Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by marco on za 04-07-2015 at 1:33:07,50. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\marco\Downloads\zoek.exe [Scan all users] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-07-03-230224.log 387 bytes ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe C:\windows\SysWOW64\irstrtsv.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe C:\Program Files (x86)\Samsung\Settings\sSettings.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\windows\sysWOW64\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\marco\Downloads\zoek.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe C:\windows\SysWOW64\cmd.exe ==== System Specs ====================== Operating System: Microsoft Windows 8 6.2.9200 64 bits Manufacturer: SAMSUNG ELECTRONICS CO., LTD. - Model: 530U3C/530U4C/532U3C Install Date: 28-5-2013 22:26:45 Last Boot: 4-7-2015 01:25:53 Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz Number of Processors: 4 Work Station Bootmode: Normal boot Total RAM: 3797 MB (free 964 MB - 25) Computername: MARCO Domain: WORKGROUP User: marco (Administrator account) Local Disk: C:\ - NTFS - 440 GB (free 85 GB) Bootdevice: \Device\HarddiskVolume2 Windows update: Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Spybot - Search and Destroy disabled (Outdated) Internet Explorer Version: 10.0.9200.16580 Adobe Reader version: 10.1.3.23 Sun Java version: 1.8.0_45 (32-bit) Sun Java version: 1.8.0_45 (64-bit) Flash Player version: 18.0.0.194 Shockwave Player version: 12.1.8r158 ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\marco\AppData\Local\Temp ==== 2015-07-03 23:27:14 D9348DB92AB4E5B94F005F0F651DE2B1 43008 ----a-w- C:\Users\marco\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfxx5iq.dll ====== Java Cache ===== ====== C:\windows\SysWOW64 ===== 2015-07-03 21:21:48 E99049F129B1DE728BE33BA4AF1F353B 97888 ----a-w- C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2015-07-03 21:21:48 69EC2283D9CB6762FFC7A85E075018F9 788896 ----a-w- C:\windows\SysWOW64\deployJava1.dll 2015-07-03 21:21:47 ADC539F67D3198679F480974EE203678 866720 ----a-w- C:\windows\SysWOW64\npDeployJava1.dll ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== 2015-07-03 21:52:57 CD89ED65EE21D7C3A979C6F2198357A2 110688 ----a-w- C:\windows\Sysnative\WindowsAccessBridge-64.dll ====== C:\windows\Sysnative\drivers ===== ====== C:\windows\Tasks ====== 2015-07-02 19:43:30 5CE420AA7E74072F610F0CF1B5B1511E 3828 ----a-w- C:\windows\Sysnative\Tasks\Adobe Flash Player Updater 2015-07-02 19:43:30 08C535D6CDDD27C90712915617E816C5 940 ----a-w- C:\windows\Tasks\Adobe Flash Player Updater.job ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2015-07-03 21:52:13 -------- d-----w- C:\Program Files\Java 2015-07-02 18:39:59 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2015-07-03 21:21:26 -------- d-----w- C:\Program Files (x86)\Common Files\Java ======= C: ===== ====== C:\Users\marco\AppData\Roaming ====== 2015-07-03 21:56:53 -------- d-----w- C:\Users\marco\AppData\Locallow\Oracle 2015-06-20 08:29:48 -------- d-----w- C:\Users\marco\AppData\Roaming\SketchUp 2015-06-20 08:03:15 -------- d-----w- C:\Users\marco\AppData\Local\Unity 2015-06-20 08:03:14 -------- d-----w- C:\Users\marco\AppData\Locallow\Unity 2015-06-11 10:44:58 -------- d-----w- C:\Users\marco\AppData\Roaming\PDF Architect 3 2015-06-10 21:54:30 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\Dropbox 2015-06-10 21:52:57 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\Dropbox ====== C:\Users\marco ====== 2015-07-03 23:26:31 -------- d-----w- C:\windows\serviceprofiles\Localservice\winhttp 2015-07-03 21:51:24 39871BF18035DECF56DB8D7D0A467987 43189344 ----a-w- C:\Users\marco\Downloads\jre-8u45-windows-x64.exe 2015-07-03 21:20:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-07-03 21:20:30 -------- d-----w- C:\ProgramData\Oracle 2015-07-03 21:19:19 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\marco\Downloads\chromeinstall-8u45.exe 