
Zoek.exe v5.0.0.0 Updated 12-March-2015
Tool run by Jonas on vr 13/03/2015 at 18:07:49,37.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jonas\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

13/03/2015 18:08:42 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\Users\Jonas\AppData\Local\VirtualStore deleted successfully

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2015-03-11 20:06:59	C10A66189DC8C090E7C84873EDCEBC88	2501368	----a-w-	C:\WINDOWS\explorer.exe
====== C:\Users\Jonas\AppData\Local\Temp ====
2015-03-13 12:33:03	12C0789B30AD2425D9F5B63FFFAAEEA6	43008	----a-w-	C:\Users\Jonas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzzvd1_.dll
2015-03-03 20:20:56	4A56A9DD9AF11A694F5FB99E1F7C3F32	61862720	----a-w-	C:\Users\Jonas\AppData\Local\Temp\octBA20.tmp.exe
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-03-11 20:07:42	19920B416F3274640B3DE9A5248F0E74	560392	----a-w-	C:\WINDOWS\SysWOW64\SHCore.dll
2015-03-11 20:07:35	E26D49197CA9E38BCC6033DE53F720BD	816128	----a-w-	C:\WINDOWS\SysWOW64\calc.exe
2015-03-11 20:07:32	45804906FFF3DD025BC725BE0DC98797	290816	----a-w-	C:\WINDOWS\SysWOW64\photowiz.dll
2015-03-11 20:07:20	8F3E99586FDAD25BD0DA0C37C6DBE1EC	2484224	----a-w-	C:\WINDOWS\SysWOW64\msftedit.dll
2015-03-11 20:07:18	B004C599E9DFE8A4C4A7421E80B94FBD	1943040	----a-w-	C:\WINDOWS\SysWOW64\dwmcore.dll
2015-03-11 20:07:15	E094D21FE482A0DC59056B6B9D421B07	1230336	----a-w-	C:\WINDOWS\SysWOW64\mfc42u.dll
2015-03-11 20:07:15	5EB5142C178BED2C4372406203B9BC1D	1204224	----a-w-	C:\WINDOWS\SysWOW64\mfc42.dll
2015-03-11 20:07:14	FCF02D20B26118DD7E4E871323AAAB58	35840	----a-w-	C:\WINDOWS\SysWOW64\atlthunk.dll
2015-03-11 20:07:14	08B8F2E5FAAC73EF1AFD99B2AEC104FD	3551744	----a-w-	C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-03-11 20:07:05	C443536D9279B74A162E3C39A83CB226	60928	----a-w-	C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-03-11 20:07:04	6A978C77BADD838D8A5347DBC06142A7	811008	----a-w-	C:\WINDOWS\SysWOW64\WSShared.dll
2015-03-11 20:07:02	C561022F4E2882B44BDB65AE2B0756C0	266752	----a-w-	C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-11 20:07:02	958A5388C05106844C80AEB95948A32B	91648	----a-w-	C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-11 20:07:02	4720D1AF566E7C2127B4EEDDD070CA87	278016	----a-w-	C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-11 20:07:02	20A130BE26CBB3B50C5B19B91BED669B	250880	----a-w-	C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-11 20:07:02	154BC2F7D00DA9790A99787B6019535E	2459136	----a-w-	C:\WINDOWS\SysWOW64\authui.dll
2015-03-11 20:07:01	D5496CF5DF8921CFC1EF1770F98C2192	791040	----a-w-	C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-11 20:06:59	91E24273FCA076EA9E65DAFA98901225	2207488	----a-w-	C:\WINDOWS\SysWOW64\explorer.exe
2015-03-11 20:06:52	F8B2956CE0F98289F5A8D3FBF638D989	12800	----a-w-	C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-11 16:33:37	EB75202872E2A233CA0C4E84D122B266	35840	----a-w-	C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-11 16:33:37	1E14074826BCDAC8764743D8F92E6CFE	301056	----a-w-	C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-11 16:33:35	93F59EDC3602F47840631BB7F334B66C	1498360	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-11 16:33:32	9E39AC33607AAF228686FA15249E5C42	358912	----a-w-	C:\WINDOWS\SysWOW64\schannel.dll
