Zoek.exe v5.0.0.0 Updated 16-June-2014 Tool run by maes on wo 18/06/2014 at 17:41:42,79. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\maes\Desktop\Beveiliging PC\zoek.exe [Scan all users] [Checkboxes used] ==== System Restore Info ====================== 18/06/2014 17:44:39 Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Users\maes\Desktop\Beveiliging PC\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3983 MB CPU Info: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz CPU Speed: 3490,4 MHz Sound Card: Luidsprekers (USB Sound Device | Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Dell P2314H (DP) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Intel(R) 82579LM Gigabit Network Connection CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVD-ROM DTA0N Ports: COM1 LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 108,9GB Hard Disks - Free: C: 69,9GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 09/09/13 | DELL - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Dell Inc. 0WR7PY Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Norton 360 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Norton 360 disabled (Outdated) Firewall: Norton 360 disabled Default Browser: Google Chrome 35.0.1916.153 Internet Explorer Version: 11.0.9600.17126 Mozilla Firefox version: 29.0.1 (x86 nl) Google Chrome version: 35.0.1916.153 Adobe Reader version: 11.0.07.79 Sun Java version: 1.7.0_60 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-05-26 17:18:28 981B512C2187202216056E911CE6E37A 25 ----a-w- C:\Windows\CDE SX400DEFGIPS.ini ====== C:\Users\maes\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-06-11 14:56:46 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll 2014-06-11 14:56:44 E227B810296AA27E6C69307A7B6456E5 1389056 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2014-06-11 14:56:44 8B8D1CEF498678CAB9DF17145D34BC64 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-06-11 14:56:44 2E673E776136354ECFB57BFD62E7EC3D 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 14:56:44 0789F82BAE171323F74B8F175D406AB8 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 14:56:43 D5ECBB3BFDC73A59440D9CA79AB3A342 17271296 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-06-11 14:56:43 C1F5812F355D0C9495C1B2E7165DA2AF 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 14:56:43 BB9BADED14F0963498855AC28446CED5 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 14:56:43 8DF06ACA017949D37C38B6A0EF747D4E 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 14:56:43 7E27FB6AB8976897A530FB30F5FF7691 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 14:56:43 6D8E6A9A524FFAAFA4D2F6C8EF38D0BB 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 14:56:43 0AFCE8EEF3751810FE2101FD608FB8B3 1143296 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-06-11 14:56:43 017B99D09904DCA35D5F66AD79084B5F 368128 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 14:56:42 E0EA58834CD19FDFCD1BC37B22E1D3D8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 14:56:42 D9F5B424C307B195E16A9B0A21E53BCC 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-06-11 14:56:42 D36574C287D0764C95AC777DFF367715 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-06-11 14:56:42 C69FDD49AB9E8BCF2BAAC469CE0CC756 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 14:56:42 9EAAB4305536829D6B7D9C3A47E92861 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-06-11 14:56:42 814E0D53EF020BD93097F26B53B573F0 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-06-11 14:56:42 688227D38A6FF6403B293D0C50B454B9 11725312 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-06-11 14:56:42 5B5815477A53ED92B89955FFE7EDCB2E 242688 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 14:56:41 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 14:56:41 C58E97EEB1CB80CE91D5E7FD5E78794F 4244992 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-06-11 14:56:41 4D3074AA172DCFD5D56BE764B671085A 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 14:56:41 0AC4E3C93D49E37D5B008ED99092115C 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 14:56:40 EB960643DC62832C88272573204B6DBA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-06-11 14:56:40 771CDBC3D62437D6DB070820BB1EDCCF 1790976 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-06-11 14:56:40 22D7FFA4B94916F18EB1F1D107B86839 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 14:56:40 09771ABC896D2A88370F3AB8BADC242E 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-06-11 14:56:46 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll 2014-06-11 14:56:44 EF2D8BBA6E077559B675513BC0EE5FC2 3178496 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2014-06-11 