
Zoek.exe v5.0.0.1 Updated 22-December-2015
Tool run by Friso on wo 23-12-2015 at 23:37:49,10.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Friso\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

==== Empty Folders Check ======================

C:\PROGRA~2\Arma 2 deleted successfully
C:\PROGRA~2\CyberQix deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\Program Files\Bitdefender deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted successfully
C:\PROGRA~3\{9DE8066E-1AED-45DD-823F-5DA2394A874D} deleted successfully
C:\PROGRA~3\{FCE1A4E5-8BE1-4D81-AAEA-DB3348828B1C} deleted successfully
C:\Users\Friso\AppData\Roaming\aonyfvza deleted successfully
C:\Users\Friso\AppData\Roaming\chqgcdng deleted successfully
C:\Users\Friso\AppData\Roaming\cnitzocg deleted successfully
C:\Users\Friso\AppData\Roaming\dphoppqu deleted successfully
C:\Users\Friso\AppData\Roaming\fniwxruq deleted successfully
C:\Users\Friso\AppData\Roaming\ghxkfasy deleted successfully
C:\Users\Friso\AppData\Roaming\jkjeedzo deleted successfully
C:\Users\Friso\AppData\Roaming\liumshme deleted successfully
C:\Users\Friso\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Friso\AppData\Roaming\mtxhuacx deleted successfully
C:\Users\Friso\AppData\Roaming\mxatllzj deleted successfully
C:\Users\Friso\AppData\Roaming\nfmmklsb deleted successfully
C:\Users\Friso\AppData\Roaming\nqexgvej deleted successfully
C:\Users\Friso\AppData\Roaming\nxxhhbyo deleted successfully
C:\Users\Friso\AppData\Roaming\owxkedwf deleted successfully
C:\Users\Friso\AppData\Roaming\pkcqmdyi deleted successfully
C:\Users\Friso\AppData\Roaming\pqrnqhdu deleted successfully
C:\Users\Friso\AppData\Roaming\puzlmgbu deleted successfully
C:\Users\Friso\AppData\Roaming\qmdwhtku deleted successfully
C:\Users\Friso\AppData\Roaming\qqdntpop deleted successfully
C:\Users\Friso\AppData\Roaming\QuickScan deleted successfully
C:\Users\Friso\AppData\Roaming\qzsppfjd deleted successfully
C:\Users\Friso\AppData\Roaming\rcuwgbwv deleted successfully
C:\Users\Friso\AppData\Roaming\rjfvvzue deleted successfully
C:\Users\Friso\AppData\Roaming\sfvpiiil deleted successfully
C:\Users\Friso\AppData\Roaming\trbsuhef deleted successfully
C:\Users\Friso\AppData\Roaming\tricomfi deleted successfully
C:\Users\Friso\AppData\Roaming\udypojxf deleted successfully
C:\Users\Friso\AppData\Roaming\utgyjhzp deleted successfully
C:\Users\Friso\AppData\Roaming\vpedmwqa deleted successfully
C:\Users\Friso\AppData\Roaming\WinRAR deleted successfully
C:\Users\Friso\AppData\Roaming\wsijjvlt deleted successfully
C:\Users\Friso\AppData\Roaming\xbqeuqbv deleted successfully
C:\Users\Friso\AppData\Roaming\xgpfuxgz deleted successfully
C:\Users\Friso\AppData\Roaming\zuhqkkbj deleted successfully
C:\Users\Friso\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Friso\AppData\Local\ICSharpCode.net deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2178653797-2492864286-2871112973-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{296AA17D-C89E-4242-A5A4-44BFE76914A2} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\comyninu deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\comyninu deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gopibeko deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\gopibeko deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hyverumu deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hyverumu deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xykumyfu deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xykumyfu deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acengine deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\acengine deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\acengine deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\acengine deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPPD deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPPD deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Orbiter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Orbiter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\servervo deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\servervo deleted successfully

==== Batch Command(s) Run By Tool======================


De Winsock-catalogus is opnieuw ingesteld.
De computer dient opnieuw te worden opgestart om het opnieuw instellen te voltooien.