2015-07-02 18:36:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\marco\Downloads\RSITx64.exe 2015-06-20 08:16:05 -------- d---a-w- C:\ProgramData\Reprise 2015-06-20 08:14:35 -------- d-----w- C:\ProgramData\SketchUp 2015-06-20 08:09:47 EA5420774B34B5E06D92A1CA4E98E0B2 114281544 ----a-w- C:\Users\marco\Downloads\sup_2015_en_x64.exe 2015-06-11 10:43:42 -------- d-----w- C:\ProgramData\PDF Architect 3 2015-06-10 21:54:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-06-10 21:54:28 -------- d-----r- C:\windows\sysWoW64\config\systemprofile\Documents 2015-06-10 21:54:28 -------- d-----r- C:\windows\sysWoW64\config\systemprofile\Desktop ====== C: exe-files == 2015-07-03 22:45:28 251310CE3DBA1A8B5FAF55070B047270 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1979242446-1953454004-3411639635-1001\$IWQ7F8Q.exe 2015-07-03 22:08:16 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$Recycle.Bin\S-1-5-21-1979242446-1953454004-3411639635-1001\$RWQ7F8Q.exe 2015-07-03 21:52:40 51303A2B65EC41C05CF9348DDB0F7D97 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-07-03 21:52:40 2E3233AC6BB04F6353B01A39B12A9BC6 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-07-03 21:52:40 0D57B9F7BC18930BB316FCAE2312BC30 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-07-03 21:52:30 F714E53B7B5BB819AE1EDDFFC7052388 76896 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe 2015-07-03 21:52:30 F1BF6E161A30EDE0B253EB006227B79C 16480 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-07-03 21:52:30 ED62A73C5496F0F7668DE28E69AD0ADA 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\orbd.exe 2015-07-03 21:52:30 EB61553EF3A3AED725AB2B04EFF08A84 16480 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\policytool.exe 2015-07-03 21:52:30 C618FCC084D3C155EE576C58EB7DDA52 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmid.exe 2015-07-03 21:52:30 BCDC6884093C91473A1CCACC048BEA39 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\kinit.exe 2015-07-03 21:52:30 9915DFD017E28FF3911265980D0CBA40 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ktab.exe 2015-07-03 21:52:30 9859B85AA2F703FA45734BD1177E5EC3 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\klist.exe 2015-07-03 21:52:30 954B636D357A239881C83294CD49BE47 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jjs.exe 2015-07-03 21:52:30 6A791B16B176EF2111EC4582C6E053A1 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\pack200.exe 2015-07-03 21:52:30 50998563B100A85BE8E98114F4223268 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\keytool.exe 2015-07-03 21:52:30 4364856BA7C082D76DC7CFB96CED9008 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\tnameserv.exe 2015-07-03 21:52:30 4216D2D4147A8C0FB3619290C2DA5087 99424 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-07-03 21:52:30 3CD36026202D1FA45302EF1410AE8F5A 16480 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\servertool.exe 2015-07-03 21:52:30 2E3233AC6BB04F6353B01A39B12A9BC6 319584 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe 2015-07-03 21:52:30 233CEBD099978B64D80BABA6EBB52551 197216 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\unpack200.exe 2015-07-03 21:52:30 15B3B33E79B40BFB1267D4BBFCB13283 66144 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ssvagent.exe 2015-07-03 21:52:30 0D57B9F7BC18930BB316FCAE2312BC30 206944 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe 2015-07-03 21:52:29 DFA6B53E2D1462F0D3513BC931F8B2C7 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java-rmi.exe 2015-07-03 21:52:29 51303A2B65EC41C05CF9348DDB0F7D97 206432 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java.exe 2015-07-03 21:52:29 28DA57A6644A3EC0162B3B47DD79E7ED 33888 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jabswitch.exe 2015-07-03 21:51:24 39871BF18035DECF56DB8D7D0A467987 43189344 ----a-w- C:\Users\marco\Downloads\jre-8u45-windows-x64.exe 2015-07-03 21:20:43 FF589C55E0CB6A0A1BD9570217BB1A42 