Zoek.exe v5.0.0.0 Updated 13-09-2015
Tool run by Adri-Joke on ma 14-09-2015 at 15:48:55,68.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Adri-Joke\Downloads\Programs\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2015-09-09-154434.log	55516 bytes

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\IDM deleted successfully
C:\Users\Adri-Joke\AppData\Local\Axialis deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe
C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
C:\Program Files\Start Menu 7\StartMenu7.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxapps.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\ntvdm.exe
C:\Windows\system32\conhost.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\IObit\Advanced SystemCare 8\RealTimeProtector.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Bitdefender\Bitdefender 2015\OBKAgent.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Users\Adri-Joke\Downloads\Programs\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Adri-Joke\AppData\Roaming\ProductData deleted
C:\PROGRA~2\ProductData deleted

==== System Specs ======================

Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601)
Memory (RAM): 2048 MB
CPU Info: Intel(R) Core(TM)2 Quad CPU    Q6600  @ 2.40GHz
CPU Speed: 2464,6 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Realtek Digital Output (Realtek | 
Realtek HDMI Output (Realtek Hi | 
Display Adapters: NVIDIA GeForce 8500 GT | NVIDIA GeForce 8500 GT | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1680 X 1050 - 32 bit
Network: Network Present
Network Adapters: USB Wireless 802.11 b/g Adaptor | Intel(R) 82566DC-2 gigabit-netwerkverbinding
CD / DVD Drives: 2x (D: | E: | ) D: HL-DT-STDVD-RW GSA-H60L  | E: ASUS    DVD-E616A3T
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C:  298,1GB | F:  298,1GB | M:  232,8GB
Hard Disks - Free: C:  204,4GB | F:  55,4GB | M:  145,3GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 09/27/07 | DELL   - 20070927
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK Computer INC. Berkeley
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Bitdefender Antispyware disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: IObit Malware Fighter disabled (Outdated)
Firewall: Bitdefender Firewall disabled
Default Browser: Google Chrome	45.0.2454.85
Internet Explorer Version: 11.0.9600.18015 
Google Chrome version: 45.0.2454.85
Adobe Reader version: 11.0.12.18
Flash Player version: 18.0.0.232

