Zoek.exe Version 5.0.0.0 Updated 30-09-2015 Tool run by User on za 03/10/2015 at 19:20:39,06. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\User\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-08-24-143513.log 71882 bytes C:\zoek-results2015-08-25-065057.log 36655 bytes C:\zoek-results2015-09-16-120955.log 38260 bytes C:\zoek-results2015-09-18-181149.log 44797 bytes C:\zoek-results2015-09-19-172257.log 14644 bytes ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ExtTag] "ApName"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ExtTag] "Params"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Environment] "SNF"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ExtTag_RASAPI32] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ExtTag_RASMANCS] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ExtTag] [-HKEY_LOCAL_MACHINE\SOFTWARE\mtExtTag] [-HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\ExtTag.exe] [-HKEY_USERS\S-1-5-18\Software\Microsoft\.NETFramework\SQM\Apps\ExtTag.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\0\win32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\HELPDIR] @=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Program Files\ MCAFEE SECURITY Scan\\3.11.149\\McUICnt.exe"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\ MCAFEE SECURITY Scan\\3.11.149\\McUICnt.exe.FriendlyAppName"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\ MCAFEE SECURITY SCAN\\3.11.149\\McUICnt.exe.ApplicationCompany"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\ MCAFEE SECURITY SCAN\\3.11.149\\McUICnt.exe.FriendlyAppName"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\ MCAFEE SECURITY Scan\\3.11.149\\McUICnt.exe.ApplicationCompany"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\mcafeeupdater] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\MCAFEE] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\MCAFEE\MSC] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\MCAFEE\MSC\SETTINGS] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\0\win32] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\HELPDIR] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ExtTag] "ApName"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ExtTag] "Params"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Environment] "SNF"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ExtTag_RASAPI32] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ExtTag_RASMANCS] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ExtTag] [-HKEY_LOCAL_MACHINE\SOFTWARE\mtExtTag] [-HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\ExtTag.exe] [-HKEY_USERS\S-1-5-18\Software\Microsoft\.NETFramework\SQM\Apps\ExtTag.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\0\win32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\HELPDIR] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\0\win32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\HELPDIR] @=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Program Files\\McAfee SECURITY SCAN\\3.11.149\\McUICnt.exe"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\\McAfee Security Scan\\3.11.149\\McUICnt.exe.FriendlyAppName"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\\McAfee Security Scan\\3.11.149\\McUICnt.exe.ApplicationCompany"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\\McAfee Security Scan\\3.11.149\\McUICnt.exe.FriendlyAppName"=- [HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\\Program Files\\McAfee Security Scan\\3.11.149\\McUICnt.exe.ApplicationCompany"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\mcafeeupdater] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\MCAFEE] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\MCAFEE\MSC] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\MCAFEE\MSC\SETTINGS] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\0\win32] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\HELPDIR] [-HKEY_LOCAL_MACHINE SOFTWARE\Classes\Wow6432Node\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\0\win32] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\HELPDIR] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Microsoft WINDOWS NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Classes\Local Settings\Software\Microsoft WINDOWS\Shell\MuiCache] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001\Software\Classes\Local Settings\Software\Microsoft WINDOWS\Shell\MuiCache] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001_Classes\Local Settings\Software\Microsoft WINDOWS\Shell\MuiCache] [-HKEY_USERS\S-1-5-21-12827342-197674329-4274748872-1001_Classes\Local Settings\Software\Microsoft WINDOWS\Shell\MuiCache] ==== Deleting Files \ Folders ====================== C:\ProgramData\Microsoft WINDOWS\WER\ReportArchive\AppCrash_ExtTag.exe_73d7b545cec651cdfab62d1af0651ef6262a24b_570cccfa_03a01e2c not found C:\ProgramData\Microsoft WINDOWS\WER\ReportArchive\AppCrash_ExtTag.exe_73d7b545cec651cdfab62d1af0651ef6262a24b_570cccfa_03ac4e35 not found C:\Program Files MCAFEE Security Scan not found C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_ExtTag.exe_73d7b545cec651cdfab62d1af0651ef6262a24b_570cccfa_03b41ce4 deleted C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_ExtTag.exe_cff93feccbc3abb6f1fcdf4cc1a636c31443205a_570cccfa_0397017d deleted C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_ExtTag.exe_cff93feccbc3abb6f1fcdf4cc1a636c31443205a_570cccfa_03a01ef7 deleted C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_ExtTag.exe_73d7b545cec651cdfab62d1af0651ef6262a24b_570cccfa_cab_1727a349 deleted C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_ExtTag.exe_cff93feccbc3abb6f1fcdf4cc1a636c31443205a_570cccfa_cab_10916349 deleted C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_ExtTag.exe_73d7b545cec651cdfab62d1af0651ef6262a24b_570cccfa_03a01e2c deleted C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_ExtTag.exe_73d7b545cec651cdfab62d1af0651ef6262a24b_570cccfa_03ac4e35 deleted C:\ProgramData\McAfee deleted C:\ProgramData\McAfee Security Scan deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus deleted C:\windows\SysNative\config\systemprofile\AppData\Roaming\McAfee deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\CrashDumps\ExtTag.exe.1620.dmp deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ExtTag.exe.log deleted "C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk" deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2065 folders=354 169350904 bytes) ==== EOF on za 03/10/2015 at 19:21:11,16 ======================