
Zoek.exe v5.0.0.0 Updated 08-April-2015
Tool run by Dosje on ma 13/04/2015 at  7:54:16,86.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dosje\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Running Processes ======================

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\conhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Dosje\Downloads\zoek.exe
C:\Windows\system32\conhost.exe

==== System Restore Info ======================

13/04/2015 7:55:14 Zoek.exe System Restore Point Created Successfully.

==== Windows Installer Info ======================

Bitdefender Total Security [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A61875F6A19795147AF5FC0D7CAEF4FB]C:\Program
Java 8 Update 40 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208040F]C:\Windows\Installer\5c98a.msi
Microsoft .NET Framework 4.5.2 (NLD) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6962609F78B5CC9309ECAD52669862D2]C:\Windows\Installer\455da.msi
Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\65FC11932FE9AB9348A62CB73DDC6058]C:\Windows\Installer\4c28d.msi
Microsoft ASP.NET MVC 4 Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D213EF3268BEC04E8E46A8DBA6F7263]C:\Windows\Installer\d038e.msi
Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]C:\Windows\Installer\dcc77.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0]C:\Windows\Installer\55ddee.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\c54c9.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B696D3C37BD0D6C33A65D38BEC459181]C:\Windows\Installer\32929d3.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\55ddf5.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\c54cf.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\65792d.msi
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]c:\Windows\Installer\e828b.msi
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C025571B2A687A53689168CD7369889B]C:\Windows\Installer\657942.msi
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DC8A59DBF9D1DA5389A1E3975220E6BB]C:\Windows\Installer\65793c.msi
Microsoft_VC80_CRT_x86  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\91785D291CBB3CC40AB8659C8E48CCC2]C:\Windows\Installer\ef9e1e.msi
Microsoft_VC90_CRT_x86  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\121E2D80A6F7BE3479DF26B944094330]C:\Windows\Installer\ef9e26.msi
MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\09AB59D18F4FCE748A2844C1993DC0E1]C:\Windows\Installer\d06be6.msi
MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F764691F11C67F458B88521DA8CB349]C:\Windows\Installer\55dde7.msi
NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A59E554B408BF9345B3333B66153EA79]C:\Windows\Installer\f5cb4.msi
Xara Photo & Graphic Designer 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\847DF4102F77FA64B9F883D221B26B82]C:\Windows\Installer\325547.msi

==== Empty Folders Check ======================

C:\PROGRA~2\regid.1986-12.com.adobe deleted successfully
C:\Users\Dosje\AppData\Roaming\PhoXo deleted successfully
C:\Users\Dosje\AppData\Roaming\QuickScan deleted successfully
C:\Users\Dosje\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 deleted successfully
C:\Users\Dosje\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default

user.js not found
---- Lines isearch removed from prefs.js ----
user_pref("weboftrust.search.avg.url", "^http(s)?\\:\\/\\/isearch\\.avg\\.com\\/search\\?");
---- Lines ask.com removed from prefs.js ----
user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
---- Lines offers removed from prefs.js ----
user_pref("weboftrust.category.301", "{\"name\":\"301\",\"group\":\"4\",\"text\":\"Online tracking\",\"description\":\"Based on your experience the si
---- FireFox user.js and prefs.js backups ---- 

prefs_20151304_0800_.backup

==== Deleting Files \ Folders ======================

C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default\extensions\artur.dubovoy@gmail.co not found
C:\Users\Dosje\AppData\Roaming\transmission deleted
C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} deleted
C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default\extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8} deleted
C:\setup32.exe deleted
C:\found.000 deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default\extensions\firefox@ghostery.com.xpi deleted
C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default\jetpack deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)
Memory (RAM): 3540 MB
CPU Info: Intel(R) Core(TM) i5-4460  CPU @ 3.20GHz
CPU Speed: 3217,8 MHz
Sound Card: Not detected
Display Adapters: NVIDIA GeForce GTX 745 | NVIDIA GeForce GTX 745 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen niet-PnP-beeldscherm | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Bluetooth-apparaat (Personal Area Network) #2 | Microsoft Virtual WiFi Miniport Adapter | Qualcomm Atheros AR5BWB222 Wireless Network Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GHB0N
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  286,9GB | E:  644,5GB
Hard Disks - Free: C:  258,1GB | E:  406,7GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 03/21/14 | ACRSYS - 1072009
Time Zone: Romance (standaardtijd)
Motherboard *: Acer Aspire TC-605
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Bitdefender Antispyware disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Bitdefender Firewall disabled
Default Browser: Firefox	37.0.1
Internet Explorer Version: 11.0.9600.17691 
Mozilla Firefox version: 37.0.1 (x86 nl)
Sun Java version: 1.8.0_40 (32-bit) 
Flash Player version: 17.0.0.134

