meka129 13 Dec 2014 01:08 PM

Zoek scan results assistance

Code:


Zoek.exe v5.0.0.0 Updated 23-11-2014
Tool run by user01 on Sat 12/13/2014 at 9:41:16.94.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\user01\Downloads\zoek.exe [Scan all users] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-10-20-231926.log 21484 bytes

==== Installed Programs ======================

???
????
æTorrent
7-Zip 9.20 (x64 edition)
7-Zip 9.21
ACID Music Studio 10.0
Adguard
Adobe Photoshop CS6
Adobe Reader X (10.1.12) MUI
Akamai NetSession Interface
AMD Accelerated Video Transcoding
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
AMD Wireless Display v3.0
Any Video Converter 5.7.5
Apple Application Support
Apple Software Update
Art of Murder: FBI Confidential
ASIO4ALL
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS Screen Saver
ASUS Smart Gesture
ASUS Splendid Video Enhancement Technology
ASUS USB Charger Plus
ASUS WebStorage Sync Agent
ASUSDVD
AsusVibe2.0
ATK Package
Audacity 2.0.6
Audio Record Wizard
Autodesk 3ds Max 2015
Autodesk 3ds Max 2015 Populate Data
Autodesk 3ds Max 2015 SDK
Autodesk 3ds Max 2015 SP2
Autodesk Application Manager
Autodesk Backburner 2015
Autodesk Composite 2014
Autodesk DirectConnect 2014 64-bit
Autodesk DirectConnect 2015 64-bit
Autodesk DirectConnect 2015 64-bit Hotfix1
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit
Autodesk Inventor Server Engine for 3ds Max 2015
Autodesk MatchMover 2014
Autodesk Material Library 2014
Autodesk Material Library 2015
Autodesk Material Library Base Resolution Image Library 2014
Autodesk Material Library Base Resolution Image Library 2015
Autodesk Material Library Medium Resolution Image Library 2014
Autodesk Material Library Medium Resolution Image Library 2015
Autodesk Maya 2014
Autodesk Network License Manager
Autodesk Revit Interoperability for 3ds Max 2014
Autodesk Revit Interoperability for 3ds Max 2015
Autodesk SketchBook
Azada ®
Azteca
Bejeweled 3
Big Fish: Game Manager
Bitdefender Total Security 2015
Blender
Bully Scholarship Edition
Camtasia Studio 8
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Celtx (2.9.7)
Chocolatier 2: Secret Ingredients
Cooking Academy: Restaurant Royale
Cut the Rope
CyberLink LabelPrint 2.5
CyberLink Power2Go
CyberLink PowerDirector 12
CyberLink WaveEditor 2
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2013 (KB2910926) 64-Bit Edition
DreamScape 2.5f R2013 64-bit
EA Download Manager
FL Studio 10
Galer¡a de fotos
Galerie de photos
GIMP 2.8.14
Go-Go Gourmet
Google Chrome
Google Talk Plugin
Gyazo 2.2
Hidden Expedition ®: Amazon
Hot Dish
Hoyle Card Games
Hoyle Puzzle and Board Games
HP FWUpdateEDO2
HP Officejet 6700 Basic Device Software
HP Officejet 6700 Help
HP Officejet 6700 Product Improvement Study
HP Update
I.R.I.S. OCR
IMVU Avatar Chat Software
Java 7 Update 51
Java 8 Update 25
Java Auto Updater
join.me
League of Legends
LogoMaker 2.0
Malwarebytes Anti-Malware version 2.0.4.1028
Mavis Beacon Platinum - 25th Anniv. Ed.
mental ray renderer for Autodesk Maya 2014
Microsoft Access MUI (English) 2013
Microsoft Access Setup Metadata MUI (English) 2013
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)
Microsoft Application Error Reporting
Microsoft DCF MUI (English) 2013
Microsoft Excel MUI (English) 2013
Microsoft Groove MUI (English) 2013
Microsoft InfoPath MUI (English) 2013
Microsoft Lync MUI (English) 2013
Microsoft Mouse and Keyboard Center
Microsoft Office 32-bit Components 2013
Microsoft Office OSM MUI (English) 2013
Microsoft Office OSM UX MUI (English) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Espa¤ol
Microsoft Office Shared 32-bit MUI (English) 2013
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft OneDrive
Microsoft OneNote MUI (English) 2013
Microsoft Outlook MUI (English) 2013
Microsoft PowerPoint MUI (English) 2013
Microsoft Publisher MUI (English) 2013
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Word MUI (English) 2013
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Movie Maker
Mozilla Firefox 32.0.3 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSVCRT110
MSVCRT110_amd64
MyBitCast 2.0
NewBlue Video Essentials for PowerDirector
NewBlue Video Essentials II for PowerDirector
NewBlue Video Essentials III for PowerDirector
Nielsen
NVIDIA CUDA Samples 6.5
NVIDIA CUDA Toolkit 6.5
NVIDIA CUDA Visual Studio Integration 6.5
NVIDIA GPU Deployment Kit 340.62
NVIDIA Install Application
NVIDIA Nsight Visual Studio Edition 4.1.0.14204
NVIDIA Tools Extension SDK (NVTX) - 64 bit
NVIDIA Virtual Audio 1.2.23
OEM Application Profile
Outils de v‚rification linguistique 2013 de Microsoft Officeÿ- Fran‡ais
Peggle
Penguins
Photo Common
Photo Gallery
Qualcomm Atheros Client Installation Program
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
RuneScape Launcher 1.2.3
SAMSUNG USB Driver for Mobile Phones
Screencast-O-Matic
Security Update for Microsoft Excel 2013 (KB2910929) 64-Bit Edition
Security Update for Microsoft Office 2013 (KB2726958) 64-Bit Edition
Security Update for Microsoft Word 2013 (KB2910916) 64-Bit Edition
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
SketchUp 2015
Snagit 12
Snagit 9.1.3
Space Strike
Tales of Lagoona
The SimsT Life Stories
Tradewinds Caravans
Update for Microsoft Access 2013 (KB2863859) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2910927) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881008) 64-Bit Edition
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition
Update for Microsoft Office 2013 (KB2889858) 64-Bit Edition
Update for Microsoft Office 2013 (KB2889938) 64-Bit Edition
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition
Update for Microsoft Office 2013 (KB2899501) 64-Bit Edition
Update for Microsoft Office 2013 (KB2899505) 64-Bit Edition
Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition
Update for Microsoft Office 2013 (KB2910922) 64-Bit Edition
Update for Microsoft Office 2013 (KB2910931) 64-Bit Edition
Update for Microsoft Office 2013 (KB2920734) 64-Bit Edition
Update for Microsoft OneDrive for Business (KB2910935) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2899502) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2899504) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2910907) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition
Update Installer for WildTangent Games App
UpdateService
Video Downloader
War Thunder Launcher 1.0.1.452
Westward III: Gold Rush
WildTangent Games
Windows Driver Package - ASUS (ATP) Mouse (08/19/2013 1.0.0.185)
Windows Live
Windows Live ???
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinFlash
Wondershare Video Editor(Build 4.7.1)

