
Zoek.exe v5.0.0.1 Updated 18-December-2015
Tool run by Gebruiker on zo 20/12/2015 at  0:49:09,55.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

20/12/2015 0:53:35 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Monitor {7842554E-6BED-11D2-8CDB-B05550C10000} C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\GUM6759.tmp deleted successfully
C:\PROGRA~2\GUME68E.tmp deleted successfully
C:\PROGRA~2\MALWAREBYTES ANTI-MALWARE deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\RegClean Pro deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully
C:\Users\Default\AppData\Roaming\ProductData deleted successfully
C:\Users\Gebruiker\AppData\Roaming\f-secure deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Lite deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Okofew deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Systweak deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Yqavyl deleted successfully
C:\Users\Gebruiker\AppData\Local\CrashDumps deleted successfully
C:\Users\Gebruiker\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Gebruiker\AppData\Local\EmieSiteList deleted successfully
C:\Users\Gebruiker\AppData\Local\EmieUserList deleted successfully
C:\Users\Gebruiker\AppData\Local\PackageAware deleted successfully
C:\Users\Gebruiker\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{109A93D9-577C-4B21-A38C-25255F532969} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11783856-F3A6-4329-BC29-76F2BB51CF7B} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14F5C149-32BA-4437-89D0-AF6CE74F77A} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16F47E94-EDBF-4115-B7EA-6F7293D8B99} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C5B8A60-F70B-4ECB-95B-3436A14F243} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F198599-5ACC-4E32-8B79-2953C8B5295F} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20724168-C052-463E-B378-655FF8106D3A} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BD9C6A2-A0D9-4E6A-BF1A-B1D5C117FB7F} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A7CD3D4-C9FB-4D89-87C6-D181B922F9} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AF0AB69-829C-4174-8A3B-878726BDB584} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E45037F-DC26-4A81-A26D-FFA7D2D6FD8F} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4614678A-FECA-4442-9BC5-7FB9EB1CCEC2} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46FA76BA-65FF-48F9-894E-BCE77067A08} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4736d593-3374-4867-9707-30eb39a57ead} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AA1418-3619-438F-BEBC-5E4755399B84} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AC03121-1924-419A-BD27-8A4968E96867} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E764552-C039-41F2-8D99-B71A5058A73E} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5071C087-7179-438C-9F67-18225F519055} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5141654E-2068-4BE4-9822-783E7F80C680} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51F7DC1B-E3CC-4452-8A39-6B77C38C89CE} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58BCF15A-A373-4939-AB90-62E5E1D1ACF9} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E12ECC8-BB49-4B04-9712-DAB9CC76636} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{665E3BE-68D5-4B4B-B7F0-5B7E4191621} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66DA3BA0-5A1A-4740-8948-6EEE731BA6E0} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6720A58E-547F-4352-BEBC-A1159CB1A3DC} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67AE5184-194A-469A-A966-43A371A9F177} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{768E502D-D0BE-496B-B413-E0851AD2A64E} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D477804-7664-434A-A878-C28D75A59273} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7DA26916-4D0E-49D1-AFDB-EC7FEB59157} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F8D6192-99FB-4A9C-8FEF-43485BBABC0} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{806777BC-E0EA-4F68-BE0-AC2E77865E3} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8733A108-CE45-437F-A7B1-8886791B04A} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C818D23-16F7-4FEF-9149-86B33C3DC985} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CAA2C2-D09D-425B-8238-6B9BFEE9BAA} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F00C0EE-7583-4DD1-B390-6ECC89878E} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F542C26-650D-4D91-AF72-B0A39145948} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9301C5BE-969E-4E43-A61F-BCD966E097E} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{937A9F74-38AF-4DA7-B731-9026A26145BE} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{945E5C74-10C0-46B7-971A-4940E5331E2} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{995A4125-B538-4201-86BE-492B21DD9A} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A0B907E-6DE-4F7F-A48C-E6EDFC72B9E} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A2B95DB-3F56-443C-BD21-FB5882CFC3AE} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A401AB7-EC03-4A60-8343-B2E1C43CBF82} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD5E62DA-5C55-49F0-9189-51885FB7891F} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B533D2E5-9066-4206-BF76-1C9CA5A119F} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B72D4B47-E846-49D8-9DC3-ADE2A2A0AEBA} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B76F695D-B2CF-4E1A-B43E-3FACB7113914} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCCECE71-27D5-4C7C-AACD-76BA6729221C} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA3D1B4B-5886-4A29-A9CC-8C50C2E9728} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD44EBE2-88AE-401A-89AC-F8F826373B12} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFA6D088-DA41-4A9C-BDAE-D85C40F4A0} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA9C6B8-8D8B-45E1-8CE8-7641AF8D4355} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF5863D9-AE72-4A60-ACB5-FBEDFC7961C} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E14FB09A-EB9D-43D0-864-539AC845CA99} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1EAFE43-536A-48BF-9187-709CB9304224} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2341737-D76-4C14-9662-5C95C776759F} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6A0C28A-20C2-43B9-AF92-E46FC415F859} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA162F5D-D0AD-4CB9-92EE-36DA4B24C5D1} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED5EAF-C879-4BBA-BB97-EF8A994318E0} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F07C141-387A-49AB-9D37-A38C3BD57A93} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f61b834c-85c4-45e9-8a64-66c97e7621d4} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F65CA6DC-E78F-46F0-9F3F-8E43E93B7D9E} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F82D5BB9-E723-4879-A2F5-8FB9C7F5FB} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F908AB1C-5B1-4A38-BBCD-81689643DE4} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9C7F2F-E4D7-4419-81AF-737F066659E} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FCBDE52A-4C68-4D54-B1E1-B63FF42301B} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4736d593-3374-4867-9707-30eb39a57ead} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f61b834c-85c4-45e9-8a64-66c97e7621d4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdateSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LiveUpdateSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.2.1 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater40.2.1 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WtuSystemSupport deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("keyword.URL", "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p=");
---- FireFox user.js and prefs.js backups ---- 