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Arma 2 not found
C:\PROGRA~2\CyberQix not found
C:\PROGRA~2\Origin Games not found
C:\Program Files (x86)\SearchProtect not found
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} not found
C:\PROGRA~3\{9DE8066E-1AED-45DD-823F-5DA2394A874D} not found
C:\PROGRA~3\{FCE1A4E5-8BE1-4D81-AAEA-DB3348828B1C} not found
"C:\windows\SysNative\drivers\SPPD.sys" not found
C:\PROGRA~2\CeuttThePriCee deleted
C:\PROGRA~2\Uninstall Nexus deleted
C:\Users\Friso\AppData\Roaming\PDFCreatorPackages deleted
C:\Users\Friso\AppData\Roaming\chpfutke deleted
C:\Users\Friso\AppData\Roaming\hiwaxnsf deleted
C:\Users\Friso\AppData\Roaming\ygkcrtwk deleted
C:\Program Files (x86)\FastSearch deleted
C:\Users\Friso\AppData\Local\F7AC1E80-1439568053-8148-2585-386077D154ED deleted
C:\Users\Friso\AppData\Local\4490 deleted
C:\Program Files (x86)\CinemaP-1.9cV16.03 deleted
C:\windows\SysNative\Tasks\ParetoLogic Registration3 deleted
C:\Windows\tasks\ParetoLogic Registration3.job deleted
C:\Program Files (x86)\Absolute Software\9d5b5dfe-1daf-4852-b6fd-0ba80aa7ac4f.dll deleted
C:\Program Files (x86)\Absolute Software\69dc8177-a574-4dff-8461-b3267b078dcf.dll deleted
C:\PROGRA~3\{437567c1-74c4-6231-4375-567c174c9f05} deleted
C:\PROGRA~3\bnoiofendiflkkhcoollejmihghljgap deleted
C:\Users\Friso\AppData\Local\bvxvyxvec deleted
C:\Windows\SysNative\tasks\bvxvyxvec deleted
C:\PROGRA~2\GUPlayer deleted
C:\PROGRA~2\ORBTR deleted
C:\PROGRA~2\ParetoLogic deleted
C:\PROGRA~2\COMMON~1\ParetoLogic deleted
C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf deleted
C:\PROGRA~2\F7AC1E80-1439560795-8148-2585-386077D154ED deleted
C:\PROGRA~2\globalUpdate deleted
C:\PROGRA~2\COMMON~1\Common Toolkit Suite deleted
C:\user.js deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\found.004 deleted
C:\found.005 deleted
C:\found.006 deleted
C:\found.007 deleted
C:\found.008 deleted
C:\found.009 deleted
C:\found.010 deleted
C:\found.011 deleted
C:\Users\Friso\AppData\Roaming\WB.CFG deleted
C:\Users\Friso\AppData\Roaming\oursurfing deleted
C:\Users\Friso\AppData\Roaming\VOPackage deleted
C:\Users\Friso\AppData\Roaming\ParetoLogic deleted
C:\Users\Friso\AppData\Roaming\DriverCure deleted
C:\PROGRA~3\ParetoLogic deleted
C:\PROGRA~3\Common Toolkit Suite deleted
C:\Users\Friso\AppData\Local\Unity deleted
C:\Users\Friso\AppData\Local\globalUpdate deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\acengine deleted
C:\Users\Friso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage deleted
C:\Users\Friso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic deleted
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6.job deleted
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7.job deleted
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user.job deleted
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11.job deleted
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3.job deleted
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5.job deleted
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user.job deleted
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6.job deleted
C:\Windows\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7.job deleted
C:\windows\SysNative\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6 deleted
C:\windows\SysNative\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7 deleted
C:\windows\SysNative\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user deleted
C:\windows\SysNative\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11 deleted
C:\windows\SysNative\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3 deleted
C:\windows\SysNative\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5 deleted
C:\windows\SysNative\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user deleted
C:\windows\SysNative\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 deleted
C:\windows\SysNative\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7 deleted
C:\Users\Friso\AppData\LocalLow\Unity deleted
C:\Users\Friso\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted
C:\Windows\tasks\BYAIAMUF.job deleted
C:\windows\SysNative\tasks\BYAIAMUF deleted
C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\AmiUpdXp.job deleted
C:\windows\SysNative\tasks\AmiUpdXp deleted
C:\Windows\tasks\ParetoLogic Update Version3.job deleted
C:\windows\SysNative\tasks\ParetoLogic Update Version3 deleted
C:\Windows\tasks\PC Health Advisor Defrag.job deleted
C:\Windows\tasks\PC Health Advisor.job deleted
C:\windows\SysNative\tasks\PC Health Advisor deleted
C:\windows\SysNative\tasks\PC Health Advisor Defrag deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted
C:\windows\SysNative\tasks\cfr3011 deleted
C:\END deleted
C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb deleted
C:\Windows\AppPatch\nbin\VC32Loader.dll deleted
C:\windows\SysNative\acengine64.dll deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\acengine.dll deleted
C:\Windows\Syswow64\acengineOff.ini deleted
C:\Users\Friso\Desktop\ParetoLogic PC Health Advisor.lnk deleted
C:\Users\Friso\AppData\Roaming\BYAIAMUF.exe deleted
C:\PROGRA~2\Fighters deleted
