francist

27 juni 2015

Ik weet niet zo goed hoe ik mijn vraag moet formuleren.

Mijn computer werkt naar behoren, maar telkens ik op internet ga zijn er problemen. Soms loopt alles gesmeerd en plots verlies ik alle contact. Vaak kan ik mijn zoekopdracht in google stellen, Maar als ik op één van de resultaten druk gebeurt er niets meer of verlies ik internetcontact. 't is heel frustrerend.

Ik weet niet of de fout door de hardwaer is of door de softwaer komt; Kan er dat iemand voor mij uitzoeken? ik weet ook niet of ik nu de juiste weg volg

groeten

Francis

25 januari 2015

Ik heb ondertussen alle startpagina's terug op google kunnen plaatsen; alles werkt dus weer ok! jullie zijn echte cracks, het is niet de eerste keer dat je mij uit de nood kan helpen! Jullie leveren schitterend werk voor niet ingewijden zoals ik!

ik vind wel niet meer terug hoe ik kan zeggen dat alles is opgelost, of doen jullie dat zelf?

Hoe kan ik eigenlijk, zonder al te veel kosten te doen zorgen dat deze dingen niet meer kunnen gebeuren? Ik ben zelf lesgever in een technische school, onze ICT-specialisten beveiligen de computers op school heel nauwkeurig, alleen maakt dat een echt soepel gebruik soms wel wat lastig, en dat is niet wat ik thuis eigenlijk ook wil doen... maar ja, dan heb ik jullie hulp natuurlijk nu en dan eens nodig .

kan je mij nog beveiligingstips geven? Blijkbaar zorgt AVG free download inderdaad niet voor een optimale beveiliging.

groeten, en nogmaals super bedankt?

Francis Tanghe

25 januari 2015

hier zijn de twee gevraagde logbestanden

dank je in ieder geval wel al voor de vlotte opvolging hoor.

ZHPFixR1.txt

zoek-results.txt

25 januari 2015

de twee logbestanden

bij het installeren van ZHPDiag kreeg ik eerst de melding dat dit zeer weinig gedownloade wordt en of ik dat wel zeker wou! verder geen problemen daarmee

grts

FT

MBAM Scanlog.txt

ZHPDiag.txt

25 januari 2015

In bijlage de twee logbestanden zoals u vroeg.

Ik moet wel zeggen dat ik "Driver toolkit" niet in de geïnstalleerde programma's terugvind. Dit heb ik dus niet kunnen weghalen... misschien werd dit al eens door iemand geïnstalleerd en dan al verkeerd terug weggedaan. Mijn computer wordt nu en dan eens door een van de dochters gebruikt... en die zeggen wel niet altijd wat er is gebeurd!

zoek-results.txt

AdwCleanerS0.txt

23 januari 2015

het gevraagde logbestand in bijlage

het is inderdaad wel mogelijk dat die dingen op zo'n manier op mijn computer zijn gekomen; maar eerlijk gezegd, ik weet eigenlijk niet of ik dat programma zelf heb geïnstalleerd, ik gebruik het in ieder geval niet.

in ieder geval bedankt om verder te zoeken

zoek-results.txt

23 januari 2015

Ik begrijp het ongemak volkomen, maar ik wist niet dat ik tweemaal had geopend! de eerste keer is mijn internetverbinding weggevallen en ik dacht dat mijn vraag helemaal niet was verstuurd! Ik had dit achteraf wel niet gecontroleerd en heb mijn vraag gewoon opnieuw gesteld, waarvoor mijn oprechte excuses

23 januari 2015

zoals gevraagd het logje, ik zie wel dat er nu op twee manieren naar een oplossing wordt gezocht Hopelijk zorg k zo voor geenverwarring

groeten

Francis

EPeek.txt

23 januari 2015

Oei, blijkbaar is het logbestand niet meegestuurd, laat ik het dan maar op deze manier doen. sorry als dit voor ongemak zorgt

Logfile of random's system information tool 1.10 (written by random/random)
Run by francist at 2015-01-23 17:46:06
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 374 GB (78%) free of 477 GB
Total RAM: 2814 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:46:13, on 23/01/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\TechSmith\Snagit 11\Snagit32.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\TechSmith\Snagit 11\SnagPriv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\idmBroker.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_287_ActiveX.exe
C:\Program Files\E Dev\E-Peek\E-Peek 1.9.9.0.exe
C:\Windows\System32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\francist\Downloads\Programs\RSIT_2.exe
C:\Program Files\trend micro\francist.exe
C:\Windows\system32\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1416471174&from=smt&uid=WDCXWD5000AAKX-00ERMA0_WD-WMC2E575578555785&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1416471174&from=smt&uid=WDCXWD5000AAKX-00ERMA0_WD-WMC2E575578555785&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com/search?q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11NLBE/WOL_WCP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [RealDownloader] C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O4 - Global Startup: Snagit 11.lnk = C:\Program Files\TechSmith\Snagit 11\Snagit32.exe
O8 - Extra context menu item: Download alle links met IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download met IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: OKI OPHC DCS Loader - Oki Data Corporation - C:\Windows\system32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE
O23 - Service: Print Job Accounting (OkiJaSvc) - Oki Data Corporation - C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe
O23 - Service: Print Job Accounting Watch Service (OkiWchSvc) - Oki Data Corporation - C:\Program Files\Okidata\Print Job Accounting\okwchsvc.exe
O23 - Service: Print Job Accounting opja0004 (opja0004) - Oki Data Corporation - C:\Program Files\Okidata\Print Job Accounting\opja0004.exe
O23 - Service: OKI Local Port Manager (OpLclSrv) - Oki Data Corporation - C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Universal Updater Service (UniversalUpdater) - Unknown owner - C:\Program Files\0ca45c95134d\cf3e08d747e4.exe

--
End of file - 8344 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\KGPKVLD.job - C:\Users\francist\AppData\Roaming\KGPKVLD.exe /infocmdline=TciVL+71wANCVjTSaH8v9SOJfXRpFAMlOFzowQhmET91KWIwKAaX6S2DpQJ4Xy7vZ1MSj59KOcpdL9p6rgDfsJvtTaZx98Ou50V8mF/Ot53nT5geCRhuoMgdc0eGn8+7CN49rpRWr2vz+MPFu7mtSa6A/jSTuIchyn4X5ynt14MnPL6AN7L6RKUYCOnSxp6vmaBCsdninlVQq/Lrh2lr85DYmF79jW+zmWPEFbnwzeJvW4YcMiWZwEwMvKRqJZ7hL0e9XO3DLlJbdleLyJv4yHBlGyI9Loj5M03N7Wt/jdivoDSGkHRjgmXsk+JDHLcYhoXf6tDkWoI6smXtkaLa9UT6B6lNOwlqbnFKvcyjWwlmDK0ZLpTnZmmzr2YVAfoW4JAS6eZ4CInVQyzbyyXbRfcFwUopL5bN2rlljWtc+f+66XwJsi5DiRW3FovoDw0EL7uXqIA13krWkpBM4bFo/izO+UrdzxX5vOPss502txlgRh1jznmX468cvtllkKlcqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=
C:\Windows\tasks\QHMDS.job - C:\Users\francist\AppData\Roaming\QHMDS.exe /infocmdline=oaS97MWquJAPNsP0Th/IAXuaGxrU8/K1TGoQEaVmdkHRA6DcyXaydY/L2BiljVzyjs+kfCgt9G9Oo8yikLNNc3sVwrbom6f7e0IslUZRrcZIGWOiYT/KfEXsnuokpiPwHZ+e4qZ6MysMzNs2iiPhA7ORUMjj/sxpD2ABorPbOoMWjoy8DuyI96MO1K3vK3+Agz9FhZuehnRTIUeCvzHnED+86NhVABb/h1oGStPswU1i9pZcs8lUOZNK/jrgzapZlYA2sZFITyDtMnHCCBwFhg0iFMQXfKoA6s43EbUTdcEPTl/18ABrBHZcl5ospDj5+JvuuzlVZLjMUGYeEY0LxHwDr8h834cfFNChjIgGQFRqGDvciDbL5qPSsJ95HeN1mZNHTWZDAyfr9UNtmdZnxKuesK4JI8DgM9BmBRemrm3mgMJaMG7NYjRQmOoL7DMoV8E/VZ8CFa4jZdbBywh7uQnFEYoRtU/DJWueDngplW4Ri6ldFZdMXHfKOwZhmkB8

=========Mozilla firefox=========

ProfilePath - C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\u38188c5.default-1422026848436

"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
"belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.280 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_280.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=17.0.15.10]
"Description"=RealPlayer LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=17.0.15.10]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
belgiumeid@eid.belgium.be

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-02-03 401944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14 542376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files\SupTab\SupTab.dll [2014-11-20 514016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avgui.exe [2014-12-18 3667472]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [2013-08-19 747264]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-06-25 12021464]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2014-12-10 296520]
"RealDownloader"=C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2014-10-29 560192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2011-02-09 393216]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-10-29 4826904]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-12-07 3825232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10]
C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [2012-01-11 941320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-06-25 12021464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\Update\realsched.exe [2014-12-10 296520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
RealPlayer Cloud Service UI.lnk - C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
Snagit 11.lnk - C:\Program Files\TechSmith\Snagit 11\Snagit32.exe