prefs_20152012_0139_.backup

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\Mail

user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("keyword.URL", "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p=");
---- FireFox user.js and prefs.js backups ---- 

prefs_20152012_0139_.backup

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins

user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("keyword.URL", "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p=");
---- FireFox user.js and prefs.js backups ---- 

prefs_20152012_0139_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}] 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"Advanced SystemCare 8"=- 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Extensions] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Slick Savings] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\GUM6759.tmp not found
C:\PROGRA~2\GUME68E.tmp not found
C:\PROGRA~2\RegClean Pro not found
C:\ProgramData\Avg_Update_1215tb not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
C:\Users\Gebruiker\AppData\Roaming\Slick Savings deleted
C:\IObit deleted
C:\windows\SysNative\Tasks\1215tbUpdateInfo deleted
C:\Windows\tasks\1215tbUpdateInfo.job deleted
C:\Users\Gebruiker\AppData\Local\AVG Web TuneUp deleted
C:\Users\TEMP.SAMSUNG\AppData\Local\AVG Web TuneUp deleted
C:\PROGRA~2\GUMB28F.tmp deleted
C:\PROGRA~2\GUMCD2C.tmp deleted
C:\PROGRA~2\GUMFAA.tmp deleted
C:\PROGRA~2\Allin1Convert_8hEI deleted
C:\PROGRA~2\Advanced System Protector deleted
C:\PROGRA~2\MyFunCards_5m deleted
C:\PROGRA~2\COMMON~1\Spigot deleted
C:\prefs.js deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\Gebruiker\AppData\Roaming\ProductData deleted
C:\Users\TEMP.SAMSUNG\AppData\Roaming\ProductData deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\ProductData deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\Avg_Update_0215tb deleted
C:\PROGRA~3\Avg_Update_0414b deleted
C:\PROGRA~3\Avg_Update_1214tb deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\Uniblue\DriverScanner deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Uniblue deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\Users\Gebruiker\AppData\Local\Slick Savings deleted
C:\Users\Gebruiker\AppData\Local\SearchProtect deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro deleted
C:\Users\Gebruiker\AppData\LocalLow\AVG Web TuneUp deleted
C:\Users\Gebruiker\AppData\LocalLow\ADSRemoval deleted
C:\Users\Gebruiker\AppData\LocalLow\Allin1Convert_8hEI deleted
C:\Users\Gebruiker\AppData\LocalLow\MyFunCards_5m deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\SysNative\tasks\ASC8_PerformanceMonitor deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Gebruiker\AppData\Roaming\SUPRAUpdatePaket.exe deleted
C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\iobitascsurfingprotection@iobit.com deleted
C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\Mail\extensions\iobitascsurfingprotection@iobit.com deleted
C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\Mail\extensions\5mffxtbr@MyFunCards_5m.com deleted
C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\extensions\iobitascsurfingprotection@iobit.com deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\Mail\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\Mail\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\Mail\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\searchplugins\yahoo_ff.xml" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\yahoo_ff.xml" deleted
"C:\Users\Gebruiker\AppData\Roaming\Ohokpi\ilod.myi" deleted
"C:\Program Files (x86)\AVG Web TuneUp\CefHost.exe" deleted
"C:\Program Files (x86)\AVG Web TuneUp\icudt.dll" deleted
"C:\Program Files (x86)\AVG Web TuneUp\libcef.dll" deleted
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted
"C:\PROGRA~2\AVG Web TuneUp\CefHost.exe" deleted
"C:\PROGRA~2\AVG Web TuneUp\icudt.dll" deleted
"C:\PROGRA~2\AVG Web TuneUp\libcef.dll" deleted
"C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted
"C:\Program Files (x86)\AVG Web TuneUp\locales\en-US.pak" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCExtMenu_64.dll" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\CPUIDInterface.dll" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\datastate.dll" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\HomepageSvc.dll" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\madbasic_.bpl" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\maddisAsm_.bpl" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\madexcept_.bpl" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\rtl120.bpl" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\taskmgr.dll" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\vcl120.bpl" deleted
"C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl" deleted
"C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl" deleted
"C:\Program Files (x86)\IObit\IObit Uninstaller\madexcept_.bpl" deleted
"C:\Program Files (x86)\IObit\IObit Uninstaller\rtl120.bpl" deleted
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll" deleted
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe" deleted
"C:\Program Files (x86)\IObit\IObit Uninstaller\vcl120.bpl" deleted
"C:\ProgramData\IObit\Advanced SystemCare V8\Homepage Protection\ASCService.log" not deleted
