose d'installer la console de récuppération accepte cela permet à l'outil de nettoyer certain fichiers système , et de réparrer si besion !!
En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
Une fois le scan achevé, un rapport va s'afficher : Poste son contenu
Réactives la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à Internet.
Note : Le rapport se trouve également là : C:\Combofix.txt