14:56:44 ECA6AC33BD9E441F7B47D173D715D268 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-06-11 14:56:44 3408DD8081DC22858AE2E6ABD2594C02 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll 2014-06-11 14:56:44 2147C5330F983D76A36B73F4A804F778 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2014-06-11 14:56:44 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll 2014-06-11 14:56:44 0465A8CFDDB4FFDB569802A70B9443D5 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-06-11 14:56:43 DA7AAB5D4E5F7160E906C0D2EB9A2B9F 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-06-11 14:56:43 3ED5C9055F7A635399FC12892F565287 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-06-11 14:56:42 DFD834E89B819B5ECE8E251C56B5A3CE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-06-11 14:56:42 D5C446B14DC667B7B9FBB30EA1701D92 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-06-11 14:56:42 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-06-11 14:56:42 867DD52B23D3B0390B88F3D7AD1E600C 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-06-11 14:56:42 3A1AB9DE852F2BC1ECE6403BDD01B9F0 1398272 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-06-11 14:56:42 12BA419E27DBC5DBF9262C8A885FA361 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-06-11 14:56:41 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-06-11 14:56:41 B34D3F303769E65CE7EFBD4E6FB62B25 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-06-11 14:56:41 3FC3828E8820D1C93DBFBAD4BE456D85 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-06-11 14:56:41 063EF4239479F52DAF9F4849B0B304F1 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-06-11 14:56:40 CE6109C73C3A04CC2B8C6110B0F0FEF9 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-06-11 14:56:40 CC603EF96BA456D4BCD9FF849ED07A2A 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-06-11 14:56:40 CB8A91074AE1B5051E240B50A328DCF5 295424 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-06-11 14:56:40 B2C037F50A02D6C057B1E0791BBF41A5 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-06-11 14:56:40 790FD40601502C5FE8213D4F335DA0BD 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-06-11 14:56:40 2DBB9127794BC30BC31D26FA088F8BAB 13522944 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-06-11 14:56:39 AB3FA3D9B1F1D0571CBC43D1487CCD6F 5782528 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-06-11 14:56:39 A4A58E3171C03A1145D1C3EC488D1B4F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-06-11 14:56:39 9013D5BBE1B6D3A060F54B4B5BB2C3A3 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-06-11 14:56:39 8E3C6008250A904C06943BCEA585E344 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-06-11 14:56:39 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-06-11 14:56:39 6B9925F498D4E91FB57576CC3776D428 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-06-11 14:56:39 40BFD9D6EC8E174145F012246CA73CCD 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-06-11 14:56:39 2F474D40626B0C694400589F3FBB9AA9 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-06-11 14:56:38 F343ECB3C683EBD7E3990C03AD680855 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-06-11 14:56:38 56803B20D168C1B740D12CE0BE4588F5 23414784 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-06-11 14:56:26 84A13AB118F433898B5ABA36E8D7CA91 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-06-11 14:56:26 2C053C9B2A8249F1F9B38ED1AE455771 506368 ----a-w- C:\Windows\Sysnative\aepdu.dll ====== C:\Windows\Sysnative\drivers ===== 2014-06-16 21:02:43 9FD4BC46784309176AEFA26AA8241DA1 50464 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys 2014-06-11 14:56:44 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-11 14:56:44 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-05-29 18:36:12 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2014-05-29 18:36:03 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys 2014-05-29 18:36:03 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-05-27 04:57:31 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys 2014-05-27 04:57:31 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys 2014-05-27 04:57:30 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-05-27 04:54:19 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-05-27 04:54:19 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-05-27 04:53:44 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-05-27 04:53:44 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-05-27 04:53:44 7A4BF0F3F2C8D78FA0FC2C3BB9ED360A 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-05-27 04:53:36 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-05-26 16:28:24 