Zoek.exe v5.0.0.0 Updated 24-10-2014 Tool run by Mardi on vr 24/10/2014 at 20:24:43,32. Microsoft Windows 8.1 Pro 6.3.9600 x86 Running in: Normal Mode Internet Access Detected Launched: H:\Documenten\Temp\Tijdelijke internetbestanden\IE\F66PZKA1\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\WINDOWS\system32\wininit.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\dwm.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\Hpservice.exe C:\Program Files\Stardock\Start8\Start8Srv.exe C:\Program Files\Stardock\Start8\Start8.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\WINDOWS\system32\AEADISRV.EXE C:\WINDOWS\system32\dashost.exe C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet C:\WINDOWS\system32\taskhostex.exe C:\WINDOWS\Explorer.EXE C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x86__8wekyb3d8bbwe\LiveComm.exe C:\Program Files\TeamViewer\Version9\tv_w32.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\DllHost.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\skydrive.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\SettingSyncHost.exe C:\Windows\System32\WWAHost.exe C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x86__8wekyb3d8bbwe\glcnd.exe C:\WINDOWS\system32\wwahost.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe C:\WINDOWS\system32\taskhost.exe C:\WINDOWS\system32\wwahost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe H:\Documenten\Temp\Tijdelijke internetbestanden\IE\F66PZKA1\zoek.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ==== System Restore Info ====================== 24/10/2014 20:26:30 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Malwarebytes' Anti-Malware deleted successfully C:\Users\Mardi\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Mardi\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\beheerder\AppData\Local\VirtualStore deleted successfully C:\Users\Gast\AppData\Local\VirtualStore deleted successfully C:\Users\REN~1\AppData\Local\VirtualStore deleted successfully C:\Users\REN_2~1\AppData\Local\VirtualStore deleted successfully ==== Installed Programs ====================== Adobe AIR Adobe Community Help Adobe Creative Cloud Adobe Download Assistant Adobe Flash Player 11 Plugin Adobe Photoshop Elements 10 Adobe Photoshop Elements 11 Belgium e-ID middleware 4.0.5 (build 7363) CCleaner Corel Graphics - Windows Shell Extension CorelDRAW Home & Student Suite X7 - BR CorelDRAW Home & Student Suite X7 - Capture CorelDRAW Home & Student Suite X7 - Common CorelDRAW Home & Student Suite X7 - Connect CorelDRAW Home & Student Suite X7 - Custom Data CorelDRAW Home & Student Suite X7 - CZ CorelDRAW Home & Student Suite X7 - DrawHome CorelDRAW Home & Student Suite X7 - EN CorelDRAW Home & Student Suite X7 - ES CorelDRAW Home & Student Suite X7 - Filters CorelDRAW Home & Student Suite X7 - FontNav CorelDRAW Home & Student Suite X7 - FR CorelDRAW Home & Student Suite X7 - IPM CorelDRAW Home & Student Suite X7 - IPM Content CorelDRAW Home & Student Suite X7 - IT CorelDRAW Home & Student Suite X7 - NL CorelDRAW Home & Student Suite X7 - PL CorelDRAW Home & Student Suite X7 - PPHome CorelDRAW Home & Student Suite X7 - Redist CorelDRAW Home & Student Suite X7 - RU CorelDRAW Home & Student Suite X7 - Setup Files CorelDRAW Home & Student Suite X7 - VideoBrowser CorelDRAW Home & Student Suite X7 - Writing Tools CorelDRAW Home & Student Suite X7 D3DX10 Elements 10 Organizer Elements 11 Organizer Google Chrome Google Update Helper HP Quick Launch Buttons IrfanView (remove only) Junk Mail filter update Malwarebytes Anti-Malware versie 2.0.2.1012 Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 18.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT NTI Backup Now EZ PSE10 STI Installer PSE11 STI Installer QLBCASL Revo Uninstaller 1.95 Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2883031) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2883032) 32-Bit Edition Shockwave Flash SkypeT 6.18 Speccy Stardock Start8 Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) Synaptics Pointing Device Driver TeamViewer 9 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899475) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VLC media player Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== System Specs ====================== Operating System: Microsoft Windows 8.1 Pro 6.3.9600 32 bits Manufacturer: Hewlett-Packard - Model: HP Compaq 6830s Install Date: 17/10/2013 21:38:43 Last Boot: 24/10/2014 19:27:16 Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz Number of Processors: 2 Work Station Bootmode: Normal boot Total RAM: 3036 MB (free 1453 MB - 47) Computername: LAPTOP Domain: THUIS User: Mardi (Non-Administrator account) Local Disk: C:\ - NTFS - 117 GB (free 72 GB) Local Disk: D:\ - NTFS - 9 GB (free 1 GB) CD \ DVD Drive: E:\ Local Disk: F:\ - FAT32 - 0 GB (free 0 GB) Local Disk: G:\ - NTFS - 39 GB (free 38 GB) Local Disk: H:\ - NTFS - 66 GB (free 40 GB) Local Disk: I:\ - NTFS - 931 GB (free 112 GB) Bootdevice: \Device\HarddiskVolume1 Windows update: 2014-10-24 17:32:30 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17351 Mozilla Firefox version: 18.0.1 (x86 nl) Google Chrome version: 37.0.2062.124 Flash Player version: 11.5.502.110 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Mardi\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2014-10-18 19:16:29 CE9FDB173E3FDA974B9CC2596558EA47 68608 ----a-w- C:\WINDOWS\System32\packager.dll 2014-10-18 19:16:26 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\WINDOWS\System32\mshtml.dll 2014-10-18 19:16:10 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\WINDOWS\System32\jscript9.dll 2014-10-18 19:16:09 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\WINDOWS\System32\ieframe.dll 2014-10-18 19:16:07 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\WINDOWS\System32\wininet.dll 2014-10-18 19:16:07 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\WINDOWS\System32\iertutil.dll 2014-10-18 19:16:06 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\WINDOWS\System32\msfeeds.dll 2014-10-18 19:16:06 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\WINDOWS\System32\inetcpl.cpl 2014-10-18 19:16:06 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\WINDOWS\System32\urlmon.dll 2014-10-18 19:16:05 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\WINDOWS\System32\ieapfltr.dll 2014-10-18 19:16:05 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\WINDOWS\System32\vbscript.dll 2014-10-18 19:16:05 AF31CC5BAEB4916C0AF9AB062CFE8DA2 677888 ----a-w- C:\WINDOWS\System32\ie4uinit.exe 2014-10-18 19:16:05 980D01CB48811552E09D9CFF397886C9 315904 ----a-w- C:\WINDOWS\System32\iedkcs32.dll 2014-10-18 19:16:05 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\WINDOWS\System32\MshtmlDac.dll 2014-10-18 19:16:05 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\WINDOWS\System32\dxtrans.dll 2014-10-18 19:16:05 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\WINDOWS\System32\mshtmled.dll 2014-10-18 19:15:56 5D2C15BDAD48646C8CBC83903252D87C 514048 ----a-w- C:\WINDOWS\System32\rastls.dll 2014-10-18 19:15:56 10F428429F7FF957B226E068A08B158A 3117568 ----a-w- C:\WINDOWS\System32\msi.dll 2014-10-18 19:15:54 A6DB316A49F0B8DDA2147516039874A2 2815488 ----a-w- C:\WINDOWS\System32\wuaueng.dll 2014-10-18 19:15:53 FBC21212942F17DBA0A66C93ADC23F59 31232 ----a-w- C:\WINDOWS\System32\wuapp.exe 2014-10-18 19:15:53 DAAEC308C5A623C2A624F56BCB6D11B7 1634816 ----a-w- C:\WINDOWS\System32\wucltux.dll 2014-10-18 19:15:53 D9A12E2B9332D6271CBE1BEB1B4D8D07 312832 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll 2014-10-18 19:15:53 C2F6C71F5316DA478632B3B463B06E6D 80896 ----a-w- C:\WINDOWS\System32\wudriver.dll 2014-10-18 19:15:53 B6D3D955FBB174081CDFB977B726D069 123904 ----a-w- C:\WINDOWS\System32\wuwebv.dll 2014-10-18 19:15:53 853C316726DF17DA3AAFC74DF28F151A 49528 ----a-w- C:\WINDOWS\System32\wuauclt.exe 2014-10-18 19:15:53 09ABB665890DDCB614974AE563F0D877 672256 ----a-w- C:\WINDOWS\System32\wuapi.dll 2014-10-18 19:15:47 C49344C2F399A22704C682C5E18B8DF2 2321920 ----a-w- C:\WINDOWS\System32\authui.dll 2014-10-18 19:15:46 FB3D6A346A14B7581FDA75C53FCF5E42 89088 ----a-w- C:\WINDOWS\System32\appinfo.dll 2014-10-18 19:15:43 CDB3123A2ABB34B830224B986568F4D4 626688 ----a-w- C:\WINDOWS\System32\MrmCoreR.dll 2014-10-18 19:15:42 D64055BEC1B8919F11B21F4DF40E24D8 98816 ----a-w- C:\WINDOWS\System32\winbici.dll 2014-10-18 19:15:38 F51B727AFF404ED8D730DFA069D88D7B 18722600 ----a-w- C:\WINDOWS\System32\shell32.dll 2014-10-18 19:15:35 7BEE9E040222E7033A820780E1A61204 5777408 ----a-w- C:\WINDOWS\System32\mstscax.dll 2014-10-18 19:15:35 074BF061D97E49AAF04F2FAF46409A14 5902848 ----a-w- C:\WINDOWS\System32\Windows.UI.Search.dll 2014-10-18 19:15:34 3A59F7F20323A14866CA46F0E3419973 3985408 ----a-w- C:\WINDOWS\System32\SyncEngine.dll 2014-10-18 19:15:33 F26359A22A7E0EA0E266C80BAD9A5C2C 863528 ----a-w- C:\WINDOWS\System32\KernelBase.dll 2014-10-18 19:15:33 7E1DBDCB781BB7A959B31096EDAABD47 1436888 ----a-w- C:\WINDOWS\System32\ntdll.dll 2014-10-18 19:15:32 A61DD1F02DE668A6713822942B876D4C 