Zoek.exe v5.0.0.0 Updated 23-04-2015 Tool run by Medion on zo 03/05/2015 at 12:26:09,94. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Medion\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 3/05/2015 12:32:36 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\AVS4YOU deleted successfully C:\Program Files\Freemake deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\PROGRA~2\CorelDRAW Graphics Suite X6 deleted successfully C:\PROGRA~2\Freemake deleted successfully C:\Users\Medion\AppData\Roaming\Lite deleted successfully C:\Users\Medion\AppData\Roaming\WinRAR deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14d02517-c8be-4735-a344-3c8366c77aa0} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14d02517-c8be-4735-a344-3c8366c77aa0} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1DF7D461-656A-4D7D-7B5E-D2D91AF9DE76} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1DF7D461-656A-4D7D-7B5E-D2D91AF9DE76} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b1df253a-9e7a-480d-b6a5-7a435b520dbb} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b1df253a-9e7a-480d-b6a5-7a435b520dbb} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Internet Explorer\SearchScopes\{d3f22a84-2a84-49eb-91e6-5dadaaf0165d} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8040829d-1177-46e2-9157-8282438b79c7} deleted successfully HKEY_CLASSES_ROOT\CLSID\{14d02517-c8be-4735-a344-3c8366c77aa0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14d02517-c8be-4735-a344-3c8366c77aa0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{1DF7D461-656A-4D7D-7B5E-D2D91AF9DE76} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DF7D461-656A-4D7D-7B5E-D2D91AF9DE76} deleted successfully HKEY_CLASSES_ROOT\CLSID\{b1df253a-9e7a-480d-b6a5-7a435b520dbb} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1df253a-9e7a-480d-b6a5-7a435b520dbb} deleted successfully HKEY_CLASSES_ROOT\CLSID\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d3f22a84-2a84-49eb-91e6-5dadaaf0165d} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{8040829d-1177-46e2-9157-8282438b79c7} deleted successfully HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{af94b35c-3ac5-4030-9f9c-15fb4e3dc339} deleted successfully ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\devolo\dlan\devolonetsvc.exe C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe C:\PROGRA~1\MYWEBF~2\bar\1.bin\5abarsvc.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\MyWebFace_5a\bar\1.bin\5abrmon.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK32.EXE C:\Windows\System32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe C:\Program Files\Windows Media Player\wmpnetwk.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\system32\DllHost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe C:\Users\Medion\Desktop\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebFace_5aService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MyWebFace_5aService deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\a2zhpcqu.default user.js not found ---- Lines search.net removed from prefs.js ---- user_pref("browser.search.defaultenginename", "default-search.net"); user_pref("browser.search.order.1", "default-search.net"); user_pref("browser.search.selectedEngine", "default-search.net"); user_pref("keyword.URL", "http://www.default-search.net/search?sid=476&aid=135&itype=n&ver=14591&tm=537&src=ds&p="); ---- FireFox user.js and prefs.js backups ---- prefs_20150305_1242_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14d02517-c8be-4735-a344-3c8366c77aa0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DF7D461-656A-4D7D-7B5E-D2D91AF9DE76}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1df253a-9e7a-480d-b6a5-7a435b520dbb}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "MyWebFace Search Scope Monitor"=- "MyWebFace_5a Browser Plugin Loader"=- ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files\AVS4YOU not found C:\Program Files\Freemake not found C:\ProgramData\Bcool deleted C:\45e77aab62acfe73672b02c3c2a0 deleted C:\Users\Medion\appdata\locallow\MyWebFace_5a deleted C:\PROGRA~2\Premium deleted C:\Program Files\Mozilla Firefox\searchplugins\default-search.xml deleted C:\Users\Medion\AppData\Roaming\FirefoxToolbar deleted C:\PROGRA~2\InstallMate deleted C:\PROGRA~2\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bcool deleted C:\Users\Medion\AppData\LocalLow\Bcool deleted C:\Users\Medion\AppData\LocalLow\DataMngr deleted C:\Windows\~ACROBAT.TMP deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\a2zhpcqu.default\searchplugins\default-search.xml deleted C:\Users\Medion\AppData\Local\Temp\{EF3D67A8-8D67-5CFF-BE14-C54534DE455E}\Addons\bcool_setup.exe deleted "C:\Users\Medion\AppData\Local\9f2c10a0-f56c-464d-b90f-23109eb5be53" deleted "C:\Users\Medion\AppData\Roaming\itesing\marfacat.dll" deleted "C:\Program Files\MyWebFace_5a\bar\1.bin\5abrmon.exe" deleted "C:\Program Files\MyWebFace_5a\bar\1.bin\5abrstub.dll" deleted "C:\Program Files\MyWebFace_5a\bar\1.bin\T8RES.DLL" deleted "C:\Program Files\MyWebFace_5a\bar\1.bin\5abrmon.exe" deleted "C:\Program Files\MyWebFace_5a\bar\1.bin\5abrstub.dll" deleted "C:\Program Files\MyWebFace_5a\bar\1.bin\T8RES.DLL" deleted "C:\Program Files\MyWebFace_5a\bar\1.bin\5abrmon.exe" deleted "C:\Program Files\MyWebFace_5a\bar\1.bin\5abrstub.dll" deleted "C:\Program Files\MyWebFace_5a\bar\1.bin\T8RES.DLL" deleted "C:\Users\Medion\AppData\Roaming\itesing" not deleted "C:\Program Files\MyWebFace_5a" not deleted "C:\Program Files\MyWebFace_5a" not deleted "C:\Program Files\MyWebFace_5a" not deleted "C:\Program Files\MyWebFace_5a\bar" not deleted "C:\Program Files\MyWebFace_5a\bar\1.bin" not deleted "C:\Program Files\MyWebFace_5a\bar" not deleted "C:\Program Files\MyWebFace_5a\bar\1.bin" not deleted "C:\Program Files\MyWebFace_5a\bar" not deleted "C:\Program Files\MyWebFace_5a\bar\1.bin" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 3327 MB CPU Info: AMD Phenom(tm) II X4 925 Processor CPU Speed: 2804,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Realtek HDMI Output (Realtek Hi | Display Adapters: ATI Radeon HD 5670 | ATI Radeon HD 5670 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH22NS50 Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 1356,2GB | D: 40,0GB Hard Disks - Free: C: 1081,5GB | D: 30,9GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 05/07/10 | MEDION - 20100507 Time Zone: Romance (standaardtijd) Motherboard *: MEDIONPC MS-7646 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17728 Mozilla Firefox version: 16.0.2 (x86 nl) Adobe Reader version: 9.5.5.316 Sun Java version: 1.8.0_45 (32-bit) Flash Player version: 17.0.0.169 Shockwave Player version: 11.5.6r606 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Medion\AppData\Local\Temp ==== 2015-04-30 15:46:35 B94BC5A03F1498DAB06550B9221C60BF 21062608 ----a-w- C:\Users\Medion\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.259_NetStorage.exe ====== Java Cache ===== 2015-05-03 10:20:13 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Medion\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-310d7659 2015-05-03 10:20:08 17E871462650C03582C61CDE15AF7B12 425 ----a-w- C:\Users\Medion\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2015-05-03 10:20:07 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Medion\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-7bf27ee2 ====== C:\Windows\system32 ===== 2015-05-03 09:48:32 204FBC5577EEF260B5FEA3326148CF4A 96352 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll ====== C:\Windows\system32\drivers ===== 2015-04-14 19:55:40 D800E1EAF33630A1636BB21E8256AA92 137656 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2015-04-14 19:55:40 746F89CE0C6569C589E6AC4D3DA82D41 67512 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-04-14 19:54:31 487569E5DA56A5A432FF8AF6D3599CF9 514560 ----a-w- C:\Windows\System32\drivers\http.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-05-03 09:49:14 -------- d-----w- C:\Program Files\Common Files\Java 2015-04-15 11:57:16 -------- d-----w- C:\Program Files\Common Files\Skype ======= C: ===== ====== C:\Users\Medion\AppData\Roaming ====== 2015-05-03 09:37:56 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Locallow\Sun 2015-04-28 15:42:20 -------- d-----w- C:\Users\Medion\AppData\Local\Pinnacle ====== C:\Users\Medion ====== 2015-05-03 09:08:10 EDD9003275DB08B8B4C131F5D934C99F 561760 ----a-w- C:\Users\Medion\Downloads\JavaSetup8u45.exe 2015-05-01 15:58:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2015-05-01 15:09:43 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Medion\Desktop\RSIT.exe 2015-04-15 11:57:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ====== C: exe-files == 2015-05-03 09:47:59 EED888394AC81A663F12C6EC43AB2838 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-05-03 09:47:59 4586CD8F1C929EF184098A22FE31A857 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-05-03 09:47:59 1E2E159D0621A466CFA7CE06E4DA9CAE 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-05-03 