Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Melesia on Sun 03/05/2017 at 7:54:18.67.
Microsoft Windows 10 Home 10.0.14393 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Melesia\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
3/5/2017 8:00:06 AM Zoek.exe System Restore Point Created Successfully.
==== Installed Programs ======================
Adobe Acrobat Reader DC
Adobe AIR
Adobe Flash Player 24 PPAPI
Adobe Refresh Manager
Amazon Send to Kindle
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Conexant HD Audio
Definition Update for Microsoft Office 2010 (KB3115475) 32-Bit Edition
Dolby Digital Plus Advanced Audio
Energy Management
Facebook Gameroom 1.3.1.2
FreeRide Games
Google Chrome
Google Update Helper
Intel AppUp(SM) center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intelr Trusted Connect Service Client
Java 8 Update 121 (64-bit)
Java Auto Updater
Lenovo Bluetooth with Enhanced Data Rate Software
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo Photos
Lenovo pointing device
Lenovo PowerDVD10
Lenovo Service Bridge
Lenovo Solution Center
Lenovo YouCam
Lenovo_Wireless_Driver
Malwarebytes Anti-Malware version 2.2.1.1043
Microsoft Audio Enhancement Troubleshooter installer
Microsoft Office
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft OneDrive
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Nitro Pro 10
Power2Go
Realtek USB 2.0 Card Reader
Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition
Security Update for Microsoft Excel 2010 (KB3128037) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553432) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2889841) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054984) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3114400) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3115120) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3118380) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB3114885) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB3118313) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB3118378) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB3114395) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB3114872) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2999465) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB3128034) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x64
Skype Click to Call
SkypeT 7.28
SUPERAntiSpyware
Trend Micro DirectPass
Trend Micro Maximum Security
Trend Micro Password Manager
Trend Micro Titanium
Trend Micro Troubleshooting Tool
Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881030) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition
Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition
Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition
Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
UserGuide
VCRT for DirectPass x64
VCRT for DirectPass x86
VMware Horizon Client
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
==== Running Processes ======================
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view-usbd.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Melesia\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\chrome_extension2\host\chrome_native_msg_host.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Melesia\Desktop\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
==== Services(whitelist) ======================
Powered by
E DevR2 - [!SASCORE] - SAS Core Service - c:\program files\superantispyware\sascore64.exe
R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [Amsp] - Trend Micro Solution Platform - c:\program files\trend micro\amsp\coreserviceshell.exe coreframeworkhost.exe [x]
R2 - [BcmBtRSupport] - Bluetooth Driver Management Service - c:\windows\system32\btwrsupportservice.exe
R2 - [CxAudMsg] - Conexant Audio Message Service - c:\windows\system32\cxaudmsg64.exe
R2 - [ETDService] - Elan Service - c:\program files\elantech\etdservice.exe
R2 - [ftnlsv3hv] - VMware Netlink Supervisor Service - c:\program files\common files\vmware\deviceredirectioncommon\ftnlsv.exe
R2 - [ftscanmgrhv] - VMware Scanner Redirection Client - c:\program files (x86)\vmware\scannerredirection\ftscanmgrhv.exe
R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [nlsX86cc] - Nalpeiron Licensing Service - c:\windows\syswow64\nlssrv32.exe
R2 - [Platinum Host Service] - Platinum Host Service - c:\program files\trend micro\titanium\plugin\pt\ptsvchost.exe
R2 - [PwmSvc] - Trend Micro Password Manager Central Control Service - c:\program files\trend micro\tmids\pwmsvc.exe
R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
R2 - [VMUSBArbService] - VMware USB Arbitration Service - c:\program files (x86)\common files\vmware\usb\vmware-usbarbitrator64.exe