2015-03-11 16:33:19	95CB6079B3E62D4301958023C2070A48	19720192	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-11 16:33:17	FC5FE9F2D140435FC95CB3EF6724EF0A	4300288	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-11 16:33:17	E868396BC5F8957A9E39BD9A28EA814D	12827648	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-11 16:33:16	EA6EA6912F27F05C61D8D747517EB47E	1888256	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2015-03-11 16:33:16	B35C35C55FED3DD7F995C77F63CBC29B	1311232	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-11 16:33:16	52B4DECDC70B8758380D37EA2CDD4254	2278400	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-11 16:33:15	CFAB72035AC43BE256A750D1C788D092	128000	----a-w-	C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-11 16:33:15	BC9CE46C3F05CCC40F8F1EFC7E4B41C7	503296	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-11 16:33:15	B59AD24271B8CA366001B52243930E86	664064	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2015-03-11 16:33:15	AD1BA932AC31D2BC8C9105DA59BEA6BE	689152	----a-w-	C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-11 16:33:15	AD13E719AE506AA0E0BB5D49E0D5B44A	285696	----a-w-	C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-11 16:33:15	A41C85FDB2275FA9AAA821A118807FDB	710144	----a-w-	C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-11 16:33:15	A34897A1A39316BDECCA3E61986F98F2	2052608	----a-w-	C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-11 16:33:15	6458965ED7A412AA6B4A3C5197EEBBD7	230400	----a-w-	C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-11 16:33:15	6108ED659B5962DE73DACB3B04D86ED3	64000	----a-w-	C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-11 16:33:15	1F53B89EDB383115B4DE44019CA6D2E1	880128	----a-w-	C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-11 16:33:15	00F39165D6D14302618C20CDD7BB213A	76288	----a-w-	C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-11 16:33:09	4B56EAB79339F37E0C5B325405C4FF95	1488040	----a-w-	C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-11 16:33:07	64FDBD1F4955DA132578392754AA1A79	19731824	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2015-03-11 16:33:05	5BD6BE549A4C267D69E86160E3100C14	1123848	----a-w-	C:\WINDOWS\SysWOW64\msctf.dll
2015-03-11 16:33:05	498D5BC0289F8DD995FEEE8E7CD906CA	357376	----a-w-	C:\WINDOWS\SysWOW64\WMPhoto.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-03-13 12:31:42	8265CD5C67D0A35DFC40F3D1A8AC994C	94656	----a-w-	C:\WINDOWS\Sysnative\WPRO_41_2001woem.tmp
2015-03-11 20:07:42	EEB76824DC14283A010CAE4E2B5AB852	723072	----a-w-	C:\WINDOWS\Sysnative\SHCore.dll
2015-03-11 20:07:35	D82C445E3D484F31CD2638A4338E5FD9	933888	----a-w-	C:\WINDOWS\Sysnative\calc.exe
2015-03-11 20:07:34	BDE6152B584ABDA7DA102B363E58354F	396419	----a-w-	C:\WINDOWS\Sysnative\ApnDatabase.xml
2015-03-11 20:07:33	DF55E2D7D045BA1A2C43029DEDF0B59D	347136	----a-w-	C:\WINDOWS\Sysnative\photowiz.dll
2015-03-11 20:07:22	2AE4D70A3657FA4FA734B370E79F83FF	1091072	----a-w-	C:\WINDOWS\Sysnative\localspl.dll
2015-03-11 20:07:21	7F586D08E965FA00EE085319EF5BBAF1	864256	----a-w-	C:\WINDOWS\Sysnative\win32spl.dll