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-08-22 08:43:27	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\Graffiti5.2Pin.ini
2015-08-21 13:47:32	A4F6DF0E33E644E802C8798ED94D80EA	179712	----a-w-	C:\Windows\notepad.exe
====== C:\Users\ADRI-J~1\AppData\Local\Temp ====
2015-09-11 07:43:44	46092BBDDB5BDF775F67A341D2B03AD7	112286	----a-w-	C:\Users\Adri-Joke\AppData\Local\Temp\48a89222-3625-429b-a460-0b0e39918267\CliSecureRT.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2015-09-11 08:40:10	E08E3E101A15FF4966AA3B2E86CF9806	50688	----a-w-	C:\Windows\System32\appidapi.dll
2015-09-11 08:40:10	5BF2679F8FDF521E0C365B5CC03CFE78	96768	----a-w-	C:\Windows\System32\appidpolicyconverter.exe
2015-09-11 08:40:09	8BD62BB894B7FC42F7DA7BB07C7729E3	16896	----a-w-	C:\Windows\System32\appidcertstorecheck.exe
2015-09-11 08:40:09	7A152F43A6B25D63D1279511258FE381	28160	----a-w-	C:\Windows\System32\appidsvc.dll
2015-09-11 08:40:09	795774C4F44E6400CB94EDD7186C601A	50176	----a-w-	C:\Windows\System32\setbcdlocale.dll
2015-09-11 08:39:42	FB460A3148186CF50CAE91AE5554A43C	2384896	----a-w-	C:\Windows\System32\win32k.sys
2015-09-11 08:39:42	4629ED2D48E8DBB78A87CA219DAE6513	299520	----a-w-	C:\Windows\System32\atmfd.dll
2015-09-11 08:39:41	DD126C4EA72C9D55A7BAE2C9326C4704	34304	----a-w-	C:\Windows\System32\atmlib.dll
2015-09-11 08:39:41	D4A40F3F8D4A18536A87327CDD9F67AB	26624	----a-w-	C:\Windows\System32\lpk.dll
2015-09-11 08:39:41	68054F129D15CE0A50E1E3841222A166	10240	----a-w-	C:\Windows\System32\dciman32.dll
2015-09-11 08:39:41	2748108963E56A7A0CF05F19501DF832	70656	----a-w-	C:\Windows\System32\fontsub.dll
2015-09-11 07:40:08	E2E612A28432F830E001FE449267294F	653064	----a-w-	C:\Windows\System32\FNTCACHE.DAT
2015-09-09 15:06:21	F5811FD860256CD6A1F19A168EBE0C80	216064	----a-w-	C:\Windows\System32\InkEd.dll
2015-09-09 15:06:20	AFAB8B41DAD1F169E7DB70449987E708	19968	----a-w-	C:\Windows\System32\jnwmon.dll
2015-09-09 15:06:17	BF49B5D47D80D8711E3D54C8E0A59130	1241088	----a-w-	C:\Windows\System32\msxml3.dll
2015-09-09 15:06:17	2032B7698A8DCA5E157FD4ED153E9A76	1391104	----a-w-	C:\Windows\System32\msxml6.dll
2015-09-09 15:06:16	F615574BF6B81533F3382856BE359237	2048	----a-w-	C:\Windows\System32\msxml6r.dll
2015-09-09 15:06:16	4DF7AD468DA9828D4B704805EEE2C7B1	2048	----a-w-	C:\Windows\System32\msxml3r.dll
2015-09-09 15:06:14	9060B8D5BCD5F2B019249F85E3D811F3	751104	----a-w-	C:\Windows\System32\schedsvc.dll
2015-09-09 15:05:10	DA47CED2032198A6E4739BB77C70EBA9	60416	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-09-09 15:05:10	C033A2DA649B8694D2EAC81B96B6AD63	102912	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-09-09 15:05:10	4C68C514F25379AC4B24739D6F93473A	47616	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2015-09-09 15:05:09	BFCB5A69B6D9EAB9D7B9B2B3BB9300B4	30720	----a-w-	C:\Windows\System32\iernonce.dll
2015-09-09 15:05:09	9DF4F574A13BC4F11A4F86DDD5C20E4F	667648	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-09-09 15:05:09	7C25F33E59D387DE06B11B8EC38CF26D	1310720	----a-w-	C:\Windows\System32\urlmon.dll
2015-09-09 15:05:09	5E28069DF4C3310FD11C30B39D76657C	685568	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-09-09 15:05:09	5D5ACD27170DDD0E685820AF2650B7CE	47104	----a-w-	C:\Windows\System32\jsproxy.dll
2015-09-09 15:05:09	267305B4B170E15FFE905E2C5A1D3137	344168	----a-w-	C:\Windows\System32\iedkcs32.dll
2015-09-09 15:05:08	FDDB70F74F079760743BC3E6E2F1C69F	418304	----a-w-	C:\Windows\System32\dxtmsft.dll
2015-09-09 15:05:08	E5AC8290F6468070E9F664AA5CD34899	710144	----a-w-	C:\Windows\System32\ieapfltr.dll
2015-09-09 15:05:08	682D51EC4E605249E5330BDD36569C67	620032	----a-w-	C:\Windows\System32\jscript9diag.dll
