Zoek.exe Version 4.0.0.4 Updated 19-08-2013 Tool run by Philip on ma 26/08/2013 at 16:10:15,88. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Philip\Desktop\zoek\zoek.exe [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\system32\DllHost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Packard Bell\FIJI\ABoard.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Packard Bell\FIJI\AOSD.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\sdclt.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\conime.exe C:\Users\Philip\Desktop\zoek\zoek.exe C:\Windows\system32\wbem\wmiprvse.exe ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-460907415-916705040-467641968-1002\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 8 Adobe Reader X (10.1.6) - Nederlands Adobe Shockwave Player Apple Application Support Apple Software Update Browser Address Error Redirector Creator 9 CX4300_5500_DX4400 Handboek D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition EPSON-printersoftware EPSON Copy Utility 3 EPSON Easy Photo Print EPSON Scan Facebook Plug-In Firefox Flash Player 9 Internet Explorer Google BAE Google Earth Google Toolbar Google Update Helper HDRegBENL Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Infocentre Rev. 2.0 Java 7 Update 25 Java Auto Updater Junk Mail filter update Keyboard FIJI LiveUpdate 3.2 (Symantec Corporation) LiveUpdate Notice (Symantec Corporation) Malwarebytes Anti-Malware versie 1.75.0.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended NLD Language Pack Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox 23.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) myphotobook 3.67 NIS2007 Norton Internet Security NVIDIA Install Application OGA Notifier 2.0.0048.0 Packard Bell ImageWriter Packard Bell LCD Test Packard Bell Updator Picasa 3 QuickTime Realtek HD Audio V6.0.1.5377 Realtek High Definition Audio Driver Roxio Creator 9 LE Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Segoe UI SetUp My PC Shockwave player 10 Skype 2.5.2.151 Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Taalpakket voor Microsoft .NET Framework 4 Extended - NLD Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\f8hcwaj5.default user.js not found ---- Lines yahoo removed from prefs.js ---- user_pref("google.toolbar.subscribe.aggregators.myyahoo.desc", "My Yahoo!"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.id", "myyahoo"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.order", "3"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.title", "My Yahoo"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.url", "http://add.my.yahoo.com/rss?url=%feed%"); ---- Lines yahoo modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20131505_2009_.backup prefs_20132608_1617_.backup ProfilePath: C:\Users\Katrien\AppData\Roaming\Mozilla\Firefox\Profiles\dt68iovs.default user.js not found ---- Lines yahoo removed from prefs.js ---- user_pref("google.toolbar.subscribe.aggregators.myyahoo.desc", "My Yahoo!"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.id", "myyahoo"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.order", "3"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.title", "My Yahoo"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.url", "http://add.my.yahoo.com/rss?url=%feed%"); ---- Lines yahoo modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20131505_2009_.backup prefs_20132608_1617_.backup ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\iibouvlv.default user.js not found ---- Lines yahoo removed from prefs.js ---- user_pref("google.toolbar.subscribe.aggregators.myyahoo.desc", "My Yahoo!"