Zoek.exe v5.0.0.0 Updated 05-Januari-2014 Tool run by siemens on zo 05/01/2014 at 21:16:49,51. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\siemens\Desktop\zoek\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2013-12-29-223522.log 68268 bytes C:\zoek-results2013-12-30-111323.log 47262 bytes C:\zoek-results2013-12-30-114721.log 16432 bytes C:\zoek-results2014-01-04-111320.log 24771 bytes ==== VirusTotal Scan ====================== C:\Users\Patrick\AppData\Local\Temp\launchie.vbs not found ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\lxbkcoms.exe C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Athan\Athan.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Real\RealPlayer\Update\realsched.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\siemens\Desktop\zoek\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k WindowsMobile ==== System Specs ====================== Windows: Windows 7 Professional Edition Service Pack 1 (Build 7601) Memory (RAM): 2048 MB CPU Info: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz CPU Speed: 2346,9 MHz Sound Card: Hoofdtelefoon (High Definition | Oortelefoon van hoofdtelefoon ( | Display Adapters: NVIDIA GeForce 8400 GS | NVIDIA GeForce 8400 GS | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1152 X 864 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GSA-H60N Ports: COM1 | COM2 LPT1 Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 80,0GB | D: 109,8GB Hard Disks - Free: C: 39,7GB | D: 108,6GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/07/07 | FSC - 20070907 Time Zone: Romance (standaardtijd) Motherboard *: FUJITSU SIEMENS G31T-M2 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Bitdefender Antispyware disabled (Outdated) Firewall: Bitdefender Firewall disabled Internet Explorer Version: 11.0.9600.16476 Google Chrome version: 31.0.1650.63 Adobe Reader version: 11.0.04.63 Shockwave Player version: 12.0.2r122 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\siemens\AppData\Local\Temp ==== 2014-01-04 11:12:40 945D09C0925F771F907DEE3D0452ECF4 40960 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\rtdrvmon.exe ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2013-12-13 21:04:17 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys 2013-12-13 21:04:17 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys ====== C:\Windows\Tasks ====== 2014-01-04 15:19:13 7787D2F9B8DD42A28279F84BD69EB275 3336 ----a-w- C:\Windows\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3150744332-8020426-1136381390-1000 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-12-27 13:58:27 -------- d-----w- C:\Program Files\RealNetworks 2013-12-27 13:56:55 -------- d-----w- C:\Program Files\Common Files\xing shared 2013-12-24 14:16:50 -------- d-----w- C:\Program Files\Trend Micro 2013-12-24 10:07:13 -------- d-----w- C:\Program Files\iPod 2013-12-24 10:07:10 -------- d-----w- C:\Program Files\iTunes ======= C: ===== ====== C:\Users\siemens\AppData\Roaming ====== 2014-01-04 11:09:48 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-01-04 11:09:48 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-01-04 11:09:48 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2014-01-04 11:09:48 -------- d-----w- C:\Users\siemens\AppData\Local\Temp 2014-01-04 11:09:48 -------- d-----w- C:\Users\Public\AppData\Local\Temp 2014-01-04 11:09:48 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Temp 2014-01-04 11:09:48 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-01-04 11:09:48 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2013-12-27 14:01:02 -------- d-----w- C:\Users\siemens\AppData\Roaming\RealNetworks ====== C:\Users\siemens ====== 2013-12-27 13:58:27 -------- d-----w- C:\ProgramData\RealNetworks 2013-12-26 13:40:47 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\siemens\Desktop\RSIT.exe 2013-12-24 10:10:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2013-12-24 10:08:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2013-12-24 10:07:10 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-12-15 19:19:36 5BEA420BA345AAA7E07FD4513AC5A3F1 486 --sha-r- C:\ProgramData\ntuser.pol ====== C: exe-files == 2014-01-04 11:12:40 945D09C0925F771F907DEE3D0452ECF4 40960 ----a-w- C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\rtdrvmon.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3150744332-8020426-1136381390-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Athan"="C:\Program Files\Athan\Athan.