"C:\PROGRA~2\AVG Web TuneUp\locales\en-US.pak" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.2.1\avgdttbx.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.2.1\log4cplusU.dll" deleted
"C:\Users\Gebruiker\AppData\Roaming\Ohokpi" deleted
"C:\Program Files (x86)\AVG Web TuneUp" deleted
"C:\Program Files (x86)\IObit" not deleted
"C:\ProgramData\IObit" not deleted
"C:\PROGRA~2\AVG Web TuneUp" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\Program Files (x86)\AVG Web TuneUp\locales" deleted
"C:\Program Files (x86)\IObit\Advanced SystemCare 8" not deleted
"C:\Program Files (x86)\IObit\IObit Uninstaller" not deleted
"C:\ProgramData\IObit\Advanced SystemCare V8" not deleted
"C:\ProgramData\IObit\Advanced SystemCare V8\Homepage Protection" not deleted
"C:\PROGRA~2\AVG Web TuneUp\locales" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.2.1" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.2.1" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2015-12-12 19:05:06	A60606086EEB4DA8E2DF462DAF1B9B79	8927504	----a-w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-1c0e1748.exe
2015-12-12 18:49:18	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-980a4f9c.exe
====== Java Cache =====
2015-12-12 19:00:07	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\TEMP.SAMSUNG\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-4368385a
====== C:\Windows\SysWOW64 =====
2015-12-19 15:47:35	B0AFC72F5BAE0C06DB30B409B9D05D8A	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
2015-12-19 15:46:30	FDB73E2FFDEE1F28D1AF3B80E3F0FE99	1251328	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-12-19 15:46:29	0A78439765E31510D75C9E2284F3A722	833024	----a-w-	C:\Windows\SysWOW64\user32.dll
2015-12-19 15:44:37	EB11947B250AD259755939A2DE349FBB	14848	----a-w-	C:\Windows\SysWOW64\wshrm.dll
2015-12-19 15:44:35	F60154A0DD1DCCF2EE75BE45A676BA51	1242624	----a-w-	C:\Windows\SysWOW64\comsvcs.dll
2015-12-19 15:44:35	169BDD4EF6E99E43720534E07798400C	487936	----a-w-	C:\Windows\SysWOW64\catsrvut.dll
2015-12-19 15:44:27	5F4DBBB0551DAE2A6EEC5EA915695250	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-19 15:44:26	8102E4A17D58BA6B18A31095C4418082	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-12-19 15:44:26	804FEA5A5A4B491B83AFF8EE7EFE887F	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-12-19 15:44:25	5FA89E1534B675CCA8CEE6B50D0B7B49	2280448	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-12-19 15:44:25	081BE765C4025EC2AB8011A6BFE222B5	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-19 15:44:24	67D44EDA849BA632EC4DCEF839950F56	341192	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-12-19 15:44:24	29DDD6FB1147192B13D2C3647F581219	130048	----a-w-	C:\Windows\SysWOW64\occache.dll
2015-12-19 15:44:23	D1F6886A7E08134135E9C197FA387702	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-19 15:44:23	219494B7F95F86071EC9D4FC0DC4962F	1311744	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-12-19 15:44:23	0955BBBB50FCC3C2B2EB485FBBFBF4D3	496640	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-12-19 15:44:22	6ED639FAAE29626ED1A98139A3C9C289	687104	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-12-19 15:44:22	13DED010D9DFA204DB2C2F650B3901B8	279040	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-12-19 15:44:21	B206E8BD4938B6C6B1C84DD13C12C4DF	20366848	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-12-19 15:44:19	8BB61456A1EA19011E85C9340BC4157B	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-12-19 15:44:19	3477EAB965E9DEDCD46F95C55F78489F	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-12-19 15:44:17	DD99C9D2CA3F9B3D63B965B4EDDAE612	2050560	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-12-19 15:44:17	713919E7E3BD6196D2498C2B8166AEAD	663552	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-12-19 15:44:17	6A37F0BDA83C7755C71A2DE5BF00381B	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-12-19 15:44:17	1256113318DD02C9C60FF0969025CA15	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-12-19 15:44:16	F1ED865CA8D6223739233576D7C76C1A	476160	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-12-19 15:44:16	284442A1BAFD17731398AD22AB6C9099	12856832	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-12-19 15:44:16	0A6D92C3BB313883F286C65820E2DD30	416256	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-12-19 15:44:14	517847AC160C91F04951340F9A051084	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-12-19 15:44:10	AC62F3866FDA5BFC4966055B1316DE94	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-19 15:44:10	6082F9978A1456863397F99E5C8E7901	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-12-19 15:44:10	4ED815FE30E048A52A5FC420DD6E49D0	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2015-12-19 15:44:09	B60461B5CED2BFAE1A870C61C66966C4	2011136	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-12-19 15:44:09	668D2CA489F605E4C7A743A62632C383	4514816	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-12-19 15:44:08	B832BA2AA73CC4FC58446F4237070D96	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-12-19 15:44:08	050F5A8F90CF18AA6F9FA75AF1851569	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-12-19 15:42:44	E7CA874DA58A607E11ACAB33718AE9FA	179712	----a-w-	C:\Windows\SysWOW64\els.dll