R2 - [vmware-view-usbd] - VMware View USB - c:\program files (x86)\vmware\vmware horizon view client\vmware-view-usbd.exe
R2 - [vmwsprrdpwks] - VMware Serial Com Redirection Client service - c:\program files (x86)\common files\vmware\serialportredirection\client\vmwsprrdpwks.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [gupdate] - Google Update Service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [SAService] - Conexant SmartAudio service - c:\windows\system32\sasrv.exe [x]
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
S3 - [diagnosticshub.standardcollector.service] - Microsoft (R) Diagnostics Hub Standard Collector Service - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [LSC.Services.SystemService] - Lenovo Solution Center System Service - c:\program files\lenovo\lenovo solution center\app\lsc.services.systemservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SensorDataService] - Sensor Data Service - c:\windows\system32\sensordataservice.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [TieringEngineService] - Storage Tiers Management - c:\windows\system32\tieringengineservice.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
==== System Specs ======================
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3960 MB
CPU Info: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
CPU Speed: 1840.2 MHz
Sound Card: Speakers (Conexant SmartAudio H |
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: This Qualcomm Atheros network Controller connects you to the network. | Bluetooth PAN HelpText | The Broadcom 802.11 Network Adapter provides wireless local area networking. | Microsoft Wi-Fi Direct Virtual Adapter
CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ8D1
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 418.0GB | D: 25.0GB
Hard Disks - Free: C: 364.8GB | D: 22.7GB
Manufacturer *: LENOVO
BIOS Info: AT/AT COMPATIBLE | | LENOVO - 1
Time Zone: Eastern Standard Time
Motherboard *: LENOVO INVALID
Country: United States
Language: ENU
==== System Specs (Software) ======================
Anti-Virus: Trend Micro Maximum Security On-access scanning enabled (Updated)
Anti-Spyware: Trend Micro Maximum Security enabled (Updated)
Internet Explorer Version: 11.576.14393.0
Google Chrome version: 56.0.2924.87
Adobe Reader version: 15.23.20070.215641
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
====== C:\Users\Melesia\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2017-03-04 02:09:19 3C9508C3B515FDB5762DF5862C864301 110144 ----a-w- C:\WINDOWS\Sysnative\WindowsAccessBridge-64.dll
====== C:\WINDOWS\Sysnative\drivers =====
====== C:\WINDOWS\Tasks ======
2017-03-04 02:03:54 BD7CD11E113AF7D34618F9E56DD41A73 3970 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-04 02:03:54 94C14863E7C4C12254A16B04306FA785 830 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-03-04 02:03:54 5EDE898B6B817D5C6D32C8DB1291C0C0 3806 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater
2017-03-04 02:03:54 2EFD1090D78C7D77EEED4329D1697045 892 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2017-03-04 02:08:36 -------- d-----w- C:\Program Files\Java
======= C:\PROGRA~2 =====
2017-03-04 02:11:53 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
======= C: =====
2017-03-04 19:46:04 EA628982B6C5639A39D3866933A50695 1049 ----a-w- C:\AdwCleanerFile.txt
====== C:\Users\Melesia\AppData\Roaming ======
====== C:\Users\Melesia ======
2017-03-04 14:48:31 CAC2A9395DFA587DB4B62AA781C9432E 4031440 ----a-w- C:\Users\Melesia\Desktop\adwcleaner_6.044.exe
2017-03-04 13:48:00 C246FC88529FC3A4910CAB72BEF50539 1663736 ----a-w- C:\Users\Melesia\Desktop\JRT.exe
2017-03-04 02:09:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-03-04 02:06:29 A963C6B8A012E658A3D657C4897CF7C8 64153152 ----a-w- C:\Users\Melesia\Downloads\jre-8u121-windows-x64.exe
2017-03-04 01:37:32 EEF6A6F6CAFD2A53D3ACD6DA53239661 2423296 ----a-w- C:\Users\Melesia\Desktop\FRST64.exe
====== C: exe-files ==
2017-03-04 19:01:49 FCE0D118E1E35E2CBCCA6FA3022A8008 182736 ----a-w- C:\AdwCleaner\quarantine\files\wfpdpxtpfxfyhpvazncbpypyjaufrgbh\{AF0F0516-B7C3-C849-B26D-0F2F8EDD8279}\YSearchUtilSVC.exe
2017-03-04 19:01:49 92A435B45AEA4B5FB0BBAB869DFFDA3A 112080 ----a-w- C:\AdwCleaner\quarantine\files\wfpdpxtpfxfyhpvazncbpypyjaufrgbh\{AF0F0516-B7C3-C849-B26D-0F2F8EDD8279}\YSearchSetTool.exe
2017-03-04 19:01:49 5A0330E659B596F73FE627B1D44E0D6F 71008 ----a-w- C:\AdwCleaner\quarantine\files\wfpdpxtpfxfyhpvazncbpypyjaufrgbh\{AF0F0516-B7C3-C849-B26D-0F2F8EDD8279}\unset.exe
2017-03-04 14:48:31 CAC2A9395DFA587DB4B62AA781C9432E 4031440 ----a-w- C:\Users\Melesia\Desktop\adwcleaner_6.044.exe
2017-03-04 13:48:17 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\Melesia\AppData\Local\Temp\jrt\nfo\nircmdc.exe