09:47:47 FF589C55E0CB6A0A1BD9570217BB1A42 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\tnameserv.exe 2015-05-03 09:47:47 C57CA849D13177E1F43CFEF51374F1EE 159328 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\unpack200.exe 2015-05-03 09:47:47 B66ED84383EA6C6218CA47BC49C15615 50784 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ssvagent.exe 2015-05-03 09:47:46 A1A1BC927541346D840BBB511F557848 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\policytool.exe 2015-05-03 09:47:46 5DF39BE82C777B7EDAD34E3A7A7EADB7 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmid.exe 2015-05-03 09:47:46 2682BB5D60C30DCB5A2BC414D01D6764 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-05-03 09:47:46 134D4B0A753808F8F8645DCF3FA00173 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\servertool.exe 2015-05-03 09:47:45 FD8978875A992C876AF430B35DF9CFA7 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\pack200.exe 2015-05-03 09:47:45 D3DA34876B7F6D06D26D29CA77BD25A2 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ktab.exe 2015-05-03 09:47:45 CF683290B3369A1491A5B8B4D19F79B3 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jjs.exe 2015-05-03 09:47:45 98903A3C01AA820E7FCC19A0A60126C0 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\klist.exe 2015-05-03 09:47:45 4EA6A4DD2EB584C4C2BF39A9A7D0D580 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\keytool.exe 2015-05-03 09:47:45 3C0A1F0D13A8998E9A1825A853FF3B39 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\kinit.exe 2015-05-03 09:47:45 1F29E31C6B9A487FF32006C4E223BA4F 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\orbd.exe 2015-05-03 09:47:45 1CCD26E1E9FC582ABAA5D5FD1FA47A6B 76384 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-05-03 09:47:44 EF66D96BC42BCE52686A7635AB11D8DD 68192 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe 2015-05-03 09:47:44 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe 2015-05-03 09:47:44 4586CD8F1C929EF184098A22FE31A857 271968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe 2015-05-03 09:47:43 F16868F20E4701142FAEF8C9FA847D27 30304 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jabswitch.exe 2015-05-03 09:47:43 88FFC43B0E3BB3E30F70CB7B08D499B4 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java-rmi.exe 2015-05-03 09:47:43 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java.exe 2015-05-03 09:08:10 EDD9003275DB08B8B4C131F5D934C99F 561760 ----a-w- C:\Users\Medion\Downloads\JavaSetup8u45.exe 2015-05-01 15:57:59 317716406E360DF7747C73F10F970633 28927 ----a-w- C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe 2015-05-01 15:25:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Medion.exe 2015-05-01 15:09:43 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Medion\Desktop\RSIT.exe 2015-04-30 15:48:11 4746BF58B1EFEDDB5C49D67EBD7DAE31 715488 ----a-w- C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe 2015-04-30 15:46:35 B94BC5A03F1498DAB06550B9221C60BF 21062608 ----a-w- C:\Users\Medion\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.259_NetStorage.exe 2015-04-30 11:45:54 A413D8871FC2CC19963864A5A5E4F849 267824 ----a-w- C:\Program Files\Common Files\Java\Java Update\jaureg.exe 2015-04-30 11:45:44 34084D25BE6F48D072AA54DE630438FD 334896 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe 2015-04-30 11:45:34 BCBD6EF870818D88F299E9C243C191ED 1058352 ----a-w- C:\Program Files\Common Files\Java\Java Update\jucheck.exe === C: other files == 2015-05-03 09:47:48 5DDC15149346900F16B38C65502BACA9 14130 ----a-w- C:\Program Files\Java\jre1.8.0_45\lib\deploy\ffjcext.zip 2015-05-01 08:52:32 267E5A309F8393FB5586586391174540 12822 ----a-w- C:\Users\Medion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RNWSOOY6\cloud-capability[1].zip 2015-04-28 11:22:50 99DC2CE0361C75C97082D35A393A5A32 17077 ----a-w- C:\Users\Medion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J70YX8PE\cloud-capability[1].zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-218358856-1595501492-1267453938-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Logitech Vid"="C:\Program Files\Logitech\Vid HD\Vid.exe -bootmode" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "LaunchList"="C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe" "Sony PC Companion"="C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe /Background" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "LWS"="C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe /s" "CanonQuickMenu"="C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Logitech