
Zoek.exe v5.0.0.0 Updated 09-January-2015
Tool run by DELL on ma 12-01-2015 at 15:12:50,24.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\DELL\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

12-1-2015 15:16:52 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 

2009-07-14 03:20:08	d-----w-	\Windows
2010-11-20 13:24:27	71168	----a-w-	317CD1CE327B6520BF4EE007BCD39E61	\windows\bfsvc.exe
2015-01-12 09:01:14	67584	--s-a-w-	2E186CE8A923C61EE20B83C30DCC76B7	\windows\bootstat.dat
2003-11-28 17:57:12	0	----a-w-	D41D8CD98F00B204E9800998ECF8427E	\windows\brdfxspd.dat
2013-03-15 15:20:49	8858	----a-w-	5CD6C62BBB4F5EDD71037A6B9939B247	\windows\BRPARAM.INI
2013-03-09 07:30:28	93	----a-w-	AB94EDDD08F4EFF2A7D50563F6FAD791	\windows\brpcfx.ini
2013-03-15 11:35:35	776	----a-w-	B1B230C204377E4E5EEA29BC2F2610D1	\windows\Brpfx04a.ini
2013-07-01 14:52:43	116	----a-w-	8677D6D7B481237E09A282D393D26CC4	\windows\DeleteOnReboot.bat
2014-10-04 20:49:34	1912	----a-w-	E185BDA84E5F03F4E1D8DCA30E209277	\windows\epplauncher.mif
2011-02-25 06:19:30	2871808	----a-w-	332FEAB1435662FC6C672E25BEB37BE3	\windows\explorer.exe
1999-09-21 12:19:02	373248	----a-w-	DACF3BFD4FD0F1F805CD5D901383A6E9	\windows\EyeCand3.INI
2009-07-14 01:39:10	15360	----a-w-	92BB2E9AA28542C685C59EFCBAC2490B	\windows\fveupdate.exe
2009-07-14 01:39:12	733696	----a-w-	CD47548A52B02D254BF6D7F7A5F2BFD3	\windows\HelpPane.exe
2009-07-14 01:39:12	16896	----a-w-	3D0B9EA79BF1F828324447D84AA9DCE2	\windows\hh.exe
2014-02-28 08:01:54	65536	----a-w-	9C17BCA3EF837BACDED7E4299508E71D	\windows\IFinst27.exe
2013-09-18 19:32:04	33	----a-w-	F915014CBCA5AC5DDE60AD6E7A7F258E	\windows\iltwain.ini
1998-11-13 11:08:20	308224	----a-w-	65541F7F9075194CDA176FBAE8977560	\windows\IsUn0413.exe
2009-07-13 23:06:54	43131	----a-w-	23AF90D2355D8C83AA4567EF1763B467	\windows\mib.bin
2009-06-10 20:36:48	1405	----a-w-	B9FB94A8DA62711C6955825DEFB25C5A	\windows\msdfmap.ini
2009-07-14 01:39:25	193536	----a-w-	F2C7BB8ACC97F92E987A2D4087D021B1	\windows\notepad.exe
2014-12-16 12:19:23	599992	----a-w-	F5550A5E482524B5C944623F18A2416D	\windows\PFRO.log
2009-07-14 01:39:29	427008	----a-w-	2E2C937846A0B8789E5E91739284D17A	\windows\regedit.exe
2013-04-04 15:46:21	308	----a-w-	BA3AFC9419A11D6C28E80ECD524F0380	\windows\setup.iss
2015-01-12 09:01:15	15690	----a-w-	319204912ED2AC180809D0A05B684913	\windows\setupact.log
2014-01-23 06:38:17	0	----a-w-	D41D8CD98F00B204E9800998ECF8427E	\windows\setuperr.log
2012-02-11 06:36:01	67072	----a-w-	127AA81343A7C6F665C22CB1293B0A90	\windows\splwow64.exe
2009-06-10 20:31:02	48201	----a-w-	9060C3C745E7B2D8E1A81DD061021546	\windows\Starter.xml
2013-07-01 17:49:57	215	----a-w-	3CF3D4A45CC2AF973DBC30EC8D33252B	\windows\system.ini
2009-06-10 21:41:17	94784	----a-w-	0BEA3F79A36B1F67B2CE0F595524C77C	\windows\twain.dll
2010-11-20 12:21:32	51200	----a-w-	163A95975E1D8819E653AA3E961371CA	\windows\twain_32.dll
2009-06-10 21:41:17	49680	----a-w-	F36A271706EDD23C94956AFB56981184	\windows\twunk_16.exe
2009-07-14 01:14:42	31232	----a-w-	0BD6E68F3EA0DD62CD86283D86895381	\windows\twunk_32.exe
2009-06-10 20:31:02	51867	----a-w-	BE9ABBA239905C914B050195978E4D02	\windows\Ultimate.xml
2003-09-11 08:09:12	86016	----a-w-	2752E7A7AA397A7CA62D6B92CAF459EE	\windows\unvise32.exe
1998-04-30 12:56:44	129024	----a-w-	5C4CD45CA58A12CD8C99056B4128AF68	\windows\UNWISE.EXE
2014-11-19 10:44:16	541	----a-w-	74F3E92A16B3127FC4DE99AF1F56ECD9	\windows\win.ini
2009-07-14 04:54:24	749	---ha-r-	5A5CFF37F1BD0F86B9BDAAD7A9445882	\windows\WindowsShell.Manifest
2015-01-12 09:48:54	1924132	----a-w-	D2404A4D4AFB6BBF04A9A21B16E661D3	\windows\WindowsUpdate.log
2009-07-14 01:14:45	9728	----a-w-	1D420D66250BCAAAED05724FB34008CF	\windows\winhlp32.exe
2009-06-10 20:52:44	316640	----a-w-	DC17DD0189B0C36D863B4DD0A036C10F	\windows\WMSysPr9.prx
2009-07-14 01:39:57	10240	----a-w-	F8ED3B4B209E2CB49028E36CF06CA851	\windows\write.exe

