
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Jean-Pierre on zo 21/02/2016 at 15:33:54,56.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jean-Pierre\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

21/02/2016 15:37:44 Zoek.exe System Restore Point Created Successfully.

==== Hosts Hijacker detected ======================

C:\windows\system32\ise\itub\boni.dat

==== Empty Folders Check ======================

C:\Program Files\Conduit deleted successfully
C:\Program Files\Softonic-Eng7 deleted successfully
C:\Users\Jean-Pierre\AppData\Local\Conduit deleted successfully
C:\Users\Jean-Pierre\AppData\Local\MigWiz deleted successfully
C:\Users\Jean-Pierre\AppData\Local\PackageAware deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0D02A082-59B7-4AE9-8380-CCDA7B9214EA} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\SearchScopes\{371AF947-7EC9-4427-B761-FEE772FBC204} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D5CBF8FE-3DF2-4859-B0B4-19DB516226A0} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4536918A-95A8-498F-B542-CB906C561A43} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4536918A-95A8-498F-B542-CB906C561A43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{F2DDE6B2-9684-4A55-86D4-E255E237B77C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4536918A-95A8-498F-B542-CB906C561A43} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4536918A-95A8-498F-B542-CB906C561A43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4536918A-95A8-498F-B542-CB906C561A43} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully
HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully

==== File Information Results ======================


--- C:\windows\system32\dnsapi.dll ---
Company: Microsoft Corporation
File Description: API DLL van DNS Client
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft® Windows®
Copyright: © Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: dnsapi
File type: ----a-w-
File size: 270336
Created time: 2011-04-14 06:39:51
Modified time: 2015-09-23 16:16:05
MD5: 8765EF6F8F421445118F2A5B2E172579
SHA1: 46A58EF18EE28E6B9C0CB4D47019217DE036C5D3


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avg9wd deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\avg9wd deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IAANTMON deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IAANTMON deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IAANTMON deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IAANTMON deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SQLWriter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SQLWriter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\SQLWriter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SQLWriter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVG Security Toolbar Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVG Security Toolbar Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\MSSQL$MSSMLBIZ deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSSQL$MSSMLBIZ deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\MSSQL$MSSMLBIZ deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MSSQL$MSSMLBIZ deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ose deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ose deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\MSSQLServerADHelper deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSSQLServerADHelper deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\MSSQLServerADHelper deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MSSQLServerADHelper deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SQLBrowser deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SQLBrowser deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\SQLBrowser deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SQLBrowser deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AccountService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AccountService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IB Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IB Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCKAVService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCKAVService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCKeeper2Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCKeeper2Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCKeeperOcfService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCKeeperOcfService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fileHiders deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fileHiders deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ReimageRealTimeProtector deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZeoScanner deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ZeoScanner deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}] 
Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95324e44-4b0a-47a9-8f77-9c6415e51c29}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}] 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
"AVG9_TRAY"=- 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"RegistryBooster"=- 
"PCKeeperLive"=- 
"PCKeeper Antivirus"=- 