2015-09-09 15:05:08	42175CD4FD54C02CA8419F4079D9C8B2	115712	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-09-09 15:05:08	216C0B2B406534ADACF8CCEFD8E86837	689152	----a-w-	C:\Windows\System32\msfeeds.dll
2015-09-09 15:05:07	810525827BFE17A1E99C78C39A8D52BB	2052608	----a-w-	C:\Windows\System32\inetcpl.cpl
2015-09-09 15:05:07	04FBC984859E0A0D15DDFBFD97198D07	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2015-09-09 15:05:06	FEEB3D195FEB6A2B05D5AADCB1900AF1	62464	----a-w-	C:\Windows\System32\iesetup.dll
2015-09-09 15:05:06	B860385F95CDE86286A12FB3FAABAF7F	168960	----a-w-	C:\Windows\System32\msrating.dll
2015-09-09 15:05:06	A8C80A92549AFDD6891C8159D4C0A107	1951232	----a-w-	C:\Windows\System32\wininet.dll
2015-09-09 15:05:06	557768B5029679109685D68689CB7015	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2015-09-09 15:05:05	3CF7BD2B4A046633CEE16F5A2522ADF4	285696	----a-w-	C:\Windows\System32\dxtrans.dll
2015-09-09 15:05:04	ED40CEA3833C5B0227B1B01B86D47393	479232	----a-w-	C:\Windows\System32\ieui.dll
2015-09-09 15:05:04	66B2A244152C78E4C298807BC544AA26	12857344	----a-w-	C:\Windows\System32\ieframe.dll
2015-09-09 15:05:03	4881F098B26356905039C1D9DC233690	341504	----a-w-	C:\Windows\System32\html.iec
2015-09-09 15:05:03	3D24E0397BED00AFBB3DFA3A8AB98FD3	76288	----a-w-	C:\Windows\System32\mshtmled.dll
2015-09-09 15:05:02	C137627A10341356036A84A717660669	1155072	----a-w-	C:\Windows\System32\mshtmlmedia.dll
2015-09-09 15:05:02	0056D5DECBC2CE89721DB380D0FD57BE	64000	----a-w-	C:\Windows\System32\MshtmlDac.dll
2015-09-09 15:05:01	D47DB47A2C61664DAB00550EBB342AFA	2279424	----a-w-	C:\Windows\System32\iertutil.dll
2015-09-09 15:05:01	1730F4B69593EB38072DAF273B5565AB	19856896	----a-w-	C:\Windows\System32\mshtml.dll
2015-09-09 15:05:00	98733E7AA07BEDF523778FF3240CDB17	504832	----a-w-	C:\Windows\System32\vbscript.dll
2015-09-09 15:04:59	CE982D0CBE88BEA12A74BA9FF70DDC88	4520448	----a-w-	C:\Windows\System32\jscript9.dll
2015-09-09 15:04:59	5931961817E242BC8CB76E1F7EB2FA3F	665600	----a-w-	C:\Windows\System32\jscript.dll
2015-09-09 15:04:45	EA010D8C6C63EA28BA9EB360403E5F85	173056	----a-w-	C:\Windows\System32\wuwebv.dll
2015-09-09 15:04:45	AF8B63EFA838BA8A64250613E3C4FEE4	73728	----a-w-	C:\Windows\System32\WinSetupUI.dll
2015-09-09 15:04:45	3EFC48CE17BE25D2F8C04C5A0FAE1F53	2061824	----a-w-	C:\Windows\System32\wuaueng.dll
2015-09-09 15:04:45	1D5198D43DCEA0634643A5F5CDFF672E	2953728	----a-w-	C:\Windows\System32\wucltux.dll
2015-09-09 15:04:45	0FC51CD52CB71243C4E5E291ED717C97	566784	----a-w-	C:\Windows\System32\wuapi.dll
2015-09-09 15:04:44	EF6122AB06B2B38CF1FB0EFD9A173AE3	135680	----a-w-	C:\Windows\System32\wuauclt.exe
2015-09-09 15:04:44	DC45670BF6EB8D7472EEB1D544B51C6B	30208	----a-w-	C:\Windows\System32\wups.dll
2015-09-09 15:04:44	81B22BE8C676271E42B51C3CFF1A98B1	35840	----a-w-	C:\Windows\System32\wups2.dll
2015-09-09 15:04:44	80DA9F3867192A12059906D742E22091	34816	----a-w-	C:\Windows\System32\wuapp.exe
2015-09-09 15:04:44	6370B408659F77A30009398E5C94B01B	11776	----a-w-	C:\Windows\System32\wu.upgrade.ps.dll
2015-09-09 15:04:44	18703D7AD19222F508B83BFFC015D37D	93184	----a-w-	C:\Windows\System32\wudriver.dll
2015-09-01 10:12:52	A691D4B4B4167F56A717C421F9CF58C7	1372160	----a-w-	C:\Windows\System32\dwmcore.dll
2015-09-01 10:12:52	52213D271F6804AAA44F57AEFD2B778A	67584	----a-w-	C:\Windows\System32\dwmapi.dll
2015-09-01 10:12:30	672CCD96BAB00F869D4F46A148FCCBAE	1805824	----a-w-	C:\Windows\System32\authui.dll
2015-09-01 10:12:30	242562474262FAA1BCA77D5DBA0F605B	105408	----a-w-	C:\Windows\System32\consent.exe
2015-09-01 10:12:30	133A7896E643D139443B47FDBFA327C7	47104	----a-w-	C:\Windows\System32\appinfo.dll