2015-03-11 20:07:20	C08E7F8AC41901403799B237DA7BA10E	3097600	----a-w-	C:\WINDOWS\Sysnative\msftedit.dll
2015-03-11 20:07:19	77F28E71B2C0297AB67EA81878B1FA83	2257408	----a-w-	C:\WINDOWS\Sysnative\dwmcore.dll
2015-03-11 20:07:16	81CB7FF2FF19D639FD75B6B992BABC43	4298240	----a-w-	C:\WINDOWS\Sysnative\D3DCompiler_47.dll
2015-03-11 20:07:16	20433FD8C8F460567DE93F472A4D749F	1488896	----a-w-	C:\WINDOWS\Sysnative\mfc42u.dll
2015-03-11 20:07:15	60629FA01E0CAE23DA527DFA5ECAD5C7	1464832	----a-w-	C:\WINDOWS\Sysnative\mfc42.dll
2015-03-11 20:07:05	613438C2C3D899F50719B6878579C66D	75264	----a-w-	C:\WINDOWS\Sysnative\StorageContextHandler.dll
2015-03-11 20:07:05	40CBEB7C0051036CBC1C243A025F206D	971776	----a-w-	C:\WINDOWS\Sysnative\WSShared.dll
2015-03-11 20:07:02	992A0252586D9D946535DDBBEF9AB7D5	346112	----a-w-	C:\WINDOWS\Sysnative\eappcfg.dll
2015-03-11 20:07:02	68DF7D160987CF3E0A03A64E5A8F087D	2773504	----a-w-	C:\WINDOWS\Sysnative\authui.dll
2015-03-11 20:07:02	62F00DA98A4ABDA58254DB936C1D2D73	339456	----a-w-	C:\WINDOWS\Sysnative\eapphost.dll
2015-03-11 20:07:02	4E32C419A8B3CC19FCD2CACDEF1BD492	102912	----a-w-	C:\WINDOWS\Sysnative\eappgnui.dll
2015-03-11 20:07:02	4644F62E41B054A1787225D1210108B2	331776	----a-w-	C:\WINDOWS\Sysnative\eapp3hst.dll
2015-03-11 20:07:01	F91E83532107E8B0A1819DB2D96366CB	1090048	----a-w-	C:\WINDOWS\Sysnative\MrmCoreR.dll
2015-03-11 20:07:01	55E39907F34D14E0794DD17C915795E5	46456	----a-w-	C:\WINDOWS\Sysnative\LockScreenContentServer.exe
2015-03-11 20:06:52	72BEE6C5173218A8846D31DF68D2AE4F	14848	----a-w-	C:\WINDOWS\Sysnative\winshfhc.dll
2015-03-11 16:33:37	BBBE2BA24785E3A7ED1FF706B01C7770	358912	----a-w-	C:\WINDOWS\Sysnative\atmfd.dll
2015-03-11 16:33:37	85012538999DC5628E67B7579FF5034F	44032	----a-w-	C:\WINDOWS\Sysnative\atmlib.dll
2015-03-11 16:33:35	9F2265288BCA4EF9B34FAD2D0078070E	7472960	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2015-03-11 16:33:35	44AA550C6B46C80E430A3D29820D629E	1733440	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2015-03-11 16:33:33	35A579220C411DED00E0DA5AFB755178	4178944	----a-w-	C:\WINDOWS\Sysnative\win32k.sys
2015-03-11 16:33:32	E63FD4AED397626B314B96EA11341220	430080	----a-w-	C:\WINDOWS\Sysnative\schannel.dll
2015-03-11 16:33:30	EA10446D574CB8A20D913BF500E34192	3547648	----a-w-	C:\WINDOWS\Sysnative\rdpcorets.dll
2015-03-11 16:33:29	66F962AE94FF268070ED2325DAEE88BA	131584	----a-w-	C:\WINDOWS\Sysnative\rdpudd.dll
2015-03-11 16:33:27	92360C5E0D86B027377381E867BD055A	203264	----a-w-	C:\WINDOWS\Sysnative\ubpm.dll
2015-03-11 16:33:20	1193400D8E29A5A010135FB09A4EB1E8	25021440	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2015-03-11 16:33:18	40DF85D8B2B0171EF5F23AA1B5CD9A62	6035456	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2015-03-11 16:33:17	2335F6BF8A127E31EB0E2D9A82F188A0	14398976	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2015-03-11 16:33:16	A03AF8AD44CAE309908557F5724BC808	1032704	----a-w-	C:\WINDOWS\Sysnative\inetcomm.dll
2015-03-11 16:33:16	62269DEFF17AB006217330A24EA8577B	2886144	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2015-03-11 16:33:16	501A38B72FA264605123B4FACF53F057	1548288	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2015-03-11 16:33:16	36F99BD8A0F09BDBB7850A138845A014	2358784	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2015-03-11 16:33:15	DF9BF7D44E9EC59924B642AB478E72DA	374272	----a-w-	C:\WINDOWS\Sysnative\iedkcs32.dll