C:\Users\francist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
OpenOffice.org 3.4.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-01-23 17:46:06 ----D---- C:\rsit
2015-01-23 17:38:45 ----SHD---- C:\Windows\system32\AI_RecycleBin
2015-01-23 17:38:43 ----D---- C:\Program Files\E Dev
2015-01-23 17:37:10 ----D---- C:\Users\francist\AppData\Roaming\E Dev
2015-01-23 17:09:53 ----D---- C:\Users\francist\AppData\Roaming\Nico Mak Computing
2015-01-22 12:06:52 ----D---- C:\Program Files\Common Files\Java
2015-01-22 10:05:12 ----D---- C:\Program Files\DriverToolkit
2015-01-14 10:28:56 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 10:28:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-01-14 10:28:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 10:28:48 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 10:28:48 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 10:28:47 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-04 18:22:35 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2015-01-23 17:46:13 ----D---- C:\Windows\Prefetch
2015-01-23 17:46:09 ----D---- C:\Program Files\trend micro
2015-01-23 17:39:31 ----D---- C:\Windows\temp
2015-01-23 17:38:45 ----SHD---- C:\Windows\Installer
2015-01-23 17:38:45 ----D---- C:\Windows\System32
2015-01-23 17:38:43 ----RD---- C:\Program Files
2015-01-23 17:38:29 ----D---- C:\Windows\winsxs
2015-01-23 17:38:29 ----D---- C:\Windows\system32\config
2015-01-23 17:38:27 ----RSD---- C:\Windows\assembly
2015-01-23 17:38:11 ----SHD---- C:\System Volume Information
2015-01-23 17:37:39 ----D---- C:\Windows\Tasks
2015-01-23 17:23:26 ----D---- C:\Windows\system32\Tasks
2015-01-23 17:23:24 ----D---- C:\ProgramData
2015-01-23 16:45:02 ----D---- C:\Users\francist\AppData\Roaming\DMCache
2015-01-23 14:59:03 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-01-23 09:27:29 ----D---- C:\ProgramData\MFAData
2015-01-22 12:07:18 ----D---- C:\Program Files\Java
2015-01-22 12:06:52 ----D---- C:\Program Files\Common Files
2015-01-22 12:06:17 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-01-22 12:06:16 ----A---- C:\Windows\system32\javaws.exe
2015-01-22 12:06:16 ----A---- C:\Windows\system32\javaw.exe
2015-01-22 12:06:16 ----A---- C:\Windows\system32\java.exe
2015-01-22 12:06:12 ----D---- C:\ProgramData\Oracle
2015-01-20 15:30:55 ----D---- C:\Users\francist\AppData\Roaming\vlc
2015-01-20 15:25:28 ----D---- C:\Users\francist\AppData\Roaming\IDM
2015-01-18 13:32:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-18 13:31:59 ----D---- C:\Windows\inf
2015-01-16 16:20:37 ----D---- C:\Windows\system32\NDF
2015-01-15 09:43:40 ----SD---- C:\Users\francist\AppData\Roaming\Microsoft
2015-01-15 03:22:24 ----D---- C:\Windows\system32\drivers
2015-01-15 03:07:12 ----D---- C:\Windows\system32\MRT
2015-01-15 03:01:31 ----D---- C:\Windows\debug
2015-01-15 03:01:24 ----A---- C:\Windows\system32\MRT.exe
2015-01-14 10:28:43 ----D---- C:\Windows\system32\catroot
2015-01-14 10:28:33 ----D---- C:\Windows\system32\catroot2
2015-01-04 18:22:33 ----D---- C:\Windows
2015-01-04 17:34:17 ----D---- C:\Windows\system32\FxsTmp
2014-12-29 14:52:37 ----D---- C:\Users\francist\AppData\Roaming\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-11-18 154904]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-10-05 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-12-08 208152]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
R1 b786bdb3c67d;b786bdb3c67d; C:\Windows\system32\drivers\b786bdb3c67d.sys [2014-05-27 35328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-11-20 48808]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2013-11-28 108000]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-03 5340160]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-03 152064]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-06-25 3086040]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2013-09-17 543336]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 45736]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys []
S3 AODDriver4.0;AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-11-20 48808]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 100352]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-03 5340160]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\francist\AppData\Local\Temp\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SMIGrabber3C;SMI Grabber Device Tuner Filter 3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [2011-01-26 805888]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 USB28xxBGA;USB 2863 Device; C:\Windows\system32\DRIVERS\emBDA.sys [2008-05-14 535040]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM.sys [2008-05-14 286208]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2010-07-22 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-03 172032]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-19 276992]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 OKI OPHC DCS Loader;OKI OPHC DCS Loader; C:\Windows\system32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE [2007-05-29 24576]
R2 OkiJaSvc;Print Job Accounting; C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe [2013-05-28 299008]
R2 OkiWchSvc;Print Job Accounting Watch Service; C:\Program Files\Okidata\Print Job Accounting\okwchsvc.exe [2010-09-01 49152]
R2 opja0004;Print Job Accounting opja0004; C:\Program Files\Okidata\Print Job Accounting\opja0004.exe [2013-04-18 140800]
R2 OpLclSrv;OKI Local Port Manager; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [2012-03-28 147456]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 RealPlayerUpdateSvc;RealPlayer Update Service; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-10-30 31856]
R2 UniversalUpdater;Universal Updater Service; C:\Program Files\0ca45c95134d\cf3e08d747e4.exe [2014-12-05 696832]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 Orbiter;Orbiter; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-11 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-03 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-05 1343400]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 RealPlayer Cloud Service;RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-12-10 1141848]

-----------------EOF-----------------

23 januari 2015

in bijlage het logbestandje

log.txt

23 januari 2015

Tot voor kort startte ik het internet, zowel in google chrome, internet explorer en Firefox het internet op mat google als startpagina! sinds enige tijd komt in de adresbalk nu eerst volgende url http://be-aaa-s3-website-eu-west-1.amazonaws.com/?grp=4 dat staat enige tijd te draaien, maar dan verschijnt www-homepage.com en krijg ik niet meer de gewenste zoekrobot (web search)

kan mij iemand helpen om de gewone google als startpagina terug te krijgen? Langs de normale weg lukt dat niet, in niet 1 van de 3 browsers!

23 januari 2015

Tot voor kort, als ik mijn internet opstartte kwam ik zonder problemen op www.Google.com zoals ik het wens.

Sinds kort zet zowel internet explorer, google chrome of Firefox telkens eerst het volgende in de taakbalk : http://be-aaa.s3-website-eu-west-1.amazonaws.com/?grp=4 daarop blijft hij wat zoeken en gaat dan over naar "www-homepage.com" en krijg ik een zoekrobot die ik helemaal niet wens! Ik heb al een paar pogingen gedaan om dit weg te krijgen, maar op de gewone manier lukt mij dat dus niet.

kan mij hier iemand van af helpen?

22 oktober 2014

Nu moet de ruime aanwezigheid van malware wel verdwenen zijn. Verwijder alvast alle tools die we in dat verband gebruikt hebben ... en laat dan even weten hoe Flash het dan weer doet ?
Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

Remove disinfection tools

Purge System Restore

Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Alles lijkt mij nu in orde, ik denk dat de problemen verdwenen zijn

21 oktober 2014

het nieuwe logbestand in bijlage

[ATTACH]36709[/ATTACH]

MBAM Scanlog.txt

21 oktober 2014

log ingevoegd

[ATTACH]36695[/ATTACH]

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=725706e5729e6a4691412a70cd95fd10

# engine=20703

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2014-10-21 02:55:58

# local_time=2014-10-21 04:55:58 (+0100, Romance (zomertijd))

# country="Belgium"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1='AVG AntiVirus Free Edition 2014'

# compatibility_mode=1051 16777213 100 100 199905 101037342 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 106054 165534549 0 0

# scanned=105594

# found=74

# cleaned=74

# scan_time=2933

sh=4084682CD226BDDE5159142701166F06625BA9C5 ft=1 fh=e760a85a6b979cab vn="Win32/SpeedUpMyPC.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\francist\AppData\Roaming\RHEng\79BB71DB9EF6437B802332C7D56FFDE8\speedupmypc-NL-p2.exe.vir"

sh=7FE681F889EEB7BF739163C3D5AA420A20CA6703 ft=1 fh=989ee893e18e732e vn="Win32/AdWare.1ClickDownload.AP application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\francist\AppData\Roaming\Opera Software\Opera Stable\File System\000\t\00\00000000"

sh=7FE681F889EEB7BF739163C3D5AA420A20CA6703 ft=1 fh=989ee893e18e732e vn="Win32/AdWare.1ClickDownload.AP application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\francist\AppData\Roaming\Opera Software\Opera Stable\File System\000\t\00\00000001"

sh=7FE681F889EEB7BF739163C3D5AA420A20CA6703 ft=1 fh=989ee893e18e732e vn="Win32/AdWare.1ClickDownload.AP application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\francist\AppData\Roaming\Opera Software\Opera Stable\File System\000\t\00\00000002"

sh=2A88FC6509FDC3B22587F6E97AC12F70E4F75DC8 ft=1 fh=86e0df17c19558fd vn="a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\francist\Documents\APNSetup.exe"

sh=0326F4FB7E15081069D8A2A4E4467AB22F5613A3 ft=1 fh=17451cbeefc20049 vn="a variant of Win32/Vittalia.R potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\francist\Downloads\installer_java_French.exe"

sh=15053839452CA3C1DAABEA1D3452CC69BBF6F385 ft=1 fh=9c1de6154a8e49a9 vn="a variant of Win32/AdInstaller potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\francist\Downloads\VideoDownloadConvert.exe"

sh=7FE681F889EEB7BF739163C3D5AA420A20CA6703 ft=1 fh=989ee893e18e732e vn="Win32/AdWare.1ClickDownload.AP application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\francist\Downloads\[_www_Torrenting_com_]_Greys_Anatomy_S10E03_HDTV_XviD_AFG.exe"

sh=02535E4EFC7C1C5181FD23B2AFD2A418C120411B ft=1 fh=3915290c99d72742 vn="Win32/JoyDownloader.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\francist\Downloads\Programs\flashplayer15_install_win_pi_2.exe"

sh=92116438AAD8DD2626F0B6ACE91E68193053B7A7 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\Installer\d6feb0.msi"

sh=CC7B4385A0E1BDC9761B2F28171D69E43D779282 ft=1 fh=f4f53e87f15a7e51 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\Installer\MSI3F43.tmp"

sh=CC7B4385A0E1BDC9761B2F28171D69E43D779282 ft=1 fh=f4f53e87f15a7e51 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\Installer\MSI836A.tmp"

sh=6B6DFF0E1729602078EF355A821A39B5EB2CF529 ft=1 fh=7eaa55ab772339f7 vn="a variant of Win32/SoftonicDownloader.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_francist_Desktop_sleutels_SoftonicDownloader_voor_vlc-media-player.exe.vir"

sh=F9B8B80090A06AD5C0C494787670E5FE9A1BA795 ft=1 fh=c146de79116ca9fd vn="a variant of Win32/Toolbar.Babylon.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_francist_Downloads_Babylon10_setup.exe.vir"

sh=9CE9B1D4CB453084076F4C1D0472E7634C942BC6 ft=1 fh=f748fc20e8dcd30b vn="a variant of Win32/Systweak potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_francist_Downloads_sysrc_trial_25044.exe.vir"

sh=18CA82077ED59437F950B970AAF0F93940FC9823 ft=1 fh=03ec528918889643 vn="a variant of Win32/Systweak.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Windows_system32_roboot.exe.vir"