meka129 13 Dec 2014 01:09 PM

My Zoek-Results.log Part 2

Code:

==== Running Processes ======================

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
C:\Program Files (x86)\Adguard\AdguardSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AFLICS\AfterFLICS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\ASUS\P4G\InsOnSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\P4G\InsOnWMI.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe
C:\Program Files (x86)\Adguard\Adguard.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\NetRatingsNetSight\NetSight\nielsenonline.exe
C:\Users\user01\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter2\NielsenNativeHost.exe
C:\Users\user01\Downloads\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 5573 MB
CPU Info: AMD A4-5000 APU with Radeon(TM) HD Graphics
CPU Speed: 1498.1 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: AMD Radeon HD 8330 | AMD Radeon HD 8330
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR9485 Wireless Network Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 2x (E: | F: | ) E: MATSHITADVD-RAM UJ8C2 S | F: DTSOFT BDROM
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 279.0GB | D: 398.1GB
Hard Disks - Free: C: 63.0GB | D: 397.9GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009
Time Zone: Pacific Standard Time
Motherboard *: ASUSTeK COMPUTER INC. X550EA
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Bitdefender Antispyware disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Bitdefender Firewall disabled
Default Browser: Google Chrome 37.0.2062.124
Internet Explorer Version: 11.0.9600.17498
Mozilla Firefox version: 32.0.3 (x86 en-US)
Google Chrome version: 37.0.2062.124
Adobe Reader version: 10.1.12.15
Sun Java version: 1.8.0_25 (32-bit)
Sun Java version: 1.8.0_25 (64-bit)