2015-03-11 16:33:15	D373113A84C12BA7F07CE1E9CAF4747F	92160	----a-w-	C:\WINDOWS\Sysnative\mshtmled.dll
2015-03-11 16:33:15	C010D371BC7FE8ECC01EFE5E92D8E996	2865152	----a-w-	C:\WINDOWS\Sysnative\actxprxy.dll
2015-03-11 16:33:15	A9190899A35431CF8ABBEF5E1BB0C8F9	814080	----a-w-	C:\WINDOWS\Sysnative\jscript9diag.dll
2015-03-11 16:33:15	9E9B757A677927110393A505822D9174	800768	----a-w-	C:\WINDOWS\Sysnative\ieapfltr.dll
2015-03-11 16:33:15	80B3AD73027A2CCD42C47EBF5C89124F	316928	----a-w-	C:\WINDOWS\Sysnative\dxtrans.dll
2015-03-11 16:33:15	7E16095C0BEEF62D1A2674D6A232DEE1	145408	----a-w-	C:\WINDOWS\Sysnative\iepeers.dll
2015-03-11 16:33:15	687E11F36832BFF65EF0CD2FA3DB1966	584192	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2015-03-11 16:33:15	5443F21A33DB376734DBE47F7635542C	801280	----a-w-	C:\WINDOWS\Sysnative\msfeeds.dll
2015-03-11 16:33:15	3DE5D78D843D3F44B5D9189D61C2725E	262144	----a-w-	C:\WINDOWS\Sysnative\webcheck.dll
2015-03-11 16:33:15	3541B433422C3FEEB8ABFC8386D95275	816128	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2015-03-11 16:33:15	22C4867C690C38B18B2C1A0B072CD0C4	2125824	----a-w-	C:\WINDOWS\Sysnative\inetcpl.cpl
2015-03-11 16:33:15	1C393E42928BF55B3796E732B678CD5B	88064	----a-w-	C:\WINDOWS\Sysnative\MshtmlDac.dll
2015-03-11 16:33:09	5A1F895338418DF8C1D31E590DC1BAA5	1763352	----a-w-	C:\WINDOWS\Sysnative\WindowsCodecs.dll
2015-03-11 16:33:08	B9109627AA19B15BA4BFA5255AAECBF2	22291584	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2015-03-11 16:33:05	D103F021B60F27DEBAEC4D316C7A0F42	1384712	----a-w-	C:\WINDOWS\Sysnative\msctf.dll
2015-03-11 16:33:05	6334135544739B49C776DFE0B6F0FA9F	402432	----a-w-	C:\WINDOWS\Sysnative\WMPhoto.dll
====== C:\WINDOWS\Sysnative\drivers =====
2015-03-11 20:07:18	6D3A2565E01B3E4B0F1BEDB0D4B00B3F	1113920	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2015-03-11 20:07:06	DC66AE45816614D2999DCD3834DCCC4E	167424	----a-w-	C:\WINDOWS\Sysnative\drivers\rfcomm.sys
2015-03-11 20:07:06	42F88B57CAE42FC10059C887B3FCFCEA	97792	----a-w-	C:\WINDOWS\Sysnative\drivers\hidbth.sys
2015-03-11 20:06:52	D296D0F0DB2CD1504F90405603664493	264000	----a-w-	C:\WINDOWS\Sysnative\drivers\WdFilter.sys
2015-03-11 20:06:52	9F4DF0043965808973023A9B51A11136	114496	----a-w-	C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys
2015-03-11 20:06:52	1751F6B031ADAC34724511057D2E455D	44024	----a-w-	C:\WINDOWS\Sysnative\drivers\WdBoot.sys
2015-03-10 14:33:49	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-03-07 16:09:25	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
2015-03-13 17:59:41	!HASH: COULD NOT OPEN FILE !!!!!	0	--sha-w-	C:\DkHyperbootSync
====== C:\Users\Jonas\AppData\Roaming ======
2015-02-25 22:26:36	--------	d-----w-	C:\Users\Jonas\AppData\Local\Diagnostics
2015-02-22 16:47:57	--------	d-----w-	C:\Users\Jonas\AppData\Local\LSC
====== C:\Users\Jonas ======
2015-03-07 16:09:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Jonas\Desktop\RSITx64.exe
2015-03-07 13:43:38	993CD4272B70D53FA21FE6829EEF92F2	243416	----a-w-	C:\Users\Jonas\Downloads\Firefox Setup Stub 36.0.1.exe