2017-03-04 13:48:17 2251CEB04ADFFB068F80A6C98F5B7ABB 106448 ----a-w- C:\Users\Melesia\AppData\Local\Temp\jrt\CreateRestorePoint.exe
2017-03-04 13:48:00 C246FC88529FC3A4910CAB72BEF50539 1663736 ----a-w- C:\Users\Melesia\Desktop\JRT.exe
2017-03-04 02:27:56 B52838351CFE6D0C95332452DE1016E7 67072 ----a-w- C:\Users\Melesia\AppData\Local\Facebook\updater.exe
2017-03-04 02:09:11 F8AB79517B4EB4508375EC0406C3EDEC 69696 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\ssvagent.exe
2017-03-04 02:09:11 DA7093EA1B09B11250B1AC485B69EAD6 197184 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\unpack200.exe
2017-03-04 02:09:11 B4FB76D02378BE2F8F7EC9BCE8C423BE 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\tnameserv.exe
2017-03-04 02:09:11 7DA769B18CB16D0192E6D3C307085F07 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\servertool.exe
2017-03-04 02:09:10 F6E4712218FBA1764F851C3448C17FE2 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\pack200.exe
2017-03-04 02:09:10 EE400CB85481BAB9980FB40CB9BD7EBD 15936 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\jjs.exe
2017-03-04 02:09:10 DE7C36AE916376D1E628ACE68808CB7F 111680 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\jp2launcher.exe
2017-03-04 02:09:10 D1ADB720D6173F8CE7BAB37FFFA3C90D 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\kinit.exe
2017-03-04 02:09:10 B38235C49CEB1B2DB4836BEEF95BF261 34368 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\jabswitch.exe
2017-03-04 02:09:10 ABF2E38B995E8F2997713393073A7E22 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\rmiregistry.exe
2017-03-04 02:09:10 9959983B48E5A2796C76ED1DE02D02CD 79936 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\javacpl.exe
2017-03-04 02:09:10 97B50FC1A368706C6D0DBFA3060A5721 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\ktab.exe
2017-03-04 02:09:10 957285B9662D1E3BAA9501B7D1B29E0E 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\orbd.exe
2017-03-04 02:09:10 909B3A1DEC24CE9687A71C7B2E4DBE35 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\klist.exe
2017-03-04 02:09:10 870F4F8548DED2A88519D83C69856AA0 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\keytool.exe
2017-03-04 02:09:10 7F646A16329B9DE19B3231B9F1619F77 15936 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\rmid.exe
2017-03-04 02:09:10 7F0467C3AA5BDAF44BBC824AC81359D0 206912 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\javaw.exe
2017-03-04 02:09:10 58F6CC7AA09D6CC6D566D888CC37B5DD 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\policytool.exe
2017-03-04 02:09:10 514859480D5D3A7E87BE8741CF4FEA1E 15936 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\java-rmi.exe
2017-03-04 02:09:10 177B6CC9FEBFFC816A71D11132CEED5E 206912 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\java.exe
2017-03-04 02:09:10 135592B076CE53BC24AA251E1B89A9F1 318528 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\javaws.exe
2017-03-04 02:06:29 A963C6B8A012E658A3D657C4897CF7C8 64153152 ----a-w- C:\Users\Melesia\Downloads\jre-8u121-windows-x64.exe
2017-03-04 01:37:32 F3B9095EEE5F82E222781F2F2BF210FD 2423808 ----a-w- C:\Users\Melesia\Desktop\FRST-OlderVersion\FRST64.exe
2017-03-04 01:37:32 EEF6A6F6CAFD2A53D3ACD6DA53239661 2423296 ----a-w- C:\Users\Melesia\Desktop\FRST64.exe
2017-03-03 02:08:31 B84E589F25BDE8362B8CFD2A81C2D4A2 2623480 ----a-w- C:\Users\Melesia\AppData\Local\Google\Chrome\User Data\SwReporter\17.94.0\software_reporter_tool.exe
2017-03-03 01:12:01 EE0F39935189F6F2B749651A5843EB5A 20478176 ----a-w- C:\Users\Melesia\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
2017-03-03 01:12:01 EE0F39935189F6F2B749651A5843EB5A 20478176 ----a-w- C:\Users\Melesia\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\OneDriveSetup.exe
2017-03-03 01:11:07 11A8F14BD167BA0E0FF9830519002840 229592 ----a-w- C:\Users\Melesia\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncConfig.exe
2017-03-03 01:11:06 541CBA6B4CD1F65D7C0305223C24CB00 215264 ----a-w- C:\Users\Melesia\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileCoAuth.exe
2017-02-28 05:01:54 A7B395F4D030734375D54DA270F23FA6 384944 ----a-w- C:\Users\Melesia\AppData\Local\Facebook\Games\FacebookGameroom.exe
2017-02-28 05:01:54 8E6F0058C493C5B82223E3B36FA3FF9B 14768 ----a-w- C:\Users\Melesia\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
2017-02-28 04:54:06 733C32F6350C5CD623176F3B705FF47A 67072 ----a-w- C:\Users\Melesia\AppData\Local\Facebook\Games\updater.exe
=== C: other files ==
2017-03-04 15:24:45 5A5B2354760D4F3B1A6B08C9DF729277 903277 ----a-w- C:\Users\Melesia\Desktop\HealthSummary20170304.zip
2017-03-04 13:48:16 AC82941E47BF2AA459975C8B5D8FFDD6 129511 ----a-w- C:\Users\Melesia\AppData\Local\Temp\jrt\get.bat
2017-03-04 02:09:11 8795B77F5012AF9FAD42B84271FC650B 14156 ----a-w- C:\Program Files\Java\jre1.8.0_121\lib\deploy\ffjcext.zip
