
Zoek.exe v5.0.0.1 Updated 22-November-2015
Tool run by gebruiker on ma 23-11-2015 at 19:59:24,20.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2015-11-16-192827.log	112648 bytes
C:\zoek-results2015-11-20-165206.log	113241 bytes
C:\zoek-results2015-11-21-132526.log	4561 bytes
C:\zoek-results2015-11-22-104943.log	653 bytes
C:\zoek-results2015-11-22-112339.log	701 bytes

==== Folders Found ======================


==== Files Found ======================


--- C:\Program Files\Common Files\mcafee\platform\McPltCmd.exe ---
Company: McAfee, Inc.
File Description: McAfee SecurityCenter Install Time Instrumentation
File Version: 4,0,5049,0
Product Name: Platform
Copyright: Copyright © 2015 McAfee, Inc.
Original Filename: McPltCmd.exe
File type: ----a-w-
File size: 789312
Created time: 2013-10-11 00:04:12
Modified time: 2015-09-02 12:24:28
MD5: D27AF4AB0F08D052565B5A44345790B5
SHA1: CC4AD8CA3A98B1DAC9E83B757BAF7C56B5BA994A


--- C:\Program Files\Internet Explorer\iediagcmd.exe ---
Company: Microsoft Corporation
File Description: Diagnostics utility for Internet Explorer
File Version: 11.00.10586.0 (th2_release.151029-1700)
Product Name: Internet Explorer
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: IEDiagCmd.exe
File type: ----a-w-
File size: 493568
Created time: 2015-10-30 07:18:41
Modified time: 2015-10-30 07:18:41
MD5: BA2B7DF80B745ED32C0E6D8C399A2FC8
SHA1: AE71737B6CAEE0DA11FEB4E5C6A7D38B9FC36263


--- C:\Users\gebruiker\AppData\Local\Temp\NirCmd.exe ---
Company: NirSoft
File Description: NirCmd
File Version: 2.35
Product Name: NirCmd
Copyright: Copyright © 2003 - 2009 Nir Sofer
Original Filename: NirCmd.exe
File type: ----a-w-
File size: 30720
Created time: 2015-11-23 18:59:19
Modified time: 2015-11-23 18:59:18
MD5: 3CBB025B926B87902AECBD6570BAC89D
SHA1: 08ABF31F076890562F11116D21C7EE725758D446


--- C:\Windows\Prefetch\CMD.EXE-2EB3E6E2.pf ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 9994
Created time: 2015-11-14 15:11:01
Modified time: 2015-11-23 19:04:31
MD5: CD0C03D2FE2788676FB5FD79383A3EA1
SHA1: 8DEAC92B7450A185453919A30D2C60F033059802


--- C:\Windows\Prefetch\CMD.EXE-CD245F9E.pf ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3667
Created time: 2015-11-14 15:05:25
Modified time: 2015-11-23 18:56:04
MD5: 3B5E3F038176FE995C65F22C4444AF43
SHA1: 4C76263D7184445C51131D313C302931D6B77D9D


--- C:\Windows\Prefetch\MCPLTCMD.EXE-D8C643E6.pf ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 13879
Created time: 2015-11-14 15:11:15
Modified time: 2015-11-23 19:00:04
MD5: 295693E98791CBB3072CCBFF1B7A2EAB
SHA1: 936CC8E9906CDDF9437BB8B129227A7F05DF577E


--- C:\Windows\Prefetch\NIRCMD.EXE-5041F335.pf ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 6759
Created time: 2015-11-20 16:37:22
Modified time: 2015-11-21 13:22:01
MD5: DEA0A9B0A2CCDAC79DCFD9C04EAD98A6
SHA1: D67149D66B18EC5234366EE8A91EF17380C7B6A1


--- C:\Windows\System32\cmd.exe ---
Company: Microsoft Corporation
File Description: Windows Command Processor
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: Cmd.Exe.MUI
File type: ----a-w-
File size: 202240
Created time: 2015-10-30 07:18:25
Modified time: 2015-10-30 07:18:25
MD5: 7DB6A5CEEAC1CB15CF78552794B3DB31
SHA1: 8948CBF2B798684CA93D2CB844B2254C382B0AB8


--- C:\Windows\System32\en-US\cmd.exe.mui ---
Company: Microsoft Corporation
File Description: Windows Command Processor
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: Cmd.Exe.MUI
File type: ----a-w-
File size: 132096
Created time: 2015-10-30 18:05:07
Modified time: 2015-10-30 18:05:07
MD5: 529577C0A37DA40B13D83DE3D19E3CC3
SHA1: CB948E2F0603201E095BE193314A96D87F39F20C


--- C:\Windows\SysWOW64\cmd.exe ---
Company: Microsoft Corporation
File Description: Windows Command Processor
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: Cmd.Exe.MUI
File type: ----a-w-
File size: 202240
Created time: 2015-10-30 07:18:25
Modified time: 2015-10-30 07:18:25
MD5: 7DB6A5CEEAC1CB15CF78552794B3DB31
SHA1: 8948CBF2B798684CA93D2CB844B2254C382B0AB8