==== Deleting Files \ Folders ======================

C:\Program Files\Conduit not found
C:\Users\Jean-Pierre\AppData\Local\Conduit not found
C:\Program Files\Softonic-Eng7 not found
C:\Program Files\Conduit not found
C:\Program Files\daugava deleted
C:\Program Files\AVG\AVG9 deleted
C:\Program Files\IncrediMail_MediaBar_2 deleted
C:\Program Files\ConduitEngine deleted
C:\Program Files\Uniblue\RegistryBooster deleted
C:\Program Files\Essentware deleted
C:\909712f96cf62ca822 deleted
C:\ProgramData\Essentware deleted
C:\windows\system32\Tasks\PCKeeper Updater deleted
C:\Users\Jean-Pierre\appdata\locallow\ConduitEngine deleted
C:\Users\Jean-Pierre\appdata\locallow\IncrediMail_MediaBar_2 deleted
C:\Program Files\IncrediMail_MediaBar_Nederlands_2 deleted
C:\Users\Jean-Pierre\appdata\locallow\IncrediMail_MediaBar_Nederlands_2 deleted
C:\Users\Jean-Pierre\AppData\LocalLow\Conduit deleted
C:\Program Files\Software IHC Visual NL deleted
C:\Program Files\Registry Mechanic deleted
C:\Program Files\MyPC Backup deleted
C:\Program Files\IB Updater deleted
C:\Program Files\Reimage deleted
C:\user.js deleted
C:\Users\Jean-Pierre\AppData\Roaming\Uniblue deleted
C:\Users\Jean-Pierre\AppData\Roaming\Registry Mechanic deleted
C:\windows\system32\config\systemprofile\AppData\Roaming\ortmp deleted
C:\windows\system32\config\systemprofile\AppData\Roaming\Systweak deleted
C:\PROGRA~2\APN deleted
C:\PROGRA~2\AVG Security Toolbar deleted
C:\PROGRA~2\Partner deleted
C:\PROGRA~2\Reimage Protector deleted
C:\Users\Jean-Pierre\AppData\Local\Systweak deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair deleted
C:\Users\Jean-Pierre\Downloads\rcpsetupmapp1_mapp11601082be (1).exe deleted
C:\Users\Jean-Pierre\Downloads\rcpsetupmapp1_mapp11601082be (2).exe deleted
C:\Users\Jean-Pierre\Downloads\rcpsetupmapp1_mapp11601082be (3).exe deleted
C:\Users\Jean-Pierre\Downloads\rcpsetupmapp1_mapp11601082be (4).exe deleted
C:\Users\Jean-Pierre\Downloads\rcpsetupmapp1_mapp11601082be (5).exe deleted
C:\Users\Jean-Pierre\Downloads\rcpsetupmapp1_mapp11601082be.exe deleted
C:\rei deleted
C:\Users\Jean-Pierre\Downloads\reimagerepair.exe deleted
C:\Users\Jean-Pierre\AppData\LocalLow\Company deleted
C:\Users\Jean-Pierre\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} deleted
C:\Users\Jean-Pierre\AppData\LocalLow\Softonic-Eng7 deleted
C:\Users\Jean-Pierre\AppData\LocalLow\PriceGong deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\Company deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} deleted
C:\windows\system32\drivers\fileHiders.sys deleted
C:\windows\Reimage.ini deleted
C:\windows\tasks\RegistryBooster.job deleted
C:\windows\system32\tasks\Reimage Reminder deleted
C:\windows\system32\tasks\ReimageUpdater deleted
C:\windows\system32\tasks\RegistryBooster deleted
C:\windows\system32\Tasks\LaunchSignup deleted
C:\windows\system32\DRIVERS\zeoscanner.sys deleted
C:\END deleted
C:\windows\system32\roboot.exe deleted
C:\windows\System32\ConduitEngine.tmp deleted
C:\Users\Public\Desktop\PCKeeper Antivirus.lnk deleted
C:\Users\Public\Desktop\PCKeeper.lnk deleted
"C:\windows\Installer\3865dd.msi" deleted

==== Files Found C:\windows\*dnsapi.dll* ======================

2009-07-14 01:15:12	269824	----a-w-	6D5A49D6479EB753C7879F73A4C35E0F	C:\windows\winsxs\X801C7~1.163\dnsapi.dll	---	C:\windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_e1b8d300e3acf8dc\dnsapi.dll
2009-09-15 04:37:36	15872	----a-w-	3500F81B94D56F2F88FD6740E579C42F	C:\windows\System32\nl-NL\dnsapi.dll.mui	---	C:\windows\System32\nl-NL\dnsapi.dll.mui
2009-09-15 04:37:36	15872	----a-w-	3500F81B94D56F2F88FD6740E579C42F	C:\windows\winsxs\X8B07E~1.163\DNSAPI~1.MUI	---	C:\windows\winsxs\x86_microsoft-windows-dns-client.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_75e0b54bc93fb1a2\dnsapi.dll.mui
2009-09-15 04:38:07	15872	----a-w-	3500F81B94D56F2F88FD6740E579C42F	C:\windows\winsxs\Backup\X8CF99~1.MUI	---	C:\windows\winsxs\Backup\x86_microsoft-windows-dns-client.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_75e0b54bc93fb1a2_dnsapi.dll.mui_97465f8a
2010-11-20 12:18:32	270336	----a-w-	59DF156711A76BCB993253EC6C9BBF41	C:\windows\winsxs\X86D60~1.175\dnsapi.dll	---	C:\windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_e3e9e6c8e09b7c76\dnsapi.dll
2011-03-03 05:12:25	270336	----a-w-	1F79F611109C2B97260B68FD6B4FC7DD	C:\windows\winsxs\X887B9~1.216\dnsapi.dll	---	C:\windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_e431a3c1f9eaaa8f\dnsapi.dll
2011-03-03 05:29:23	269824	----a-w-	62390F4ACE9E2B63E3CA26B7F7497897	C:\windows\winsxs\X8CA17~1.167\dnsapi.dll	---	C:\windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_e1c0a9a6e3a78582\dnsapi.dll
2011-03-03 05:38:01	270336	------w-	B40420876B9288E0A1C8CCA8A84E5DC9	C:\windows\winsxs\X837D2~1.175\dnsapi.dll	---	C:\windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_e3a50618e0cfbec0\dnsapi.dll
2011-03-03 05:50:45	270336	----a-w-	11DD7EB4446F25C132D0D8527DDCAF4D	C:\windows\winsxs\X8BDD4~1.209\dnsapi.dll	---	C:\windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_e28d2873fc92ad7b\dnsapi.dll
2011-07-08 09:15:46	270336	----a-w-	B40420876B9288E0A1C8CCA8A84E5DC9	C:\windows\winsxs\Backup\X8F9B1~1.DLL	---	C:\windows\winsxs\Backup\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_e3a50618e0cfbec0_dnsapi.dll_c81f5791
2015-09-23 16:16:05	270336	----a-w-	8765EF6F8F421445118F2A5B2E172579	C:\windows\System32\dnsapi.dll	---	C:\windows\System32\dnsapi.dll