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2014-11-26 20:49:58 9130CCE19B5DB3D2E31F9F789263FC4A 511328 ----a-w- C:\WINDOWS\capicom.dll
====== C:\Users\user01\AppData\Local\Temp ====
2014-12-03 23:26:10 0CB342F47974F7B2D5C99AD335AE16C4 13279232 ----a-w- C:\Users\user01\AppData\Local\Temp\BlueStacks_njp53ixu.1pf\BlueStacks_HD_AppPlayerSplit_setup_0.9.4. 4078_REL.msi
2014-12-03 23:19:46 0CB342F47974F7B2D5C99AD335AE16C4 13279232 ----a-w- C:\Users\user01\AppData\Local\Temp\BlueStacks_vilnxe1p.gum\BlueStacks_HD_AppPlayerSplit_setup_0.9.4. 4078_REL.msi
2014-12-03 18:02:52 A09E1804B47D7A739AFA92E37FAB9D4C 149606400 ----a-w- C:\Users\user01\AppData\Local\Temp\sketchup_install\SketchUp2015-x64.msi
2014-12-03 18:02:52 8694439F9183D4B3E9DC11C7B5E10B29 703816 ----a-w- C:\Users\user01\AppData\Local\Temp\sketchup_install\setup.exe
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-12-10 10:08:18 C4FB74C1E96142E0A9E5DE78E3A0B494 28672 ----a-w- C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 10:08:06 98C136EA9D0CA9C010FE49D863D29C6D 1612992 ----a-w- C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 09:56:00 220505B0B3E96C857DD01729AF0CD369 19749376 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 09:55:52 B59E370277EDB6643083B62297175628 12836864 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 09:55:50 5E4E0E43E0A5BF9F089696DFA7A3D677 1888256 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 09:55:49 F728E7E9937117E0F32F39840EB6D737 4299264 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 09:55:49 F34F6DC38A21FCDBB50CDD1EE97B1EA3 1307136 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 09:55:49 01777AB557997E98691E322225314E57 2277888 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 09:55:47 41AFA61E061E98E97272AC02184C8C2C 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 09:55:46 543ADCEA31CF9C2B4EEB900D4AAFD0F9 2052096 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 09:55:46 37F078B5B435AFC6BF316F2AD14B469A 501248 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 09:55:45 D7A98A4CEA2E89F544065A00BF37FC10 688640 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 09:55:44 86181845803967FC51B64119E80FC18C 340992 ----a-w- C:\WINDOWS\SysWOW64\html.iec
2014-12-10 09:55:44 713407DA59A9DBE5BD64A17D7A267DA1 326656 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 09:55:43 F25284C763E728E4DAC248C211D1FC5B 76288 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 09:55:43 69AC6FD5B0B4DC963723E1EBDEE10A2C 285696 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 09:55:43 476900A8699F5C3D954ADD4A35D33F89 230400 ----a-w- C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 09:55:43 0E4D9A13C7C6C8FC3ACCF1C8C28DE200 128000 ----a-w- C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 09:55:42 C6941899E6B0A1893D2D5A89241A43B6 661504 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 09:55:42 98F2784FC4A4A80CE20016C6281834EE 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 09:55:42 29CED1A4777A43526A4ED8A7B6936883 64000 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 09:54:49 A9B598B04606F9869C42728FE95CBC7C 1489072 ----a-w- C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 09:54:35 CA7A00203E710E56C18D15B72148769F 790528 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-12-10 10:08:18 83AEDC4636606B145851723AE7385781 34304 ----a-w- C:\WINDOWS\Sysnative\DeviceSetupStatusProvider.dll
2014-12-10 10:08:07 F5BA843DE3475B8D7FD5AFC21857A7C1 1970432 ----a-w- C:\WINDOWS\Sysnative\crypt32.dll