2015-09-01 10:11:35	FA8E0A5360FE2AFE6EC1545A6F40D153	100352	----a-w-	C:\Windows\System32\sspicli.dll
2015-09-01 10:11:35	D92052C4A96E61AD3DB597B5720B583F	1061376	----a-w-	C:\Windows\System32\lsasrv.dll
2015-09-01 10:11:35	D0D0AB5CA02B07A9C1D566E76C49A95C	686080	----a-w-	C:\Windows\System32\adtschema.dll
2015-09-01 10:11:35	BDDF8431790A4818B39889346337EA9F	22016	----a-w-	C:\Windows\System32\secur32.dll
2015-09-01 10:11:35	B17EB4DDA3D59A5E6ECDF422A6EADEED	41984	----a-w-	C:\Windows\System32\UtcResources.dll
2015-09-01 10:11:35	88142648ED929E6D2178CC3B8C13C00F	22528	----a-w-	C:\Windows\System32\lsass.exe
2015-09-01 10:11:35	5D42935FE1D6038C3C91789705F02F1E	146432	----a-w-	C:\Windows\System32\msaudite.dll
2015-09-01 10:11:35	4FACA72BAE89648154BB36ED622F1BEC	15872	----a-w-	C:\Windows\System32\sspisrv.dll
2015-09-01 10:11:35	43FFE2ED0632B955A3050355074BE7CF	50176	----a-w-	C:\Windows\System32\auditpol.exe
2015-09-01 10:11:35	310E1CAC29BBF0736617E7A34C5A4BF5	60416	----a-w-	C:\Windows\System32\msobjs.dll
2015-09-01 10:11:35	0A3386E3CF9C5D089D695AC5A35F4C6F	937984	----a-w-	C:\Windows\System32\diagtrack.dll
2015-09-01 10:11:34	F58753FAEE561563530D110D1DA78DF4	248832	----a-w-	C:\Windows\System32\schannel.dll
2015-09-01 10:11:34	EEEE7A2838CA49C320DF8223E1B347AC	259584	----a-w-	C:\Windows\System32\msv1_0.dll
2015-09-01 10:11:34	D16F40BF0B23926923A28ABF513A00B1	552960	----a-w-	C:\Windows\System32\kerberos.dll
2015-09-01 10:11:34	D0BA0678EB334E65FE285683E470DD27	400896	----a-w-	C:\Windows\System32\srcore.dll
2015-09-01 10:11:34	C352009A3BE68D131EA4CDBBE55C253C	65536	----a-w-	C:\Windows\System32\TSpkg.dll
2015-09-01 10:11:34	BAADA65CC5F9002C335033A3280DD06F	262656	----a-w-	C:\Windows\System32\rstrui.exe
2015-09-01 10:11:34	B83B25734C88C16026DFA483C5FE2107	3934656	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-09-01 10:11:34	933992B9C0E6FA3574A669D189B144AD	43008	----a-w-	C:\Windows\System32\srclient.dll
2015-09-01 10:11:34	8E0D294A30DE08CCB5FFB6A464BC96C5	6656	----a-w-	C:\Windows\System32\apisetschema.dll
2015-09-01 10:11:34	82CBE024109D89FFE27DB8601792758A	641536	----a-w-	C:\Windows\System32\advapi32.dll
2015-09-01 10:11:34	7798C39730CA28B18F8CC45EDBB479DC	3989952	----a-w-	C:\Windows\System32\ntkrnlpa.exe
2015-09-01 10:11:34	774202C5F5A03FF413D0B478124AE91A	69632	----a-w-	C:\Windows\System32\smss.exe
2015-09-01 10:11:34	772D885BBEA6CD0A20BC6C24E63DB9E6	36864	----a-w-	C:\Windows\System32\cryptbase.dll
2015-09-01 10:11:34	634C2FE10334B1EEA16EAABDE73144D7	221184	----a-w-	C:\Windows\System32\ncrypt.dll
2015-09-01 10:11:34	5BF2FEEE760D2ED0540720B29C7EEE4A	1308160	----a-w-	C:\Windows\System32\ntdll.dll
2015-09-01 10:11:34	3F4331E86DDFDEBDEAB55B24B4DFDC46	172032	----a-w-	C:\Windows\System32\wdigest.dll
2015-09-01 10:11:34	2B071656FF8452CE9FFD379F50F873B6	17408	----a-w-	C:\Windows\System32\credssp.dll
2015-09-01 10:11:34	15F29E5918BE66A93010A949D14532FF	655360	----a-w-	C:\Windows\System32\rpcrt4.dll
2015-09-01 10:11:34	0E1490FB24DF3386AF80F66107A8515C	635392	----a-w-	C:\Windows\System32\tdh.dll
2015-09-01 10:11:34	04BD33477EF07906E307F87E7317CB9F	38912	----a-w-	C:\Windows\System32\csrsrv.dll
2015-09-01 10:09:58	449A5A6D6B6F1ECB27ADA3002382D3BC	2048	----a-w-	C:\Windows\System32\tzres.dll
====== C:\Windows\system32\drivers =====
2015-09-11 08:40:09	C532028F7EFF8831BE6B5E3C417E07FA	50176	----a-w-	C:\Windows\System32\drivers\appid.sys