--- C:\Windows\SysWOW64\en-US\cmd.exe.mui ---
Company: Microsoft Corporation
File Description: Windows Command Processor
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: Cmd.Exe.MUI
File type: ----a-w-
File size: 132096
Created time: 2015-10-30 18:05:07
Modified time: 2015-10-30 18:05:07
MD5: 529577C0A37DA40B13D83DE3D19E3CC3
SHA1: CB948E2F0603201E095BE193314A96D87F39F20C


--- C:\Windows\WinSxS\amd64_microsoft-windows-c..andprompt.resources_31bf3856ad364e35_10.0.10586.0_en-us_0c0776913c41663d\cmd.exe.mui ---
Company: Microsoft Corporation
File Description: Windows Command Processor
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: Cmd.Exe.MUI
File type: ----a-w-
File size: 132096
Created time: 2015-10-30 18:05:00
Modified time: 2015-10-30 18:05:00
MD5: 755127FD76E17D325CD7D314F7C77EDF
SHA1: DA9442B0F5CF6B184267C2A1957E51B7459DCC29


--- C:\Windows\WinSxS\amd64_microsoft-windows-commandprompt_31bf3856ad364e35_10.0.10586.0_none_17925f15c4b3bca0\cmd.exe ---
Company: Microsoft Corporation
File Description: Windows Command Processor
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: Cmd.Exe
File type: ----a-w-
File size: 233984
Created time: 2015-10-30 07:17:49
Modified time: 2015-10-30 07:17:49
MD5: 41E25E514D90E9C8BC570484DBAFF62B
SHA1: 9D41D484B79570B3040909689259D52B24BF6D21


--- C:\Windows\WinSxS\amd64_microsoft-windows-i..libraries.resources_31bf3856ad364e35_10.0.10586.0_en-us_dcbfcc9565936fa2\appcmd.exe.mui ---
Company: Microsoft Corporation
File Description: Application Server Command Line Admin Tool
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Internet Information Services
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: appcmd.exe.mui
File type: ----a-w-
File size: 3072
Created time: 2015-11-14 13:40:15
Modified time: 2015-11-14 13:40:15
MD5: CACD402C647BA6AA53EA5C4314452320
SHA1: 9DAB04E05A4428FE639C98334A6F94FDB9EDEC2A


--- C:\Windows\WinSxS\amd64_microsoft-windows-i..libraries.resources_31bf3856ad364e35_10.0.10586.0_nl-nl_95cbbdf3ee9b6ba9\appcmd.exe.mui ---
Company: Microsoft Corporation
File Description: Application Server Command Line Admin Tool
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Internet Information Services
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: appcmd.exe.mui
File type: ----a-w-
File size: 3072
Created time: 2015-10-30 18:05:14
Modified time: 2015-10-30 18:05:14
MD5: 3E21E1F669A3734358105D892F1383CE
SHA1: EC34D47943915C81DBE85DF591BB708AD7E33394


--- C:\Windows\WinSxS\amd64_microsoft-windows-ie-iediag_31bf3856ad364e35_11.0.10586.0_none_d757402da682772e\iediagcmd.exe ---
Company: Microsoft Corporation
File Description: Diagnostics utility for Internet Explorer
File Version: 11.00.10586.0 (th2_release.151029-1700)
Product Name: Internet Explorer
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: IEDiagCmd.exe
File type: ----a-w-
File size: 493568
Created time: 2015-10-30 07:18:41
Modified time: 2015-10-30 07:18:41
MD5: BA2B7DF80B745ED32C0E6D8C399A2FC8
SHA1: AE71737B6CAEE0DA11FEB4E5C6A7D38B9FC36263


--- C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.10586.0_none_9d6f0b1d5f298a7d\appcmd.exe ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 42948
Created time: 2015-10-30 07:18:46
Modified time: 2015-10-30 07:32:53
MD5: D00DD4D5EBFB1120A5D38F059091A893
SHA1: B004D49A8E260DB464C2F80D6E6C4627F0853AD0


--- C:\Windows\WinSxS\amd64_microsoft-windows-s..-vaultcmd.resources_31bf3856ad364e35_10.0.10586.0_en-us_5916a09064799487\VaultCmd.exe.mui ---
Company: Microsoft Corporation
File Description: Vault cmdline Program
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: VAULTCMD.EXE.MUI
File type: ----a-w-
File size: 9216
Created time: 2015-10-30 18:05:02
Modified time: 2015-10-30 18:05:02
MD5: 7F714C38E04C29BBD7B6DDFF3F34A18B
SHA1: 41A549F50C79FD6655F4D77E09A4DF2015E3F840


--- C:\Windows\WinSxS\amd64_microsoft-windows-security-vaultcmd_31bf3856ad364e35_10.0.10586.0_none_73074901045434ac\VaultCmd.exe ---
Company: Microsoft Corporation
File Description: Vault cmdline Program
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: VAULTCMD.EXE
File type: ----a-w-
File size: 26624
Created time: 2015-10-30 07:17:52
Modified time: 2015-10-30 07:17:52
MD5: E3205A524D64BD559ECE2A8BAD4B8F6D
SHA1: 792EE5A94C7374E47784FD9A13D42003B6EFB134


