
Zoek.exe Version 4.0.0.2 Updated 03-June-2013
Tool run by Compaq on di 04-06-2013 at 23:40:17,65.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\taskhost.exe
C:\Users\Compaq\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\GUTF146.tmp" deleted
"C:\Program Files (x86)\GUMF145.tmp" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-05-22 12:16:36	641427B38C81075AD6B490956D8A900F	424369489	----a-w-	C:\Windows\MEMORY.DMP
====== C:\Users\Compaq\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-06-04 11:31:24	0BB97D43299910CBFBA59C461B99B910	25928	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2013-06-02 17:11:40	F5D6D3B7468C46EA2DDC1D19D2A6DA0F	177312	----a-w-	C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS
2013-06-02 17:11:40	88CC2755C8285E62CCA1185C3CA2D93F	855	----a-w-	C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF
2013-06-02 17:11:40	1EC512AC4B6D0807878816697072112A	7466	----a-w-	C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT
2013-05-17 17:44:09	AF2E16242AA723F68F461B6EAE2EAD3D	983400	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
2013-05-17 17:44:09	1F04CFB79DD5FB7694468CE3FB3DCC31	265064	----a-w-	C:\Windows\Sysnative\drivers\dxgmms1.sys
====== C:\Windows\Tasks ======
2013-06-03 15:52:31	D6C9B32288106C591264FDD782989D83	2896	----a-w-	C:\Windows\Sysnative\Tasks\AutoKMS
2013-06-03 15:50:34	FEA05B10EFF477A229448F607721A61F	266	----a-w-	C:\Windows\Tasks\AutoKMS.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-06-03 23:48:50	--------	d-----w-	C:\Program Files\HitmanPro
======= C:\Program Files (x86) =====
======= C: =====
====== C:\Users\Compaq\AppData\Roaming ======
2013-06-04 11:30:17	--------	d-----w-	C:\users\Compaq\AppData\Local\Programs
2013-06-03 15:44:21	--------	d-----w-	C:\users\Compaq\AppData\Local\NPE
2013-06-03 11:15:25	--------	d-----w-	C:\users\Compaq\AppData\Local\CrashDumps
====== C:\Users\Compaq ======
2013-06-04 11:29:11	A66B365579D8CEBD7F1D4D6B6F7F9373	10284816	----a-w-	C:\Users\Compaq\Downloads\mbam-setup.exe
2013-06-03 23:48:50	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2013-06-03 23:47:52	--------	d-----w-	C:\ProgramData\HitmanPro
2013-06-03 23:47:30	B2E0F30FC400FA9E70C6DFF98420085D	9833328	----a-w-	C:\Users\Compaq\Downloads\HitmanPro_x64.exe
2013-06-03 15:44:09	8477691056CD8607279F21434FA2EEA5	2986440	----a-w-	C:\Users\Compaq\Downloads\NPE.exe
2013-06-03 15:09:30	EEA0B34B60632083F2A75352BAE365FB	726464	----a-w-	C:\Users\Compaq\Downloads\SpyHunter-Installer.exe
2013-06-02 17:01:23	B5266733905C84A04227FA48EBE416E4	165202936	------w-	C:\Users\Compaq\Downloads\N360-TW-20-3-0-36-NL.exe

====== C: exe-files ==
2013-06-04 11:29:11	A66B365579D8CEBD7F1D4D6B6F7F9373	10284816	----a-w-	C:\Users\Compaq\Downloads\mbam-setup.exe
2013-06-03 23:48:51	1712747C844CC12EED8BC92FB0E56E4C	109352	----a-w-	C:\Program Files\HitmanPro\hmpsched.exe
2013-06-03 23:48:50	B2E0F30FC400FA9E70C6DFF98420085D	9833328	----a-w-	C:\Program Files\HitmanPro\HitmanPro.exe
2013-06-03 23:47:30	B2E0F30FC400FA9E70C6DFF98420085D	9833328	----a-w-	C:\Users\Compaq\Downloads\HitmanPro_x64.exe
2013-06-03 15:44:09	8477691056CD8607279F21434FA2EEA5	2986440	----a-w-	C:\Users\Compaq\Downloads\NPE.exe
2013-06-03 15:09:30	EEA0B34B60632083F2A75352BAE365FB	726464	----a-w-	C:\Users\Compaq\Downloads\SpyHunter-Installer.exe
2013-06-02 17:01:23	B5266733905C84A04227FA48EBE416E4	165202936	------w-	C:\Users\Compaq\Downloads\N360-TW-20-3-0-36-NL.exe
=== C: other files ==
2013-06-04 11:31:24	0BB97D43299910CBFBA59C461B99B910	25928	----a-w-	C:\Windows\System32\drivers\mbam.sys
2013-06-04 09:29:36	D79841C79B1EC2394DB83EA191BDFD52	194182	----a-w-	C:\Users\Compaq\Downloads\WW.zip
2013-06-02 17:25:44	E174C8BC572E93AEEE1036DEDAC5F225	493656	----a-w-	C:\Windows\System32\drivers\N360x64\1403010.016\symds64.sys
2013-06-02 17:25:44	ADF37F1A715D6C56C8E065FD8569A9A4	224416	----a-w-	C:\Windows\System32\drivers\N360x64\1403010.016\ironx64.sys
2013-06-02 17:25:44	599872BAD7CFB45C7CE47CDED4B726D8	1139800	----a-w-	C:\Windows\System32\drivers\N360x64\1403010.016\symefa64.sys
2013-06-02 17:25:44	42947647F71E9EF2167B42B372F1DDB7	23448	----a-r-	C:\Windows\System32\drivers\N360x64\1403010.016\symelam.sys
2013-06-02 17:25:44	378A0748DE5ADF90BF9DB897DA8564E6	796248	----a-w-	C:\Windows\System32\drivers\N360x64\1403010.016\srtsp64.sys
2013-06-02 17:25:44	248C952C82DF1E23775432774CBB20F1	168096	----a-w-	C:\Windows\System32\drivers\N360x64\1403010.016\ccsetx64.sys
2013-06-02 17:25:44	1605EBD8CB86AFC4430116065995279A	432800	----a-w-	C:\Windows\System32\drivers\N360x64\1403010.016\symnets.sys
2013-06-02 17:25:44	0E76CEF892C45734F7AED09FDDF35D4D	36952	----a-w-	C:\Windows\System32\drivers\N360x64\1403010.016\srtspx64.sys
2013-06-02 17:11:40	F5D6D3B7468C46EA2DDC1D19D2A6DA0F	177312	----a-w-	C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-05-29 22:15:51	AA4B0C13FD32A3542199207DBE2207E0	4707257	----a-w-	C:\Users\Compaq\Downloads\private.zip
2013-05-29 22:06:27	706E962F637A8A3EA2FE8D399D72521A	5279774	----a-w-	C:\Users\Compaq\Downloads\Overig (2).zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-243120313-2685419238-1115295473-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\AutoKMS.job --a------ C:\Windows\AutoKMS\AutoKMS.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-04-2013 18:39]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-04-2013 18:39]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\Exts\Chrome.crx[02-04-2013 02:37]

Norton Identity Protection - Compaq - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Compaq\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Compaq\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Compaq\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Compaq\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\users\Compaq\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Compaq\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 04-06-2013 at 23:55:56,24 ======================