2015-12-19 14:50:06	8E9152F4779CCA402F235EB9AB823854	6656	----a-w-	C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-19 14:50:05	3A593B01E4F92F04211ECFB53816240C	6656	----a-w-	C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-19 14:50:05	35D490A393A0B231F237954E6E65B224	7168	----a-w-	C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-19 14:50:04	F1FCE953EF04251F17BE828185B9DFA0	419928	----a-w-	C:\Windows\SysWOW64\locale.nls
2015-12-19 14:50:04	ACB16C9BE1A175A2E7BFF076DF99B3CF	69120	----a-w-	C:\Windows\SysWOW64\nlsbres.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-12-19 15:47:35	6EDEA5EDF5AA979CB2A99617A8478AD3	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
2015-12-19 15:46:31	4287A4345CFFDD4D7710B2FCFF6C21BC	3211264	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-12-19 15:46:31	1AE1D0D71C3C61A0ECA941140E1E2FF8	1648128	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-12-19 15:46:30	BCB16AE33AA58E0042F3EF34CFB6396A	1180160	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-12-19 15:46:30	06BF84D26A05D400F6B3FB3D3DE0B03A	1008640	----a-w-	C:\Windows\Sysnative\user32.dll
2015-12-19 15:44:37	2DA9EB73046595D79ADE306BC22B02C4	17408	----a-w-	C:\Windows\Sysnative\wshrm.dll
2015-12-19 15:44:36	E385472FF300F2BFD323B667EBAE93C7	1735680	----a-w-	C:\Windows\Sysnative\comsvcs.dll
2015-12-19 15:44:35	75DFE3CE6A8BFC995CC1D615B74DF8B0	525312	----a-w-	C:\Windows\Sysnative\catsrvut.dll
2015-12-19 15:44:27	5040CEF0DC919A81AF2C10CC67F3F36C	2887168	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-12-19 15:44:26	581486C09915529B172B844F620800EB	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-12-19 15:44:26	1E32A0EF31E39783589F3FF33C71EB26	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-12-19 15:44:24	ECF5CF7E1712A137FD95DCC89ECE2FE5	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-12-19 15:44:24	33E703517D83F367B0B0B3EF2C807C77	718336	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-12-19 15:44:22	D63583C3645A5D29D643298273EC2125	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-12-19 15:44:19	8403AAA093BD7B790111326197D5C30B	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-12-19 15:44:18	DDA2687E5FC070E066623330BF5A9375	152064	----a-w-	C:\Windows\Sysnative\occache.dll
2015-12-19 15:44:18	CFB4DC8B180EE1FA0F38ED98A82BFFDC	387792	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-12-19 15:44:17	DA9927502C6CC6C6D4A5E57E00CAB796	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-12-19 15:44:17	D0EB186DFF60A296B144A0FC2490AC31	1546752	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-12-19 15:44:16	503155AF5513116632202504D71FA29D	315392	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-12-19 15:44:16	23D900117F368A884C4C36A57E201F97	798208	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-12-19 15:44:16	1537D3FFDC70A1EF8792235A99DC4C4B	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-12-19 15:44:14	FBBC836885522FD1E00A23DC65F78A28	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-12-19 15:44:13	64F4B886C95379DEA6EF3DDF3CE2D853	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-12-19 15:44:11	6D86F7F6C9FE6059B610DB1D6EF77659	2123264	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-12-19 15:44:10	32C4438BACFF7AAC86AE54FAE74AA483	571392	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-12-19 15:44:09	B49AF2AB8CDF52290A7529BE3D8B1429	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-12-19 15:44:07	9D8862210504591545E33FE562BE7078	489984	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-12-19 15:44:06	963F01E33EFADF54DDCCDDF31DFC2D37	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-12-19 15:44:05	FE196D24FDCE4402EB1762264FA3DE0B	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-12-19 15:44:05	A2F0AB5736B60AC22D63113489D37FF1	14456832	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-12-19 15:44:05	2A0AB8E59C47DC589C2DF3CEB1AA22EF	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-12-19 15:44:05	02A92A8C880FDC242441FBE0620CF14B	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-12-19 15:44:04	D3CC1DBE8FE63F3A2FAD5658146DF39B	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-12-19 15:44:04	4264B4BD10C5A21CF4A15998CB71551F	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-12-19 15:44:04	3F0827114CE89176253684B588D4B02E	5923840	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-12-19 15:44:04	377C0436711DE3AFB9527FB88F831F44	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2015-12-19 15:44:03	E2C385B0D816AD37616BD4C4204D0633	2487808	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-12-19 15:44:03	B7F26EC33F55842C66A1C3FA34EB8D27	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-12-19 15:44:03	AF71D38B9F23907AB54BC8D9F573CEB3	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-12-19 15:44:03	0A477F2CCC151E3AED4143B4FDDF74A5	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-12-19 15:44:02	A8B4563632BAF46BB005A0127727E82D	25837568	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-12-19 15:42:44	218D2848CDDE80DD9AF72D5DD78F225C	241664	----a-w-	C:\Windows\Sysnative\els.dll
2015-12-19 14:50:06	E78C5E7087763DD4F1C5DAD78D2BA141	7168	----a-w-	C:\Windows\Sysnative\KBDAZEL.DLL
2015-12-19 14:50:05	E3ECD802006128C036FAAD09B6F97F6E	7168	----a-w-	C:\Windows\Sysnative\kbdgeoqw.dll
2015-12-19 14:50:05	AE0F1E593C4AE0A1CE3868C2AA54D8E5	7168	----a-w-	C:\Windows\Sysnative\KBDAZE.DLL
2015-12-19 14:50:04	F1FCE953EF04251F17BE828185B9DFA0	419928	----a-w-	C:\Windows\Sysnative\locale.nls
2015-12-19 14:50:04	52B3CAAD627902B8D6E035A25DA4BD09	69120	----a-w-	C:\Windows\Sysnative\nlsbres.dll