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-03-21 03:01:01	1D2909DE38A8EEA6EA56D6F8CA638D6B	1807472	----a-w-	C:\Windows\ampa.exe
2015-03-19 02:23:38	2301304260456CAB0F9BF2083F6ADB56	327168	----a-w-	C:\Windows\IsUn0413.exe
====== C:\Users\Dosje\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2015-04-12 22:13:31	BDFC3D73C0CB458C49E9E91BCC13F305	3677120	----a-w-	C:\Windows\System32\FNTCACHE.DAT
2015-04-09 11:47:22	900373C059C2B51CA91BF110DBDECB33	1435272	----a-w-	C:\Windows\System32\Flash8.ocx
2015-04-09 01:44:20	90D6FA9DB9502FC992D260DE4CB944C7	331264	----a-w-	C:\Windows\System32\devinv.dll
2015-04-09 01:44:20	76F800C6046B439799C3A4120A0B398A	576000	----a-w-	C:\Windows\System32\generaltel.dll
2015-04-09 01:44:20	5F823C55FB9761F1236AF48DFF630353	860160	----a-w-	C:\Windows\System32\appraiser.dll
2015-04-09 01:44:19	EF63EDC07D444AC4B6E88CA6E2841737	159744	----a-w-	C:\Windows\System32\aepic.dll
2015-04-09 01:44:19	E51E2C5EED4CE667D2CF06E56AC6FF1C	896000	----a-w-	C:\Windows\System32\aeinv.dll
2015-04-09 01:44:19	98F09936B1C397987268D6F2F3D869DB	26112	----a-w-	C:\Windows\System32\acmigration.dll
2015-04-09 01:44:19	896850F7D6E6E95DC5BE0F192E05CD0E	202752	----a-w-	C:\Windows\System32\aepdu.dll
2015-04-09 01:44:19	87D7FF1217B32CD069DAF079686F43AE	630784	----a-w-	C:\Windows\System32\invagent.dll
====== C:\Windows\system32\drivers =====
2015-03-18 13:22:12	593184CE76FDAAC328843CCCC579C19D	8454856	----a-w-	C:\Windows\System32\drivers\nvlddmkm.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-04-12 23:08:24	--------	d-----w-	C:\Program Files\Xara
2015-04-12 23:08:24	--------	d-----w-	C:\Program Files\Common Files\MAGIX Services
2015-04-12 23:04:38	--------	d-----w-	C:\Program Files\MOJOSOFT
2015-04-12 21:57:14	--------	d-----w-	C:\Program Files\Company
2015-04-12 16:55:45	--------	d-----w-	C:\Program Files\Adobe
2015-04-12 15:25:22	--------	d-----w-	C:\Program Files\Common Files\Adobe
2015-04-09 12:57:33	--------	d-----w-	C:\Program Files\Common Files\Bcgsoft
2015-04-09 07:49:15	--------	d-----w-	C:\Program Files\trend micro
2015-04-08 15:00:52	--------	d-----w-	C:\Program Files\SumatraPDF
2015-03-31 18:43:06	--------	d-----w-	C:\Program Files\DC++
2015-03-20 23:47:36	--------	d-----w-	C:\Program Files\Common Files\Xara Services
2015-03-20 23:46:29	--------	d-----w-	C:\Program Files\MSXML 4.0
2015-03-18 23:28:05	--------	d-----w-	C:\Program Files\Fotor
2015-03-18 21:14:09	--------	d-----w-	C:\Program Files\IDimager Products
2015-03-18 02:34:08	--------	d-----w-	C:\Program Files\Transmission
2015-03-15 13:25:24	--------	d-----w-	C:\Program Files\Microsoft ASP.NET
2015-03-15 10:10:18	--------	d-----w-	C:\Program Files\Microsoft Silverlight
======= C: =====
2015-04-12 22:12:49	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\asc_rdflag
2015-04-12 21:22:24	D41D8CD98F00B204E9800998ECF8427E	0	--sha-r-	C:\MSDOS.SYS
2015-04-12 21:22:24	D41D8CD98F00B204E9800998ECF8427E	0	--sha-r-	C:\IO.SYS
2015-04-12 14:05:50	B46DBFFD25C5C81954CD8F9B9866C253	40	---ha-w-	C:\B4C670476ACD
2015-03-21 03:01:01	299B68129A5FA4AC12D767C8FA68F65D	1024	---h--w-	C:\AMTAG.BIN
====== C:\Users\Dosje\AppData\Roaming ======
2015-04-13 04:45:30	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\Adobe
2015-04-12 23:08:33	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\MAGIX
2015-04-12 23:08:29	--------	d-----w-	C:\Users\Dosje\AppData\Local\Xara
2015-04-12 23:05:00	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Photo Frame Studio
2015-04-12 23:04:38	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\mojosoft
2015-04-12 16:39:39	0B8E132218D7483ADAFDA51F52BB06F1	65304	----a-w-	C:\Users\Dosje\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-12 03:44:43	--------	d-----w-	C:\Users\Dosje\AppData\Local\Zoner
2015-04-10 01:44:10	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\onOne Software
2015-04-09 20:01:19	--------	d-----w-	C:\Users\Dosje\AppData\Local\ACD Systems
2015-04-09 05:43:27	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\XnRetro
2015-04-08 15:00:56	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\SumatraPDF
2015-04-01 10:33:15	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\AnvSoft
2015-03-31 18:43:13	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\DC++
2015-03-31 18:43:13	--------	d-----w-	C:\Users\Dosje\AppData\Local\DC++
2015-03-19 13:25:39	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Local\SafeBox
2015-03-19 13:25:39	--------	d-----w-	C:\Users\Dosje\AppData\Local\mondos61
2015-03-18 23:31:01	--------	d-----w-	C:\Users\Dosje\AppData\Local\IDimager Systems, Inc
2015-03-18 21:16:50	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\Savedero
2015-03-18 00:40:29	--------	d-----w-	C:\Users\Dosje\AppData\Roaming\NVIDIA
2015-03-14 07:46:58	--------	d-----w-	C:\Users\Dosje\AppData\Local\Diagnostics
====== C:\Users\Dosje ======
2015-04-13 05:55:45	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Dosje\Downloads\RSIT.exe
2015-04-12 23:08:29	--------	d-----w-	C:\ProgramData\MAGIX
2015-04-12 23:08:27	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xara
2015-04-12 23:08:24	--------	d-----w-	C:\ProgramData\Xara
2015-04-12 15:25:22	--------	d-----w-	C:\ProgramData\Adobe
2015-04-12 15:07:54	C70CE9C015DCEE4D59EC95707F9C5C61	249856	----a-w-	C:\Windows\serviceprofiles\Localservice\NTUSER.rhk
2015-04-12 15:07:54	9246194871FE0B44E989E3F40FC2D64F	249856	----a-w-	C:\Windows\serviceprofiles\networkservice\NTUSER.rhk
2015-04-12 03:44:42	--------	d-----w-	C:\ProgramData\Zoner
2015-04-09 19:39:19	--------	d-----w-	C:\ProgramData\onOne Software
2015-03-20 12:41:51	--------	d---a-w-	C:\ProgramData\TEMP
2015-03-18 23:28:32	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotor
2015-03-18 21:14:10	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDimager Products
2015-03-18 02:34:09	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt
2015-03-16 18:35:56	--------	d-----w-	C:\Users\Dosje\dwhelper
2015-03-16 15:56:12	--------	d-----w-	C:\Users\Dosje\Tracing
2015-03-15 10:10:19	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