==== Hosts File Content ======================

127.0.0.1       localhost

==== File Information Results ======================


--- C:\windows\SysNative\spool\DRIVERS\x64\3\E_YATIHTU.EXE ---
Company: SEIKO EPSON CORPORATION
File Description: EPSON Status Monitor 3
File Version: 7.01
Product Name: EPSON Status Monitor 3
Copyright: Copyright (C) SEIKO EPSON CORP. 2011
Original Filename: E_WT50IC.EXE
File type: ----a-w-
File size: 241280
Created time: 2014-01-06 16:28:27
Modified time: 2012-07-12 06:01:02
MD5: 585462051E79B30D0282D246F583977D
SHA1: BF4D6FB448FEFADFA6F4972EEBF1E8C93E6E5D82


==== Running Processes ======================

C:\Windows\SysWOW64\brss01a.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Users\DELL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Windows\SysWOW64\ENAgent.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Repair.exe
C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Users\DELL\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]

R2 - [AcrSch2Svc] - Acronis Scheduler2 Service - c:\program files (x86)\common files\acronis\schedule2\schedul2.exe
R2 - [afcdpsrv] - Acronis Nonstop Backup service - c:\program files (x86)\common files\acronis\cdp\afcdpsrv.exe
R2 - [Apple Mobile Device] - Apple Mobile Device - c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
R2 - [Bonjour Service] - Bonjour-service - c:\program files\bonjour\mdnsresponder.exe
R2 - [ENAgent] - Epson Redirect Agent - c:\windows\syswow64\enagent.exe
R2 - [EPSON_PM_RPCV4_05] - EPSON V3 Service4(05) - c:\program files\common files\epson\epw!3 ssrp\e_wt50rp.exe
R2 - [MsMpSvc] - Microsoft Antimalware Service - c:\program files\microsoft security client\msmpeng.exe
R2 - [PSI_SVC_2] - Protexis Licensing V2 - c:\program files (x86)\common files\protexis\license service\psiservice_2.exe
R2 - [PSI_SVC_2_x64] - Protexis Licensing V2 x64 - c:\program files\common files\protexis\license service\psiservice_2.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [iPod Service] - iPod-service - c:\program files\ipod\bin\ipodservice.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [NisSrv] - Microsoft Netwerkinspectie - c:\program files\microsoft security client\nissrv.exe
S3 - [NMIndexingService] - NMIndexingService - c:\program files (x86)\common files\ahead\lib\nmindexingservice.exe [x]
S3 - [odserv] - Microsoft Office Diagnostics Service - c:\program files (x86)\common files\microsoft shared\office12\odserv.exe
S3 - [ose] - Office  Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe

==== Drivers(whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]

R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [MpFilter] - Microsoft Malware Protection Driver - C:\Windows\system32\Drivers\MpFilter.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\Windows\system32\Drivers\ACPI.sys
R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [Compbatt] - Microsoft Composite Battery-stuurprogramma - C:\Windows\system32\Drivers\Compbatt.sys
R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys
R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys
R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys
R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus-stuurprogramma - C:\Windows\system32\Drivers\pci.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [snapman] - Acronis Snapshots Manager - C:\Windows\system32\Drivers\snapman.sys
R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
R0 - [storflt] - Schijf - Filterstuurprogramma voor Virtual Machine-busaccelerator - C:\Windows\system32\Drivers\storflt.sys [x]
R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [tdrpman258] - Acronis Try&Decide and Restore Points filter (build 258) - C:\Windows\system32\Drivers\tdrpman258.sys [x]
R0 - [timounter] - Acronis Backup Archive Explorer - C:\Windows\system32\Drivers\timounter.sys [x]
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator-stuurprogramma - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [vmbus] - Virtual Machine-bus - C:\Windows\system32\Drivers\vmbus.sys
R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"YTDownloader"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\YTDownloader not found
C:\Program Files (x86)\DiggiSavEr deleted
C:\Users\DELL\AppData\Roaming\MiniGet deleted
C:\Program Files (x86)\MiniGet deleted
C:\Program Files (x86)\Flwsrf deleted
"C:\Windows\SYSWOW64\abengineOff.ini" deleted
"C:\Windows\SYSWOW64\abengine.ini" deleted
"C:\windows\SysNative\abengineOff.ini" deleted

==== System Specs ======================

Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 1910 MB
CPU Info: Intel(R) Core(TM) i5 CPU       M 560  @ 2.67GHz
CPU Speed: 2660,6 MHz
Sound Card: Luidsprekers (High Definition A | 
Luidsprekers (WsAudioDevice_383 | 
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Intel(R) Centrino(R) Advanced-N 6200 AGN | Bluetooth-apparaat (Personal Area Network) | Broadcom NetXtreme Gigabit Ethernet
CD / DVD Drives: 1x (D: | ) D: TSSTcorpDVD+-RW TS-L633J
Ports: COM1 LPT1
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C:  149,0GB
Hard Disks - Free: C:  62,2GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE | 11/18/10 | DELL   - 6222004
Time Zone: West-Europa (standaardtijd)
Motherboard *: Dell Inc. 023HKR
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome	39.0.2171.95
Internet Explorer Version: 11.0.9600.17501 
Google Chrome version: 39.0.2171.95
Adobe Reader version: 7.0.5.2005092300
Sun Java version: 1.8.0_25 (32-bit) 
Sun Java version: 1.8.0_25 (64-bit) 
Flash Player version: 15.0.0.246