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.id", "myyahoo"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.order", "3"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.title", "My Yahoo"); user_pref("google.toolbar.subscribe.aggregators.myyahoo.url", "http://add.my.yahoo.com/rss?url=%feed%"); ---- Lines yahoo modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20131505_2009_.backup prefs_20132608_1617_.backup ==== Deleting Files \ Folders ====================== "C:\Program Files\GUT3BF7.tmp" deleted "C:\Windows\system32\Tasks\Express FilesUpdate" deleted "C:\Users\Philip\Desktop\NISDownloader.exe" deleted "C:\Program Files\GUM3BB8.tmp" deleted "C:\Users\Philip\AppData\Roaming\ParetoLogic" deleted "C:\Users\Philip\AppData\Roaming\DriverCure" deleted "C:\ProgramData\ParetoLogic" deleted "C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\f8hcwaj5.default\GoogleToolbarData" deleted "C:\Users\Katrien\AppData\Roaming\Mozilla\Firefox\Profiles\dt68iovs.default\GoogleToolbarData" deleted "C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\iibouvlv.default\GoogleToolbarData" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Philip\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== 2013-08-26 08:14:30 E78F1633DEA52D04508F306EEA1D1250 17737608 ----a-w- C:\Windows\System32\FlashPlayerInstaller.exe 2013-08-24 13:14:37 C5EEAA837E52F7B4763D5678CEDB9FF4 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-08-24 13:14:37 9C89AF1C0D74AEB51025F4B7A1A27A6E 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2013-08-24 13:14:37 87246CCD0088A7C7DE9ECAEC346DBB68 420864 ----a-w- C:\Windows\System32\vbscript.dll 2013-08-24 13:14:36 CA8860800EF5E387D0D4CC27F64E8011 176640 ----a-w- C:\Windows\System32\ieui.dll 2013-08-24 13:14:35 0A725B5A547DE3B4C0E7A0F6F6E972A5 65536 ----a-w- C:\Windows\System32\jsproxy.dll 2013-08-24 13:14:34 E5085AC9642756F6467F0A28B85477E2 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2013-08-24 13:14:34 6839F14A2507D9273BD13565DD880377 1129472 ----a-w- C:\Windows\System32\wininet.dll 2013-08-24 13:14:34 3711B49D8CF265A24CD82FB3BCFFB1D5 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-08-24 13:14:33 079C80C13024923DCF3DCCB4D8357637 717824 ----a-w- C:\Windows\System32\jscript.dll 2013-08-24 13:14:32 F3F218BAE79C4C104DFC44D8D530FD7C 1800704 ----a-w- C:\Windows\System32\jscript9.dll 2013-08-24 13:14:31 E500CEACB8FA2114C76FE39005F79C2D 231936 ----a-w- C:\Windows\System32\url.dll 2013-08-24 13:14:31 C4C06D8FDF02BD36497BD91825BB4C17 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2013-08-24 13:14:30 E8B57171FBDC576F4ECBB075179C308B 1104384 ----a-w- C:\Windows\System32\urlmon.dll 2013-08-24 13:14:29 22BEE919EE9E20F6DA460F0EB5F37B03 9738752 ----a-w- C:\Windows\System32\ieframe.dll 2013-08-24 13:14:29 127359736B0A2093249F20B3B0395BBE 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-08-24 13:14:26 7161E761E81356C8EF6383CB1AE41B8D 12334080 ----a-w- C:\Windows\System32\mshtml.dll 2013-08-24 12:57:43 351FA1DF82CFFDEDA801604246E63E95 15872 ----a-w- C:\Windows\System32\icaapi.dll 2013-08-24 12:57:26 F1DBB1AC69239D292A9035032C5B4F00 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-08-24 12:57:22 E389C328AC7FE5673593ECAD269E7A54 783360 ----a-w- C:\Windows\System32\rpcrt4.dll 2013-08-24 12:57:19 CB284FC56D12BF5D2503CB75B03FD40A 3551680 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-24 12:57:19 B9FDFF876B0E7B4FECBAA5708C6ED616 1205168 ----a-w- C:\Windows\System32\ntdll.dll 2013-08-24 12:57:19 61E5B6E75A5E53D1052A6D18BF67B59A 3603904 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2013-08-24 12:54:07 D16A740186870C32941C0E61DF4F1298 172544 ----a-w- C:\Windows\System32\wintrust.dll 2013-08-24 12:54:07 71B479749F0F52C4FEC726C6FFA2CE1C 98304 ----a-w- C:\Windows\System32\cryptnet.dll 2013-08-24 12:54:07 684C130BBC6DB681BAD4920A4C944AA5 133120 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-08-24 12:54:07 26138BCD0131DA417A6006FE8990CC59 992768 ----a-w- C:\Windows\System32\crypt32.dll 2013-08-24 12:44:10 1D9B3568CFDB55316985A053D6D96030 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2013-08-24 12:22:38 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\System32\atiicdxx.dat ====== C:\Windows\system32\drivers ===== 2013-08-26 09:18:36 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-08-24 12:57:43 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2013-08-24 12:57:42 D18D53974FD715D50FC76F9FFE1C830D 905664 ----a-w- C:\Windows\System32\drivers\tcpip.sys ====== C:\Windows\Tasks ====== 2013-08-26 14:09:05 3244D1E5600A20962F2B8A380E290578 3026 ----a-w- C:\Windows\system32\Tasks\{AE4BB073-A71C-4EDE-80A1-B56718512A95} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-24 12:55:05 -------- d-----w- C:\Program Files\Mozilla Maintenance Service ======= C: ===== ====== C:\Users\Philip\AppData\Roaming ====== 2013-08-24 12:20:21 18614CF8FBA06D0C9439A59A8183E531 680 ----a-w- C:\users\Philip\AppData\Local\d3d9caps.dat ====== C:\Users\Philip ====== 2013-08-26 08:39:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth ====== C: exe-files == 2013-08-26 09:17:12 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T9019FL8\mbam-setup-1.75.0.1300.exe 2013-08-26 08:14:30 E78F1633DEA52D04508F306EEA1D1250 17737608 ----a-w- C:\Windows\System32\FlashPlayerInstaller.exe 2013-08-24 13:14:34 3711B49D8CF265A24CD82FB3BCFFB1D5 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-08-24 13:14:31 57EC630DBD5F0713E77CB3540AB80A8E 757400 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-08-24 12:57:19 CB284FC56D12BF5D2503CB75B03FD40A 3551680 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-24 12:57:19 61E5B6E75A5E53D1052A6D18BF67B59A 3603904 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2013-08-24 12:55:07 2A6CE1E9055269C060AA3D7585E07A0C 106212 ----a-w- C:\Program Files\Mozilla Maintenance Service\Uninstall.exe 2013-08-24 12:55:05 A35576A433F4AEB0D48976A004657CB6 117656 ----a-w- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 2013-08-24 12:38:51 5FEC1A48B8A6F55D33E567946747006D 301056 ----a-w- C:\Windows\Temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe 2013-08-24 12:38:51 31196287A199231A4636D217C963206D 208384 ----a-w- C:\Windows\Temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe 2013-08-24 12:38:51 31196287A199231A4636D217C963206D 208384 ----a-w- C:\Windows\Temp\._msige61\program files\Google\Google Earth\client\googleearth.exe 2013-08-24 12:38:51 1360587AE2F8BC3826AF749E96500156 51712 ----a-w- C:\Windows\Temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe 2013-08-24 12:38:51 09071D1B85DD6759B0C68F8258AAD355 1207296 ----a-w- C:\Windows\Temp\._msige61\GoogleEarth.exe 2013-08-24 12:38:42 B21EBE35B22BE09004D4E5C3EA4BC9F2 25415728 ----a-w- C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.1.1888\GoogleEarth-Win-Bundle-7.1.1.1888.exe 2013-08-24 12:32:09 6466C051022547489D3409205128881B 59784 ----atw- C:\Program Files\Google\Update\1.3.21.153\GoogleUpdateBroker.exe 2013-08-24 12:32:09 1CA3976D1B1FE826ADF339F90AC25C60 59784 ----atw- C:\Program Files\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe 2013-08-24 12:32:07 A6F8D4FBC12177A75AB4C06D059229B6 784664 ----a-w- C:\Program Files\Google\Update\1.3.21.153\GoogleUpdateSetup.exe === C: other files == 2013-08-26 09:47:48 FE9BD381778A344F0E39AE2D5E607D7F 32344 ----a-r- C:\Windows\System32\drivers\NIS\1404000.028\srtspx.sys 2013-08-26 09:47:48 C834343C3A23DC9BC3AA752F0CAFD04B 352344 ----a-r- C:\Windows\System32\drivers\NIS\1404000.028\symtdiv.sys 2013-08-26 09:47:48 C743E384E9EFCA10B41C60D406DE39C0 603224 ----a-r- C:\Windows\System32\drivers\NIS\1404000.028\srtsp.sys 2013-08-26 09:47:48 AF879C2A9DBF8529E1F8169B8BAC643C 339544 ----a-r- C:\Windows\System32\drivers\NIS\1404000.028\symnets.sys 2013-08-26 09:47:48 8C9B9036E301A9965CF15BEC91C58A12 175264 ----a-r- C:\Windows\System32\drivers\NIS\1404000.028\Ironx86.sys 2013-08-26 09:47:48 5A193E5E0F0A776430E5D62A051C1E16 367704 ----a-r- C:\Windows\System32\drivers\NIS\1404000.028\SymDS.sys 2013-08-26 09:47:48 40D7124FB57EB208E3DD56A73545FB64 21400 ----a-r- C:\Windows\System32\drivers\NIS\1404000.028\SymELAM.sys 2013-08-26 09:47:48 3BEE52611F22C9C0023A98A4425E084F 134744 ----a-r- C:\Windows\System32\drivers\NIS\1404000.028\ccSetx86.sys 2013-08-26 09:47:48 1773FB2920EBB3A8BAD0360618091470 934488 ----a-r- C:\Windows\System32\drivers\NIS\1404000.028\SymEFA.sys 2013-08-26 09:18:36 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-08-24 12:57:43 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2013-08-24 12:57:42 D18D53974FD715D50FC76F9FFE1C830D 905664 ----a-w- C:\Windows\System32\drivers\tcpip.