Vid"="C:\Program Files\Logitech\Vid HD\Vid.exe -bootmode" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "LaunchList"="C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe" "Sony PC Companion"="C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe /Background" ==== Startup Folders ====================== 2012-08-26 13:43:10 2073 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk 2012-08-31 16:44:18 1963 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [17/04/2015 11:45] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\{01285247-7A2C-442D-B086-3DF835CFCBFA}" [C:\Pwralbum\PWRALBUM.EXE] "C:\Windows\system32\tasks\{77862F50-46C9-42DB-AF21-6B4CD14EC007}" [E:\SETUP.EXE] "C:\Windows\system32\tasks\{ED015A15-C429-4B0B-B268-BD809625435F}" [E:\SETUP.EXE] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\a2zhpcqu.default user_pref("browser.startup.homepage", "https://www.google.be/?gfe_rd=cr&ei=Si5yVN3XJ_Sq8weDloCYBA&gws_rd=ssl"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [22/10/2014 11:33] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [26/08/2012 15:46] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\a2zhpcqu.default - Firefox Old Version Update Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Medion\AppData\Roaming\Mozilla\Firefox\Profiles\a2zhpcqu.default 847C1A6B649D406FDB721E1BCE4E1E38 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.6 B239D122D14692FC5EFBA7121C770F61 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.6 0900BBAB5745ECEC21C5E8254F05B7B0 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.6 17D7FEB824594E6446059EB3987D1AA9 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.6 59492511D7A8BC90A2F6023218E80F9C - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.6 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin 3239619A441E23A20EC923DF92FF2D70 - C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll - CANON iMAGE GATEWAY Album Plugin Utility for IJ CF46E0E1398B382CE0CE738C67A38DD1 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies 32A783FE8D78DB883368CA851E274DBE - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 075394F75303286C2FA91908CB781609 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions opfllphdcgjcjmkjpggliaepakaehmdj - C:\ProgramData\Bcool\opfllphdcgjcjmkjpggliaepakaehmdj.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/?gfe_rd=cr&ei=eehwVP6hNPDH8gee3YGIAg&gws_rd=ssl" "Default_Page_URL"="http://www.aldi.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="https://www.google.be/?gfe_rd=cr&ei=eehwVP6hNPDH8gee3YGIAg&gws_rd=ssl" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {1FDAD1EF-D17C-4AEB-ACA1-CE40AACDE2CC} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8B1881C3-A40C-4DF3-BFD2-CCD2FEDD7D83} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D071E7F8-31D9-679C-61BE-1288B637BE19} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\opfllphdcgjcjmkjpggliaepakaehmdj deleted successfully ==== HijackThis Entries ====================== O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\DLink\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-72747-17534-1/4 (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: devolo Network Service (DevoloNetworkService) - devolo AG - C:\Program Files\devolo\dlan\devolonetsvc.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Medion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Medion\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Medion\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Medion\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Medion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S87WS7KX will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Medion\AppData\Local\Mozilla\Firefox\Profiles\a2zhpcqu.default\Cache emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=209 folders=45 17575857 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Medion\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Medion\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Medion\AppData\Roaming\itesing" not found "C:\Program Files\MyWebFace_5a" not found "C:\Program Files\MyWebFace_5a" not found "C:\Program Files\MyWebFace_5a" not found "C:\Users\Medion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S87WS7KX" not found "C:\Users\Medion\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UDMCW7K7\syndication.vmma.be" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 03/05/2015 at 13:10:13,55 ======================