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\DELL\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2014-12-31 16:06:01	AD195648DF50E3BACD706A22CF65C1F1	3950	----a-w-	C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{E2B66428-3488-47AF-9D6A-866863E1C636}
2014-12-14 12:06:35	929A2C4200C8325452DEBF47306F136E	1056	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-14 12:06:35	7201982FCF75119CFBCB149E103A128C	4052	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2014-12-14 12:06:32	E0B9AFFFDBC2E60B10BAD655603AB251	3800	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2014-12-14 12:06:29	F242CAF5BDD27BD891DA7DBB1B403ECD	1052	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-14 09:14:25	1155428E615A08FC5908BD8767941CD3	3084	----a-w-	C:\Windows\Sysnative\Tasks\upfs7235
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-12-24 10:42:43	--------	d-----w-	C:\Program Files\Image Resizer for Windows
======= C:\PROGRA~2 =====
2015-01-12 10:13:53	--------	d-----w-	C:\PROGRA~2\RoboiSaaver
2014-12-24 10:42:41	--------	d-----w-	C:\PROGRA~2\Image Resizer for Windows
2014-12-15 21:14:46	--------	d-----w-	C:\PROGRA~2\GML
======= C: =====
====== C:\Users\DELL\AppData\Roaming ======
2014-12-24 11:45:30	--------	d-----w-	C:\Users\DELL\AppData\Local\Brice_Lambson
2014-12-18 17:51:14	--------	d-----w-	C:\Users\DELL\AppData\Roaming\AdobeUM
2014-12-16 10:52:37	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-12-16 10:52:36	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-12-16 10:52:36	--------	d-----w-	C:\Users\Public\AppData\Local\temp
2014-12-16 10:52:36	--------	d-----w-	C:\Users\Eye Candy 4000\AppData\Local\temp
2014-12-16 10:52:36	--------	d-----w-	C:\Users\DELL\AppData\Local\Temp
2014-12-16 10:52:36	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2014-12-16 10:52:36	--------	d-----w-	C:\Users\Default User\AppData\Local\temp
====== C:\Users\DELL ======
2015-01-12 10:15:15	--------	d-----w-	C:\ProgramData\74eadc9400007536
2015-01-11 08:58:50	--------	d-----w-	C:\ProgramData\DiggiSavEr
2015-01-11 08:56:11	--------	d-----w-	C:\ProgramData\RoboiSaaver
2015-01-11 08:55:51	--------	d-----w-	C:\ProgramData\31850c6c0115f640
2014-12-24 10:42:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows
2014-12-15 21:14:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GML
2014-12-14 12:08:21	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

====== C: exe-files ==
2015-01-11 08:59:08	EB843F08B06CC5BB0E8BBE9F8AAA0BA6	784384	----a-w-	C:\ProgramData\DiggiSavEr\L0Avwo1R8jRlV7.exe
2015-01-11 08:57:00	EB843F08B06CC5BB0E8BBE9F8AAA0BA6	784384	----a-w-	C:\ProgramData\RoboiSaaver\qm121XexfwQOJo.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2412325288-324325390-2824101589-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"Spotify Web Helper"="C:\Users\DELL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"Google Update"="C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"AppleIEDAV"="C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe"
"Simple Sticky Notes"="C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe"
"EPLTarget\P0000000000000002"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000002 /M Epson Stylus Office BX535WD"
"EPLTarget\P0000000000000003"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000003 /M Epson Stylus Office BX535WD"
"iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"Standby"="c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe -START"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"Servicetool"="C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe /auto"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
"Spotify Web Helper"="C:\Users\DELL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"Google Update"="C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"AppleIEDAV"="C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe"
"Simple Sticky Notes"="C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe"
"EPLTarget\P0000000000000002"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000002 /M Epson Stylus Office BX535WD"
"EPLTarget\P0000000000000003"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT EPLTarget\P0000000000000003 /M Epson Stylus Office BX535WD"
"iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Acronis Scheduler2 Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Folders ======================