sh=99DF98DFEF4B483889FA88162D20EE46340A5DBE ft=1 fh=e6e2c196b2ffcb6f vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65auxstb.dll"

sh=E77CA95E7AD71424D46A74A40A3F8457A3F03291 ft=1 fh=500b4b33c829f885 vn="a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65bar.dll"

sh=56CF4F2AC44C6ADD5CDCD419BA4B99D22DC7A0E3 ft=1 fh=46ed14ba69906e9f vn="Win32/Toolbar.MyWebSearch.X potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65barsvc.exe"

sh=0F78FE90AF015B0A511EDE007BD1791A341E891E ft=1 fh=d4fd6df3b7cf992d vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65brmon.exe"

sh=12FF3195BDACA5482034AAC3C3E132D5ADA421A9 ft=1 fh=982f80d197512813 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65brstub.dll"

sh=BAEFCB03679575349E01668C4F0938643BAAA022 ft=1 fh=45ba6b521529362d vn="a variant of Win32/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65datact.dll"

sh=0C88EFCFA1C77D597111125A6C031CEB47B18BA7 ft=1 fh=b856def4c7346ea3 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65dlghk.dll"

sh=8090E240F528004402B29C11E5072BED79D95384 ft=1 fh=73e118282d8d3c4a vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65dyn.dll"

sh=2CA2EA6CF1AD1FE87C25D4AB6B1C7729E48C6390 ft=1 fh=a34a8b9082c46c86 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65feedmg.dll"

sh=9788294F2B8AB28DBAE4C73BB61A6B1200BDD89D ft=1 fh=af8ed8fd644fe8ac vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65highin.exe"

sh=9D54BAF23397E5F1444BC6471052AD234B76FBD3 ft=1 fh=2ab58862c927227b vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65hkstub.dll"

sh=EAA9D46B8FAB8F3D48BB239ADFE46BA312434017 ft=1 fh=2506fdd3752ff6fe vn="a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65htmlmu.dll"

sh=978867B422339E68971E56C49C66F14F2ACD745D ft=1 fh=dd289cd2c7a55037 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65httpct.dll"

sh=DC971C75FFCE77CC952FB6660A2603E09D62D4D9 ft=1 fh=ac2f97e786bfc982 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65idle.dll"

sh=92AC05FFF3AD68271062A3DCB87E12EE6B816DDB ft=1 fh=acec1e59f99ab2fd vn="a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65ieovr.dll"

sh=AFCAAC5845D81A407C63733E4A7D007167F96BE8 ft=1 fh=02b0c8de8c8e9f1e vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65impipe.exe"

sh=556C4FCA5D890F17B7B5040A601B42452A205E29 ft=1 fh=0f2a31b21601aeb5 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65medint.exe"

sh=3EB4A6A25199E6339EC04F36189C71738DE63CE7 ft=1 fh=eafb3b5bfaf84345 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65mlbtn.dll"

sh=DFD07B722E317D1CDDAAB7D5B31BFAB57CC5E739 ft=1 fh=507b4871517a4ad4 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65msg.dll"

sh=CBF93E0F6FF8AE054C18BDBE477CBFAF9F467CF9 ft=1 fh=f7d96c65ea0021a5 vn="a variant of Win32/Toolbar.MyWebSearch potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65Plugin.dll"

sh=77C8DC985373B1E5D9035ECB3A831C7DD1ABFD55 ft=1 fh=e1f880731de07609 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65radio.dll"

sh=C5F26031D5E0C487BFF0D60AA44603135BF60395 ft=1 fh=a846ae5344ec78c3 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65regfft.dll"

sh=A2F202F68FEF2A31E9FE3AE124A46B908349778C ft=1 fh=bf17c6b7704b10fd vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65reghk.dll"

sh=65D604A070334183E5034CDEEC5838E46D705794 ft=1 fh=3d9a604351eb1640 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65regiet.dll"

sh=72E48F7F37E208A52AD975EAECAB29FC50223C27 ft=1 fh=958a563919bf5cc2 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65script.dll"

sh=857980A7B7AB77FF8E34A090CCD76B8BA628E7E4 ft=1 fh=6c9ac10ea3ee1cdd vn="a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65skin.dll"

sh=496310EE0816B49176E03226DB102FAE9AA452B4 ft=1 fh=ceffc168909c0690 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65sknlcr.dll"

sh=F5946D49A70A64072739370E7BAD592FE4799EA1 ft=1 fh=5bc3efb780caf8fa vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65skplay.exe"

sh=BE21D76E502D546B2D88093E13F07923EB59380B ft=1 fh=7424967c664ed914 vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65SrcAs.dll"

sh=8ACE75F6C2417666AD9D60837B72D78B394C3944 ft=1 fh=ae6d89138faf571c vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65SrchMn.exe"

sh=72489280930F183E34FE5AF817F207A5EB65F8D4 ft=1 fh=033eb58713fd33d4 vn="a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65tpinst.dll"

sh=110033F4A78DCA521E8BA73F75747E4E3B6AE545 ft=1 fh=21686246ae128bdd vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\65uabtn.dll"

sh=630D5FC9ACC4932C87263895F554F8C3CB6D4B4A ft=1 fh=b81ce565a99a556c vn="Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\AppIntegrator64.exe"

sh=374E378A91209732B48C8416D1E9805E98FDCFA9 ft=1 fh=6da58ad1308c1c96 vn="Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\AppIntegratorStub64.dll"

sh=6902D246F8FC2457C9AE369B094292DE6EB454BC ft=1 fh=b1be847bff3fcf8f vn="a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\CREXT.DLL"

sh=FF9F058B12B6C4D9B6256304FA9078E391C7F32C ft=1 fh=6022d103b074fe9f vn="a variant of Win32/Toolbar.MyWebSearch.Z potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\CrExtP65.exe"

sh=244414D9D39E114E7989C3B35A5FF038508ECFC1 ft=1 fh=0cbd734d892ac7d4 vn="a variant of Win32/Toolbar.MyWebSearch.AI potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\DPNMNGR.DLL"

sh=6FF50369661027A1CD5F5E465F78C78913FF84CC ft=1 fh=c941e5f2ec9d2835 vn="a variant of Win32/Toolbar.MyWebSearch.AI potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\EXEMANAGER.DLL"

sh=3D7CD376DFDB97512A376E85FBB7F04344C051B6 ft=1 fh=e0ed2601e18686d8 vn="Win64/Toolbar.MyWebSearch.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\Hpg64.dll"

sh=2F938D8C9A5D3C9C239793346D43193BA1CBFCD6 ft=1 fh=929bde520a5aa0d2 vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\T8EXTEX.DLL"

sh=B8944722E8D577E67925DD4A72D1D8E44C3BC6CA ft=1 fh=6f8a20cf4b11d7b0 vn="Win32/Toolbar.MyWebSearch.AA potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\T8EXTPEX.DLL"

sh=7BBFF8810BB79104FE275FBBF7DE48DCBD877E01 ft=1 fh=946da15070ee37db vn="a variant of Win32/Toolbar.MyWebSearch.F potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\T8HTML.DLL"

sh=2E85C71E79C5B2A65D8CCDD5B21AFE559102062F ft=1 fh=68336e5d9907ad1c vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\T8TICKER.DLL"

sh=D0787BEAE97CE99982E7F5000772831421FD48E4 ft=1 fh=b650850bda28ebe2 vn="a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_FromDocToPDF_65\bar\1.bin\VERIFY.DLL"

sh=61238B3E949D305CBEF1EF58B84363058971785D ft=1 fh=b24fa6a919be8b5a vn="a variant of Win64/Adware.MultiPlug.E application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_GoSSave\3MXJeGJGu3c3cy.x64.dll"

sh=61238B3E949D305CBEF1EF58B84363058971785D ft=1 fh=b24fa6a919be8b5a vn="a variant of Win64/Adware.MultiPlug.E application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_OoptOn\evuwWw7LIg72z6.x64.dll"

sh=61238B3E949D305CBEF1EF58B84363058971785D ft=1 fh=b24fa6a919be8b5a vn="a variant of Win64/Adware.MultiPlug.E application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_OpttOn\ljAp9YNHY4QRPY.x64.dll"

sh=86060339AD31C4C6C5F4601301306FD665188A02 ft=1 fh=72001bf47b12a67c vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_SearchProtect\Main\bin\uninstall.exe"

sh=771DC528A8E00040FF06513F01AB1B247FF2EB73 ft=1 fh=66a1ea565f6deec9 vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_SearchProtect\SearchProtect\bin\SPTool64.exe"

sh=A3ED4B73C09B6DF05D713B64FAA783689F01B556 ft=1 fh=61508ea734cfa28b vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_SearchProtect\SearchProtect\bin\SPVC32.dll"

sh=9FF908F2163E6E1CFDB0C34110517E1F8E89824D ft=1 fh=6964d2dc7e2f7da9 vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_SearchProtect\SearchProtect\bin\SPVC64.dll"

sh=BC1B05BBDB2BC3A743024BDC383FEC73E739FC75 ft=1 fh=8c967fa647c8d677 vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_SearchProtect\SearchProtect\bin\SPVC64Loader.dll"

sh=B470497F7EA96F4B7447C32EBB0052D56A8F8DAF ft=1 fh=3c7e4e17a056443d vn="a variant of Win32/ClientConnect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_SearchProtect\UI\bin\cltmngui.exe"

sh=E51A19F421E474E131371A443652BE5C3C21FEBC ft=1 fh=e3636317d9e79e1d vn="a variant of Win32/AdWare.AddLyrics.Y application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_Video-Saver\Uninstall.exe"

sh=61238B3E949D305CBEF1EF58B84363058971785D ft=1 fh=b24fa6a919be8b5a vn="a variant of Win64/Adware.MultiPlug.E application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_Program Files_YoutUBeAdBloacke\mtpdHahPHA4rGr.x64.dll"

sh=55FC4389C65CE85E8D454E18E71E94F0E59FAB51 ft=1 fh=c71c0011147190f2 vn="a variant of Win32/AdWare.MultiPlug.CO application (cleaned by deleting - quarantined)" ac=C fn="C:\zoek_backup\C_ProgramData_OoptOn\28MqjcotX3cOIis.exe"

sh=246DDBC3A2C223A6B9072637D93DC2A2832D097A ft=1 fh=c71c0011b04f613a vn="Win32/Toolbar.Babylon.Y potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_PROGRA~2_DSearchLink\DSearchLink.exe"

sh=D3BE2D4466D23DEB6CCC69A9800EFA708C38DF66 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\zoek_backup\C_Users_francist_AppData_Roaming_Mozilla_Firefox_Profiles_ff6km64e.default_extensions_firefox@lemurleap.info\chrome\content\overlay.js"

log.txt

20 oktober 2014

logje bijgevoegd zoals gevraagd

ComboFix 14-10-20.01 - francist 20/10/2014 19:53:11.1.2 - x86

Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.2814.2085 [GMT 2:00]

Gestart vanuit: c:\users\francist\Downloads\ComboFix.exe

AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

.

