Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by anjav on vr 15-04-2016 at 10:10:03,09. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\anjav\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-04-04-085804.log 112285 bytes ==== Empty Folders Check ====================== C:\Users\anjav\AppData\Local\ActiveSync deleted successfully C:\Users\anjav\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== DriverSetupUtility 12 Labours of Hercules III: Girl Power abDocs abDocs Office AddIn abFiles abPhoto Acer Care Center Acer Explorer Agent Acer Portal Acer Power Management Acer Quick Access Acer UEIP Framework Adobe Acrobat Reader DC - Nederlands Adobe Refresh Manager All Family Games AOP Framework Avast SecureLine AVG AVG 2016 AVG Protection AVG Zen calibre CCleaner Classic Shell Corel Paint Shop Pro Photo X2 CyberLink PowerDVD 12 D3DX10 Dino Storm eBay Worldwide ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL Epson Event Manager Epson FAX Utility Epson Gebruikershandleiding XP-800 Series Epson Netwerkhandleiding XP-800 Series Epson PC-FAX Driver EPSON Scan EPSON XP-800 Series Printer Uninstall EpsonNet Print FMW 1 Foxit PhantomPDF Game Explorer Categories - genres Game Explorer Categories - main Google Chrome Google Update Helper Handleiding Epson Connect Home Makeover Intel Security True Key Intel(R) Biometric and Context Agent Intel(R) Biometric and Context Agent Redistributables Intel(R) Chipset Device Software Intel(R) Management Engine Components Intel(R) ME UninstallLegacy Intel(R) PRO/Wireless Driver Intel(R) Processor Graphics Intel(R) Serial IO Intel(R) Wireless Bluetooth(R) Intel© PROSet/Wireless Software Intel© PROSet/Wireless WiFi Software Intel© RealSenseT SDK 2014 Runtime (x64): Core Intel© Security Assist Intel© Trusted Connect Service Client Jewel Match 3 Jewel Match Snowscapes Junk Mail filter update Magic Academy Malwarebytes Anti-Malware versie 2.2.1.1043 Microsoft Application Error Reporting Microsoft Office Microsoft Office File Validation Add-In Microsoft Office Professional Editie 2003 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 More Games Mozilla Firefox 38.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Online Games - Dino Storm Online Games - Vegas World Online Games - Villagers and Heroes Photo Common Polar Bowler 1st Frame PrintMaster Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Rory's Restaurant Runefall Shockwave Shockwave Director 8.0 Speccy Update Installer for WildTangent Games App Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables WildTangent Games Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WPS Office (9.1.0.5113) ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecureLine deleted successfully ==== Deleting Files \ Folders ====================== C:\Users\anjav\AppData\Roaming\calibre deleted C:\Users\anjav\AppData\Roaming\AVAST Software deleted "C:\Program Files\AVAST Software\SecureLine\aswcmnbs.dll" deleted "C:\Program Files\AVAST Software\SecureLine\aswcmnis.dll" deleted "C:\Program Files\AVAST Software\SecureLine\aswcmnos.dll" deleted "C:\Program Files\AVAST Software\SecureLine\aswcommchannel.dll" deleted "C:\Program Files\AVAST Software\SecureLine\aswproperty.dll" deleted "C:\Program Files\AVAST Software\SecureLine\htmlayout.dll" deleted "C:\Program Files\AVAST Software\SecureLine\libcef.dll" deleted "C:\Program Files\AVAST Software\SecureLine\secureline.exe" deleted "C:\Program Files\AVAST Software" deleted "C:\Program Files\AVAST Software\SecureLine" deleted ==== Folders Found ====================== 2015-07-16 04:13:57 2015-07-16 04:13:57 -------- d-----w- C:\OEM\Preload\APP\AVASTSECURELINE 2015-07-16 03:32:11 2015-07-16 03:32:11 -------- d-----w- C:\ProgramData\AVAST Software 2015-07-16 03:32:16 2016-03-28 17:41:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-07-16 03:32:11 2015-07-16 03:32:11 -------- d-----w- C:\Users\All Users\AVAST Software 2015-07-16 03:32:16 2016-03-28 17:41:25 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\AVAST Software 2016-03-28 17:46:49 2016-03-28 17:46:49 -------- d-----w- C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c 2015-07-16 03:32:16 2016-03-28 17:46:59 -------- d-----w- C:\Windows.old\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-07-16 03:32:11 2015-07-16 03:32:11 -------- d-----w- C:\Windows.old\Users\All Users\AVAST Software 2015-07-16 03:32:16 2016-03-28 17:41:25 -------- d-----w- C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\AVAST Software 2015-07-16 03:32:17 2015-07-16 03:32:17 -------- d-----w- C:\Windows.old\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c 2016-04-15 08:23:38 2016-04-15 08:23:38 -------- d---a-w- C:\zoek_backup\C_Program Files_AVAST Software 2016-04-15 08:23:39 2016-04-15 08:23:39 -------- d---a-w- C:\zoek_backup\C_Users_anjav_AppData_Roaming_AVAST Software ==== Files Found ====================== --- C:\OEM\Preload\APP\AVASTSECURELINE\avast_secureline_setup.exe --- Company: AVAST Software File Description: Avast SecureLine Installer File Version: 1.0.239.4 Product Name: Avast SecureLine Copyright: © 2014 AVAST Software Original Filename: File type: ----a-w- File size: 22300632 Created time: 2015-07-16 04:13:57 