2014-12-10 09:56:01 D478A4CF07FB8ADF72FB16B88E8030B8 25059840 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll
2014-12-10 09:55:53 556D271F4243B273EDA353512BF3608A 14412800 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll
2014-12-10 09:55:51 8D64466AD12CA5677CD0099C43C58569 6039552 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll
2014-12-10 09:55:50 E7A2061ADF0F4D430FECDA1E8D6B7BA6 1548288 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll
2014-12-10 09:55:50 982B871A25B5078093FAD82D0AB0E3FC 2885120 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll
2014-12-10 09:55:50 4AF089160FE082E5EA5C4AA72782DCA2 2358272 ----a-w- C:\WINDOWS\Sysnative\wininet.dll
2014-12-10 09:55:47 EFBA893429814EA3244C87C2D1256618 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll
2014-12-10 09:55:46 3FE71E2A5BD3EC652E64FC8BCEFEDD2C 2125312 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl
2014-12-10 09:55:45 DDE455CF1B9F43775A53A4E577DFDC54 373760 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll
2014-12-10 09:55:45 39B512C643812FC2D4843C0D4206C759 718848 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe
2014-12-10 09:55:45 284070B045F8B11B4A1FB32F72023038 417280 ----a-w- C:\WINDOWS\Sysnative\html.iec
2014-12-10 09:55:45 1D294810D3A8A8F722E86AA001F54DCC 580096 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll
2014-12-10 09:55:45 14BA910E7731FC84EB85328BD0F1EE81 800768 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll
2014-12-10 09:55:44 62CFEE2A516C68540486EBF26F18ED4C 145408 ----a-w- C:\WINDOWS\Sysnative\iepeers.dll
2014-12-10 09:55:43 DB10D681314714E0D4623E4C0CF6654A 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll
2014-12-10 09:55:43 D248949FCF2B72C1FD4EC15DA92065C0 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll
2014-12-10 09:55:43 17A157A4225CF562202AC71DB8103177 88064 ----a-w- C:\WINDOWS\Sysnative\MshtmlDac.dll
2014-12-10 09:55:43 0AF0AEF0BA9EF6169E61C78504DCAE55 316928 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll
2014-12-10 09:55:42 A41AC7E8D142FD0ECF6EF7F1BB63D478 812544 ----a-w- C:\WINDOWS\Sysnative\jscript.dll
2014-12-10 09:55:42 507DC5EE1363EEB7D986B1026DF4E39D 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll
2014-12-10 09:54:49 418B5117F187DFFD96C52325CA0DF153 1762840 ----a-w- C:\WINDOWS\Sysnative\WindowsCodecs.dll
2014-12-10 09:54:40 EE5ED8E6998D7E686F614BA8D876829B 192000 ----a-w- C:\WINDOWS\Sysnative\aepic.dll
2014-12-10 09:54:40 8283D7B0DCB540AB58A864E4BF2451FD 830464 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll
2014-12-10 09:54:40 222F243A138149E51FEA4769A475A144 1083392 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll
2014-12-10 09:54:39 FB7F1B20A2C86D55F731E53EB04C9360 740864 ----a-w- C:\WINDOWS\Sysnative\invagent.dll
2014-12-10 09:54:39 C4859B1344645E6109DE77F5577CD37F 396288 ----a-w- C:\WINDOWS\Sysnative\devinv.dll
2014-12-10 09:54:39 2DD8EC6F8DE5F8556ABC5F223D49EA07 412672 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll
2014-12-10 09:54:37 C4A550C337ADB0EB4C4D4F388C27B815 227328 ----a-w- C:\WINDOWS\Sysnative\aepdu.dll
2014-12-10 09:54:36 DB7815ACB2D8F7CB03807059969F13B6 1091072 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll
====== C:\WINDOWS\Sysnative\drivers =====
2014-12-10 09:54:13 B02118A776C368F7EE1A8CC81378D265 153920 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2014-12-10 09:54:13 A770340FC02B999EF0DE6C2A6BC8437C 39744 -c--a-w- C:\WINDOWS\Sysnative\drivers\intelpep.sys
2014-12-10 09:54:13 7B7C482CF48E6EE33664340D1A78E6FE 238912 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys
2014-12-10 09:54:13 24A8DFC07E4BAF29AEA26E383D4CC886 86336 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys
2014-12-04 00:07:35 3E75A47D2DEFD2683DCA409572FBE8B2 452040 ----a-w- C:\WINDOWS\Sysnative\drivers\trufos.sys
2014-12-04 00:07:35 0A9D58AABD01DA97B1D101473EFA7659 150256 ----a-w- C:\WINDOWS\Sysnative\drivers\gzflt.sys
2014-11-26 20:50:52 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_avchv_01009.Wdf
2014-11-26 20:50:04 3701D3BF4AC12EAACB1F58847C1D32FC 23568 ----a-w- C:\WINDOWS\Sysnative\drivers\bdelam.sys
2014-11-26 20:50:00 F7F20DFE87C425221D8FCE77C5ED46AC 79192 ----a-w- C:\WINDOWS\Sysnative\drivers\bdvedisk.sys
2014-11-26 20:49:58 B9ECE7FD9F58DAF19450C88338DC5267 82824 ----a-w- C:\WINDOWS\Sysnative\drivers\bdsandbox.sys
2014-11-26 20:49:58 5CE1C5BB9ABAC8871D39E7AEBD127797 98768 ----a-w- C:\WINDOWS\Sysnative\drivers\bdfndisf6.sys
2014-11-26 20:49:37 D0B093DDF5FD05E4D0109159E9153A52 263032 ----a-w- C:\WINDOWS\Sysnative\drivers\avchv.sys
2014-11-26 20:49:37 70CCDD9BCBAA5A918A7D135E28A824E2 1288472 ----a-w- C:\WINDOWS\Sysnative\drivers\avc3.sys
2014-11-26 20:49:37 0956716D5565680DC83992C11BBDB2C2 647752 ----a-w- C:\WINDOWS\Sysnative\drivers\avckf.sys
2014-11-14 01:25:45 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_nnfwdk64_01009.Wdf
====== C:\WINDOWS\Tasks ======
2014-11-14 20:11:02 CE6DB62F93CDAC4F55C05E0028950963 3474 ----a-w- C:\WINDOWS\Sysnative\Tasks\ASUS Live Update1
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-12-03 18:08:24 -------- d-----w- C:\Program Files\SketchUp
2014-11-26 20:37:40 -------- d-----w- C:\Program Files\Bitdefender
2014-11-26 20:36:02 -------- d-----w- C:\Program Files\Common Files\Bitdefender
======= C:\PROGRA~2 =====
2014-12-03 18:04:27 -------- d-----w- C:\PROGRA~2\Audio Record Wizard
2014-11-29 02:18:44 -------- d-----w- C:\PROGRA~2\Rockstar Games
2014-11-26 21:46:50 -------- d-----w- C:\PROGRA~2\COMMON~1\xing shared
2014-11-26 05:13:04 -------- d-----w- C:\PROGRA~2\Hidden Expedition - Amazon
2014-11-26 05:11:55 -------- d-----w- C:\PROGRA~2\Space Strike
2014-11-26 05:11:06 -------- d-----w- C:\PROGRA~2\Azada
2014-11-26 05:05:48 -------- d-----w- C:\PROGRA~2\Art of Murder - FBI Confidential
2014-11-22 00:53:59 -------- d-----w- C:\PROGRA~2\DeltaFix
2014-11-18 15:42:38 -------- d-----w- C:\PROGRA~2\Anvsoft
2014-11-14 01:19:05 -------- d-----w- C:\PROGRA~2\NetRatingsNetSight
======= C: =====
2014-11-26 21:18:26 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Recovery.txt
2014-11-14 01:25:36 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\extensions.sqlite
====== C:\Users\user01\AppData\Roaming ======
2014-12-11 01:34:29 F2036779AE0D4FF370DE8B619AA4FC15 145710 ----a-w- C:\Users\user01\AppData\Local\recently-used.xbel
2014-12-08 05:46:51 -------- d-----w- C:\Users\user01\AppData\Roaming\Big Fish Games
2014-12-03 23:19:31 -------- d-----w- C:\Users\user01\AppData\Local\Bluestacks
2014-12-03 18:17:19 -------- d-----w- C:\Users\user01\AppData\Roaming\SketchUp
2014-12-03 18:04:34 -------- d-----w- C:\Users\user01\AppData\Local\arw
2014-11-26 21:48:15 -------- d-----w- C:\Users\user01\AppData\Roaming\RealNetworks
2014-11-26 20:54:15 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\QuickScan
2014-11-26 20:46:39 -------- d-----w- C:\Users\user01\AppData\Roaming\Bitdefender
2014-11-26 20:36:58 -------- d-----w- C:\Users\user01\AppData\Roaming\QuickScan
2014-11-26 05:13:04 -------- d-----w- C:\Users\user01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2014-11-26 05:11:06 -------- d-----w- C:\Users\user01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Azada