(((((((((((((((((((( Bestanden Gemaakt van 2014-09-20 to 2014-10-20 ))))))))))))))))))))))))))))))

.

2014-10-20 17:59 . 2014-10-20 17:59 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-10-20 05:34 . 2014-10-20 05:34 -------- d-----w- c:\windows\ERUNT

2014-10-16 20:53 . 2014-09-13 01:40 67072 ----a-w- c:\windows\system32\packager.dll

2014-10-16 15:34 . 2014-10-16 15:38 -------- d-----w- C:\AdwCleaner

2014-10-16 09:12 . 2014-10-16 08:51 24064 ----a-w- c:\windows\zoek-delete.exe

2014-10-16 09:12 . 2014-10-20 17:59 -------- d-----w- c:\users\francist\AppData\Local\Temp

2014-10-16 08:51 . 2014-10-16 09:10 -------- d-----w- C:\zoek_backup

2014-10-15 11:41 . 2014-10-15 12:14 -------- d-----w- c:\program files\trend micro

2014-10-15 11:41 . 2014-10-15 11:41 -------- d-----w- C:\rsit

2014-10-12 10:34 . 2014-10-12 10:34 -------- d-----w- c:\program files\ConvertHelper

2014-10-12 08:20 . 2014-10-12 08:20 -------- d-----w- c:\users\HomeGroupUser$

2014-10-12 08:20 . 2014-10-12 08:20 -------- d-----w- c:\users\Gast

2014-10-12 08:20 . 2014-10-12 08:20 -------- d-----w- c:\users\francist\AppData\Local\Comodo

2014-10-12 08:20 . 2014-10-12 08:20 -------- d-----w- c:\users\Administrator\AppData\Local\Google

2014-10-12 08:20 . 2014-10-12 08:20 -------- d-----w- c:\users\Administrator\AppData\Local\Comodo

2014-10-11 17:17 . 2014-10-17 17:59 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-10-11 17:17 . 2014-10-17 17:59 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-10-11 17:17 . 2014-10-11 17:17 -------- d-----w- c:\users\francist\AppData\Roaming\rmi

2014-10-11 11:33 . 2014-10-20 10:21 -------- d-----w- c:\users\francist\AppData\Roaming\IDM

2014-10-11 11:33 . 2014-10-15 14:26 -------- d-----w- c:\users\francist\AppData\Roaming\DMCache

2014-10-03 07:08 . 2014-10-01 06:19 115240 ----a-w- c:\windows\system32\drivers\idmwfp.sys

2014-09-30 23:14 . 2014-09-25 01:40 519680 ----a-w- c:\windows\system32\qdvd.dll

2014-09-23 20:02 . 2014-09-09 21:47 2048 ----a-w- c:\windows\system32\tzres.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-09-18 07:12 . 2014-09-18 07:12 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-08-23 01:46 . 2014-08-28 02:41 305152 ----a-w- c:\windows\system32\gdi32.dll

2014-08-12 23:00 . 2014-08-12 23:00 4575232 ----a-w- c:\windows\system32\GPhotos.scr

2014-08-06 08:49 . 2014-08-06 08:49 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2014-08-01 11:35 . 2014-09-10 11:31 793600 ----a-w- c:\windows\system32\TSWorkspace.dll

2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2013-09-03 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7601.17514] . . c:\windows\System32\user32.dll

[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2011-02-09 393216]

"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-09-26 4811032]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]

"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-08-25 5188112]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2013-08-19 747264]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-06-25 12021464]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]

.

c:\users\francist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2010 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]

OpenOffice.org 3.4.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10]

2012-01-11 17:23 941320 ------w- c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

2001-07-09 09:50 155648 ----a-r- c:\windows\System32\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2014-06-25 15:41 12021464 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2014-01-15 06:41 295512 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]

R2 Orbiter;Orbiter;c:\windows\System32\svchost.exe [2009-07-14 20992]

R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]

R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-11-20 48808]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]

R3 SMIGrabber3C;SMI Grabber Device Tuner Filter 3C;c:\windows\system32\Drivers\SmiUsbGrabber3C.sys [2011-01-26 805888]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-09-05 1343400]

S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]

S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]

S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]

S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2014-07-21 200984]

S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]

S2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2010-07-22 814344]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-03 172032]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-19 276992]

S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-11-20 48808]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]

S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2014-10-01 115240]

S2 OKI OPHC DCS Loader;OKI OPHC DCS Loader;c:\windows\system32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE [2007-05-29 24576]

S2 OkiJaSvc;Print Job Accounting;c:\program files\Okidata\Print Job Accounting\oklogsvc.exe [2013-05-28 299008]

S2 OkiWchSvc;Print Job Accounting Watch Service;c:\program files\Okidata\Print Job Accounting\okwchsvc.exe [2010-09-01 49152]

S2 opja0004;Print Job Accounting opja0004;c:\program files\Okidata\Print Job Accounting\opja0004.exe [2013-04-18 140800]

S2 OpLclSrv;OKI Local Port Manager;c:\program files\Okidata\Common\Extend3\portmgrsrv.exe [2012-03-28 147456]

S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2013-09-17 543336]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2012-08-28 45736]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

ORBTR REG_MULTI_SZ Orbiter

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-09-25 00:32 1096520 ----a-w- c:\program files\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2014-10-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-11 17:59]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

IE: &Verzenden naar OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Download alle links met IDM - c:\program files\Internet Download Manager\IEGetAll.htm

IE: Download met IDM - c:\program files\Internet Download Manager\IEExt.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\

FF - ExtSQL: !HIDDEN! 2013-09-18 15:05; 65ffxtbr@FromDocToPDF_65.com; c:\program files\FromDocToPDF_65\bar\1.bin

.

- - - - ORPHANS VERWIJDERD - - - -

.

ShellIconOverlayIdentifiers-{CDC95B92-E27C-4745-A8C5-64A52A78855D} - (no file)

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NewShortcut1.lnk - c:\program files\USB_video_device\Utility\RemoteTool\BDARemote.exe

AddRemove-{22154f09-719a-4619-bb71-5b3356999fbf} - c:\programdata\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Orbiter]

"ServiceDll"="C:/Program Files/ORBTR/orbiter.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Orbiter]

"ServiceDll"="C:/Program Files/ORBTR/orbiter.dll"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(648)

c:\program files\ATI Technologies\HydraVision\HydraDMH.dll

.

Voltooingstijd: 2014-10-20 20:01:29

ComboFix-quarantined-files.txt 2014-10-20 18:01

.

Pre-Run: 403.768.139.776 bytes beschikbaar

Post-Run: 403.667.030.016 bytes beschikbaar

.

- - End Of File - - 8400A0599BB0EE6D7AB8C9A587E849CC

A36C5E4F47E84449FF07ED3517B43A31

20 oktober 2014

En hoe staan de zaken nu ?

de problemen met flash zijn van de baan. De computer voelt hem duidelijk beter in zijn sas, vooral alle mogelijke rare tussenkomsten in Mozilla Firefox zijn allemaal van de baan.

het enige probleem die voorlopig blijft is dat ik regelmatig heel lang moet wachten vooraleer internet wil verder gaan; Precies of de computer met totaal andere dingen bezig is en pas na een tijdje wilt verder werken. Soms start ik internet zelfgewoon opnieuw op om te kunnen verder werken. 'k weet niet of daaraan nog iets zou te doen zijn?

in ieder geval al bedankt voor het geleverde werk! Het is mijn computer zeker ten goede gekomen

Francis

20 oktober 2014

hieronder het gevraagde log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.3.3 (10.14.2014:1)

OS: Windows 7 Professional x86

Ran by francist on ma 20/10/2014 at 7:34:24,98

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update mega browse

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateLemurLeap_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateLemurLeap_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilqualitink_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilqualitink_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateWiseEnhance_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updateWiseEnhance_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilWiseEnhance_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilWiseEnhance_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\WiseEnhance_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\WiseEnhance_RASMANCS

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\francist\appdata\locallow\sitefinder"