==== Files Recently Created / Modified ======================

====== C:\windows ====
2016-02-03 18:12:15	44E044C1F57A6007587E638CED1FCAA6	186646214	----a-w-	C:\windows\MEMORY.DMP
====== C:\Users\JEAN-P~1\AppData\Local\Temp ====
2016-02-14 08:30:37	FF347A845EF40A1115F9F5EA812595A7	220160	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\SmiProvider.dll
2016-02-14 08:30:37	EB5D1A1362BDF19D08789B1A3313AF7B	102912	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\OSProvider.dll
2016-02-14 08:30:37	E2F5147A72BFAD06DD4FCAA87B0D5E19	347648	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\TransmogProvider.dll
2016-02-14 08:30:37	A399514D3B28C9A3453A486BBAAFF1C7	189952	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\wdscore.dll
2016-02-14 08:30:37	61D18BF13A06E1DB2EA6CD11FE60D0D5	345600	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\WimProvider.dll
2016-02-14 08:30:37	0E506A0DB8602F4BEBEDEDA8F4BBD225	243200	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\UnattendProvider.dll
2016-02-14 08:30:36	ECFDBC4B8A8E3BF333BB8C091E595045	1281536	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\CbsProvider.dll
2016-02-14 08:30:36	CC14EA096EC5715D0CE45FADE8FF5774	89600	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\LogProvider.dll
2016-02-14 08:30:36	BC72ACDF946DCEBF708F2CE12E2E2F68	159744	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\MsiProvider.dll
2016-02-14 08:30:36	B7824E5844477EEFC3F42615CF57BD1E	318464	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\DmiProvider.dll
2016-02-14 08:30:36	A1CF92651A2274E887189DABD2929DEF	82944	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\DismHost.exe
2016-02-14 08:30:36	5D95DF18511BA6BE207E47F331FA98D4	50688	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\DismCorePS.dll
2016-02-14 08:30:36	1FC533A70922B87A18FD877CA2E07319	141312	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\DismProv.dll
2016-02-14 08:30:36	07510FD54406B1ECF304A38BB25B90A8	49152	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\FolderProvider.dll
2016-02-14 08:30:36	06B2345D0DD4A6313FD16BFAF8534208	230912	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\DismCore.dll
2016-02-14 08:30:36	058440B43245178534D483326B5B0C2C	250880	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\IntlProvider.dll
2016-02-14 08:30:36	02E8CC253DBE47A9D91FE17EA2F44CDC	141312	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\75A26CE9-41B2-4D45-B2BC-7A6CCF224716\CompatProvider.dll
2016-02-11 16:31:40	60241FC93A05815591BA17A4C452DD4E	4584344	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Temp\29BC.exe
====== Java Cache =====
====== C:\windows\system32 =====
2016-02-21 14:17:29	F3B1491B98161CABC1F0DBF1A2488FE3	95840	----a-w-	C:\windows\System32\WindowsAccessBridge.dll
====== C:\windows\system32\drivers =====
====== C:\windows\Tasks ======
2016-02-21 12:55:34	D5D5166261B5882C5754A5C7A84E923E	3124	----a-w-	C:\windows\system32\Tasks\{17CAB36D-CD26-42E4-8DDB-68DC7AF2D07E}
====== C:\windows\Temp ======
======= C:\Program Files =====
2016-02-21 14:19:11	--------	d-----w-	C:\Program Files\Common Files\Java
2016-02-19 11:09:03	--------	d-----w-	C:\Program Files\trend micro
======= C: =====
====== C:\Users\Jean-Pierre\AppData\Roaming ======
2016-02-21 14:18:37	--------	d-----w-	C:\Users\Jean-Pierre\AppData\Roaming\Sun
2016-02-21 12:55:01	--------	d-----w-	C:\Users\Jean-Pierre\AppData\Locallow\Oracle
2016-02-02 16:10:44	--------	d-----w-	C:\Users\Jean-Pierre\AppData\Local\Essentware
====== C:\Users\Jean-Pierre ======
2016-02-21 14:18:34	--------	d-----w-	C:\Users\Jean-Pierre\.oracle_jre_usage
2016-02-21 14:17:27	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-21 14:00:03	462D73C11B99C0B77D65C0BFE82454AE	735328	----a-w-	C:\Users\Jean-Pierre\Downloads\JavaSetup8u73.exe
2016-02-19 11:08:21	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Jean-Pierre\Downloads\RSIT (1).exe
2016-02-19 11:06:56	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Jean-Pierre\Downloads\RSIT.exe
2016-02-02 16:09:05	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Essentware