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-460907415-916705040-467641968-1002\Software\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" "toolbar_eula_launcher"="C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" "ACTIVBOARD"="C:\Program Files\Packard Bell\FIJI\aboard.exe" "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe" "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\Uitgebreide garantie.job --a------ [Undetermined Task] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\f8hcwaj5.default - Undetermined - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn - Undetermined - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} - Google Toolbar for Firefox - %ProfilePath%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} ProfilePath: C:\Users\Katrien\AppData\Roaming\Mozilla\Firefox\Profiles\dt68iovs.default - Undetermined - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn - Undetermined - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn - Visualisateur 3D de 20-20 - %ProfilePath%\extensions\2020Player@2020Technologies.com - Google Toolbar for Firefox - %ProfilePath%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\iibouvlv.default - Undetermined - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} - Google Toolbar for Firefox - %ProfilePath%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} AppDir: C:\Program Files\Mozilla Firefox - Google Toolbar for Firefox - %AppDir%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} ==== Firefox Plugins ====================== Profilepath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\iibouvlv.default ABCB4A6EAB701C629378255ABCB308E5 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U25 D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17 101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update F045DF7AF127DC4BCC53421850114E15 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll - Silverlight Plug-In 7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 45D7F2FABDFD500E3C35DC068B552544 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 11783673BE7B701E673366CC03A38D91 - C:\Users\Philip\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin F20EB3543F6D84699D657B65464A51D4 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.6 2E22E6512FDA7BC5729A8B0A12F2EC24 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.6 5D86AB1A2C70A58C1F491C17965AB829 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.6 0A47A8F44F62D7A802EE34CC260E7D0C - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.6 25301E86A8930A6DB15B23525E38421F - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.6 C47262EBB6218430EE5143CE066AD4A2 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.6 5405D5ED25F7355177D159585B6860D2 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.6 AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 7D28153B7D586330678AD522B71D89CB - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrlui.dll - Microsoft® Silverlight DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx[30/05/2013 19:49] ConetInUyetyOsaavvea - Philip - Default\Extensions\endpijpmnmlhkoliahoompagpfakdoed ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {E924B7E5-25C8-405F-8AC1-C138AA7AF1B8} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}" ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe O4 - HKLM\..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\aboard.exe O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe ==== Empty IE Cache ====================== C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Katrien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Katrien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\f8hcwaj5.default\Cache emptied successfully C:\users\Katrien\AppData\Local\Mozilla\Firefox\Profiles\dt68iovs.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Philip\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on ma 26/08/2013 at 16:25:46,62 ======================