Successfully deleted: [Folder] "C:\Users\francist\Local Settings\Application Data\pc_drivers_headquarters"

~~~ FireFox

Emptied folder: C:\Users\francist\AppData\Roaming\mozilla\firefox\profiles\ff6km64e.default\minidumps [2 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on ma 20/10/2014 at 7:36:30,34

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

16 oktober 2014

het log van adwcleaner

# AdwCleaner v4.000 - Rapport aangemaakt 16/10/2014 op 17:38:05

# DB v2014-10-15.7

# Laatste Update 12/10/2014 door Xplode

# Besturingssysteem : Windows 7 Professional Service Pack 1 (32 bits)

# Gebruikersnaam : francist - FRANCIS

# Gestart vanuit : C:\Users\francist\Desktop\adwcleaner_4.000.exe

# Optie : Verwijderen

***** [ Services ] *****

Service Verwijderd : SPPD

***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\Users\Administrator\AppData\Local\Chromatic Browser

Map Verwijderd : C:\Users\francist\AppData\Local\Chromatic Browser

Map Verwijderd : C:\Users\Gast\AppData\Local\Chromatic Browser

Map Verwijderd : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser

Map Verwijderd : C:\Users\Administrator\AppData\Local\torch

Map Verwijderd : C:\Users\francist\AppData\Local\torch

Map Verwijderd : C:\Users\Gast\AppData\Local\torch

Map Verwijderd : C:\Users\HomeGroupUser$\AppData\Local\torch

Map Verwijderd : C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\VideoDownloadConverter_4z

Map Verwijderd : C:\Users\francist\AppData\Roaming\RHEng

Map Verwijderd : C:\ProgramData\PC Drivers HeadQuarters

Map Verwijderd : C:\Program Files\PC Drivers HeadQuarters

Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective

Bestand Verwijderd : C:\Users\francist\AppData\Roaming\LiveSupport.exe_log.txt

Bestand Verwijderd : C:\Users\francist\AppData\Roaming\regsvr32.exe_log.txt

Bestand Verwijderd : C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\user.js

***** [ Taken ] *****

Taak Verwijderd : Driver Detective-RTMUpdater

Taak Verwijderd : Driver Detective-RTMScan

Taak Verwijderd : Driver Detective-RTMRules

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.DynamicBarButton

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.DynamicBarButton.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SkinLauncher

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SkinLauncher.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SkinLauncherSettings

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SkinLauncherSettings.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ThirdPartyInstaller

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ThirdPartyInstaller.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.UrlAlertButton

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.UrlAlertButton.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.XMLSessionPlugin

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\FromDocToPDF_65.XMLSessionPlugin.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\speedupmypc

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector.1

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MegaBrowse_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\updateMegaBrowse_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\updatequalitink_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\updatequalitink_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\utilMegaBrowse_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@FromDocToPDF_65.com/Plugin

Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_ScriptHelper.com/Plugin

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\.

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\..9

Sleutel Verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c67abfdb}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{017D68F2-19B3-41AE-9D8A-8B09DBD25479}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2BD4465D-669A-42E6-B449-636B0B10EBB8}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3700B685-D795-4E17-9B78-73BCEE5D4086}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3719959C-1CCD-4FA7-8EBB-7D9DED86FCCB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3E6260AC-BC6F-44B4-942B-1568C367543A}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{504B4AA9-9952-4490-B0E1-80A5321C35F7}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{72D05120-DF65-4C27-921E-899B5267FEF2}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{947217BD-E967-400A-B14A-BA851A8EDCBB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A0CF6CB9-2276-4F30-B841-05A67067ACE0}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AFA196F4-80E5-47AD-B7BC-C671487D36FB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B7FD68F7-D28B-431E-9EE8-E45D915B7F17}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CD1D181E-C654-4CA5-9D09-B3648537FD7D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F96EE2EF-FE15-4878-AECD-BC367F12C70F}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{517eda57-8d46-4459-96a5-3af167ef052d}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7c91f9db-621f-4bac-85a4-af73782a5193}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D97143C2-4282-496B-BDC4-7EC852F1497C}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{1747AE4D-0A83-4336-84D4-48500BF1554F}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2C9D27D8-C81E-4968-8026-E725E01650C1}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{37923200-6887-4B44-95D4-CAE8F83ECFEE}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{3BB1BA04-1B88-4690-9AD3-0D38412F5FF1}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{3EFEC319-72E8-42AA-AC38-8CF8A0661CDD}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{4D8AEB1D-4ED4-44AC-A039-4775B2575DB0}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{542EAC56-BF4B-46A7-943E-0A4C2CBA34EA}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{6191571E-F7EE-47C3-B229-2DFAC70DB5D2}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{74C02D12-FAEE-4834-80D2-5B7D2480AD61}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{840AE8AE-D547-433E-985C-6BF6C74F5084}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{A85ACA7E-5CD2-461B-877A-994CCCCF491C}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{BF6FDBB8-7CD5-402D-AB4F-E4F13D3490C8}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E3CDDB72-3ADC-4920-B42B-68A8C29FA942}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A4E8BCB-5598-4CAF-9DEC-4D452760E28D}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{517eda57-8d46-4459-96a5-3af167ef052d}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7c91f9db-621f-4bac-85a4-af73782a5193}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{517eda57-8d46-4459-96a5-3af167ef052d}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7c91f9db-621f-4bac-85a4-af73782a5193}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2BD4465D-669A-42E6-B449-636B0B10EBB8}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8AD40E5E-9FD9-4F5E-B4D1-DDF2C921DCE3}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{517eda57-8d46-4459-96a5-3af167ef052d}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7c91f9db-621f-4bac-85a4-af73782a5193}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D6F0AC3-0C2E-4E07-8FDA-11268AB51211}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B445BF-1B84-466A-A623-A360A8CFF8C3}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{701F5C41-BB30-46DA-A56B-68784B0B762B}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3B975A0-F679-444E-9D94-6D292FA53140}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D97143C2-4282-496B-BDC4-7EC852F1497C}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}

Sleutel Verwijderd : HKCU\Software\1ClickDownload

Sleutel Verwijderd : HKCU\Software\BABSOLUTION

Sleutel Verwijderd : HKCU\Software\BI

Sleutel Verwijderd : HKCU\Software\DataMngr

Sleutel Verwijderd : HKCU\Software\Driver Pro

Sleutel Verwijderd : HKCU\Software\filescout

Sleutel Verwijderd : HKCU\Software\FromDocToPDF_65

Sleutel Verwijderd : HKCU\Software\InstallCore

Sleutel Verwijderd : HKCU\Software\Optimizer Pro

Sleutel Verwijderd : HKCU\Software\RegisteredApplicationsEx

Sleutel Verwijderd : HKCU\Software\SearchProtectINT

Sleutel Verwijderd : HKCU\Software\Softonic

Sleutel Verwijderd : HKCU\Software\systweak

Sleutel Verwijderd : HKCU\Software\Webplayer

Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\FromDocToPDF_65

Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Sleutel Verwijderd : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}

Sleutel Verwijderd : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Sleutel Verwijderd : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}

Sleutel Verwijderd : HKLM\SOFTWARE\DataMngr

Sleutel Verwijderd : HKLM\SOFTWARE\FromDocToPDF_65

Sleutel Verwijderd : HKLM\SOFTWARE\SearchProtect

Sleutel Verwijderd : HKLM\SOFTWARE\SW-Booster

Sleutel Verwijderd : HKLM\SOFTWARE\systweak

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDF_65bar Uninstall Firefox

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDF_65bar Uninstall Internet Explorer

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_US Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280

-\\ Mozilla Firefox v31.0 (x86 nl)

-\\ Google Chrome v37.0.2062.124

*************************

AdwCleaner[R0].txt - [15461 octets] - [16/10/2014 17:34:58]

AdwCleaner[s0].txt - [15269 octets] - [16/10/2014 17:38:05]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [15330 octets] ##########

16 oktober 2014

het logje ingevoerd zoald gevraagd, hopelijk is het gelukt

[ATTACH]36515[/ATTACH]

Zoek.exe v5.0.0.0 Updated 16-10-2014

Tool run by francist on do 16/10/2014 at 10:51:54,85.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\francist\Downloads\Programs\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

16/10/2014 10:54:17 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\AVS4YOU deleted successfully

C:\Program Files\Mega Browse deleted successfully

C:\Program Files\ORBTR deleted successfully

C:\Program Files\SimilarSites deleted successfully

C:\Program Files\SW-Booster deleted successfully

C:\PROGRA~2\IDM deleted successfully

C:\PROGRA~2\Oracle deleted successfully

C:\Users\francist\AppData\Roaming\Foxit Reader deleted successfully

C:\Users\francist\AppData\Roaming\PerformerSoft deleted successfully

C:\Users\francist\AppData\Roaming\SimilarSites deleted successfully

C:\Users\francist\AppData\Roaming\Systweak deleted successfully

C:\Users\francist\AppData\Local\Bundled software uninstaller deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{4c60e5ab-5c68-4c59-abaa-885010b24b32} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a235e1e3-6296-4710-af39-104a7faa6c7c} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f236ca79-3123-4afb-9f74-e98117ad5625} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{4c60e5ab-5c68-4c59-abaa-885010b24b32} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FromDocToPDF_65Service deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FromDocToPDF_65Service deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default