====== C:\Windows\Sysnative\drivers =====
2015-12-19 15:44:37	5BD6B1EC997FF3DD779D62E05D2079A8	146944	----a-w-	C:\Windows\Sysnative\drivers\rmcast.sys
2015-11-21 21:10:03	F7309F42555F8AAB7144A51A1F2585B0	950720	----a-w-	C:\Windows\Sysnative\drivers\ndis.sys
2015-11-21 21:05:38	EC0511BB85BAA42A9734011685A6732C	460776	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-11-21 21:05:35	33D52A96BEEE8AFCE9E07EEC9FE0C9DB	154560	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-11-21 21:05:32	BCC83F22805F560C8A487F2F296A78FE	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-11-21 21:05:22	73ADDCC406B86E7DA4416691E8E74BDA	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-11-21 21:05:21	ACB763673BCCE6C7B3B8F858C9FE4F1F	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-11-21 21:05:21	7C81098FBAF2EAF5B54B939F832B0F61	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-11-21 21:03:13	AA77EB517D2F07A947294F260E3ACA83	118272	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
2015-11-21 21:03:13	9A4A1EEE802BF2F878EE8EAB407B21B7	497664	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-12-19 14:26:38	--------	d-----w-	C:\Program Files\trend micro
2015-12-05 11:35:23	--------	d-----w-	C:\Program Files\Common Files\AVG Secure Search
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2015-12-16 19:48:08	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\TEMP.SAMSUNG\AppData\Local\{AE470ACF-9B53-4CA1-910C-7CE6B1BB5C87}
2015-12-14 20:52:44	FCB5823ECC4510B0C0036BFEDE5ED7BF	114768	----a-w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-13 21:28:22	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\HpUpdate
2015-12-13 21:23:34	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AVG Web TuneUp
2015-12-13 21:19:57	--------	d-----w-	C:\Users\Default\AppData\Roaming\IObit
2015-12-13 21:19:57	--------	d-----w-	C:\Users\Default User\AppData\Roaming\IObit
2015-12-12 22:31:50	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Adobe
2015-12-12 22:03:39	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp
2015-12-12 18:59:50	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Locallow\Sun
2015-12-12 18:52:40	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp
2015-12-12 18:52:39	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Adobe
2015-12-12 18:52:36	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-12-12 18:52:01	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2015-12-12 18:52:01	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2015-12-12 18:51:01	8350130D2222344ABE43235A25BB46C3	114768	----a-w-	C:\Users\TEMP.SAMSUNG\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-12 18:50:55	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Identities
2015-12-12 18:48:07	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Local\GWX
2015-12-12 18:36:15	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Local\Power2Go
2015-12-12 18:23:46	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Local\Avg2015
2015-12-12 18:23:23	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Local\Google
2015-12-12 18:22:18	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Locallow\Microsoft
2015-12-12 18:22:14	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Roaming\IObit
2015-12-12 18:22:12	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Roaming\TuneUp Software
2015-12-12 18:22:12	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Roaming\Microsoft
2015-12-12 18:22:12	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Roaming\Media Center Programs
2015-12-12 18:22:12	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Local\Temp
2015-12-12 18:22:12	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Local\Microsoft Help
2015-12-12 18:22:12	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData\Local\Microsoft
====== C:\Users\Gebruiker ======
2015-12-19 14:23:26	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Desktop\RSITx64.exe
2015-12-13 12:48:26	--------	d-----r-	C:\Windows\sysWoW64\config\systemprofile\Documents
2015-12-12 18:52:01	--------	d-----w-	C:\Users\TEMP.SAMSUNG\Searches
2015-12-12 18:52:01	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\Music
2015-12-12 18:52:01	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\Favorites
2015-12-12 18:52:01	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\Downloads
2015-12-12 18:52:01	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\Documents
2015-12-12 18:52:00	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\Videos
2015-12-12 18:52:00	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\Pictures
2015-12-12 18:50:50	--------	d-----w-	C:\Users\TEMP.SAMSUNG\Contacts
2015-12-12 18:50:33	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\Desktop
2015-12-12 18:22:12	--------	d-----w-	C:\Users\TEMP.SAMSUNG\AppData
2015-12-12 18:22:12	--------	d-----r-	C:\Users\TEMP.SAMSUNG\Links
2015-12-12 18:22:12	--------	d-----r-	C:\Users\TEMP.SAMSUNG\Favorites
2015-12-12 18:22:12	--------	d-----r-	C:\Users\TEMP.SAMSUNG\Downloads
2015-12-12 18:22:12	--------	d-----r-	C:\Users\TEMP.SAMSUNG\Documents
2015-12-12 18:22:12	--------	d-----r-	C:\Users\TEMP.SAMSUNG\Desktop
2015-12-12 18:22:11	--------	d-----r-	C:\Users\TEMP.SAMSUNG\Videos
2015-12-12 18:22:11	--------	d-----r-	C:\Users\TEMP.SAMSUNG\Saved Games
2015-12-12 18:22:11	--------	d-----r-	C:\Users\TEMP.SAMSUNG\Pictures
2015-12-12 18:22:11	--------	d-----r-	C:\Users\TEMP.SAMSUNG\Music