E403AACF8C7BB11375122D2464560311 34152 ----a-w- C:\Windows\Sysnative\drivers\GEARAspiWDM.sys 2014-05-26 16:28:24 3071D77E134BF12120058431F6473AFA 7488 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2014-05-26 16:28:24 28771B716418BC13E4A84864EFC1B11A 855 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2014-05-26 16:28:24 21A1C2D694C3CF962D31F5E873AB3D6F 174200 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2014-05-26 15:05:58 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-05-26 15:02:57 2F8CB02987EC953272DF20D2DCB77796 61120 ----a-w- C:\Windows\Sysnative\drivers\{890a8319-7c6f-45e4-a506-152b8d2d9310}Gw64.sys 2014-05-26 07:07:12 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf ====== C:\Windows\Tasks ====== 2014-05-31 18:42:42 D98BA1208E9D05EF7C3AB54B363025F5 4048 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2014-05-31 18:42:42 B1D33DA73BC68A521AB33B8C23DCC07F 3796 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2014-05-31 18:42:42 65A3E6DE33067F65347446CB4B37FE74 1048 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-31 18:42:42 410558FBF0C1E9BBB357E2682916DA22 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-26 07:07:12 D2A63047B16962B0541D67C4506D662A 1546 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-5.job 2014-05-26 07:07:12 A6096AC9C478D6FAC6853DF70B698846 4576 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-5 2014-05-26 07:07:10 9FF196459C6C8EABBF5A132065407306 1452 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-2.job 2014-05-26 07:07:10 28A8C14B863DCCE096B010E0F74D9254 4482 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-2 2014-05-26 07:07:09 42A2C192A0A521836B4DAE3774E6BC3E 4510 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-1 2014-05-26 07:07:09 32F02D3E629FC6381129774535426EC1 1480 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-1.job 2014-05-26 07:07:07 F768AFDA5C72D5FFC6D5707C9AC2D827 5388 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-4 2014-05-26 07:07:07 71AD6233D3F1CA99DB987C65174A06C9 2358 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-4.job 2014-05-26 07:07:05 C86D8869A4FEA475E2B5C26C085DCCBD 1486 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-6.job 2014-05-26 07:07:05 384DAB1EDAABE1C1BD04E6EE40F33792 4516 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-6 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-17 17:15:29 -------- d-----w- C:\Program Files\trend micro 2014-06-02 18:17:09 -------- d-----w- C:\Program Files\Lavasoft 2014-05-27 04:56:41 -------- d-----w- C:\Program Files\Microsoft Silverlight 2014-05-26 19:14:31 -------- d-----w- C:\Program Files\Microsoft Office 2014-05-26 07:09:20 -------- d-----w- C:\Program Files\DIFX ======= C:\PROGRA~2 ===== 2014-06-09 13:44:11 -------- d-----w- C:\PROGRA~2\SpywareBlaster 2014-06-03 20:45:49 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-05-31 18:51:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-05-31 18:51:44 -------- d-----w- C:\PROGRA~2\Java 2014-05-31 18:36:01 -------- d-----w- C:\PROGRA~2\VS Revo Group 2014-05-28 12:20:20 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2014-05-27 21:46:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2014-05-27 21:46:32 -------- d-----w- C:\PROGRA~2\Adobe 2014-05-27 14:58:18 -------- d-----w- C:\PROGRA~2\MSXML 4.0 2014-05-27 04:56:41 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2014-05-26 19:16:40 -------- d-----w- C:\PROGRA~2\Microsoft Works 2014-05-26 19:13:59 -------- d-----w- C:\PROGRA~2\Microsoft Office 2014-05-26 17:24:42 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield 2014-05-26 17:23:54 -------- d-----w- C:\PROGRA~2\ABBYY FineReader 6.0 Sprint 2014-05-26 17:18:49 -------- d-----w- C:\PROGRA~2\epson 2014-05-26 07:09:12 -------- d-----w- C:\PROGRA~2\Belgium Identity Card 2014-05-26 07:08:07 -------- d-----w- C:\PROGRA~2\OpenOffice 4 2014-05-26 07:04:55 -------- d-----w- C:\PROGRA~2\Google ======= C: ===== ====== C:\Users\maes\AppData\Roaming ====== 2014-06-17 20:19:53 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-06-17 20:19:53 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-06-17 20:19:53 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-06-17 20:19:53 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-06-17 20:19:52 -------- d-----w- C:\Users\maes\AppData\Local\Temp 2014-06-16 16:13:00 -------- d-----w- C:\Users\maes\AppData\Local\Diagnostics 2014-06-08 10:55:19 -------- d-----w- C:\Users\maes\AppData\Local\CrashRpt 2014-06-08 05:31:30 -------- d-----w- C:\Users\maes\AppData\Roaming\cloudbkp 2014-06-08 05:24:40 -------- d-----w- C:\Users\maes\AppData\Local\Programs 2014-06-03 20:45:56 -------- d-----w- C:\Users\maes\AppData\Roaming\Mozilla 