---- Lines delta removed from prefs.js ----

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.id", "84bd1111000000000000001fd0d9b756");

user_pref("extensions.delta.instlDay", "15986");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.newTab", false);

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.vrsn", "1.8.24.6");

user_pref("extensions.delta.vrsnTs", "1.8.24.618:44:35");

user_pref("extensions.delta.vrsni", "1.8.24.6");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.babTrack", "affID=119776&tl=2193_&tsp=5029");

user_pref("extensions.delta_i.srcExt", "ss");

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "84bd1111000000000000001fd0d9b756");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15986");

user_pref("extensions.delta.vrsn", "1.8.24.6");

user_pref("extensions.delta.vrsni", "1.8.24.6");

user_pref("extensions.delta.vrsnTs", "1.8.24.618:44:35");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta_i.babTrack", "affID=119776&tl=2193_&tsp=5029");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.srcExt", "ss");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- FireFox user.js and prefs.js backups ----

user_20141610_1104_.backup

prefs_20141610_1104_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a235e1e3-6296-4710-af39-104a7faa6c7c}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f236ca79-3123-4afb-9f74-e98117ad5625}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"FromDocToPDF Search Scope Monitor"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FromDocToPDF Search Scope Monitor]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FromDocToPDF_65 Browser Plugin Loader]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter EPM Support]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader]

==== Deleting Files \ Folders ======================

C:\Program Files\ORBTR not found

C:\Program Files\YoutUBeAdBloacke deleted

C:\ProgramData\YoutUBeAdBloacke deleted

C:\Program Files\GoSSave deleted

C:\ProgramData\GoSSave deleted

C:\Program Files\FromDocToPDF_65 deleted

C:\AutoKMS deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\extensions\65ffxtbr@FromDocToPDF_65.com deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\extensions\firefox@lemurleap.info deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\extensions\gMvQS@h.net deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\extensions\mhU9iz@K76qh.net deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\extensions\nzM1lY@w.com deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\extensions\sitefinder@sitefinder.com deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\extensions\V@lJ.com deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} deleted

C:\ProgramData\OpttOn deleted

C:\Program Files\OpttOn deleted

C:\ProgramData\OoptOn deleted

C:\Program Files\OoptOn deleted

C:\ProgramData\8842c9b7700a382e deleted

C:\Program Files\Video-Saver deleted

C:\Users\francist\appdata\locallow\FromDocToPDF_65 deleted

C:\Program Files\TornTV.com deleted

C:\Program Files\Babylon deleted

C:\Program Files\SearchProtect deleted

C:\UNWISE.EXE deleted

C:\Users\francist\AppData\Roaming\EZDownloader deleted

C:\PROGRA~2\APN deleted

C:\PROGRA~2\Avg_Update_0414b deleted

C:\PROGRA~2\Trusted Publisher deleted

C:\PROGRA~2\DSearchLink deleted

C:\PROGRA~2\IBUpdaterService deleted

C:\PROGRA~2\Package Cache deleted

C:\Users\francist\AppData\Local\SearchProtect deleted

C:\Users\francist\AppData\Local\IAC deleted

C:\Users\francist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager deleted

C:\Users\francist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted

C:\Users\francist\Downloads\sysrc_trial_25044.exe deleted

C:\Users\francist\Downloads\Babylon10_setup.exe deleted

C:\Users\francist\AppData\LocalLow\IAC deleted

C:\Users\francist\AppData\LocalLow\Delta deleted

C:\Windows\tasks\SW-Booster-S-792098896.job deleted

C:\Windows\system32\tasks\SW-Booster-S-792098896 deleted

C:\Windows\system32\config\systemprofile\Searches deleted

C:\Windows\system32\roboot.exe deleted

C:\Windows\system32\RegistryHelperLM.ocx deleted

C:\Windows\System32\searchplugins deleted

C:\Windows\System32\Extensions deleted

C:\Users\francist\Documents\Optimizer Pro deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\searchplugins\ask-web-search.xml deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\searchplugins\conduit-search.xml deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\searchplugins\trovi-search.xml deleted

C:\Users\francist\AppData\Roaming\Mozilla\Firefox\Profiles\ff6km64e.default\jetpack deleted

C:\Users\francist\Desktop\sleutels\SoftonicDownloader_voor_vlc-media-player.exe deleted

C:\Users\francist\Desktop\Search.lnk deleted

"C:\Windows\tasks\AutoKMS.job" deleted

"C:\Program Files\Internet Download Manager\IDMan.exe" deleted

"C:\Program Files\Internet Download Manager\idmBroker.exe" deleted

"C:\Program Files\Internet Download Manager\idmftype.dll" deleted

"C:\Program Files\Internet Download Manager\idmmkb.dll" deleted

"C:\Program Files\Internet Download Manager\IDMNetMon.dll" deleted

"C:\Program Files\Internet Download Manager\IDMShellExt.dll" deleted

"C:\Program Files\Internet Download Manager\IEMonitor.exe" deleted

"C:\Users\francist\AppData\Local\FromDocToPDF_65" deleted

"C:\Program Files\Internet Download Manager" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\francist\AppData\Local\Temp ====

2014-10-12 08:22:37 C0FF66D6529C9228AC9D3105B8283B3E 3042064 ----a-w- C:\Users\francist\AppData\Local\Temp\drvprosetup.exe

2014-10-12 08:22:25 D2D6341A87CC3995ABE80F505B6E112A 1207264 ----a-w- C:\Users\francist\AppData\Local\Temp\LiveSupport_setup.exe

2014-10-12 08:22:16 8EB256AD87ABE5397EC826A3E778B149 4245584 ----a-w- C:\Users\francist\AppData\Local\Temp\optprosetup.exe

2014-10-11 12:58:40 6F863592B75D156A15FC05070A6668EB 661416 ---ha-w- C:\Users\francist\AppData\Local\Temp\D1d0\temp\embededstub.exe

2014-10-11 12:58:40 6F863592B75D156A15FC05070A6668EB 661416 ---ha-w- C:\Users\francist\AppData\Local\Temp\733E3ca37E69B\temp\embededstub.exe

====== Java Cache =====

2014-10-14 13:31:16 A537385D87AD3B252B3839219DCD0B3C 5690 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\1ea61680-370d047a

2014-10-14 13:31:06 9D18C06B0D2A479DDC54448EE519E136 4303 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\29713240-2e3b20ea

2014-10-14 13:31:15 0596584451EB11881990624EB588B5FE 5625 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\37286880-22a4400c

2014-10-14 13:31:11 7CFFC3B03FCC3F565C1503E37469F753 4749 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\51f6aa00-44e4a072

2014-10-14 13:31:10 4AC2D416DD11EA557CA8755D90A4E8BC 4647 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\7315fa80-289e14d9

2014-10-14 13:31:08 7073E1F61844DCEF3C9D870229AED2F4 540 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\21726481-233cc491

2014-10-14 13:31:16 E1EFAF56F1608EA7E8FA1C254C6128EB 292 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\25dffd41-7d812587

2014-10-14 13:31:18 982C3D4819BFC26C42F7567E84CE0D82 4970 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\3eaabc01-27a0c8b4

2014-10-14 13:31:07 471ADF115FCB284696816E4F83A42509 470 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\5412b981-5a78762c

2014-10-14 13:31:05 AD561BA257E92D9358E6A73993B03E9E 401 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\332bb80a-5d182e6a

2014-10-14 13:31:17 A8C029EB3CF1F16F29D215AF2E37F317 6167 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\e34ea8a-580b6571

2014-10-14 13:31:15 F7961781379EE585C8499013D3A79940 5572 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\69d682cb-6b16ea42

2014-10-14 13:31:12 D86865A399ECCB13B2D973EEF10550B4 737 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\6d78840b-40067739

2014-10-14 13:31:08 4F969C64FCDAADC5B4A770A669EFB620 354 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\6f1878b-3f14b342

2014-10-14 13:31:06 48AB07B502E9D054E0527DCEA4B8E974 4776 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\ec2aa4b-535046de

2014-10-14 13:31:12 504E29C27819B603870E59C0CF8DF917 452 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\66725cc-5ebc3afb

2014-10-14 13:31:17 4436847F93FC149AA646912206827FCE 541 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\f916b0c-7f3e9310

2014-10-14 13:31:11 8DE1FC4B78355CAD6157A2C0625AA4F8 669 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\5c2d684d-61850785

2014-10-14 13:31:06 03EEFA8A5964DCF07DF50F793AC35A6B 443 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\2b2b9f4e-3afa3489

2014-10-14 13:31:11 B299AA96872CD48F2F61E1118EFCE0D8 3869 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\5ab1794e-4c8a7441

2014-10-14 13:31:09 914353ABFEC5A5707D1C3218E0C40655 532 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\76304e0e-2ce4e700

2014-10-14 13:31:15 D4A1594E4C278EA8670EFE89340B6674 515 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\63b0918f-11ae5f15

2014-10-14 13:31:09 1C32D60C26D584F6A545CC6699BA3413 5351 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\161c4850-2420549e

2014-10-14 13:31:18 C3A32AC44F0043B65F467CB94D4E0534 822 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\402bee91-4c4af148

2014-10-14 13:31:05 408A8CEF60EB4CAF7514D007D90DBE66 617 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\43509791-330976f9

2014-10-14 13:31:18 E2CD6722EE6A48AD5121BCA758CE9E6F 5898 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\1312df92-1f2c9260

2014-10-14 13:31:15 1A8886AE52050E6B64E4856F6E0A55A3 6016 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\591bff52-6d4a7e20

2014-10-14 13:31:06 E1EFAF56F1608EA7E8FA1C254C6128EB 292 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\10583b02-5ed4f0a9

2014-10-14 13:31:09 E4B4599F9710CD5244B168B23FE91703 659 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\6c7fd502-2c4f7a03

2014-10-14 13:31:07 6E140190755A0B0A38711608D24EEF92 156 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\75e64082-3ca14cdd

2014-10-14 13:31:18 B00C31C7A91AA50A4BBA0BE370E37C75 3540 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\49838a14-3095a39e

2014-10-14 13:31:18 0F1104E41964883A42C37EF52D04508F 763 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\4b653515-6d86886b

2014-10-14 13:31:10 45815D21AE2794B408CB15D621F8097F 782 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\165603d6-35ddfc96

2014-10-14 13:31:14 C44479A8EAF7895C1EFE354BEA0DE171 4139 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\26109e96-410b963a

2014-10-14 13:31:12 828E902B3956FE44A374CDC61FF62D0A 675 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\311688d6-5fded9bb