C:\Users\Friso\AppData\Roaming\Fighters deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Fighters deleted
C:\PROGRA~3\Fighters deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters deleted
"C:\Windows\Installer\28756c.msi" deleted
"C:\Users\Friso\AppData\Roaming\BYAIAMUF" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Friso\AppData\Local\Temp ====
2015-12-22 17:30:54	51981CB2DABB071502B9863134D1F2B0	806912	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\tscdll32.dll
2015-12-22 17:30:45	F95F272D1F990A4B34255A0D2CF070DA	1890816	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\vsapi32.dll
2015-12-22 17:30:45	5B0514235274FF4C84DC87DE7AF96294	91552	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\BPMNT.dll
2015-12-22 17:28:07	DECA60F8772002CB8A7F7215814DDF77	151552	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\libexpatw.dll
2015-12-22 17:28:07	D910022DE6A001630B137A4A6170B422	1280512	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\libeay32.dll
2015-12-22 17:28:07	CDCD97400D548C73F789B4C759397D67	1333808	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\ICRCHdler.dll
2015-12-22 17:28:07	BD682367064E396651EADC0BC61A11C0	550448	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\tmfbeng.dll
2015-12-22 17:28:07	BBEC5ED32E8615E110CB43662C3822C1	38416	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\TMEBC32.sys
2015-12-22 17:28:07	A6D944F44B1C54871669BC2B42AA217B	182832	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\perfiCrcPerfMonMgr.dll
2015-12-22 17:28:07	8CB2FFB8BB0BBF8CD0DD685611854637	303744	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\tmcomm.sys
2015-12-22 17:28:07	7678A11BF4CFFCD112768379B42650FE	3006512	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\hc_core.dll
2015-12-22 17:28:07	6C5879C4D104E99B9BFBC37AB62B066D	292864	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\plugin\downloader.plugin.dll
2015-12-22 17:28:07	656B71E5D44F1C92FE05717AD3D9AAF4	939536	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\tmufeng.dll
2015-12-22 17:28:07	4003E34416EBD25E4C115D49DC15E1A7	1213200	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\dbghelp.dll
2015-12-22 17:28:07	39572DED651B59A792B3F0C82603BF9E	131856	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\symsrv.dll
2015-12-22 17:28:07	37E62D137E9EB366FA525218234A5FB6	2569744	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\smv.dll
2015-12-22 17:28:07	37BEF64E7D3E3297C8CDED259A23B017	339456	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\ssleay32.dll
2015-12-22 17:28:07	169B7467331FEAA1D3B2833022A79ADE	593920	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\libcurl.dll
2015-12-22 17:28:07	148D2019D0E7C718793F0E68A87F2FFA	58632	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\utilClientLoader.dll
2015-12-22 17:28:07	0BC449E397A3A82FD48636BFFE19403E	263728	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\TmEngDrv.dll
2015-12-22 17:26:40	299132ACE444E1C0CCABF29686FA9377	3830552	----a-w-	C:\Users\Friso\AppData\Local\Temp\HCBackup\hcpackage.exe
2015-12-15 09:41:16	5CA6694063A0AAC5BC80DB2B884CAECD	2241024	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\tmase\Inspect.exe
2015-12-15 09:39:46	1E5204F296A05D5DB3C4FDE4ACFC6891	1303552	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\tmase\tmptfb.dll
2015-12-15 09:38:58	E5E8E0CDD5932F454BDAD71AA898BE3E	376320	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\tmase\PerfMonitor.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-12-22 14:30:18	1BD1A297F0B40CA5DAEADB935E05193D	419320	----a-w-	C:\Windows\Sysnative\FNTCACHE.DAT
====== C:\Windows\Sysnative\drivers =====
2015-12-08 20:23:16	5BD6B1EC997FF3DD779D62E05D2079A8	146944	----a-w-	C:\Windows\Sysnative\drivers\rmcast.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-12-23 16:38:27	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-12-21 18:47:41	--------	d-----w-	C:\PROGRA~2\Trend Micro
======= C: =====
2015-12-23 16:09:44	ED9B6E2A3511DF5147BB76E6D4B594E5	6832	------w-	C:\bootsqm.dat
====== C:\Users\Friso\AppData\Roaming ======
2015-12-22 20:04:17	7AB847EC5EBCF87C7D32B8F107041158	163520	----a-w-	C:\Users\Friso\AppData\Local\census.cache
2015-12-22 20:04:14	26561BB4F1830202D831F8267F94BADE	88287	----a-w-	C:\Users\Friso\AppData\Local\ars.cache
2015-12-22 20:00:59	668D02A782E028CB07E3203F61753E9D	10	----a-w-	C:\Users\Friso\AppData\Local\sponge.last.runtime.cache
2015-12-22 17:26:14	DAE65D448F6AB0361A113C0AAA9CECF1	36	----a-w-	C:\Users\Friso\AppData\Local\housecall.guid.cache
2015-12-22 17:19:45	--------	d-----w-	C:\Users\Friso\AppData\Local\ElevatedDiagnostics
2015-12-22 14:41:02	D790EA8766EFAF65C367B3F153F29EE3	112184	----a-w-	C:\Users\Friso\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-22 14:39:48	--------	d-----w-	C:\Users\Friso\AppData\Roaming\Apple Computer
====== C:\Users\Friso ======
2015-12-23 16:36:42	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Friso\Desktop\RSITx64.exe
2015-12-23 15:54:50	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Friso\Downloads\RSITx64.exe
2015-12-22 15:40:38	104BD6B024DD1F89B979524E0DFF9739	2073112	----a-w-	C:\Users\Friso\Downloads\HousecallLauncher.exe
2015-12-11 19:07:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