2014-06-03 20:45:56 -------- d-----w- C:\Users\maes\AppData\Local\Mozilla 2014-06-02 18:45:10 -------- d-----w- C:\Users\maes\AppData\Roaming\LavasoftStatistics 2014-06-02 18:13:44 -------- d-----w- C:\Users\maes\AppData\Roaming\Lavasoft 2014-06-02 16:23:54 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2014-05-31 18:51:16 -------- d-----w- C:\Users\maes\AppData\Locallow\Sun 2014-05-31 18:36:01 -------- d-----w- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2014-05-31 18:11:46 -------- d-sh--w- C:\Users\maes\AppData\Locallow\EmieUserList 2014-05-31 18:11:41 -------- d-sh--w- C:\Users\maes\AppData\Local\EmieUserList 2014-05-31 18:11:41 -------- d-sh--w- C:\Users\maes\AppData\Local\EmieSiteList 2014-05-31 18:11:40 -------- d-sh--w- C:\Users\maes\AppData\Locallow\EmieSiteList 2014-05-27 21:47:31 -------- d-----w- C:\Users\maes\AppData\Locallow\Adobe 2014-05-27 21:47:31 -------- d-----w- C:\Users\maes\AppData\Local\Adobe 2014-05-27 21:43:03 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-05-27 16:04:34 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2014-05-27 14:55:50 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2014-05-27 14:55:50 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2014-05-26 19:24:39 -------- dc----w- C:\Users\maes\AppData\Local\MigWiz 2014-05-26 19:14:00 -------- d-----w- C:\Users\maes\AppData\Local\Microsoft Help 2014-05-26 17:37:49 -------- d-----w- C:\Users\maes\AppData\Local\CrashDumps 2014-05-26 17:22:04 -------- d-----w- C:\Users\maes\AppData\Roaming\InstallShield 2014-05-26 16:37:44 -------- d-----w- C:\Users\maes\AppData\Roaming\Tific 2014-05-26 16:12:11 -------- d-----w- C:\Users\maes\AppData\Local\Spotify 2014-05-26 16:11:59 -------- d-----w- C:\Users\maes\AppData\Roaming\Spotify 2014-05-26 16:05:20 -------- d-----w- C:\Users\maes\AppData\Roaming\Google 2014-05-26 16:04:05 -------- d-----w- C:\Users\maes\AppData\Local\NPE 2014-05-26 07:33:09 8617031F4C7FC784057B2AD6C1BE62BC 574592 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-05-26 07:08:46 -------- d-----w- C:\Users\maes\AppData\Roaming\OpenOffice 2014-05-26 07:07:30 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2014-05-26 07:07:30 -------- d-----w- C:\Users\maes\AppData\Roaming\QuickScan 2014-05-26 07:04:53 -------- d-----w- C:\Users\maes\AppData\Local\Google 2014-05-26 07:04:49 -------- d-----w- C:\Users\maes\AppData\Local\Apps 2014-05-26 07:04:48 -------- d-----w- C:\Users\maes\AppData\Local\Deployment 2014-05-26 07:03:49 -------- d-----w- C:\Users\maes\AppData\Locallow\Microsoft 2014-05-26 07:03:37 23342E3E612DD3CE9F1BD5C44130C5D4 74336 ----a-w- C:\Users\maes\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-26 07:03:37 -------- d-----w- C:\Users\maes\AppData\Roaming\Intel Corporation 2014-05-26 07:02:34 -------- d-----w- C:\Users\maes\AppData\Roaming\Adobe 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-26 07:02:28 -------- d-----w- C:\Users\maes\AppData\Roaming\Identities 2014-05-26 07:02:27 -------- d-----w- C:\Users\maes\AppData\Local\VirtualStore 2014-05-26 07:02:14 -------- d-s---w- C:\Users\maes\AppData\Roaming\Microsoft 2014-05-26 07:02:14 -------- d-----w- C:\Users\maes\AppData\Roaming\Media Center Programs 2014-05-26 07:02:14 -------- d-----w- C:\Users\maes\AppData\Local\Microsoft 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\maes ====== 2014-06-16 21:02:04 -------- d--h--w- C:\ProgramData\Common Files 2014-06-15 14:04:28 -------- d-----w- C:\ProgramData\CDB 2014-06-09 13:44:12 -------- d---a-w- C:\ProgramData\TEMP 2014-06-09 13:44:12 -------- d-----w- C:\ProgramData\Licenses 2014-06-09 13:44:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2014-06-09 13:43:06 78130949095E6721B40B50E77C1F1BBC 4095448 ----a-w- C:\Users\maes\Downloads\spywareblastersetup50.exe 2014-06-08 05:24:23 777D36B3525273BFC2EAF4ED33D0D7CC 4996872 ----a-w- C:\Users\maes\Downloads\rcpafterdownloadcm_ad_18793_cm2.exe 2014-06-03 20:45:49 -------- d-----w- C:\ProgramData\Mozilla 2014-06-02 18:13:21 -------- d-----w- C:\ProgramData\Lavasoft 2014-05-31 18:52:08 -------- d-----w- C:\ProgramData\Oracle 2014-05-31 18:51:50 -------- d-----w- C:\ProgramData\Sun 2014-05-31 18:51:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-31 18:43:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-31 06:38:30 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches 2014-05-27 21:46:26 -------- d-----w- C:\ProgramData\Adobe 2014-05-27 04:57:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-05-26 19:16:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-05-26 19:13:59 -------- d-----w- C:\ProgramData\Microsoft Help 2014-05-26 17:25:31 -------- d-----w- C:\ProgramData\UDL 2014-05-26 