====== C: exe-files ==
2015-12-19 23:59:38	CCB5979D91A2FD43A4D14E71538A6A64	1105864	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_A6282D74FF5C38C8.exe
2015-12-19 23:58:44	CFBC74EFAC3759CAF25FBFD2E7665165	532312	----a-w-	C:\Program Files (x86)\Google\Update\Install\{4909BAC4-4B19-44C0-95FA-120E0CFFA278}\GoogleToolbarInstaller_updater_signed.exe
2015-12-19 23:58:44	CFBC74EFAC3759CAF25FBFD2E7665165	532312	----a-w-	C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.7210.1528\GoogleToolbarInstaller_updater_signed.exe
2015-12-19 20:59:30	CEA532A446F8753C308CD27A28F6E65C	2661352	----a-w-	C:\Users\Gebruiker\AppData\Local\Google\Update\Install\{4135919D-5095-4DB0-8456-C72B51FFEEAC}\gpbackup_1.1.1.276_ls77l-3an6nvnoermcbrthd2s5k.exe
2015-12-19 20:59:19	CEA532A446F8753C308CD27A28F6E65C	2661352	----a-w-	C:\Users\Gebruiker\AppData\Local\Google\Update\Download\{191B666E-DE99-4C18-993A-35F394473116}\1.1.1.276\gpbackup_1.1.1.276_ls77l-3an6nvnoermcbrthd2s5k.exe
2015-12-19 15:47:35	DA53494C9F58B0CC7FCB780CE9B0DBB6	49664	----a-w-	C:\Windows\servicing\GC64\tzupd.exe
2015-12-19 15:44:26	1E32A0EF31E39783589F3FF33C71EB26	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-12-19 15:44:24	86B198DEEEE852E5EEAB84A60A2FE7CB	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-12-19 15:44:24	33E703517D83F367B0B0B3EF2C807C77	718336	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-12-19 15:44:18	E4D66ACC2628505EA1EBB7ACEF51EFE6	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-12-19 15:44:18	4D4835564157BF4EFF683360115E3979	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-12-19 15:44:17	A6FD59F4B16195367C4089F890F5E8FE	815304	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-12-19 15:44:16	1537D3FFDC70A1EF8792235A99DC4C4B	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-12-19 15:44:13	C1E9DBB3A8C7066D767BD78485491270	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-12-19 15:44:11	C571C60A30A7CC38DF08DEF9AD3A2352	814280	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-12-19 15:44:10	6082F9978A1456863397F99E5C8E7901	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-12-19 15:44:05	02A92A8C880FDC242441FBE0620CF14B	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-12-19 15:42:47	D3897222E94537B040213AFAA7390185	443392	----a-w-	C:\Windows\SysWOW64\GWX\GWX.exe
2015-12-19 15:42:46	CC097FCEF43B261D47179FB42BAB6623	519168	----a-w-	C:\Windows\System32\GWX\GWX.exe
2015-12-19 15:42:46	9108C9A888C623C5DF8AA476BFC8FC76	742912	----a-w-	C:\Windows\System32\GWX\GWXConfigManager.exe
2015-12-19 15:42:46	7087E9911592DB27295241C3B0DC5D9E	119296	----a-w-	C:\Windows\System32\GWX\GWXUX.exe
2015-12-19 15:42:46	6CF8A19CD39FC94E40DB81EB5B5F4E58	354816	----a-w-	C:\Windows\System32\GWX\GWXDetector.exe
2015-12-19 15:42:46	0EE82D09011C456040EEA0EA7BAB66F2	394544	----a-w-	C:\Windows\System32\GWX\GWXUXWorker.exe
2015-12-19 14:26:39	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Gebruiker.exe
2015-12-19 14:23:26	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Desktop\RSITx64.exe
2015-12-19 09:39:46	D846BC5E6DE47DF9E3DB7FDD0EA830E7	22697360	----a-w-	C:\Windows\Temp\{9B21FEF8-FEEA-440D-90A5-3AFF73DF5657}.exe
=== C: other files ==
2015-12-19 15:46:31	4287A4345CFFDD4D7710B2FCFF6C21BC	3211264	----a-w-	C:\Windows\System32\win32k.sys
2015-12-19 15:44:37	5BD6B1EC997FF3DD779D62E05D2079A8	146944	----a-w-	C:\Windows\System32\drivers\rmcast.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Google Update"="C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Google Photos Backup"="C:\Users\Gebruiker\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe /autostart"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_287_ActiveX.exe -update activex"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_287_ActiveX.exe -update activex"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"vProt"="C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Google Update"="C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Google Photos Backup"="C:\Users\Gebruiker\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe /autostart"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BootRacer"="C:\Program Files (x86)\BootRacer\Bootrace.exe /2"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BootRacer"="C:\Program Files (x86)\BootRacer\Bootrace.exe /2"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll C:\\Windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Gebruiker\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"
"Skype"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
"Norton Online Backup"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe"