2014-10-14 13:31:15 66AE4CDCFCA6694B2130D686C0BAC12C 674 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\31446056-3545b7a3

2014-10-14 13:31:05 945C62DAB404C8C6FE2108A37F558A29 1423 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\21a0cbd7-1d7dd178

2014-10-14 13:31:16 14E689D0528CDB5A78FCA6F6EE60AD0B 5357 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\24349197-44121697

2014-10-14 13:31:14 740457FA0CBB4C72A32A1A81B0E7A9F4 5357 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\39294097-17b24fb2

2014-10-14 13:31:11 4EF5798D01A583DD91106671EA69EC24 5808 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\48300697-4840632f

2014-10-14 13:31:06 F55E6020D2702EF1C07D960F99D8F1DD 4990 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\4b639a17-5c78c1da

2014-10-14 13:31:11 1F4501A82AC541C7B4E5D734AC3ED4CB 5043 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\2d85f2d8-208e09ce

2014-10-14 13:31:10 2A4C5F528A76AB53D2A126D1C0922133 687 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\74be0199-3c2ae3b2

2014-10-14 13:31:08 D1D276709F29A1A400D92DECACD9D013 4465 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\41be289a-194e6a32

2014-10-14 13:31:11 D12BDE0A8190A77D8EC41C7219026652 536 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\49a966db-5ce589d5

2014-10-14 13:31:07 129FA057A563638C33A1E8C941B49E1D 324 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\5e1c1f1b-39f9d3b8

2014-10-14 13:31:14 3E5251E2851C617B1A12283C1503D775 5298 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\715d769b-66dd0607

2014-10-14 13:31:10 4BC1230AABAA9286C288A17F4BFACEE1 5587 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\380e2e5d-51f80d7f

2014-10-14 13:31:15 AFCBEAE1A40B1A970217BB5B587F2523 692 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\5ab4191d-17d8c708

2014-10-14 13:31:10 D10ACDA8A9E4CF16F60A06CE7B8D7FB8 489 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\5bb4c8dd-235db0f5

2014-10-14 13:30:57 022215A638E6FE34FBCC6BB0014D1363 101 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\28b5bfc3-36626f68315a072aa21f9869f4747262ccbee639fcf5e6a057814882e45e6e48-6.0.lap

2014-10-14 13:31:12 A95BE2178F7D1351473ACEAC198BFF72 3835 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\2f705643-400b1d3c

2014-10-14 13:31:17 23BCBFDA663122A815255E7EA77DDCAB 798 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\368f8383-35f2fcfe

2014-10-14 13:31:18 7BCD9B0DAF1A6B5B8721836AACAEC006 5356 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\511a101e-73eec2c9

2014-10-14 13:31:15 BEABA76571E99C3B7A1E804FFD15F35E 514 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\f3eb91e-6499c49e

2014-10-14 13:31:13 58F8E1701FD71BD612666ABF83A486E8 446 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\17139aa1-71c589c1

2014-10-14 13:31:12 96F5FFB8CD8021465C63C27F0FAD5113 6000 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\bd1f061-4cbd46bb

2014-10-14 13:31:12 28333F62D650F92802855E6F30EC8D23 5794 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\1c85b962-1e05cbe6

2014-10-14 13:31:13 7BAABEA16437709A60ACC3712883C30B 588 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\1e619e23-6b0a77c4

2014-10-14 13:31:07 4B25A0F6539EA9E35D6BC6983CE32A97 3196 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\5c7beee3-2a9bb2e7

2014-10-14 13:31:05 75FBDEA43BA8AC5ADBBD3CC198C9E807 4184 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\75319e3-2d20cd3f

2014-10-14 13:31:05 66373198B8828FF7C5DD427A9243C9F3 342 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\2557e5e4-25d625dd

2014-10-14 13:31:04 BB5F8F083A009D1286F52A4651EA8A1D 12722 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\2a975e4-7fd6c600

2014-10-14 13:31:17 00C20A5531DD3038C9C0C3BFD5E16035 5384 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\348bdfa4-34d351fa

2014-10-14 13:31:16 92626867B3F56963C80300A304213EAD 5474 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\4077e364-11c96d18

2014-10-14 13:31:06 471ADF115FCB284696816E4F83A42509 470 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\6efffbe5-1b7e250f

2014-10-14 13:31:06 9EC3E6A3BF927024282762B629E08237 4941 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\30b4ce26-7e073847

2014-10-14 13:31:13 BDBC40AC7AD51DAD7BC76B3EA3FF8AC4 688 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\5514b666-66c60cc5

2014-10-14 13:31:13 32A7F973124C39EFB02BC56AFD859727 5311 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\53462727-1fc51af9

2014-10-14 13:31:07 BE5B98FBB0449D08E1B6F04F1E90A4DF 4836 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\74599aa7-3462350c

2014-10-14 13:31:11 BD2D7EAA0C43C25E23F01190B0BB3C78 28340 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\74cc9627-1e5be0ca

2014-10-14 13:31:13 6928ECEFFA136CB6CEB7368BF44DD239 6221 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\6062e2c4-4edc6082

2014-10-14 13:31:06 28A5A1F27BFE24CF82CD427846141445 4904 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\6d105ac4-1f14cc8a

2014-10-14 13:31:07 8125A8E7F9E158CF4E87124768725301 3992 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7dfbe384-64c33e90

2014-10-14 13:31:18 930EEAE26E6D331E4ABB5E1DBA4E1566 539 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\14e83c68-12b2812a

2014-10-14 13:31:13 199E7FCE434E801097B173D8FD713562 3839 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\1c968668-55d5c8cd

2014-10-14 13:31:16 BCABEF1E97A0C75226EF76F2F5C4F90B 533 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\20351629-5d48050d

2014-10-14 13:31:08 569CAA3AEA99D2DF5DA734FCB6E0CF2D 502 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\28c83429-78d95516

2014-10-14 13:31:16 814FB4315C31BBF2C950185F25D89B8E 895 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\41e42969-78ccdfc7

2014-10-14 13:31:14 C0E1F82352377C7C3AEFA19873D051DA 704 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\27fdef2a-69a63297

2014-10-14 13:31:05 A208095E22B28F46B219229DA285D47B 1309 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\68132d2a-7d9b6f31

2014-10-14 13:31:17 2021C29C7157A0A8097BDC1F06E251B5 850 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\50eea7eb-73cfe665

2014-10-14 13:31:16 AF26E7201FB150DE7BFAF7221A907665 4662 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\7577edeb-3b7816e9

2014-10-14 13:31:12 39AFB9714659DCCDDE4FEA57ABA8F108 4520 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\490ee6d-532e73c1

2014-10-14 13:31:05 7CB850F134C090A7A53C56F7D30B871D 982 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\677d2ead-6106117c

2014-10-14 13:31:06 7CB850F134C090A7A53C56F7D30B871D 982 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4cdf0aae-2c037bbd

2014-10-14 13:31:13 58F8E1701FD71BD612666ABF83A486E8 446 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\62381f6e-6db216c8

2014-10-14 13:31:06 03EEFA8A5964DCF07DF50F793AC35A6B 443 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\92b062e-5cf9c264

2014-10-14 13:31:09 DDCDD19283986DAF3F8C2061DE78842F 903 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\e7f05ee-687c906c

2014-10-14 13:31:04 47AAB3329FE17E2F3C90EA3744037517 3199 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\2440762f-4395f3e3

2014-10-14 13:31:16 86CF3B422A18570816A42438E1C43B10 557 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\76d5bd6f-4c4711a9

2014-10-14 13:31:07 FC94236C1AA27C61794EE265E71F0900 4028 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\1f917a70-3d57ec36

2014-10-14 13:31:05 0DCC6F5AD7329A97C7235ADAE1CCD78E 4899 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\65ca8ff0-564b455a

2014-10-14 13:31:14 36044C111C111E81C78CBBDC9BC3AEB1 3740 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\da0f930-1668a770

2014-10-14 13:31:13 502B6D650CDA6DF522BDBD07B763A6E3 6093 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\1535ea05-5fd61baa

2014-10-14 13:31:16 F6B2EA430DB24CE30B1B22A6BAD48BA0 4918 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\173edbc5-73d9a384

2014-10-14 13:31:08 C8D52CDB43DA554703D79F16502DF8C7 4004 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\634a1985-2fb2c158

2014-10-14 13:31:09 970BA351CE27D1B838C8422B07E9F9A8 4212 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\748f9b05-4f7ce867

2014-10-14 13:31:17 F75188333C70062E166E8B200B41F4D1 4630 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\7c74f605-61ac5aad

2014-10-14 13:31:08 7DFD1415F678B1EA8350FE42EBDDFC13 2901 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\272f3b72-370e2401

2014-10-14 13:31:17 BE6F588A8359BE98F9B2D7142EA34FA0 4860 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\36bbffb2-6d53b627

2014-10-14 13:31:15 D73CC9BD58E872B9178CD0D6EE9213C8 532 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\38b28872-512a3ae0

2014-10-14 13:31:15 148A4853257601D21043CFD987CCA129 3792 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\61c92133-4ae00293

2014-10-14 13:31:09 6B78E14EE52A8A1AA6BDFD0DBFAF71F3 362 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\17f1a1b4-59c7951c

2014-10-14 13:31:11 358647288757816D8A35891E9B551407 597 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\2f28b7f4-55f189e8

2014-10-14 13:31:05 02F2A537DEBAD3838B075576D9F9A481 357 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\3fe0b974-3be8e0ad

2014-10-14 13:31:10 8FE72BC0DF4733214052BE5409C2E926 4108 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\59dbcbf4-44eb1f89

2014-10-14 13:31:12 40A8DD9848EDF29DCFF1378346AF8822 618 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\d6d9274-5526f063

2014-10-14 13:31:15 6FA66133648D5B55DCBBA64C5C2BA1D6 362 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\6b4dde75-4ff3745f

2014-10-14 13:31:14 D47A53D4D00BA636EFC886490A5AD904 464 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\72caa1f5-5c1e0770

2014-10-14 13:31:09 D37ED873F3FD33B1F0C323B0BB744A86 409 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\4a9a0536-2989c354

2014-10-14 13:31:08 7E7E6D583E13FD52F7A9F7A54CE24F7F 3533 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\55a88f6-580c1511

2014-10-14 13:31:05 EE9A56DD3B84133778ADEE3028726841 1411 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\5f001ff6-298832a3

2014-10-14 13:31:07 E1EFAF56F1608EA7E8FA1C254C6128EB 292 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\325a87b8-2896a1e7

2014-10-14 13:31:19 66AE4CDCFCA6694B2130D686C0BAC12C 674 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\756c31b8-3dc754a5

2014-10-14 13:31:09 D6872F529DD4A5D8E47B530CCB2EF6D9 3732 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\c9c5ef8-134203df

2014-10-14 13:31:16 14BCBCD4E11189A8789CB0593C17F57F 587 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\18d01e39-1e170654

2014-10-14 13:31:08 271E4DF366D71C8C765D753CB66B82CE 767 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\435456f9-4794a285