2014-11-24 17:19:35 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps
2014-11-24 17:14:51 -------- d-sh--w- C:\Users\user01\AppData\Local\EmieBrowserModeList
2014-11-24 17:14:44 -------- d-sh--w- C:\Users\user01\AppData\Locallow\EmieBrowserModeList
2014-11-23 08:19:51 -------- d-----w- C:\Users\user01\AppData\Roaming\LolClient
2014-11-22 06:45:44 -------- d-----w- C:\Users\user01\AppData\Roaming\Riot Games
2014-11-18 15:43:18 -------- d-----w- C:\Users\user01\AppData\Roaming\Anvsoft
2014-11-17 18:49:18 -------- d-----w- C:\Users\Guest\AppData\Local\AMD
2014-11-17 18:49:03 -------- d-----w- C:\Users\Guest\AppData\Roaming\Autodesk
2014-11-17 18:49:03 -------- d-----w- C:\Users\Guest\AppData\Local\Autodesk
2014-11-17 18:49:02 -------- d-----w- C:\Users\Guest\AppData\Local\Wondershare
2014-11-17 18:48:57 -------- d-----w- C:\Users\Guest\AppData\Roaming\Real
2014-11-17 18:48:56 -------- d-----w- C:\Users\Guest\AppData\Roaming\ATI
2014-11-17 18:48:56 -------- d-----w- C:\Users\Guest\AppData\Local\ATI
2014-11-17 18:48:01 -------- d-----w- C:\Users\Guest\AppData\Roaming\Identities
====== C:\Users\user01 ======
2014-12-03 23:25:18 3B77916FB8788BB5293117ED991F0075 13444288 ----a-w- C:\Users\user01\Downloads\BlueStacks-SplitInstaller_native_b.exe
2014-12-03 23:24:41 C596B59985EF34EB709E3BE05A62FF5C 32549 ----a-w- C:\ProgramData\1417649058.10132.bin
2014-12-03 23:24:24 4923BBCAAC42AF61B987F2FEB6D741FB 3187 ----a-w- C:\ProgramData\1417649058.5732.bin
2014-12-03 23:24:24 13574404E9931666FAE842295C9FCAE0 933 ----a-w- C:\ProgramData\1417649058.12276.bin
2014-12-03 23:24:18 D722AB7B22320799C459199AA5DA18B0 113563 ----a-w- C:\ProgramData\1417649058.12728.bin
2014-12-03 23:19:04 3B77916FB8788BB5293117ED991F0075 13444288 ----a-w- C:\Users\user01\Downloads\BlueStacks-SplitInstaller_native.exe
2014-12-03 18:17:20 -------- d---a-w- C:\ProgramData\Reprise
2014-12-03 18:09:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2014-12-03 18:08:24 -------- d-----w- C:\ProgramData\SketchUp
2014-12-03 18:04:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Record Wizard
2014-12-03 18:04:12 0D90A6F6F3C4EB0573BB8B62E82925C7 4645120 ----a-w- C:\Users\user01\Downloads\arw7cnet.exe
2014-12-03 18:01:32 A7D0C40ED60146241413A732D01E2FD9 114218816 ----a-w- C:\Users\user01\Downloads\SketchUpPro-en-x64.exe
2014-11-29 02:26:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2014-11-26 21:47:56 -------- d-----w- C:\ProgramData\RealNetworks
2014-11-26 20:50:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-11-26 20:37:45 -------- d-----w- C:\ProgramData\Bitdefender
2014-11-26 05:13:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - Amazon
2014-11-26 05:11:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Space Strike
2014-11-26 05:11:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azada
2014-11-26 05:05:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Art of Murder - FBI Confidential
2014-11-22 06:48:26 -------- d-----w- C:\ProgramData\Riot Games
2014-11-22 06:46:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-11-22 00:52:49 -------- d-----w- C:\ProgramData\1898640059318790545
2014-11-22 00:51:14 -------- d-----w- C:\ProgramData\jabcaimkaimililedebkgioincgjlkjf
2014-11-18 15:43:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
2014-11-17 18:47:42 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Guest\ntuser.ini
2014-11-14 05:16:29 -------- d-----r- C:\WINDOWS\SysNative\config\systemprofile\Searches