2015-09-04 12:07:39	739164A8B8FB2F1B50A498F20AF7B21E	98520	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-09-04 12:07:18	B4CD87E78A01562E3DA67FE1C2779204	23256	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-09-04 12:07:18	A1E3A332E76F48410CF403FDF85FAFE0	94936	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-09-04 12:07:18	490F0F3ED8A970E2BAA38F719242B8F7	51928	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-09-01 10:11:35	C41140DBF0BEA35E480A9CF9823B2B08	137664	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-09-01 10:11:35	88246FD556E98BF416AC00C418B83D1D	67520	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-09-01 10:11:34	BAF4E2BE25E8EDFDAA98AA17D92E3C35	124416	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-09-01 10:11:34	70EF9F86474BA28A6898228E1C9ABDCB	98304	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2015-09-01 10:11:34	300E85A19AFD4DF992AB6297C6E64CA1	225792	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-08-26 07:10:45	1DCD18196410C281B1229323E6602000	25768	----a-w-	C:\Windows\System32\drivers\Smb_driver_Intel.sys
2015-08-26 07:04:03	8D8B4C290557259FB92C9F5EFF8F9AD0	3535576	----a-w-	C:\Windows\System32\drivers\RTKVHDA.sys
2015-08-26 07:03:54	EEBB2430E7BAFBD7B7A9F399502A43E1	35222128	----a-w-	C:\Windows\System32\drivers\RTAIODAT.DAT
2015-08-21 07:58:08	BAD9C0366134BA181514E9263C8CE606	78784	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
====== C:\Windows\Tasks ======
2015-09-04 12:04:01	C8104ACC30C82C21F942575156B94805	3188	----a-w-	C:\Windows\system32\Tasks\SmartDefrag4_Startup
2015-09-04 12:03:59	C07A00A9F551001DFAE6E6B75F781D1B	3186	----a-w-	C:\Windows\system32\Tasks\SmartDefrag4_Update
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-09-08 14:01:26	--------	d-----w-	C:\Program Files\trend micro
2015-08-22 08:42:44	--------	d-----w-	C:\Program Files\Boris FX, Inc
2015-08-22 08:32:34	--------	d-----w-	C:\Program Files\Common Files\Pinnacle
2015-08-22 08:24:31	--------	d-----w-	C:\Program Files\Common Files\Yahoo!
======= C: =====
====== C:\Users\Adri-Joke\AppData\Roaming ======
2015-09-14 14:13:20	--------	d-----w-	C:\Users\Adri-Joke\AppData\Roaming\ProductData
2015-09-10 11:10:18	3668BF17EE1CF66778F95EDA852FE440	208272	----a-w-	C:\Users\Adri-Joke\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-09 15:16:50	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-09-09 15:16:50	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-09-09 15:16:50	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-09-09 15:16:50	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2015-09-09 15:16:50	--------	d-----w-	C:\Users\Adri-Joke\AppData\Local\Temp
2015-08-18 12:39:18	--------	d-----w-	C:\Users\Adri-Joke\AppData\Local\Sonic_Solutions
====== C:\Users\Adri-Joke ======
2015-09-14 14:13:20	--------	d-----w-	C:\ProgramData\ProductData
2015-09-13 09:30:17	080B16BA75F35930D761A96C073131C7	1660416	----a-w-	C:\Users\Adri-Joke\Downloads\adwcleaner_5.007.exe
2015-09-04 12:06:21	D3B6FA14CB7E12B7FBC0B3AA26235898	24345872	----a-w-	C:\Users\Adri-Joke\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-09-04 12:05:57	D3B6FA14CB7E12B7FBC0B3AA26235898	24345872	----a-w-	C:\Users\Adri-Joke\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-04 12:03:57	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-09-04 11:54:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-08-22 08:44:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
2015-08-22 08:42:43	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris Graffiti 5.2
2015-08-22 08:31:53	--------	d-----w-	C:\ProgramData\Pinnacle Studio Ultimate
2015-08-22 08:31:06	--------	d-----r-	C:\Users\Adri-Joke\Favorites
2015-08-22 08:30:31	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 12
2015-08-22 08:24:31	--------	d-----w-	C:\Users\Public\Documents\My Projects
2015-08-22 08:24:30	--------	d-----w-	C:\Users\Public\Documents\Pinnacle
2015-08-22 08:24:30	--------	d-----w-	C:\ProgramData\Studio 12
2015-08-21 13:39:00	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle

====== C: exe-files ==
2015-09-13 09:30:17	080B16BA75F35930D761A96C073131C7	1660416	----a-w-	C:\Users\Adri-Joke\Downloads\adwcleaner_5.007.exe
2015-09-11 08:40:10	5BF2679F8FDF521E0C365B5CC03CFE78	96768	----a-w-	C:\Windows\System32\appidpolicyconverter.exe
2015-09-11 08:40:09	8BD62BB894B7FC42F7DA7BB07C7729E3	16896	----a-w-	C:\Windows\System32\appidcertstorecheck.exe
2015-09-11 08:15:38	84BD2148EE4A476E54C1014D1A005BE3	1304392	----a-w-	C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.1\software_reporter_tool.exe
2015-09-09 15:06:22	99453618F89493A91602C69F5D274BB4	1785344	----a-w-	C:\Program Files\Windows Journal\Journal.exe
2015-09-09 15:06:21	2D3742F0B99E60E96FBC969103D8BCD9	48640	----a-w-	C:\Program Files\Windows Journal\PDIALOG.exe
2015-09-09 15:05:10	C033A2DA649B8694D2EAC81B96B6AD63	102912	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-09-09 15:05:09	AD1C0DB9A9354840EB2D1C70B400B9EF	221184	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-09-09 15:05:09	9DF4F574A13BC4F11A4F86DDD5C20E4F	667648	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-09-09 15:05:09	5E28069DF4C3310FD11C30B39D76657C	685568	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-09-09 15:05:08	42175CD4FD54C02CA8419F4079D9C8B2	115712	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-09-09 15:05:07	74188984D3FEA2AF4654819DBBB866D4	473600	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-09-09 15:05:06	E47457275305DCF57BD49018BEF00517	816744	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-09-09 15:04:44	EF6122AB06B2B38CF1FB0EFD9A173AE3	135680	----a-w-	C:\Windows\System32\wuauclt.exe
2015-09-09 15:04:44	80DA9F3867192A12059906D742E22091	34816	----a-w-	C:\Windows\System32\wuapp.exe
2015-09-08 14:01:30	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Adri-Joke.exe
2015-09-08 14:01:04	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Adri-Joke\Downloads\Programs\RSIT.exe
=== C: other files ==
2015-09-11 08:40:09	C532028F7EFF8831BE6B5E3C417E07FA	50176	----a-w-	C:\Windows\System32\drivers\appid.sys
2015-09-11 08:39:42	FB460A3148186CF50CAE91AE5554A43C	2384896	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3758672103-3907429879-1888598812-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"StartMenu7"="C:\Program Files\Start Menu 7\StartMenu7.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot"
"9BCD40A35619A428ADD08B7667865D826DF2EC6E._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StartMenu7"="C:\Program Files\Start Menu 7\StartMenu7.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe /onboot"
"9BCD40A35619A428ADD08B7667865D826DF2EC6E._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Sidebar"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"
"GoogleChromeAutoLaunch_17B342AAD18D61F57E309C2B16670592"="\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window"
"LightScribe Control Panel"="C:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden"
"Bitdefender Wallet Agent"="\"C:\\Program Files\\Bitdefender\\Bitdefender 2015\\bdwtxag.exe\""
"Advanced SystemCare 8"="\"C:\\Program Files\\IObit\\Advanced SystemCare 8\\ASCTray.exe\" /Auto"
"iCloudServices"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"
"ApplePhotoStreams"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"
"MyDriveConnect.exe"="\"C:\\Program Files\\MyDrive Connect\\TomTom MyDrive Connect.exe\""