808448 ----a-w- C:\WINDOWS\System32\iphlpsvc.dll 2014-10-18 19:15:32 76831C139BD9E227712B283A6A5ABBA8 840192 ----a-w- C:\WINDOWS\System32\SearchFolder.dll 2014-10-18 19:15:31 E86549FED3008360730A6B722079D537 756224 ----a-w- C:\WINDOWS\System32\WSShared.dll 2014-10-18 19:15:31 DBA00F3FC75495058A25B24906C24599 1205976 ----a-w- C:\WINDOWS\System32\propsys.dll 2014-10-18 19:15:31 DA65F1320538BC417B8FAE0BCAC330A0 265216 ----a-w- C:\WINDOWS\System32\SkyDriveShell.dll 2014-10-18 19:15:31 BFC6F7889A9CFF451A418862444B9F63 321024 ----a-w- C:\WINDOWS\System32\Wldap32.dll 2014-10-18 19:15:31 2DAFC7A0D89C3EC5B0163CFD2A115778 204800 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll 2014-10-18 19:15:31 1BCE441DCB9ACEBCB2D7B11782023F17 220160 ----a-w- C:\WINDOWS\System32\pcsvDevice.dll 2014-10-18 19:15:31 0693FAE9B475E1C079C6EEB52C0AC986 204800 ----a-w- C:\WINDOWS\System32\bisrv.dll 2014-10-18 19:15:30 E1BE759C1BCE85B17CCE5BA6FE58337E 877056 ----a-w- C:\WINDOWS\System32\SkyDrive.exe 2014-10-18 19:15:30 CE728F42D71159175587ACC040FF3FE0 60928 ----a-w- C:\WINDOWS\System32\adhsvc.dll 2014-10-18 19:15:30 CB0230405199308B1A70D25000A4562B 101376 ----a-w- C:\WINDOWS\System32\httpprxm.dll 2014-10-18 19:15:30 B6F423906D3E10BE38C16726C0905033 388729 ----a-w- C:\WINDOWS\System32\ApnDatabase.xml 2014-10-18 19:15:30 B288813A2AA033A9E5A611033E7171EE 586752 ----a-w- C:\WINDOWS\System32\SkyDriveTelemetry.dll 2014-10-18 19:15:30 0599C76327F3DFE5A57627693DCB1A45 241664 ----a-w- C:\WINDOWS\System32\ProximityService.dll 2014-10-18 19:15:20 213F1AB0FA9306A39EF37603A395457B 3546624 ----a-w- C:\WINDOWS\System32\win32k.sys ====== C:\WINDOWS\system32\drivers ===== 2014-10-18 19:15:34 A0404DFE33A089B3C535EFE62D617672 1858880 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys 2014-10-18 19:15:31 A95914B096997FF487EDF9ED1432967A 286528 ----a-w- C:\WINDOWS\System32\drivers\FWPKCLNT.SYS ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-10-23 19:22:08 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\Mardi\AppData\Roaming ====== ====== C:\Users\Mardi ====== 2014-10-19 11:10:34 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp ====== C: exe-files == 2014-10-23 19:22:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Mardi.exe 2014-10-18 19:16:06 0B219DF6F397F076BC4DF0249156D010 812688 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-10-18 19:16:05 AF31CC5BAEB4916C0AF9AB062CFE8DA2 677888 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-10-18 19:16:05 53E24F2DB97EFAF85FE093AA254790EC 470528 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-10-18 19:15:53 FBC21212942F17DBA0A66C93ADC23F59 31232 ----a-w- C:\Windows\System32\wuapp.exe 2014-10-18 19:15:53 853C316726DF17DA3AAFC74DF28F151A 49528 ----a-w- C:\Windows\System32\wuauclt.exe 2014-10-18 19:15:42 B3E203DF4833B23728BBF2F9DF708F37 102216 ----a-w- C:\Windows\FileManager\FileManager.exe 2014-10-18 19:15:42 994247EBBFACF3B23BD8A2D7FAFD2ED4 1236984 ----a-w- C:\Windows\Camera\Camera.exe 2014-10-18 19:15:42 7E95C8AC0B2B98A72B32E9667FFB41AB 364584 ----a-w- C:\Windows\FileManager\PhotosApp.exe 2014-10-18 19:15:30 E1BE759C1BCE85B17CCE5BA6FE58337E 877056 ----a-w- C:\Windows\System32\SkyDrive.exe 2014-10-18 19:14:04 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateBroker.exe 2014-10-18 19:14:04 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe 2014-10-18 19:14:03 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateSetup.exe 2014-10-18 19:13:57 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe 2014-10-18 19:13:57 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler64.exe 2014-10-18 19:13:56 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe 2014-10-18 19:13:56 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdate.exe 2014-10-18 19:13:50 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe === C: other files == 2014-10-24 18:26:58 A29030FB93B2E48EDD124749881406CE 943211 ----a-w- C:\Users\Mardi\AppData\Local\Temp\sysspec\SysSpec.zip 2014-10-18 19:15:34 A0404DFE33A089B3C535EFE62D617672 1858880 ----a-w- C:\Windows\System32\Drivers\tcpip.sys 2014-10-18 19:15:31 A95914B096997FF487EDF9ED1432967A 286528 ----a-w- C:\Windows\System32\Drivers\FWPKCLNT.SYS 2014-10-18 19:15:20 213F1AB0FA9306A39EF37603A395457B 3546624 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2713644699-1848567837-3286949779-1006\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_94947AA6930F8B6A38852C4F7CA14283"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "BackupNowEZtray"="C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe -k" "Adobe Creative Cloud"="C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true" "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_94947AA6930F8B6A38852C4F7CA14283"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [28/01/2013 21:22] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [28/01/2013 21:22] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-LAPTOP-Mardi" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\WINDOWS\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\system32\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\system32\tasks\Startknop" [C:\Startknop\Desktop.scf] "C:\WINDOWS\system32\tasks\startknop2" [C:\Startknop\Desktop.scf] "C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{13915A6A-18A9-43D5-A25E-E1FA781BEC10}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [17/10/2013 23:40] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\v620k421.default - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} ProfilePath: C:\Users\Mardi\AppData\Roaming\Mozilla\Firefox\Profiles\rrbrhvl6.default - Belgium eID - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Mardi\AppData\Roaming\Mozilla\Firefox\Profiles\rrbrhvl6.default 40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In B36641D2192E1E537A269FEFEA47F1FD - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - AdobeAAMDetect A3E477ACDA2C5A427E56FB075ADEB536 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll - Shockwave Flash 7ED046C92891B83CFAC5238650B6CD5E - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - AdobeAAMDetect 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Docs - Mardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Mardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Mardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Mardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Pin It Button - Mardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic Google Wallet - Mardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Mardi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Docs - REN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - REN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - REN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - REN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - REN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Docs - REN_2~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - REN_2~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - REN_2~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - REN_2~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - REN_2~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://fonteintje-diepenbeek.be/home/welkom.php" "Default_Search_URL"="http://www.google.com/ie" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=83&bd=all&pf=cmnb" "Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_be&c=83&bd=all&pf=cmnb" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com/ie" "SearchAssistant"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{5C7D0087-656F-45BF-85E2-F891DF4D7F04}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {387B21BE-22F5-49DB-8CFE-222A9E2247BC} Wikipedia (nl) Url="http://nl.wikipedia.org/w/index.php?title=Speciaal:Zoeken&search={searchTerms}" {5C7D0087-656F-45BF-85E2-F891DF4D7F04} Google Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_nlBE483" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found" {95118174-1520-47EC-ABB9-F58508D2055D} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {afdbddaa-5d3f-42ee-b79c-185a7020515b} Unknown Url="Not_Found" {BD4EB3B8-5077-4B4F-AE01-0D886192E21C} Unknown Url="Not_Found" ==== HijackThis Entries ====================== O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [BackupNowEZtray] "C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZtray.exe" -k O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_94947AA6930F8B6A38852C4F7CA14283] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: @oem1.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\WINDOWS\system32\AEADISRV.EXE O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @oem11.inf,%hpservice_desc%;HP Service (hpsrv) - Hewlett-Packard Company - C:\WINDOWS\system32\Hpservice.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NTI BackupNowEZSvr - NTI Corporation - C:\Program Files\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files\Stardock\Start8\Start8Srv.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on vr 24/10/2014 at 20:31:43,17 ======================