====== C: exe-files ==
2015-04-13 05:55:45	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Dosje\Downloads\RSIT.exe
2015-04-12 23:04:59	0C786E4FA0B71398A8CAE255D70EDE62	3349280	----a-w-	C:\Program Files\MOJOSOFT\Photo Frame Studio\PhotoFrameStudio.exe
2015-04-12 23:04:38	517F19F7C9EA52D520D471D77B7456C9	1170208	----a-w-	C:\Program Files\MOJOSOFT\Photo Frame Studio\unins000.exe
2015-04-12 16:53:40	F5A5DBADCD24BDF33BFDAA789E39C876	558496	------w-	C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
2015-04-12 16:53:40	9D6519528FB4B5D5694AAF4C7E391AC7	522416	------w-	C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\LogTransport2.exe
2015-04-12 16:53:39	E177D510084CD9688A2B958AB765BF66	893312	------w-	C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
2015-04-12 16:53:39	9C050E785F2D5C9108E45E59ABA07A81	2997152	------w-	C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\Adobe Application Manager (Updater).exe
2015-04-12 16:53:39	0B1FAEF79A1B5981C4465B95183CF89A	505248	------w-	C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAMLauncher.exe
2015-04-12 16:46:39	CE029E9A1B3100B3C6C2F7A140DE87EE	1827176	----a-r-	C:\Program Files\Common Files\Adobe\OOBE\PDApp\P7\adobe_licutil.exe
2015-04-12 16:46:39	7AB4EA903E6EC74920AF6201BE13E771	385408	------w-	C:\Program Files\Common Files\Adobe\OOBE\PDApp\P7\AAM Registration Notifier.exe
2015-04-11 13:17:00	D0DBF760E14DD8E073C65894BEBA4559	448352	----a-w-	C:\Users\Dosje\AppData\Local\NVIDIA\NvBackend\Packages\000073e8\CoProc update.19480396.exe
2015-04-10 09:58:33	AC16DE56C389C57D3BAD8FB91C17BF52	5373408	----a-w-	C:\Users\Dosje\AppData\Local\NVIDIA\NvBackend\Packages\000073d3\DAO.19477205.exe
2015-04-09 15:37:02	9AE6D64808CCC61E312D5E93A7A68B6E	675256	----a-w-	C:\Users\Dosje\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-04-09 15:36:58	0DEF0E22B19B4BCC66E0C0F91EE00CA8	172984	----a-w-	C:\Users\Dosje\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-04-09 07:49:19	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Dosje.exe
2015-04-09 01:44:20	870CADF288DCA12B4E1D88FA0418146A	67768	----a-w-	C:\Windows\System32\CompatTel\diagtrackrunner.exe
2015-04-08 19:26:51	9823CF08B8322478E384A6FB08638B9C	428889	----a-w-	C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default\extensions\artur.dubovoy@gmail.com\modules\ffmpeg\ffmpeg.exe
2015-04-08 15:00:52	9DAD30147BC7F6176EF4049F24047744	1481312	----a-w-	C:\Program Files\SumatraPDF\SumatraPDF.exe
2015-04-08 15:00:52	37D7F35D09B2C1D48E05E5F31871864F	242272	----a-w-	C:\Program Files\SumatraPDF\uninstall.exe
2015-04-08 12:24:24	269BDB3CB77EB77BABE2862BEAB1F208	148080	----a-w-	C:\Program Files\Mozilla Maintenance Service\maintenanceservice_tmp.exe
=== C: other files ==
2015-04-12 21:22:24	D41D8CD98F00B204E9800998ECF8427E	0	--sha-r-	C:\MSDOS.SYS
2015-04-12 21:22:24	D41D8CD98F00B204E9800998ECF8427E	0	--sha-r-	C:\IO.SYS
2015-04-09 12:29:31	DA3F03899900FE3B35EF3039ED442603	32988	----a-w-	C:\Users\Dosje\AppData\Local\transmission\cache\favicons\torrentsmd.com
2015-04-09 08:20:59	A6927C4AC46FAEA60D263D87C06062A9	133000	----a-w-	C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default\extensions\adblockpopups@jessehakanen.net.xpi
2015-04-08 19:40:30	ED2B29F52525B29FF9FF26BF68528A23	500930	----a-w-	C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
2015-04-07 19:04:55	9EF7CDF242DDD494149216A43A5CF6BA	8348	----a-w-	C:\Users\Dosje\AppData\Local\transmission\cache\favicons\appengine.google.com