====== C: exe-files ==
2015-03-12 12:41:45	FEB0964AF6F70A336F438BE9564371C6	20976	----a-w-	C:\ProgramData\Lenovo\SystemUpdate\Session\Repository\lsu_fixpatch20150211\osappdetector.exe
2015-03-11 22:55:45	7DF547F2E361A6ADC8DFAF9544C6A283	10033232	----a-w-	C:\Program Files (x86)\Google\Update\Install\{B982278C-2C02-4F06-8EE7-5A1C3D6FCFA7}\41.0.2272.89_40.0.2214.115_chrome_updater.exe
2015-03-11 22:55:45	7DF547F2E361A6ADC8DFAF9544C6A283	10033232	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.89\41.0.2272.89_40.0.2214.115_chrome_updater.exe
2015-03-11 20:07:35	E26D49197CA9E38BCC6033DE53F720BD	816128	----a-w-	C:\Windows\SysWOW64\calc.exe
2015-03-11 20:07:35	D82C445E3D484F31CD2638A4338E5FD9	933888	----a-w-	C:\Windows\System32\calc.exe
2015-03-11 20:07:01	55E39907F34D14E0794DD17C915795E5	46456	----a-w-	C:\Windows\System32\LockScreenContentServer.exe
2015-03-11 20:06:59	C10A66189DC8C090E7C84873EDCEBC88	2501368	----a-w-	C:\Windows\explorer.exe
2015-03-11 20:06:59	91E24273FCA076EA9E65DAFA98901225	2207488	----a-w-	C:\Windows\SysWOW64\explorer.exe
2015-03-11 16:33:35	9F2265288BCA4EF9B34FAD2D0078070E	7472960	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-03-11 16:33:15	EF3BE302619A2C85A1E33FBFAB4C60F8	484864	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-03-11 16:33:15	5CC34CBBBD90696FD82DB670C38B13FD	469504	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-03-11 13:49:50	E05AA5F22B9F3124B3D16304F549A1DC	439696	----a-w-	C:\ProgramData\NVIDIA\Updatus\Packages\00007107\CoProc update.19389532.exe
2015-03-07 20:23:02	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Jonas.exe
2015-03-07 16:09:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Jonas\Desktop\RSITx64.exe
2015-03-07 13:43:38	993CD4272B70D53FA21FE6829EEF92F2	243416	----a-w-	C:\Users\Jonas\Downloads\Firefox Setup Stub 36.0.1.exe
=== C: other files ==
2015-03-11 20:07:18	6D3A2565E01B3E4B0F1BEDB0D4B00B3F	1113920	----a-w-	C:\Windows\System32\drivers\ndis.sys
2015-03-11 20:07:06	DC66AE45816614D2999DCD3834DCCC4E	167424	----a-w-	C:\Windows\System32\drivers\rfcomm.sys
2015-03-11 20:07:06	42F88B57CAE42FC10059C887B3FCFCEA	97792	----a-w-	C:\Windows\System32\drivers\hidbth.sys
2015-03-11 20:06:52	D296D0F0DB2CD1504F90405603664493	264000	----a-w-	C:\Windows\System32\drivers\WdFilter.sys
2015-03-11 20:06:52	9F4DF0043965808973023A9B51A11136	114496	----a-w-	C:\Windows\System32\drivers\WdNisDrv.sys
2015-03-11 20:06:52	1751F6B031ADAC34724511057D2E455D	44024	----a-w-	C:\Windows\System32\drivers\WdBoot.sys
2015-03-11 16:33:33	35A579220C411DED00E0DA5AFB755178	4178944	----a-w-	C:\Windows\System32\win32k.sys
2015-03-11 15:28:22	7FC8D6065EB064B10EAE42C8604FEAF4	6767732	----a-w-	C:\Users\Jonas\Desktop\handbook safeguarding global financial stability.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2856834796-3624118678-1303184682-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Pokki"=""%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON"