2014-11-26 08:16:57	1256	----a-w-	C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
2013-01-10 21:05:31	2048	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-12-2014 13:02]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-12-2014 13:05]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-12-2014 13:05]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000Core.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000UA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files (x86)\internet explorer\iexplore.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000Core" [C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2412325288-324325390-2824101589-1000UA" [C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\upfs7235" [C:\PROGRA~2\Flwsrf\upfs7235.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{E2B66428-3488-47AF-9D6A-866863E1C636}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{2CEBD3C1-8B80-4E17-80E7-E35F56793018}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe]
"C:\Windows\SysNative\tasks\{5E8F5F64-C672-480A-B9D7-D5A97D528A31}" [C:\Users\DELL\Desktop\regedit.exe]
"C:\Windows\SysNative\tasks\{6C3C0A90-402B-4F5E-A829-BE630018D5CB}" [C:\Program Files (x86)\byLight\2020\2020.exe]
"C:\Windows\SysNative\tasks\{768738BE-F51C-41B2-9CEC-36AFD5B77F1B}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe]
"C:\Windows\SysNative\tasks\{858E836B-9B19-40B5-9F3A-877C201715F1}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe]
"C:\Windows\SysNative\tasks\{98A8F3EF-38EE-4563-BA85-8B04001F4E19}" [C:\Users\DELL\Documents\Eyecandy3.1\Eyecandy3.1\301PATCH.EXE]
"C:\Windows\SysNative\tasks\{9AA12B15-FC4B-4F3A-BF15-155BA3B69259}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe]
"C:\Windows\SysNative\tasks\{9CA753FE-D476-4B0F-A38E-16EE3BB1EFD2}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe]
"C:\Windows\SysNative\tasks\{BB4B5DE4-3F8E-492A-ACA4-1F04645E72E6}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe]
"C:\Windows\SysNative\tasks\{CFDF3649-0DFB-4067-BA86-0A9EF7EBCFB4}" [C:\Users\DELL\Desktop\nummer psp15\nummer psp15.exe]
"C:\Windows\SysNative\tasks\{F2627C0D-8562-4900-ADCA-98FBA40D1DA8}" [C:\Users\DELL\Documents\Eyecandy3.1\Eyecandy3.1\301PATCH.EXE]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\vvyzlx5u.default
- chineseperakungmailcom - %ProfilePath%\extensions\chineseperakun@gmail.com
- Undetermined - %ProfilePath%\extensions\staged
- Undetermined - %ProfilePath%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}

ProfilePath: C:\Users\DELL\AppData\Roaming\Thunderbird\Profiles\yee9j9v7.default
- Undetermined - %ProfilePath%\extensions\staged-xpis
- Statusbar Date - %ProfilePath%\extensions\statusbardate@webspirited.com.xpi
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)


Comodo Web Inspector - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
FunnDeAls - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ccdljklkmilgengnidcgjielcppjdhea
Hasher - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kignjplbjlocolcfldfhbonmbblpfbjb
Comodo Share Page Service - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf
Cricwaves - DELL\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ogkedgpbfenekaceibcobmmgdbokmndm
Google Docs - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
FunnDeAls - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\ccdljklkmilgengnidcgjielcppjdhea
Google Search - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Hasher - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\kignjplbjlocolcfldfhbonmbblpfbjb
Google Wallet - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - DELL\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\DELL\AppData\Local\Comodo\Dragon\User Data\Default\Preferences
"homepage": "http://websearch.searchmania.info/?pid=2800&r=2014/11/30&hid=2944326092898986235&lg=EN&cc=NL&unqvl=70",

C:\Users\DELL\AppData\Local\Google\Chrome\User Data\default\Preferences
"homepage": "http://www.google.com/",


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="https://www.google.com/search?q={searchTerms}"

==== HijackThis Entries ======================

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Servicetool] C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe /auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\DELL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [Simple Sticky Notes] C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe
O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000002" /M "Epson Stylus Office BX535WD"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000003] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000003" /M "Epson Stylus Office BX535WD"
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Redirect Agent (ENAgent) - SEIKO EPSON CORPORATION - C:\Windows\SysWOW64\ENAgent.exe
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== C:\zoek_backup content ======================

C:\zoek_backup (files=9 folders=5 165339 bytes)

==== EOF on ma 12-01-2015 at 15:24:43,49 ======================