Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Jeffrey on do 17/03/2016 at 10:46:12,95. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jeffrey\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-03-16-080859.log 106427 bytes C:\zoek-results2016-03-16-110931.log 36293 bytes C:\zoek-results2016-03-16-130310.log 4964 bytes ==== Registry Search Results for "avg" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\AVG] [HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AV] [HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AV\LinkScanner] [HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AV\LinkScanner\Prevalence] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] "DllName"="avgssie.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}] "AppPath"="C:\\Program Files (x86)\\Common Files\\AVG Secure Search\\ScriptHelperInstaller\\40.2.8" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}] "InstallSource"="C:\\ProgramData\\Avg\\Setup\\_Temp\\fb68f7d2-d818-47cc-a104-a96de9d3732d\\fmw\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}] "Publisher"="AVG Technologies CZ, s.r.o." [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66694099-FBD8-4A98-AB9F-F19EAB4144C0}\1.0\0\win32] @="C:\\Program Files (x86)\\AVG\\Av\\Tuneup\\TUMicroScanner.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66694099-FBD8-4A98-AB9F-F19EAB4144C0}\1.0\HELPDIR] @="C:\\Program Files (x86)\\AVG\\Av\\Tuneup\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{66694099-FBD8-4A98-AB9F-F19EAB4144C0}\1.0\0\win32] @="C:\\Program Files (x86)\\AVG\\Av\\Tuneup\\TUMicroScanner.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{66694099-FBD8-4A98-AB9F-F19EAB4144C0}\1.0\HELPDIR] @="C:\\Program Files (x86)\\AVG\\Av\\Tuneup\\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CMF\SqmData] "AvgFileCount"=dword:0000009b [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CMF\SqmData] "AvgCountDiff"=dword:fffffff3 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CMF\SqmData] "AvgFileCount"=dword:0000009b [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CMF\SqmData] "AvgCountDiff"=dword:fffffff3 [HKEY_USERS\.DEFAULT\Software\Avg Secure Update] [HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0216piz] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zSD96F.tmp\\AVG-Secure-Search-Update.exe"=hex:53,41,43,50,\ [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Avg] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Avg\Avgdiag] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Avg Secure Update] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Avg Secure Update\0216piz] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Avg Secure Update\Campaigns] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Avg Secure Update\Campaigns\0216piz] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count] "P:\\Hfref\\Wrsserl\\Qbjaybnqf\\ujzbavgbe-ceb_1.25.rkr"=hex:13,00,00,00,00,00,\ [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count] "{6Q809377-6NS0-444O-8957-N3773S02200R}\\PCHVQ\\UJZbavgbeCeb\\UJZbavgbeCeb.rkr"=hex:13,\ [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count] "{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\\Nqzvavfgengvir Gbbyf\\Cresbeznapr Zbavgbe.yax"=hex:13,\ [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count] "{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\\PCHVQ\\UJZbavgbeCeb\\UJZbavgbeCeb.yax"=hex:13,\ [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{F4E57C4B-2036-45F0-A9AB-443BCFE33D9F}\Count] "{0139Q44R-6NSR-49S2-8690-3QNSPNR6SSO8}\\Nqzvavfgengvir Gbbyf\\Erfbhepr Zbavgbe.yax"=hex:13,\ [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\avg.com] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\myaccount.avg.com] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\avg.com] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\myaccount.avg.com] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\avg.com] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\myaccount.avg.com] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\avg.com] [HKEY_USERS\S-1-5-21-998202493-1252603307-4249403384-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\myaccount.avg.com] [HKEY_USERS\S-1-5-18\Software\Avg Secure Update] [HKEY_USERS\S-1-5-18\Software\Avg Secure Update\0216piz] [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zSD96F.tmp\\AVG-Secure-Search-Update.exe"=hex:53,41,43,50,\ ==== Registry Search Results for "avast" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\00avast] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast\ShellEx] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage] ==== C:\zoek_backup content ====================== C:\zoek_backup (files=159 folders=65 111381017 bytes) ==== EOF on do 17/03/2016 at 10:47:22,58 ======================