Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by dennis on za 30-01-2016 at 10:25:33,41. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\dennis\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-01-18-204002.log 8429656 bytes C:\zoek-results2016-01-20-212759.log 44111 bytes C:\zoek-results2016-01-21-225508.log 412 bytes C:\zoek-results2016-01-27-161531.log 2472164 bytes C:\zoek-results2016-01-27-162510.log 30741 bytes ==== Deleting Files \ Folders ====================== C:\Program Files\Common Files\AV\avast! Antivirus deleted C:\Program Files (x86)\Common Files\AV\avast! Antivirus deleted C:\Users\dennis\AppData\Local\Microsoft\Windows\WER\ReportQueue\AppCrash_avastui.exe_63f716d5362138c32596e7302460ab443f90555_da9ad960_cab_10354433 deleted C:\Users\dennis\AppData\Local\Temp\_avast_ deleted C:\windows\SysNative\Tasks\AVAST Software deleted "C:\Users\dennis\Downloads\avastclear.exe" deleted "C:\Windows\Prefetch\AVASTCLEAR.EXE-B73DDE91.pf" deleted "C:\Windows\Prefetch\AVASTUI.EXE-DC11C262.pf" deleted ==== Registry Search Results for "avast" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy] [HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy] @="C:\\Program Files\\AVAST Software\\Avast\\AvastNM.json" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00AB3925-B470-4264-B354-03E373074F23}] "AppPath"="C:\\Program Files\\AVAST Software\\Avast" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\avast.AsOutExt] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\avast.AsOutExt] "FriendlyName"="Avast Add-in" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\avast.AsOutExt] "Description"="Avast Outlook Add-in" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\00avast] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast\ShellEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast.AsOutExt] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast.AsOutExt\CurVer] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast.AsOutExt\CurVer] @="avast.AsOutExt.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast.AsOutExt.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast.AsOutExt.1\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}\1.0\0\win32] @="C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}\1.0\0\win64] @="C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}\1.0\HELPDIR] @="C:\\Program Files\\AVAST Software\\Avast" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6DFA2AA7-8234-46E2-A8E2-96794315C122}\1.0\0\win32] @="C:\\Program Files\\AVAST Software\\Avast\\aswWrcIEBroker32.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6DFA2AA7-8234-46E2-A8E2-96794315C122}\1.0\0\win64] @="C:\\Program Files\\AVAST Software\\Avast\\aswWrcIEBroker64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6DFA2AA7-8234-46E2-A8E2-96794315C122}\1.0\HELPDIR] @="C:\\Program Files\\AVAST Software\\Avast" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EDDBDEA4-5C07-453F-BE8C-81D738984381}\1.0\0\win32] @="C:\\Program Files\\AVAST Software\\Avast\\asOutExt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EDDBDEA4-5C07-453F-BE8C-81D738984381}\1.0\0\win64] @="C:\\Program Files\\AVAST Software\\Avast\\x64\\asOutExt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EDDBDEA4-5C07-453F-BE8C-81D738984381}\1.0\HELPDIR] @="C:\\Program Files\\AVAST Software\\Avast" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}\1.0\0\win32] @="C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}\1.0\0\win64] @="C:\\Program Files\\AVAST Software\\Avast\\aswWebRepIE64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6B795924-95E7-4D31-8521-407360C3AA0B}\1.0\HELPDIR] @="C:\\Program Files\\AVAST Software\\Avast" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6DFA2AA7-8234-46E2-A8E2-96794315C122}\1.0\0\win32] @="C:\\Program Files\\AVAST Software\\Avast\\aswWrcIEBroker32.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6DFA2AA7-8234-46E2-A8E2-96794315C122}\1.0\0\win64] @="C:\\Program Files\\AVAST Software\\Avast\\aswWrcIEBroker64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{6DFA2AA7-8234-46E2-A8E2-96794315C122}\1.0\HELPDIR] @="C:\\Program Files\\AVAST Software\\Avast" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EDDBDEA4-5C07-453F-BE8C-81D738984381}\1.0\0\win32] @="C:\\Program Files\\AVAST Software\\Avast\\asOutExt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EDDBDEA4-5C07-453F-BE8C-81D738984381}\1.0\0\win64] @="C:\\Program Files\\AVAST Software\\Avast\\x64\\asOutExt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{EDDBDEA4-5C07-453F-BE8C-81D738984381}\1.0\HELPDIR] @="C:\\Program Files\\AVAST Software\\Avast" [HKEY_USERS\S-1-5-21-707377767-3591874963-3864708268-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\869fe238_0] @="{2}.\\\\?\\hdaudio#func_01&ven_10ec&dev_0269&subsys_1025064b&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\\singlelineouttopo/00010001|\\Device\\HarddiskVolume4\\Program Files\\AVAST Software\\Avast\\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-707377767-3591874963-3864708268-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\946e8e98_0] @="{2}.\\\\?\\hdaudio#func_01&ven_10ec&dev_0269&subsys_1025064b&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\\singlelineouttopo/00010001|\\Device\\HarddiskVolume4\\Program Files\\AVAST Software\\Avast\\avastui.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-707377767-3591874963-3864708268-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Users\\dennis\\Downloads\\avastclear.exe"=hex:53,41,43,50,01,00,00,00,00,\ ==== C:\zoek_backup content ====================== C:\zoek_backup (files=80125 folders=4651 9192590315 bytes) ==== EOF on za 30-01-2016 at 10:31:23,94 ======================