--- C:\Windows\WinSxS\amd64_microsoft-windows-snmp-evntcmd.resources_31bf3856ad364e35_10.0.10586.0_en-us_611082bba692f914\evntcmd.exe.mui ---
Company: Microsoft Corporation
File Description: Event Translator Configuration Tool
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: eventcmd.exe.mui
File type: ----a-w-
File size: 12288
Created time: 2015-10-30 18:05:16
Modified time: 2015-10-30 18:05:16
MD5: A202518A686DAD969EBD8A89AABAC5A4
SHA1: 4A45574233230EBD2C0CB31967A8C498D8119AC2


--- C:\Windows\WinSxS\amd64_microsoft-windows-snmp-evntcmd_31bf3856ad364e35_10.0.10586.0_none_458a5ff9ae5c55c5\evntcmd.exe ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 11516
Created time: 2015-10-30 07:19:53
Modified time: 2015-10-30 07:43:46
MD5: 5145E34A9621AA233E787FBF49FA9D41
SHA1: FFB28DC5C12EB372D929757ECB2C794BCFEB3D5F


--- C:\Windows\WinSxS\amd64_microsoft-windows-u..egistration-cmdline_31bf3856ad364e35_10.0.10586.0_none_cbbaa461b9c72448\dsregcmd.exe ---
Company: Microsoft Corporation
File Description: DSREG commandline tool
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: dsregcmd.exe
File type: ----a-w-
File size: 604672
Created time: 2015-10-30 07:17:53
Modified time: 2015-10-30 07:17:53
MD5: 87661AF5A9CE785336029A650B750E4E
SHA1: 192F27BF194F95C3B59C5F7F3E6C1DC549923B90


--- C:\Windows\WinSxS\amd64_microsoft-windows-u..n-cmdline.resources_31bf3856ad364e35_10.0.10586.0_en-us_5c22ffd677e09af7\dsregcmd.exe.mui ---
Company: Microsoft Corporation
File Description: DSREG commandline tool
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: dsregcmd.exe.mui
File type: ----a-w-
File size: 3584
Created time: 2015-10-30 18:05:02
Modified time: 2015-10-30 18:05:02
MD5: F2E1FC978CD8327A099FD7C304927AAE
SHA1: C241D1F77132EA46C71A59D33C8AF9B014B67699


--- C:\Windows\WinSxS\Backup\amd64_microsoft-windows-u..n-cmdline.resources_31bf3856ad364e35_10.0.10586.0_en-us_5c22ffd677e09af7_dsregcmd.exe.mui_8ce2c638 ---
Company: Microsoft Corporation
File Description: DSREG commandline tool
File Version: 10.0.10586.0 (th2_release.151029-1700)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: dsregcmd.exe.mui
File type: ----a-w-
File size: 3584
Created time: 2015-10-30 18:05:49
Modified time: 2015-10-30 18:05:40
MD5: F2E1FC978CD8327A099FD7C304927AAE
SHA1: C241D1F77132EA46C71A59D33C8AF9B014B67699


==== Registry Search Results for "cmd.exe" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}]
"AppName"="cmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEDIAG.EXE]
@="C:\\Program Files\\Internet Explorer\\IEDIAGCMD.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEDIAGCMD.EXE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\IEDIAGCMD.EXE]
@="C:\\Program Files\\Internet Explorer\\IEDIAGCMD.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\cmd.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021400-0000-0000-C000-000000000046}\shell\cmd\command]
@="cmd.exe /s /k pushd \"%V\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\shell\cmd\command]
@="cmd.exe /s /k pushd \"%V\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\background\shell\cmd\command]
@="cmd.exe /s /k pushd \"%V\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\cmd\command]
@="cmd.exe /s /k pushd \"%V\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shell\cmd\command]
@="cmd.exe /s /k pushd \"%V\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{00021400-0000-0000-C000-000000000046}\shell\cmd\command]
@="cmd.exe /s /k pushd \"%V\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\shell\cmd\command]
@="cmd.exe /s /k pushd \"%V\""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot]
"AlternateShell"="cmd.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell"="cmd.exe"

[HKEY_USERS\S-1-5-21-295600321-3362585809-1147355583-1001\SOFTWARE\Toshiba\FlashCards\UserSetting\WDesktopManager]
"OPT1"="C:\\Program Files\\TOSHIBA\\Libretto\\toswndctlcmd.exe"

[HKEY_USERS\S-1-5-21-295600321-3362585809-1147355583-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Toshiba\FlashCards\UserSetting\WDesktopManager]
"OPT1"="C:\\Program Files\\TOSHIBA\\Libretto\\toswndctlcmd.exe"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3170 folders=447 536171500 bytes)

==== EOF on ma 23-11-2015 at 20:07:42,95 ======================