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe 2015-07-03 21:20:43 FD8978875A992C876AF430B35DF9CFA7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe 2015-07-03 21:20:43 C57CA849D13177E1F43CFEF51374F1EE 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe 2015-07-03 21:20:43 B66ED84383EA6C6218CA47BC49C15615 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe 2015-07-03 21:20:43 A1A1BC927541346D840BBB511F557848 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe 2015-07-03 21:20:43 5DF39BE82C777B7EDAD34E3A7A7EADB7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe 2015-07-03 21:20:43 2682BB5D60C30DCB5A2BC414D01D6764 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-07-03 21:20:43 1F29E31C6B9A487FF32006C4E223BA4F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe 2015-07-03 21:20:43 134D4B0A753808F8F8645DCF3FA00173 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe 2015-07-03 21:20:42 F16868F20E4701142FAEF8C9FA847D27 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe 2015-07-03 21:20:42 EF66D96BC42BCE52686A7635AB11D8DD 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe 2015-07-03 21:20:42 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe 2015-07-03 21:20:42 D3DA34876B7F6D06D26D29CA77BD25A2 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe 2015-07-03 21:20:42 CF683290B3369A1491A5B8B4D19F79B3 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe 2015-07-03 21:20:42 98903A3C01AA820E7FCC19A0A60126C0 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe 2015-07-03 21:20:42 88FFC43B0E3BB3E30F70CB7B08D499B4 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe 2015-07-03 21:20:42 4EA6A4DD2EB584C4C2BF39A9A7D0D580 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe 2015-07-03 21:20:42 4586CD8F1C929EF184098A22FE31A857 271968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe 2015-07-03 21:20:42 3C0A1F0D13A8998E9A1825A853FF3B39 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe 2015-07-03 21:20:42 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe 2015-07-03 21:20:42 1CCD26E1E9FC582ABAA5D5FD1FA47A6B 76384 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-07-03 21:19:19 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\marco\Downloads\chromeinstall-8u45.exe 2015-07-02 18:39:59 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\marco.exe 2015-07-02 18:36:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\marco\Downloads\RSITx64.exe 2015-06-29 21:21:46 394001B76F4084C2ADFD0D1ACD6474F8 8448000 ----a-w- C:\Program Files (x86)\PokerStars.EU\xc\xc.exe 2015-06-29 21:21:30 E5DBC4D4EA2F1B962F3B9B92F750266A 156440 ----a-w- C:\Program Files (x86)\PokerStars.EU\ftpcs.exe 2015-06-29 21:21:30 C572E988788EC077F3A894B33A420E16 2351384 ----a-w- C:\Program Files (x86)\PokerStars.EU\gameutil1.exe 2015-06-29 21:21:30 63AC6A65B63E91DDE02562528E50B9F8 1659672 ----a-w- C:\Program Files (x86)\PokerStars.EU\gameutil2.exe 2015-06-29 21:21:30 5194A87A8B1AB3D3321D491F3521DD9A 294168 ----a-w- C:\Program Files (x86)\PokerStars.EU\br\PokerStarsBr.exe 2015-06-29 21:21:30 03C87FFCC9D943CA7A0F74E602F9DD92 1994520 ----a-w- C:\Program Files (x86)\PokerStars.EU\PokerStarsGl.exe 2015-06-29 21:18:58 6EF1E61DE0A6B1029809BAE8D8C9D26B 900376 ----a-w- C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe === C: other files == 2015-07-03 22:47:57 6D7BDAB2353DB7354C5A4D6DB6B90D84 385959 ------r- C:\Users\marco\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\68e1f7a78cd94b7b\120712-0049\Att\2000516f\lunch gerechten. voor gerechten.zip 2015-07-03 21:52:30 EE3BDACD44A7788B264292295BE50272 14130 ----a-w- C:\Program Files\Java\jre1.8.0_45\lib\deploy\ffjcext.zip 2015-07-03 21:20:43 5DDC15149346900F16B38C65502BACA9 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1979242446-1953454004-3411639635-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "uTorrent"="C:\Users\marco\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Intel