Modified time: 2015-05-22 04:39:35 MD5: 1439AF415E265555FAA9621D702A8847 SHA1: A46828661B93EAF8889F9A0253C1CC0FC76E170C --- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast SecureLine.lnk --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1084 Created time: 2015-07-16 03:32:16 Modified time: 2015-07-16 03:32:16 MD5: BA1BC390DE0EDF351AD355196C37D582 SHA1: D909B99F199FCDED4FB24CAE7B2B38B500F2F9D4 --- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast SecureLine.lnk --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1084 Created time: 2015-07-16 03:32:16 Modified time: 2015-07-16 03:32:16 MD5: BA1BC390DE0EDF351AD355196C37D582 SHA1: D909B99F199FCDED4FB24CAE7B2B38B500F2F9D4 --- C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.cat --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 9249 Created time: 2016-03-28 17:46:48 Modified time: 2016-03-28 17:46:48 MD5: F181BD5627947025E1254E2F786AE2BE SHA1: 26255562307B9F89B744F3F6A5CA115BDD1B89FE --- C:\Windows\WinSxS\Manifests\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c.manifest --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ------w- File size: 2376 Created time: 2016-03-28 17:46:49 Modified time: 2016-03-28 17:46:48 MD5: 176B3BE4AE48CC8A7FACBB8E89A2131E SHA1: E2DF6022A299B523C194D017A887C00EDB4567AB --- C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.cat --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 9249 Created time: 2016-03-28 17:46:14 Modified time: 2016-03-28 17:46:14 MD5: 84E52D0B42207B15BC16A36298AE4110 SHA1: 7ADAEA12A8458CEEDC9D8742B45D5BE9C8D0F5BC --- C:\Windows\WinSxS\Manifests\x86_policy.11.0.avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_b2556b4035446b41.manifest --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ------w- File size: 608 Created time: 2016-03-28 17:46:14 Modified time: 2016-03-28 17:46:14 MD5: E479732F7B82161E923B0DF5B5D09C59 SHA1: F50646154ED92D53A8328B7DCB23E5717EEF249F --- C:\Windows.old\Users\All Users\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast SecureLine.lnk --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1084 Created time: 2015-07-16 03:32:16 Modified time: 2015-07-16 03:32:16 MD5: BA1BC390DE0EDF351AD355196C37D582 SHA1: D909B99F199FCDED4FB24CAE7B2B38B500F2F9D4 ==== Registry Search Results for "Avast" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software] [HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software\SecureLine] [HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software\SecureLine] "DataFolder"="C:\\ProgramData\\AVAST Software\\SecureLine" [HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software\SecureLine] "ProgramFolder"="C:\\Program Files\\AVAST Software\\SecureLine" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.avastvpn] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.avastvpn] @="avastvpnfile" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.avastvpn] "Content Type"="application/avast-avastvpn" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avastvpnfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avastvpnfile] @="avast! SecureLine license" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avastvpnfile\shell] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avastvpnfile\shell\open] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avastvpnfile\shell\open\command] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avastvpnfile\shell\open\command] @="\"C:\\Program Files\\AVAST Software\\SecureLine\\SecureLine.exe\" \"/license:%1\"" ==== Firefox Extensions ====================== ProfilePath: C:\Users\anjav\AppData\Roaming\Mozilla\Firefox\Profiles\ave67v2u.default - Nederlands NL Language Pack - %ProfilePath%\extensions\langpack-nl@firefox.mozilla.org - Traditional Chinese zh-TW Language Pack - %ProfilePath%\extensions\langpack-zh-TW@firefox.mozilla.org AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== ==== Chromium Fix ====================== C:\Users\anjav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\anjav\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{F0C73FE1-31BF-4F51-BCBE-E2A7CC13ED95}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{F0C73FE1-31BF-4F51-BCBE-E2A7CC13ED95} - http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE HKLM\Wow6432Node\SearchScopes "DefaultScope"="{F0C73FE1-31BF-4F51-BCBE-E2A7CC13ED95}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{F0C73FE1-31BF-4F51-BCBE-E2A7CC13ED95} - http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{F0C73FE1-31BF-4F51-BCBE-E2A7CC13ED95} - No_Url_Value ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\anjav\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\anjav\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\anjav\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\anjav\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\anjav\AppData\Local\Mozilla\Firefox\Profiles\ave67v2u.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\anjav\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=187 folders=32 83703610 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\anjav\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 15-04-2016 at 10:33:55,67 ======================