====== C: exe-files ==
=== C: other files ==

meka129 13 Dec 2014 01:13 PM

My Zoek-Results.log Part 3

Code:


==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1578426742-284494171-321257044-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe"
"HP Officejet 6700 (NET)"="C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe -deviceID CN3CODSKK705RQ:NW -scfn HP Officejet 6700 (NET) -AutoStart 1"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"
"AVG-Secure-Search-Update_0414c"="C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe /PROMPT /CMPID=0414c "
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Adguard"="C:\Program Files (x86)\Adguard\Adguard.exe"
"Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"ADSKAppManager"="C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe -showminimized -checkautorun"
"Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"NielsenOnline"="C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe"
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot"
"RealDownloader"="C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe"
"HP Officejet 6700 (NET)"="C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe -deviceID CN3CODSKK705RQ:NW -scfn HP Officejet 6700 (NET) -AutoStart 1"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"
"AVG-Secure-Search-Update_0414c"="C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe /PROMPT /CMPID=0414c "
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Adguard"="C:\Program Files (x86)\Adguard\Adguard.exe"
"Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"command"=""C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe""
"hkey"="HKLM"
"item"="Adobe Reader Speed Launcher"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSPRP]
"command"=""C:\\Program Files (x86)\\ASUS\\APRP\\APRP.EXE""
"hkey"="HKLM"
"item"="ASUSPRP"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"command"="C:\\Program Files (x86)\\ASUS\\WebStorage Sync Agent\\1.1.18.159\\AsusWSPanel.exe /S"
"hkey"="HKLM"
"item"="ASUSWebStorage"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DisableS3S4]
"command"="c:\\windows\\temp\\DisableS3S464\\sethigh.cmd"
"hkey"="HKLM"
"item"="DisableS3S4"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10]
"command"=""C:\\Program Files (x86)\\CyberLink\\PowerDVD10\\PDVD10Serv.exe""
"hkey"="HKLM"
"item"="RemoteControl10"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg]
"command"=""C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe" /MAXX4"
"hkey"="HKLM"
"item"="RtHDVBg"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"command"=""C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe" -s"
"hkey"="HKLM"
"item"="RTHDVCPL"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


==== Startup Folders ======================

2014-04-12 02:19:38 1910 ----a-w- C:\Users\user01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700 (Network).lnk
2014-10-22 14:21:02 1274 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
2014-11-21 23:40:28 1161 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1578426742-284494171-321257044-1001Core.job --a-------- C:\Users\user01\AppData\LoC:al\Google\Update\GoogleUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1578426742-284494171-321257044-1001UA.job --a-------- C:\C:\Users\user01\AppData\Local\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files\ASUS\P4G\InsOnCfg.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Live Update1" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Live Update2" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Patch for Touch Panel" [C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Splendid ColorU" [C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe]
"C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\WINDOWS\SysNative\tasks\AsusVibeSchedule" ["C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe"]
"C:\WINDOWS\SysNative\tasks\FFMPEGUpd" [C:\PROGRA~2\FFMPEG\FFMPEG~1.EXE]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1578426742-284494171-321257044-1001Core" [C:\Users\user01\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1578426742-284494171-321257044-1001UA" [C:\Users\user01\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GyazoUpdateTaskMachine" ["C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"]
"C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Officejet 6700" ["C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe"]
"C:\WINDOWS\SysNative\tasks\RealDownloader Update Check" [C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe]
"C:\WINDOWS\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1578426742-284494171-321257044-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\WINDOWS\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1578426742-284494171-321257044-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\WINDOWS\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1578426742-284494171-321257044-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\WINDOWS\SysNative\tasks\TechSmith Updater" [C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{81EF49F1-331F-406F-8C14-8D6CC9797E24}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{338950EA-82DB-44C1-930D-0C28E023C9F0}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [11/26/2014 01:47 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\user01\AppData\Roaming\Greyfirst\Celtx\Profiles\jggpay52.default
- Timezone Definitions for Mozilla Calendar - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org
- Default Shot Palette - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com
- DOM Inspector - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\user01\AppData\Roaming\Mozilla\Firefox\Profiles\9ol9ki3s.default
252949179FE1C491B7D16A9AA376B29B - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit)
5CB01CF141E021DAAE96991A5BA57944 - C:\Users\user01\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
3BB46C18F67297B670D3037595F46707 - C:\Users\user01\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
amebgbgmoldiehbbbjcaoceilcfnniop - No path found[]
fabcmochhfpldjekobfaaggijgohadih - No path found[]

meka129 13 Dec 2014 01:14 PM

My Zoek-Results.log Part 4 (Last)