AppUp(SM) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "IJNetworkScanUtility"="C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" "mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "uTorrent"="C:\Users\marco\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Program Files (x86)\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll C:\\Program Files C:\\Program Files" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\windows\system32\igfxtray.exe" "HotKeysCmds"="C:\windows\system32\hkcmd.exe" "Persistence"="C:\windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp" "Samsung Link"="C:\Samsung Link\Samsung Link Tray Agent.exe" "CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Program Files (x86)\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll C:\\Program Files C:\\Program Files" ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02-07-2015 21:45] C:\windows\tasks\DropboxUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\windows\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [29-05-2015 09:59] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31-05-2013 02:01] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\SysNative\tasks\advRecovery" ["C:\Program Files\Samsung\Recovery\WCScheduler.exe"] "C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" [C:\Program Files (x86)\Desk 365\desk365.exe] "C:\windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\windows\SysNative\tasks\FFSRConfigurer" ["C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe"] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe] "C:\windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\windows\SysNative\tasks\SAgent" ["%ProgramFiles%\Samsung\S Agent\CommonAgent.exe"] "C:\windows\SysNative\tasks\Settings" ["C:\Program Files (x86)\Samsung\Settings\sSettings.exe"] "C:\windows\SysNative\tasks\SWUpdateAgent" [C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe] "C:\windows\SysNative\tasks\WLANStartup" ["%programfiles(x86)%\Samsung\Easy Settings\WLANStartup.exe"] "C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"] "C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"] "C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"] ==== Chromium Look ====================== ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Search Page"="http://www.awesomehp.com/web/?type=ds&ts=1393282499&from=epom3&uid=HGSTXHTS545050A7E380_TE85123NG35NEWG35NEWX&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Search Page"="http://www.awesomehp.com/web/?type=ds&ts=1393282499&from=epom3&uid=HGSTXHTS545050A7E380_TE85123NG35NEWG35NEWX&q={searchTerms}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{AF590113-A80F-43CF-85CB-57EF41D18915}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {75EFF8A6-F70A-46F9-B0AE-501B9F2FC0D6} Unknown Url="Not_Found" {AF590113-A80F-43CF-85CB-57EF41D18915} Mysearchdial Url="http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=wnzp01_14_26_ch&cd=2XzuyEtN2Y1L1Qzu0C0A0FyBtAtAyCzy0ByC0C0CyDtC0AyDtN0D0Tzu0SzytDzztN1L2XzutBtFtBtCtFyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StCyDtAtByCtC0AyBtGyCtAtB0CtGtAzz0FtAtGyD0FtA0AtGyB0A0E0FtCyByByDtAyE0Ezz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0AzyyD0F0CzzzztGzz0E0DzztG0CyEyDyBtGtDtC0F0AtGtA0D0DyEtDyC0CyC0E0D0ByE2QtN1B1L1H1Ezu1O2U1M1B&cr=2140791050&ir=" ==== HijackThis Entries ====================== C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO O4 - HKCU\..\Run: [uTorrent] "C:\Users\marco\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O9 - Extra 'Tools' menuitem: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll C:\Program Files C:\Program Files O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: ExpressCache - Condusiv Technologies - C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\SysWOW64\irstrtsv.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Samsung Link\Samsung Link.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on za 04-07-2015 at 1:37:54,93 ======================