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Gebruiker\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Bluetooth.lnk"
"backup"="C:\\Windows\\pss\\Bluetooth.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTTray.exe "
"item"="Bluetooth"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra08.exe "
"item"="HP Digital Imaging Monitor"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [19/12/2015 16:25]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:A6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001Core.job --a------ C:@C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001UA.job --a------ C:@C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\advSRS5" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"]
"C:\Windows\SysNative\tasks\ASC8_SkipUac_Gebruiker" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac]
"C:\Windows\SysNative\tasks\ASOService" [C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe]
"C:\Windows\SysNative\tasks\BatteryLifeExtender" [C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Gebruiker)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\EasyBatteryManager" ["%ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe"]
"C:\Windows\SysNative\tasks\EasyDisplayMgr" ["C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"]
"C:\Windows\SysNative\tasks\EasySpeedUpManager" ["%programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001Core" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001UA" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe]
"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\Windows\SysNative\tasks\MovieColorEnhancer" ["C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe"]
"C:\Windows\SysNative\tasks\SamsungSupportCenter" [%programfiles(x86)%\Samsung\Samsung Support Center\SSCKbdHk.exe]
"C:\Windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\SmartRestarter" ["%ProgramFiles%\Samsung\SamsungFastStart\SmartRestarter.exe"]
"C:\Windows\SysNative\tasks\SUPBackground" ["%ProgramFiles(x86)%\Samsung\Samsung Update Plus\SUPBackground.exe"]
"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Gebruiker" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{B7B8D0E3-4728-4EFB-AEBA-38C151E247E2}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\WifiManager" ["%programfiles(x86)%\Samsung\Easy Display Manager\WifiManager.exe"]
"C:\Windows\SysNative\tasks\{2522D605-B1A0-4289-8862-3954304756D1}" [C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe]
"C:\Windows\SysNative\tasks\{A5708603-DE09-484E-9552-6712F225ADFD}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.8.0.158.259/en/abandoninstall?page=tsMain]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