2014-10-14 13:31:12 8F2D181CC699564DFF0EFB0E61EEDF29 598 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\1e1c0aba-57569c6e

2014-10-14 13:31:12 DD69C041A81BE145C3EFEA4BCCC4F97A 4278 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\6b92613a-40634c48

2014-10-14 13:31:14 8D5471D83B5C4806C091C032FE164406 591 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\7c4e4f3a-177e136d

2014-10-14 13:31:11 FAE55500FA5773CDAC76BF6856BD6C67 653 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\3cb46fb-20e9a0e3

2014-10-14 13:31:09 ACB7C857D98AB338C869FDF6C53CD3BE 2895 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\48fdfe7b-2ef55ae7

2014-10-14 13:31:07 D296AD267F619CE09C642AB0B8C2C6F0 5093 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\52783e7b-12d825f9

2014-10-14 13:31:18 65878D2BAE05BA0F8D7BA16A8951AEB6 6060 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\73a78cbb-7f7c655d

2014-10-14 13:31:11 B4455D24E69812887AA68B00AA57254A 5185 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\2302586-3462426c

2014-10-14 13:31:17 3BE9DA11B9C5AD189E637DCCF1E044F9 221 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\38142e86-76a519d5

2014-10-14 13:31:14 BF9EC7F873A1526C53180F3982009F0F 533 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\3ab6d106-65c6ff45

2014-10-14 13:31:14 36B18FA071B56955EFD849B85E48169B 6171 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\7aa6bd86-29141b47

2014-10-14 13:31:10 71A1B75A8071309887EA0B98FF1A3927 5570 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\14e50efe-63a2beff

2014-10-14 13:31:07 BB3246ABAA3762D437620D3D71B4E6E3 1032 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\7f669a7e-6bb0acb1

2014-10-14 13:31:15 A80F0834F0673073814BA2B670F7E63D 6197 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\2fe0e63f-439f6189

2014-10-14 13:31:17 1B085BECEB36656D43C48FD40A40C465 4061 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\4f7a003f-57a14cf3

2014-10-14 13:31:11 504E29C27819B603870E59C0CF8DF917 452 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\5369267f-6a268d5a

2014-10-14 13:31:04 265A9B9B723E62F219FC50039A989B46 159 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\28ab6787-23124e58

2014-10-14 13:31:09 4974E1BE085AC302C24D716E7D74630C 3374 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6ac06d47-3d72f925

2014-10-14 13:31:13 2663E957693FDFD2D6904C8C67E4B6BB 478 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\7d448407-775654cd

2014-10-14 13:31:13 7D181739142CFB035D5B09476868D4BB 3852 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\7bd76e88-36a8e47c

2014-10-14 13:30:58 650F0F5FDCE9E3A7912864F6E2A912D3 249950 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\23b7ee09-65b7cfdb

2014-10-14 13:31:10 6B78E14EE52A8A1AA6BDFD0DBFAF71F3 362 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\39846509-4b8f0fc2

2014-10-14 13:31:05 960BA73E5612EF22975CAF2BFCDB44F7 392 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\3dd4f49-25f88978

2014-10-14 13:31:18 CF07DF957CA6911519475C197CA9EC3B 782 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\52bf2f49-30a761ab

2014-10-14 13:31:08 AFCECF8D399A61DD0E8546EE797D339B 614 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\6530fbc9-5bfc72ea

2014-10-14 13:31:18 6556B66CD38D274635965EE56C67FBD1 594 ----a-w- C:\Users\francist\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\7e1fabc9-3a9f8567

====== C:\Windows\system32 =====

2014-10-14 11:51:03 0AE3470A6684F492D57465E81834BB28 444136 ----a-w- C:\Windows\System32\FNTCACHE.DAT

2014-10-11 17:17:59 E68C89106038E6246FBA26DD6344C31E 701104 ----a-w- C:\Windows\System32\FlashPlayerApp.exe

2014-10-11 17:17:59 B71C4D76D9B4808CC4795AB655798F06 71344 ----a-w- C:\Windows\System32\FlashPlayerCPLApp.cpl

====== C:\Windows\system32\drivers =====

2014-10-03 07:08:50 38FCDE896A5B212B98562D3AB67C6C6D 115240 ----a-w- C:\Windows\System32\drivers\idmwfp.sys

====== C:\Windows\Tasks ======

2014-10-12 08:59:30 FAA78ADAF0F150A0EBE4E9A2241DE660 3206 ----a-w- C:\Windows\system32\Tasks\{E2D57E2C-544E-4C2B-89DF-3B5A9EF8E7FB}

2014-10-12 08:54:56 76C3527B84EAC32B8FC6962C9B0ED307 3106 ----a-w- C:\Windows\system32\Tasks\{DDBD2AD1-B132-4D7F-9DA3-442165275904}

2014-10-11 17:18:00 DDB057C944421D550A1A9ED1625BF599 3878 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater

2014-10-11 17:18:00 C02378EF1CC7BA6AD2B35DBDBD290622 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-10-15 11:41:22 -------- d-----w- C:\Program Files\trend micro

2014-10-12 10:34:47 -------- d-----w- C:\Program Files\ConvertHelper

2014-10-11 11:32:26 -------- d-----w- C:\Program Files\Internet Download Manager

2014-09-18 07:13:01 -------- d-----w- C:\Program Files\Common Files\Java

2014-09-18 07:12:32 -------- d-----w- C:\Program Files\Java

======= C: =====

====== C:\Users\francist\AppData\Roaming ======

2014-10-13 09:17:34 78C8AF28FD40F6E7ACB0304FB0A42A4A 122848 ----a-w- C:\Users\francist\AppData\Local\GDIPFONTCACHEV1.DAT

2014-10-12 08:20:46 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Torch

2014-10-12 08:20:46 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Google

2014-10-12 08:20:46 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-10-12 08:20:46 -------- d-----w- C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser

2014-10-12 08:20:46 -------- d-----w- C:\Users\Gast\AppData\Local\Torch

2014-10-12 08:20:46 -------- d-----w- C:\Users\Gast\AppData\Local\Google

2014-10-12 08:20:46 -------- d-----w- C:\Users\Gast\AppData\Local\Comodo

2014-10-12 08:20:46 -------- d-----w- C:\Users\Gast\AppData\Local\Chromatic Browser

2014-10-12 08:20:46 -------- d-----w- C:\Users\francist\AppData\Local\Torch

2014-10-12 08:20:46 -------- d-----w- C:\Users\francist\AppData\Local\Comodo

2014-10-12 08:20:46 -------- d-----w- C:\Users\francist\AppData\Local\Chromatic Browser

2014-10-12 08:20:46 -------- d-----w- C:\Users\Administrator\AppData\Local\Torch

2014-10-12 08:20:46 -------- d-----w- C:\Users\Administrator\AppData\Local\Google

2014-10-12 08:20:46 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo

2014-10-12 08:20:46 -------- d-----w- C:\Users\Administrator\AppData\Local\Chromatic Browser

2014-10-11 17:17:37 -------- d-----w- C:\Users\francist\AppData\Roaming\RHEng

2014-10-11 17:17:22 -------- d-----w- C:\Users\francist\AppData\Roaming\rmi

2014-10-11 11:33:01 -------- d-----w- C:\Users\francist\AppData\Roaming\IDM

2014-10-11 11:33:01 -------- d-----w- C:\Users\francist\AppData\Roaming\DMCache

====== C:\Users\francist ======

2014-10-12 08:20:47 6471C52810B8A50B8C7897FBE5F0E2D1 398 --sha-r- C:\ProgramData\ntuser.pol

2014-10-12 08:20:46 -------- d-----w- C:\Users\HomeGroupUser$\AppData

2014-10-12 08:20:46 -------- d-----w- C:\Users\Gast\AppData

2014-10-11 11:32:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager

2014-09-18 07:12:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2014-10-15 13:14:33 BA6F13709F87AA1331DC90B47612AE4E 73336 ----a-w- C:\Program Files\Opera\25.0.1614.50\wow_helper.exe

2014-10-15 13:14:33 67AE9D36E2F9C138258CD7E7A60EEB85 499832 ----a-w- C:\Program Files\Opera\25.0.1614.50\opera_crashreporter.exe

2014-10-15 13:14:32 869A9FC9EA13303D4BF6F8D0D9392C76 3190392 ----a-w- C:\Program Files\Opera\25.0.1614.50\opera_autoupdate.exe

2014-10-15 13:14:32 5F4690AE3AA40EA032088855ACBCEE46 1117816 ----a-w- C:\Program Files\Opera\25.0.1614.50\installer.exe

2014-10-15 13:14:32 0ECD88A23DC0E7FAB3FA4A6298153A81 50071160 ----a-w- C:\Program Files\Opera\25.0.1614.50\opera.exe

2014-10-15 11:41:22 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\francist.exe

2014-10-15 11:41:08 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\francist\Downloads\Programs\RSIT.exe

2014-10-12 11:50:36 28026DB53EEF61CCF0101672C77CE134 277616 ----a-w- C:\Users\francist\AppData\Local\Mozilla\updates\308046B0AF4A39CB\updates\0\updater.exe

2014-10-12 10:34:48 6E31F3208DD045C7C8FD2300B58D6A61 110080 ----a-w- C:\Program Files\ConvertHelper\ffmpeg.exe

2014-10-12 10:34:48 5D3640A286C978AA3C10D22D631F151E 27554 ----a-w- C:\Program Files\ConvertHelper\cvhelper.exe

2014-10-12 10:34:47 1F634B0F67DD9E15198100DA415FCFE3 695578 ----a-w- C:\Program Files\ConvertHelper\unins000.exe

2014-10-12 10:34:21 6E76BE10C88A00A124A903E155C4A1CE 3782822 ----a-w- C:\Users\francist\Downloads\Programs\ConvertHelperSetup.exe

2014-10-12 09:26:58 9AE4C48DB6D9EB7D060C71AB1AABF5F0 4965896 ----a-w- C:\Users\francist\Downloads\Programs\ccsetup418.exe

2014-10-12 08:22:37 C0FF66D6529C9228AC9D3105B8283B3E 3042064 ----a-w- C:\Users\francist\AppData\Local\Temp\drvprosetup.exe

2014-10-12 08:22:25 D2D6341A87CC3995ABE80F505B6E112A 1207264 ----a-w- C:\Users\francist\AppData\Local\Temp\LiveSupport_setup.exe

2014-10-12 08:22:16 8EB256AD87ABE5397EC826A3E778B149 4245584 ----a-w- C:\Users\francist\AppData\Local\Temp\optprosetup.exe

2014-10-11 17:17:59 E68C89106038E6246FBA26DD6344C31E 701104 ----a-w- C:\Windows\System32\FlashPlayerApp.exe

2014-10-11 17:17:39 43FD6141C6266EFCBC5370242BB6DD1C 1293288 ----a-w- C:\Users\francist\AppData\Roaming\RHEng\79BB71DB9EF6437B802332C7D56FFDE8\speedupmypc-NL-p2.exe

2014-10-11 17:17:37 41B2817C500AEC698EE7D41370794EF1 17913520 ----a-w- C:\Users\francist\AppData\Roaming\rmi\flashplayer15_install_win_pi.exe

2014-10-11 17:17:07 2B0431B80D215D597A8F0B2613BD65B2 527944 ----a-w- C:\Users\francist\Downloads\Programs\flashplayer15_install_win_pi_2.exe

2014-10-11 17:04:43 57CC25107A730AB5AA1818D3450211CC 6326664 ----a-w- C:\Users\francist\AppData\Roaming\IDM\idmupdt.exe

2014-10-11 12:58:40 6F863592B75D156A15FC05070A6668EB 661416 ---ha-w- C:\Users\francist\AppData\Local\Temp\D1d0\temp\embededstub.exe

2014-10-11 12:58:40 6F863592B75D156A15FC05070A6668EB 661416 ---ha-w- C:\Users\francist\AppData\Local\Temp\733E3ca37E69B\temp\embededstub.exe

2014-10-11 11:31:41 11F9F487FD8503305CDA87FF834683A5 170496 ----a-w- C:\Users\francist\Documents\Internet Download Manager 6.19 Build 1 Retail Nederlands\Internet Download Manager 6.19 Build 1 Retail Nederlands\patch.new-UnREaL\Tonec.Inc.Internet.Download.Manager.v6.xx.WinALL.Incl.Keygen.and.Patch.update1-UnREaL.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Driver Detective"="C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false"

"HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"

"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-3730078115-3281393171-2249441152-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe -update activex"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe MSRun"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Driver Detective"="C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false"

"HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"

"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot"

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="C:\Windows\system32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe -update activex"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Bonus.SSR.FR10]