[HKEY_USERS\S-1-5-21-2856834796-3624118678-1303184682-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade"

[HKEY_USERS\S-1-5-21-2856834796-3624118678-1303184682-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"="C:\Users\Jonas\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Jonas\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
"Fastboot"="C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe /analysis"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup"
"Redirector"="C:\Program Files (x86)\Citrix\ICA Client\redirector.exe /startup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Pokki"=""%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"="C:\Users\Jonas\AppData\Local\Pokki\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Jonas\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtsCM"="RTSCM64.EXE"
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"LenovoOptMouseUpdate"="C:\Program Files\Lenovo\HOTKEY\extapsup.exe"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp"
"cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
"ForteConfig"="C:\Program Files\Conexant\ForteConfig\fmapp.exe"
"SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t"
"TpShocks"="TpShocks.exe"
"LnvMobHotspotClient"="C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe"
"LENOVO.TPKNRRES"="rundll32.exe C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll,AVStartupStub"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\windows\\system32\\nvinitx.dll,C:\\WINDOWS\\system32\\nvinitx.dll"

==== Startup Folders ======================

2015-01-02 21:48:03	1197	----a-w-	C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/01/2015 21:45]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/01/2015 21:45]
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [09/07/2013 06:02]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Absolute Reminder" ["%PROGRAMFILES(x86)%\Absolute Software\Absolute Reminder\AbsoluteReminder.exe"]
"C:\WINDOWS\SysNative\tasks\CLMLSvc" [C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe"]
"C:\WINDOWS\SysNative\tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe"]
"C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe"]
"C:\WINDOWS\SysNative\tasks\PMTask" [C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe]
"C:\WINDOWS\SysNative\tasks\StartPowerDVDService" ["C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"]
"C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{5A50F2C3-C138-46AC-B602-08BB601F9AF9}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\Experience Improvement" [C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Settings Power" ["C:\WINDOWS\system32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor]
"C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSCService.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\LenovoDependencyVersionTask" [C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\LenovoMachineInformation" [C:\Program Files\lenovo\SystemAgent\MachineInformation.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\LenovoUserguidesCopy" [C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\LenovoWarrantyChinaTask" [C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScanPostpone" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\TVT\TVSUUpdateTask" ["C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-01-02 19:58:21	--------	d-----w-	C:\PROGRA~3\Conexant
2015-01-02 19:58:35	--------	d-----w-	C:\PROGRA~3\NVIDIA Corporation
2015-01-02 19:58:59	--------	d-----w-	C:\PROGRA~3\NVIDIA
2015-01-02 19:59:12	--------	d-----w-	C:\PROGRA~3\Validity
2015-01-02 20:18:21	--------	d-sh--we	C:\PROGRA~3\Bureaublad
2015-01-02 20:18:21	--------	d-sh--we	C:\PROGRA~3\Documenten
2015-01-02 20:18:21	--------	d-sh--we	C:\PROGRA~3\Menu Start
2015-01-02 20:18:21	--------	d-sh--we	C:\PROGRA~3\Sjablonen
2015-01-02 22:07:09	--------	d-----w-	C:\PROGRA~3\Microsoft Help
2015-01-02 22:21:16	--------	d-----w-	C:\PROGRA~3\Skype
2015-01-02 22:45:04	--------	d-----w-	C:\PROGRA~3\Google
2015-01-02 23:06:31	--------	d-----w-	C:\PROGRA~3\Apple
2015-01-02 23:07:11	--------	d-----w-	C:\PROGRA~3\Apple Computer
2015-01-02 23:07:11	--------	d-----w-	C:\PROGRA~3\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-12 22:45:35	--------	d-----w-	C:\PROGRA~3\Citrix

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\IPSFF" [02/01/2015 22:02]

==== Chromium Look ======================

Google Chrome Version: 41.0.2272.89 (Up to date, latest Stable version: 41.0.2272.89)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iikflkcanblccfahdhdonehdalibjnif - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 17:22]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx[20/09/2014 08:52]

Google Slides - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Norton Identity Safe - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
Skype Click to Call - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Norton Security Toolbar - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Wallet - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on vr 13/03/2015 at 18:11:21,43 ======================