====== C: exe-files ==
2016-02-21 14:33:32	F4690A4D9776882373B75A257CB2A335	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-837711937-2185517149-3617628737-1001\$IUB511A.exe
2016-02-21 14:33:03	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$Recycle.Bin\S-1-5-21-837711937-2185517149-3617628737-1001\$RUB511A.exe
2016-02-21 14:17:29	5B98DCE4893425BA4F08C2BE134CABE5	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2016-02-21 14:17:29	249C1C8BD8AC9568E5C5A0EC2FB39018	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2016-02-21 14:17:29	2211C51BABE577798343D69F818E25AB	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2016-02-21 14:15:22	DB409F9BD2FA779E75835B1E0FE1181C	159328	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\unpack200.exe
2016-02-21 14:15:22	C84504D069A78BE5E4444EA06AA5E102	16480	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\orbd.exe
2016-02-21 14:15:22	ABC1BAF673FA608029D45EB6C78E1D04	50784	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\ssvagent.exe
2016-02-21 14:15:22	A3AA0A0935506C7ECA6EF2F584CD416F	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\policytool.exe
2016-02-21 14:15:22	8BD1E7120713F9581645D5FDD14B8D25	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\rmid.exe
2016-02-21 14:15:22	6ABADA3CA8DC4AC2AFDA69A6836C362F	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\pack200.exe
2016-02-21 14:15:22	3B74EE580794FCBDE389639E9D8ECEFB	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\rmiregistry.exe
2016-02-21 14:15:22	2942578781EFB763366176C015F09ACD	16480	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\tnameserv.exe
2016-02-21 14:15:22	0A7708846A0629D518739075A40DDD06	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\servertool.exe
2016-02-21 14:15:20	AB6E988F108E2437E65536F3F5550BA2	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\ktab.exe
2016-02-21 14:15:20	876744373E18627410A9F23C348C5D9E	76896	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\jp2launcher.exe
2016-02-21 14:15:20	66550F1F363BC66AFD9A530AD8CB6570	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\kinit.exe
2016-02-21 14:15:20	4383D5735FD7743D01AD04E9AAD1D6CF	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\keytool.exe
2016-02-21 14:15:20	16E2FE80EE89DCCA1907D97E34656E19	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\jjs.exe
2016-02-21 14:15:20	04E0265E964D9ECB07B105D456B96982	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\klist.exe
2016-02-21 14:15:19	B100697A0837596183F3BBD94448F68E	30816	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\jabswitch.exe
2016-02-21 14:15:19	5B98DCE4893425BA4F08C2BE134CABE5	191584	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\javaw.exe
2016-02-21 14:15:19	328A57535A2B74C924FA34DD29039E9D	15968	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\java-rmi.exe
2016-02-21 14:15:19	249C1C8BD8AC9568E5C5A0EC2FB39018	191072	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\java.exe
2016-02-21 14:15:19	237CDD69D6E3866533B402F321A11A4E	68192	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\javacpl.exe
2016-02-21 14:15:19	2211C51BABE577798343D69F818E25AB	278624	----a-w-	C:\Program Files\Java\jre1.8.0_73\bin\javaws.exe
2016-02-21 14:10:46	A41C0CD1CBD056053A3685C9273E1712	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-837711937-2185517149-3617628737-1001\$IHAPMNH.exe
2016-02-21 14:00:03	462D73C11B99C0B77D65C0BFE82454AE	735328	----a-w-	C:\Users\Jean-Pierre\Downloads\JavaSetup8u73.exe
2016-02-20 20:11:29	7A1EFC058324169EC6083AD10CDC9939	735328	----a-w-	C:\$Recycle.Bin\S-1-5-21-837711937-2185517149-3617628737-1001\$RHAPMNH.exe
2016-02-20 12:17:25	45AB0193BCF8693503AF810B1E60D7FE	879512	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\48.0.2564.116\48.0.2564.116_48.0.2564.109_chrome_updater.exe
2016-02-19 11:09:04	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Jean-Pierre.exe
2016-02-19 11:08:21	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Jean-Pierre\Downloads\RSIT (1).exe
2016-02-19 11:08:06	761204CE1F26D946B2ACE5D5FF2D5D16	1579928	----a-w-	C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\SwReporter\6.44.3\software_reporter_tool.exe
2016-02-19 11:06:56	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Jean-Pierre\Downloads\RSIT.exe
=== C: other files ==
2016-02-21 14:15:24	EFE4B4EBEBBF14DE84461AFCC281DA12	14130	----a-w-	C:\Program Files\Java\jre1.8.0_73\lib\deploy\ffjcext.zip