====== C: exe-files ==
2015-12-23 17:28:13	9A5728733FC3B2BD46A82D39CC49B24E	1872808	----a-w-	C:\Program Files (x86)\Maxthon\Modules\Service\Update\updataSvr.exe
2015-12-23 16:38:52	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Friso.exe
2015-12-23 16:36:42	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Friso\Desktop\RSITx64.exe
2015-12-23 15:54:50	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Friso\Downloads\RSITx64.exe
2015-12-22 17:26:40	299132ACE444E1C0CCABF29686FA9377	3830552	----a-w-	C:\Users\Friso\AppData\Local\Temp\HCBackup\hcpackage.exe
2015-12-22 15:40:38	104BD6B024DD1F89B979524E0DFF9739	2073112	----a-w-	C:\Users\Friso\Downloads\HousecallLauncher.exe
2015-12-20 13:26:12	CCB5979D91A2FD43A4D14E71538A6A64	1105864	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_A6282D74FF5C38C8.exe
2015-12-20 13:25:28	CFBC74EFAC3759CAF25FBFD2E7665165	532312	----a-w-	C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.7210.1528\GoogleToolbarInstaller_updater_signed.exe
=== C: other files ==
2015-12-22 19:10:27	436709920D515BEE9EA39DEBC9D94C93	16259638	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\tmase.zip
2015-12-22 17:28:47	CEA48A9627A4D7AA5DA28DCB424BDD77	2767	----a-w-	C:\Users\Friso\AppData\Local\Temp\HCBackup\AUCache\AU_Cache\housecall-ctp-p.activeupdate.trendmicro.com\ini_xml.zip
2015-12-22 17:28:07	BBEC5ED32E8615E110CB43662C3822C1	38416	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\TMEBC32.sys
2015-12-22 17:28:07	8CB2FFB8BB0BBF8CD0DD685611854637	303744	----a-w-	C:\Users\Friso\AppData\Local\Temp\HouseCall32\tmcomm.sys
2015-12-21 21:49:06	EB4BBA22BF1209EA20A230E135CEA270	251961	----a-w-	C:\Users\Friso\Downloads\LargeFiles.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2178653797-2492864286-2871112973-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
"CommonToolkitTray"="C:\Program Files (x86)\Fighters\Tray\FightersTray.exe"
"SWPROguard"="C:\Program Files (x86)\Fighters\SPYWAREfighter\swprotray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"InstallerLauncher"="C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Babylon Client]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Babylon Client"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Babylon\\Babylon-Pro\\Babylon.exe -AutoStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Norton Online Backup"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PWRISOVM.EXE"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE -startup"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [16-07-2015 21:55]
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [16-07-2015 21:55]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 01:08]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 01:08]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"]
"C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Maxthon Update" ["C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe"]
"C:\Windows\SysNative\tasks\new tab helper oursurfing" [C:\Users\Friso\AppData\Roaming\oursurfing\newtab_hlpr.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86



==== Chromium Fix ======================

C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} - No_Url_Value
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FAD80CB7AC8B09B4EB3159F7B12404F0 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Policies\Chromium deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3D1A297B-5565-475A-8455-055E628B39CF} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV16.03 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\1603259357.portal.qtrax.com deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{58C91689-85E3-4B25-ADEC-2697986DF817} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\B792A1D35655A574485550E526B893FC deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\FAD80CB7AC8B09B4EB3159F7B12404F0 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\98619C853E5852B4DACE627989D68F71 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Babylon Client deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Friso\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Friso\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1836 folders=231 509057109 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Friso\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Friso\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 24-12-2015 at  0:15:33,07 ======================