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe -osboot" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "hkey"="HKLM" "item"="Adobe ARM" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "hkey"="HKLM" "item"="APSDaemon" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelliPoint] "command"="\"C:\\Program Files\\Microsoft IntelliPoint\\ipoint.exe\"" "hkey"="HKLM" "item"="IntelliPoint" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "hkey"="HKLM" "item"="iTunesHelper" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\lxbkbmgr.exe] "command"="\"C:\\Program Files\\Lexmark X1100 Series\\lxbkbmgr.exe\"" "hkey"="HKLM" "item"="lxbkbmgr.exe" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" "hkey"="HKLM" "item"="QuickTime Task" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "command"="\"c:\\program files\\real\\realplayer\\Update\\realsched.exe\" -osboot" "hkey"="HKLM" "item"="TkBellExe" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center] "command"="C:\\Windows\\WindowsMobile\\wmdc.exe" "hkey"="HKLM" "item"="Windows Mobile Device Center" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" "msnmsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background" "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "APSDaemon"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "Athan"="C:\\Program Files\\Athan\\Athan.exe" "BDAgent"="\"C:\\Program Files\\Bitdefender\\Bitdefender 2012\\bdagent.exe\"" "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe" "snpstd3"="C:\\Windows\\vsnpstd3.exe" "TkBellExe"="\"C:\\Program Files\\Real\\RealPlayer\\Update\\realsched.exe\" -osboot" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11/12/2013 14:20] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/03/2012 16:40] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/03/2012 16:40] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3150744332-8020426-1136381390-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3150744332-8020426-1136381390-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-3150744332-8020426-1136381390-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-3150744332-8020426-1136381390-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{1AC3E8F1-8BA5-4796-A020-258BD0BD1186}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{0C0B54A5-9C71-44A5-A1EA-E8C489EE91EF}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/abandoninstall?page=tsProgressBar] "C:\Windows\system32\tasks\{1F1B7320-8862-4F85-A4D8-27FB9B51825A}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/abandoninstall?page=tsProgressBar] "C:\Windows\system32\tasks\{402BDF80-74A8-4B72-B657-7D6D20C7827D}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/abandoninstall?page=tsProgressBar] "C:\Windows\system32\tasks\{44A406A9-72DC-49AC-9F19-033132ADBE33}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/abandoninstall?source=lightinstaller&page=tsProgressBar] "C:\Windows\system32\tasks\{50833EEA-AE01-4986-930D-02357B6254B9}" [C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe] "C:\Windows\system32\tasks\{6CCC9085-BF77-4590-9FB3-2A54D0A74020}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.6.0.106/nl/abandoninstall?page=tsMain] "C:\Windows\system32\tasks\{6F544C63-F146-4782-901F-FB205581AC16}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/abandoninstall?source=lightinstaller&page=tsProgressBar] "C:\Windows\system32\tasks\{74B4947C-B7C3-43A0-AB43-878AF74372D1}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.0.105/nl/abandoninstall?source=lightinstaller&page=tsProgressBar] "C:\Windows\system32\tasks\{87EB79D3-F801-4DC4-B928-71684EAE7F55}" [C:\Program Files\Lexmark X1100 Series\LXBKaiox.exe] "C:\Windows\system32\tasks\{9F1F3B66-175B-48D4-B15F-A87966E19C91}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.0.0.126/nl/abandoninstall?page=tsProgressBar] "C:\Windows\system32\tasks\{9F761698-7CC5-42A2-B341-43F896800D21}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=5.8.0.154&LastError=12002] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [27/12/2013 14:58] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24] MoneyMillionaire extension - siemens\AppData\Local\Google\Chrome\User Data\Default\Extensions\iapkompmljjcdangdahmcnicaoianjnf Google Docs - siemens\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - siemens\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - siemens\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - siemens\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf RealDownloader - siemens\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Google Wallet - siemens\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - siemens\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== HijackThis Entries ====================== O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FromDocToPDFService (FromDocToPDF_65Service) - Unknown owner - C:\PROGRA~1\FROMDO~2\bar\1.bin\65barsvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1290 folders=187 102184011 bytes) ==== EOF on zo 05/01/2014 at 21:21:42,82 ======================