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1475824631-3608167871-2514947924-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"NvBackend"="C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart"
"Bdagent"="C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default
user_pref("browser.search.defaultenginename", "Google Default");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"ffpwdman@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender\ffpwdman" [11/04/2014 12:33]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default
- Flash Video Downloader - YouTube HD Download [4K] - %ProfilePath%\extensions\artur.dubovoy@gmail.com
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
- Google Image Search - %ProfilePath%\extensions\{73007fef-a6e0-47d3-b4e7-dfc116ed6f65}.xpi
- Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dosje\AppData\Roaming\Mozilla\Firefox\Profiles\ym14vcdt.default
0CA4180B21C6B728578F3B0433BB740E	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
280F658A6013DC6A31BF133AE0E05AE5	- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll -	NVIDIA 3D VISION
40CF7A85D103E925F459AA1407B98877	- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll -	NVIDIA 3D Vision
893BF7D2261C56C24F813405D9D018E0	- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll -	Silverlight Plug-In
D7492728A4C06EC99B10F8219B1F31F5	- C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll -	Java(TM) Platform SE 8 U40
F47B4F0D0DF0C28759B60CF0B0090A11	- C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npdeployJava1.dll -	Java Deployment Toolkit 8.0.400.25
43583AB4DFD406F4C188342F41B1F91C	- C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll -	Shockwave Flash
8DA2ED6B04EA33F2EAE8BA883F903729	- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll -	Microsoft® Silverlight


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ccahoghmggldkcdjiebjkidpfongdfbl - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx[03/03/2014 15:59]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== HijackThis Entries ======================

O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
O4 - HKCU\..\Run: [Bitdefender Agent Wallet-toepassing] "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SafeBox - Bitdefender - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender\vsserv.exe

==== Empty IE Cache ======================

C:\Users\Dosje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dosje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dosje\AppData\Local\Mozilla\Firefox\Profiles\ym14vcdt.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=157 folders=35 489205196 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Dosje\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dosje\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 13/04/2015 at  8:04:24,09 ======================