No folders found aged 0-6 months

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"5mffxtbr@MyFunCards_5m.com"="C:\Program Files (x86)\MyFunCards_5m\bar\1.bin" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [27/05/2011 16:21]

==== Firefox Extensions ======================

ExtDir: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Plus-HD-8.1 - %ExtDir%\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
- Slick Savings - %ExtDir%\{54FBE89E-C878-46bb-A064-AB327EE26EBC}
- Start Page - %ExtDir%\{58d2a791-6199-482f-a9aa-9b725ec61362}

ExtDir: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles
- Plus-HD-8.1 - %ExtDir%\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
- Slick Savings - %ExtDir%\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}
- Start Page - %ExtDir%\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}

ExtDir: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Extensions
- Plus-HD-8.1 - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
- Slick Savings - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}
- Start Page - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC} deleted
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} deleted

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Gebruiker\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx[]
icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx[]
mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Users\Gebruiker\AppData\Local\Slick Savings\coupons.crx[]
pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?ocid=iehp"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?ocid=iehp"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec} - http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZUxpt175YYbe&ptnrS=ZUxpt175YYbe&si=CM3f08yb-LACFcyIDgodgmH0HA&ptb=D1B8D4F6-3E39-416B-8986-69C247E9C24D&ind=2012070106&n=77edc0da&psa=&st=sb&searchfor={searchTerms}
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{17FA600A-C54D-4D9B-9C4C-20D745541E8E} - https://www.google.com/search?q={searchTerms}

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-443520092-2441362985-2714935032-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\5mffxtbr@MyFunCards_5m.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TEMP.SAMSUNG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1832 folders=336 1032462280 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot
C:\Users\TEMP\AppData\Local\Temp emptied successfully
C:\Users\TEMP.SAMSUNG\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\IObit\Advanced SystemCare V8\Homepage Protection\ASCService.log"  not found
"C:\Program Files (x86)\IObit"  not found
"C:\ProgramData\IObit"  not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on zo 20/12/2015 at  2:05:38,83 ======================