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"RoxWatchTray"="\"C:\\Program Files\\Common Files\\Roxio Shared\\13.0\\SharedCOM\\RoxWatchTray13.exe\""
"BCSSync"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"
"APSDaemon"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"hpqSRMon"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"
"ArcSoft Connection Service"="C:\\Program Files\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe"
"NBAgent"="\"C:\\Program Files\\Nero\\Nero 11\\Nero BackItUp\\NBAgent.exe\" /WinStart"
"CPMonitor"="\"C:\\Program Files\\Roxio 2012\\5.0\\CPMonitor.exe\""
"DivXUpdate"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"
"Desktop Disc Tool"="\"C:\\Program Files\\Roxio 2012\\Roxio Burn\\RoxioBurnLauncher.exe\""
"ISUSPM"="C:\\ProgramData\\FLEXnet\\Connect\\11\\\\isuspm.exe -scheduler"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [21-08-2015 08:52]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:08]
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0952741964a0f.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:08]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:08]
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0952743ca2241.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-08-2015 11:08]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Adobe Reader and Acrobat Manager" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\Adri-Joke NBAgent 6 0" ["C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe"]
"C:\Windows\system32\tasks\ASC8_PerformanceMonitor" [C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe]
"C:\Windows\system32\tasks\ASC8_SkipUac_Adri-Joke" ["C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac]
"C:\Windows\system32\tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8" [C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe]
"C:\Windows\system32\tasks\Corr2015" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe]
"C:\Windows\system32\tasks\Driver Booster Scan" [C:\Program Files\IObit\Driver Booster\Scheduler.exe]
"C:\Windows\system32\tasks\Driver Booster SkipUAC (Adri-Joke)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\system32\tasks\Driver Booster Update" [C:\Program Files\IObit\Driver Booster\AutoUpdate.exe]
"C:\Windows\system32\tasks\Foto's" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d0952741964a0f" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA1d0952743ca2241" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Keepass" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe]
"C:\Windows\system32\tasks\Lotus organizer" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe]
"C:\Windows\system32\tasks\One Note" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe]
"C:\Windows\system32\tasks\Outlook bestanden" [C:\Program Files\Nero\Nero 11\Nero BackItUp\NBCore.exe]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\SmartDefrag4_Startup" [C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe]
"C:\Windows\system32\tasks\SmartDefrag4_Update" [C:\Program Files\IObit\Smart Defrag 4\AutoUpdate.exe]
"C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe]
"C:\Windows\system32\tasks\Uninstaller_SkipUac_Adri-Joke" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~2 0-6 Months Old ======================