2017-03-03 01:11:06 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Melesia\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\CollectOneDriveLogs.bat
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"
[HKEY_USERS\S-1-5-21-3240382664-3217752032-3399020223-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Melesia\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"="C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"332BigDog"="C:\Program Files (x86)\USB Camera2\VM332STI.EXE"
"YouCam Mirage"="C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"YouCam Tray"="C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe /s"
"UpdateP2GShortCut"="C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Lenovo\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\5.0"
"RemoteControl10"="C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"Intel AppUp(SM) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4"
"Malwarebytes Anti-Exploit"="C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Melesia\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
"SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t"
"Energy Management"="C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"EnergyUtility"="C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe"
"PwmConsole.exe"="C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe -s"
"VMware Netlink 3 HV Install Utility"="C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe"
"Trend Micro Client Framework"="C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
"Platinum"="C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe 1"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [03/03/2017 09:03 PM]
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [03/03/2017 09:03 PM]
==== Other Scheduled Tasks ======================
"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\AirSupport Update" [C:\Program Files\Trend Micro\AirSupport\Update.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe]
"C:\WINDOWS\SysNative\tasks\OFFICE2010ACT" [C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Melesia\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{C6BF39F3-6C11-4E9F-99F1-A1EC94F9FD52}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"]
"C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\LSC\Lenovo Solution Center Notifications" [%programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScanPostpone" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\WINDOWS\SysNative\tasks\Lenovo\LSC\RebootCountTask" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount]
"C:\WINDOWS\SysNative\tasks\Lenovo\LSC\Time72Task" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{c2056674-a37f-4b29-9300-2004759d74fe}"="C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension" [01/02/2017 10:15 AM]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{22181a4d-af90-4ca3-a569-faed9118d6bc}"="C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension" [01/02/2017 10:47 AM]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Melesia\AppData\Roaming\Mozilla\Firefox\Profiles\e9pejw1d.default
- All Aboard - %ProfilePath%\extensions\@all-aboard-v1
==== Firefox Plugins ======================
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hikeppggmbhdgodhakicedaejpleoigm - No path found[]
idkknaphebegndgimgdpfnconcickdfn - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]
olmajmomenlhgihenlbjcfbopoghpckg - No path found[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
Google Slides - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Yahoo Mail Notification Extension - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjpdakpjonkfmggcmanlhdakfkhloii
Google Docs - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Send to Kindle for Google Chrome - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea
Google Search - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Kindle Cloud Reader - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd
Clearly - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj
Chrome Web Store Payments - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Trend Micro Privacy Scanner - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf
Trend Micro Password Manager - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmajmomenlhgihenlbjcfbopoghpckg
Gmail - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - Melesia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== IE Start and Search Settings ======================
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{6A64EA20-5465-4D1A-B5B7-5A3A256C1580} Yahoo Search Url="https://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on Sun 03/05/2017 at 8:15:26.50 ======================