Code:

Nielsen - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\amebgbgmoldiehbbbjcaoceilcfnniop
Google Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Graffiti Creator - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgmlohhjedlnljheklbjepdfikchfaoe
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
BIODIGITAL HUMAN - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak
Duolingo Web - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl
Nielsen - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\amebgbgmoldiehbbbjcaoceilcfnniop
Google Docs - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Voice Search Hotword (Beta) - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Bible - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\boljbeanmjklkbfnppfedajbgeongccb
Daum Equation Editor - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe
Logarithms Table - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekflgjlkhleiegpledpmjcpaoblbaong
Bitdefender Wallet - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih
Elite Unzip - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\gafhhbahpojnjfhpepjjfjojbphnogmn
Fairway Solitaire - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkpbdfapchjogkmfpcmnfjdimgijhdho
What do your dreams mean - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpmambngimkfaddbeebieghlkbdifaje
World of Solitaire - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn
LDS Scriptures - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijknidpjhcgbeliijjdmlonlcaobfldf
Quran - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\iklmggidaneooheckcalppihpgfidbpe
Scripture Search Box - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhdcbicpakmmccpedfnigbcancemekbm
Google Wallet - user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.google.com/",
"startup_urls": [ "https://www.google.com/" ],


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} Lasaoren Url="http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_mdaffmarmar_14_38_ch&cd=2XzuyEtN2Y1L1Qzu0DzzyDtD0EyCtBtA0F0CtA tCyCtBtD0FtN0D0Tzu0SzyzzzytN1L2XzutAtFtBtFyEtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0F0A 0FyB0B0A0CtGtA0FtAyEtG0A0DyByCtG0F0A0AyBtGyC0FzzyE0A0D0A0A0Bzz0FyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtCtDtD 0EtDyE0AtG0FtBzy0BtGyEtAyE0FtG0BzztCyCtGyByEyBzyyBtDyE0ByB0A0AyB2Q&cr=402937785&ir="

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe"
O4 - HKCU\..\Run: [HP Officejet 6700 (NET)] "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN3CODSKK705RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0414c] "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" /PROMPT /CMPID=0414c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Adguard] C:\Program Files (x86)\Adguard\Adguard.exe
O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
O4 - Startup: Monitor Ink Alerts - HP Officejet 6700 (Network).lnk = ?
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
O4 - Global Startup: Snagit 12.lnk = C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adguard Service - Insoft LLC - C:\Program Files (x86)\Adguard\AdguardSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: AfterFLICS v3 - Unknown owner - C:\Program Files (x86)\AFLICS\AfterFLICS.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bitdefender Desktop Parental Control (BdDesktopParental) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: mental ray Satellite for Autodesk 3ds Max 2015 64-bit (mi-raysat_3dsmax2015_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Nielsen Update (NielsenUpdate) - The Nielsen Company - C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== C:\zoek_backup content ======================

C:\zoek_backup (files=938 folders=278 131458800 bytes)

==== EOF on Sat 12/13/2014 at 10:19:47.91 ======================

cottonball 14 Dec 2014 06:41 PM

meka129,

What kind of problem are you having for which you decided to run and post a Zoek report with what appears as every option checked?

meka129 19 Dec 2014 10:46 AM

I'm having adware issues... specifically BuynSave adware... i uninstalled it and deleted from my extensions but it still shows up every time i restart my browser which is google chrome

maxie 19 Dec 2014 11:17 AM

You are in very capable hands with Cottonball .. In his absence you could try the Link below and follow the Instructions ...


Remove BuyNSave Ads (Virus Removal Guide)

cottonball 19 Dec 2014 09:40 PM

meka129,

On the Desktop, double-click zoek.exe to start the program. (Give it a few seconds to appear.)

If your AntiVirus warns you about the program, either allow Zoek to run, or temporarily disable your AV program.
Info > How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides

Next, copy/paste the entire script inside the code box below to the input field of Zoek:

Code:

createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b

Now...
Close any open Browsers.

Click the Run script button, and wait. It takes a few minutes to run all the script.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed log is opened after the reboot.

Please attach the zoek-results.log in your reply.
(The initial report posted in pieces is very hard for this old dog to read!)


BTW, this thread should be here: System Security - Windows 8 Forums