17:25:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite 2014-05-26 17:24:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint 2014-05-26 17:18:57 -------- d-----w- C:\ProgramData\EPSON 2014-05-26 17:18:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-05-26 16:05:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2014-05-26 07:09:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2014-05-26 07:08:12 -------- d-s---w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\Searches 2014-05-26 07:02:27 -------- d-----r- C:\Users\maes\Contacts 2014-05-26 07:02:14 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\maes\ntuser.ini 2014-05-26 07:02:14 -------- d--h--w- C:\Users\maes\AppData 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Videos 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Saved Games 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Pictures 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Music 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Links 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Favorites 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Downloads 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Documents 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Desktop 2014-05-26 07:02:11 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Contacts ====== C: exe-files == 2014-06-17 20:38:47 7F79C8EDFD4F454E54C7954756E1A31A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$I596US2.exe 2014-06-17 20:38:27 3B9C7F8BC60DA6663ADC206B3127021A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$IHL6B2S.exe 2014-06-17 20:38:15 FA39179C81171F785619E9BB64B0E386 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$I8B7TJB.exe 2014-06-17 17:15:29 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\maes.exe 2014-06-17 17:14:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\maes\Desktop\Beveiliging PC\RSITx64.exe 2014-06-16 20:41:28 47811D50390A86A17102D7496E6EABB9 388608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$RHL6B2S.exe 2014-06-15 14:03:42 E816A7B714E3F1CD46FCD75BF4B13D03 817568 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$R596US2.exe 2014-06-14 17:48:38 DF61864BA778845C6E725F7BF1EAEB0E 2675280 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.153\35.0.1916.153_35.0.1916.114_chrome_updater.exe === C: other files == 2014-06-16 21:02:43 9FD4BC46784309176AEFA26AA8241DA1 50464 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-640646408-3305349783-2111966010-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "TdmNotify"="C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" ==== Startup Folders ====================== 2014-05-26 19:29:01 1312 ----a-w- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1.job --a------ [Undetermined Task] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-2.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-4.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-5.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6.job --a------ C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-novainstaller.exe [] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/05/2014 23:13] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/05/2014 20:42] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/05/2014 20:42] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1" [C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-codedownloader.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-2.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-4.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-5.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6" [C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-novainstaller.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\WSCEAA" [C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe] "C:\Windows\SysNative\tasks\Symantec\Norton Error Analyzer 5.2.2.3" [C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe] "C:\Windows\SysNative\tasks\Symantec\Norton Error Processor 5.2.2.3" [C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2" [18/06/2014 17:35] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chrome Look ====================== Google Docs - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Invincea Enterprise Service (InvProtectSvc) - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Dell PBA x64 Service (PbaDrvSvc_x64) - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SboxSvc - Unknown owner - C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SI TSS v1.2.1.41 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=204 folders=62 21872825 bytes) ==== EOF on wo 18/06/2014 at 17:45:46,85 ======================