==== Orphaned Tasks deleted from Registry ======================

LaunchSignup deleted
PCKeeper Updater deleted
Reimage Reminder deleted
ReimageUpdater deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-837711937-2185517149-3617628737-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Google Update"="C:\Users\Jean-Pierre\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"SSDMonitor"="C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Google Update"="C:\Users\Jean-Pierre\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Folders ======================

2010-03-21 15:48:24	1193	----a-w-	C:\Users\Jean-Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2 .lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11/02/2016 17:42]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/08/2015 09:42]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/08/2015 09:42]
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-837711937-2185517149-3617628737-1001Core.job --a------ C:\Users\Jean-Pierre\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-837711937-2185517149-3617628737-1001UA.job --a------ C:\Users\Jean-Pierre\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\windows\tasks\Norton Security Scan for Jean-Pierre.job --ah----- C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe []
C:\windows\tasks\RMSchedule.job --a------ C:\Program Files\Registry Mechanic\RegMech.exe []

==== Other Scheduled Tasks ======================

"C:\windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\windows\system32\tasks\Adobe Flash Player Updater" [C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\system32\tasks\advSRS4" ["C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe"]
"C:\windows\system32\tasks\BatteryLifeExtender" [C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe]
"C:\windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\windows\system32\tasks\EasyBatteryManager" ["%ProgramFiles%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe"]
"C:\windows\system32\tasks\EasyDisplayMgr" ["C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe"]
"C:\windows\system32\tasks\EasySpeedUpManager" [%programfiles%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe]
"C:\windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-837711937-2185517149-3617628737-1001Core" [C:\Users\Jean-Pierre\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-837711937-2185517149-3617628737-1001UA" [C:\Users\Jean-Pierre\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\system32\tasks\Norton Security Scan for Jean-Pierre" [C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe]
"C:\windows\system32\tasks\RMSchedule" [C:\Program Files\Registry Mechanic\RegMech.exe]
"C:\windows\system32\tasks\RMSmartUpdate" ["C:\Program Files\Registry Mechanic\update.exe"]
"C:\windows\system32\tasks\SamsungSupportCenter" [%programfiles%\Samsung\Samsung Support Center\SSCKbdHk.exe]
"C:\windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\windows\system32\tasks\SUPBackground" ["%ProgramFiles%\Samsung\Samsung Update Plus\SUPBackground.exe"]
"C:\windows\system32\tasks\User_Feed_Synchronization-{F34E7F05-3633-4C63-A47C-492D34D47902}" [C:\windows\system32\msfeedssync.exe]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[]

YouTube - Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome Web Store Payments - Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_land.pckeeper.software_0.localstorage deleted successfully
C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_land.pckeeper.software_0.localstorage-journal deleted successfully
C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage deleted successfully
C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/"
"Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.google.be/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2405280
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
HKCU\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_nl
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C8F87BF70F7D30547B2D1CC15E684A69 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Uniblue RegistryBooster deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7FB78F8C-D7F0-4503-B7D2-C11CE586A496} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E44BBEE3-3F83-4670-9E2E-EE0556442287} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_2 Toolbar deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail_MediaBar_Nederlands_2 Toolbar deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\C8F87BF70F7D30547B2D1CC15E684A69 deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jean-Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jean-Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1843 folders=258 784304700 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jean-Pierre\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\JEAN-P~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 21/02/2016 at 16:07:47,70 ======================