2015-04-17 09:42:57	--------	d-----w-	C:\PROGRA~2\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-05-04 14:01:24	--------	d-----w-	C:\PROGRA~2\privazer
2015-05-25 08:03:46	--------	d-----w-	C:\PROGRA~2\McAfee
2015-06-23 12:51:34	--------	d-----w-	C:\PROGRA~2\Avery
2015-06-28 10:14:28	--------	d-----w-	C:\PROGRA~2\bdch
2015-07-08 12:26:52	--------	d-----w-	C:\PROGRA~2\Trusteer
2015-08-22 08:24:30	--------	d-----w-	C:\PROGRA~2\Studio 12
2015-08-22 08:31:53	--------	d-----w-	C:\PROGRA~2\Pinnacle Studio Ultimate
2015-09-04 12:07:18	--------	d-----w-	C:\PROGRA~2\Malwarebytes
2015-09-14 14:13:20	--------	d-----w-	C:\PROGRA~2\ProductData

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5" [24-02-2015 16:42]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08-01-2015 15:19]

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.85

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cnjfgbikbkcmickdalamlmpmkhmbollm - No path found[]
fabcmochhfpldjekobfaaggijgohadih - No path found[]
hdokiejnpimakedhajhdlcegeplioahd - No path found[]
ipmeajfmcoafocgllabadecddnaabakj - No path found[]
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files\Internet Download Manager\IDMGCExt.crx[04-06-2014 07:39]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[23-05-2011 20:24]
poimdfnhgefmnkeefbjibbiemlimdnof - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bbjllphbppobebmjpjcijfbakobcheof - No path found[]

Google Slides - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Rapport - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof
YouTube - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Digital Clock CE-7 - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceppoilemjnhfdbkekhcnagmfnhokjgm
selector is not a valid CSS selector - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Symbaloo Bookmarker 0.5.0 - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnjfgbikbkcmickdalamlmpmkhmbollm
Google Search - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Calendar - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn
Bitdefender Wallet - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih
Google Sheets - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Print or PDF with CleanPrint - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\fklmmmdcofimkjmfjdnobmmgmefbapkf
Google Docs Offline - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Dictionary by Dictionary.com - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikhgcaliglmioibbockkmjknfnepbdh
Avast Online Security - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Trustwave SecureBrowsing - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcghfieafojgpngcjbkbbjfecjbahhif
LastPass - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd
Google Keep - notes and lists - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki
Symbaloo Homepage 2 - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmeajfmcoafocgllabadecddnaabakj
IDM Integration Module - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
Last updated at time on date - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd
Evernote Web - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
Ghostery - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij
Chrome Web Store Payments - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
DivX Plus Web Player HTML5 \u003Cvideo> - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
chromeIPass - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae
Evernote Web Clipper - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc
Gmail - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Default-Search - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof

==== Chromium Fix ======================

C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof deleted successfully

==== HijackThis Entries ======================

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPToolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [Bdagent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe"
O4 - HKCU\..\Run: [StartMenu7] "C:\Program Files\Start Menu 7\StartMenu7.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [9BCD40A35619A428ADD08B7667865D826DF2EC6E._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: BdBkpFolder
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Download alle links met IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download met IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: LastPass - file://C:\Users\Adri-Joke\AppData\LocalLow\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Adri-Joke\AppData\LocalLow\LastPass\context.html?cmd=fillforms
O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll
O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPToolbar.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bitdefender Desktop Parental Control (BdDesktopParental) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files\Roxio\BackOnTrack\App\BService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe

==== Empty IE Cache ======================

C:\Users\Adri-Joke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=544 folders=65 702492897 bytes)

==== Empty Temp Folders ======================

C:\Users\Adri-Joke\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ADRI-J~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 14-09-2015 at 16:29:24,20 ======================