
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by L‚on on di 27-09-2016 at 16:43:36,42.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\LON~1\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

27-9-2016 16:44:48 Zoek.exe System Restore Point Created Successfully.

==== Folders Found ======================

1601-01-01 00:00:00 1601-01-01 00:00:00	--------	d-----w-	C:\Windows\System32\config\systemprofile\AppData\Local\Avira_Operations_GmbH_&_C
1601-01-01 00:00:00 1601-01-01 00:00:00	--------	d-----w-	C:\Windows\System32\config\systemprofile\AppData\Local\Avira_Operations_GmbH_&_C\Avira.VpnService.exe_Url_mfwr2na2y5h2nb3xitshmzavuydxmdqw
2016-09-05 12:53:11 2016-09-05 12:53:35	--------	d-----w-	C:\ProgramData\Norton
2016-09-05 12:53:11 2016-09-05 12:53:35	--------	d-----w-	C:\Users\All Users\Norton
2016-05-17 07:12:46 2016-05-17 07:12:46	--------	d-----w-	C:\ProgramData\G DATA
2016-05-17 07:12:46 2016-05-17 07:12:46	--------	d-----w-	C:\Users\All Users\G DATA
1601-01-01 00:00:00 1601-01-01 00:00:00	--------	d-----w-	C:\Windows\System32\config\systemprofile\AppData\Local\Avira_Operations_GmbH_&_C
1601-01-01 00:00:00 1601-01-01 00:00:00	--------	d-----w-	C:\Windows\System32\config\systemprofile\AppData\Local\Avira_Operations_GmbH_&_C\Avira.VpnService.exe_Url_mfwr2na2y5h2nb3xitshmzavuydxmdqw
2016-09-05 12:53:11 2016-09-05 12:53:35	--------	d-----w-	C:\ProgramData\Norton
2016-09-05 12:53:11 2016-09-05 12:53:35	--------	d-----w-	C:\Users\All Users\Norton
2016-05-17 07:12:46 2016-05-17 07:12:46	--------	d-----w-	C:\ProgramData\G DATA
2016-05-17 07:12:46 2016-05-17 07:12:46	--------	d-----w-	C:\Users\All Users\G DATA

==== Files Found ======================


--- C:\Program Files (x86)\360\Total Security\deepscan\SDEng\AviraImp.dll ---
Company: 360.cn
File Description: 360???? AviraI Imp
File Version: 2, 0, 0, 2063
Product Name: 360????
Copyright: (C)360.cn Inc.All Rights Reserved.
Original Filename: AviraImp.DLL
File type: ----a-w-
File size: 680264
Created time: 2016-05-27 18:02:44
Modified time: 2014-04-21 09:14:52
MD5: FFF676FCA790546E21C517224FB9CB8B
SHA1: B2A69150B2C8B26645CB00DCEE68D3E8F59108DD


--- C:\Program Files (x86)\360\Total Security\deepscan\SDEng\savapi\update_AVIRA.txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 27
Created time: 2016-09-26 14:17:38
Modified time: 2016-09-26 14:17:38
MD5: C28C7F0552F56538B413B3441A38ACD4
SHA1: 3080FB332F3143445C1E6228C8B161213A8FBA5C


--- C:\Program Files (x86)\360\Total Security\deepscan\temp\savapi\update_AVIRA.txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 27
Created time: 2016-07-15 18:40:28
Modified time: 2016-07-15 06:00:13
MD5: 37AD30D2BCA56C44CEA38720828B82F8
SHA1: 3D23757FBBC57D16F9AAE7303DB33A479BBF7FE1


--- C:\ProgramData\360safe\savapi\update_AVIRA.txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 27
Created time: 2016-05-27 18:05:36
Modified time: 2016-09-26 14:17:38
MD5: C28C7F0552F56538B413B3441A38ACD4
SHA1: 3080FB332F3143445C1E6228C8B161213A8FBA5C


--- C:\Users\All Users\360safe\savapi\update_AVIRA.txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 27
Created time: 2016-05-27 18:05:36
Modified time: 2016-09-26 14:17:38
MD5: C28C7F0552F56538B413B3441A38ACD4
SHA1: 3080FB332F3143445C1E6228C8B161213A8FBA5C


--- C:\Program Files (x86)\360\Total Security\deepscan\SDEng\AviraImp.dll ---
Company: 360.cn
File Description: 360???? AviraI Imp
File Version: 2, 0, 0, 2063
Product Name: 360????
Copyright: (C)360.cn Inc.All Rights Reserved.
Original Filename: AviraImp.DLL
File type: ----a-w-
File size: 680264
Created time: 2016-05-27 18:02:44
Modified time: 2014-04-21 09:14:52
MD5: FFF676FCA790546E21C517224FB9CB8B
SHA1: B2A69150B2C8B26645CB00DCEE68D3E8F59108DD


--- C:\Program Files (x86)\360\Total Security\deepscan\SDEng\savapi\update_AVIRA.txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 27
Created time: 2016-09-26 14:17:38
Modified time: 2016-09-26 14:17:38
MD5: C28C7F0552F56538B413B3441A38ACD4
SHA1: 3080FB332F3143445C1E6228C8B161213A8FBA5C


--- C:\Program Files (x86)\360\Total Security\deepscan\temp\savapi\update_AVIRA.txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 27
Created time: 2016-07-15 18:40:28
Modified time: 2016-07-15 06:00:13
MD5: 37AD30D2BCA56C44CEA38720828B82F8
SHA1: 3D23757FBBC57D16F9AAE7303DB33A479BBF7FE1


--- C:\ProgramData\360safe\savapi\update_AVIRA.txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 27
Created time: 2016-05-27 18:05:36
Modified time: 2016-09-26 14:17:38
MD5: C28C7F0552F56538B413B3441A38ACD4
SHA1: 3080FB332F3143445C1E6228C8B161213A8FBA5C


--- C:\Users\All Users\360safe\savapi\update_AVIRA.txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 27
Created time: 2016-05-27 18:05:36
Modified time: 2016-09-26 14:17:38
MD5: C28C7F0552F56538B413B3441A38ACD4
SHA1: 3080FB332F3143445C1E6228C8B161213A8FBA5C


==== Registry Search Results for "avira" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\360TotalSecurity\DeepScan]
"EnableAvira"=dword:00000001

==== Registry Search Results for "norton" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\Compatibility\NortonSystemInfo]

==== Registry Search Results for "g data" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA4E3DA0-D07D-11d0-BD50-00A0C911CE86}\Instance\{2EB07EA0-7E70-11D0-A5D6-28DB04C10000}]
"FriendlyName"="WDM Streaming Data Transforms"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DA4E3DA0-D07D-11d0-BD50-00A0C911CE86}\Instance\{2EB07EA0-7E70-11D0-A5D6-28DB04C10000}]
"FriendlyName"="WDM Streaming Data Transforms"

[HKEY_USERS\S-1-5-21-3985488779-3452437005-2477218925-1000\Software\Classes\Local Settings\MuiCache\95\3B4B3F2E]
"@%SystemRoot%\\system32\\cryptsvc.dll,-1002"="Hiermee worden vier beheersservices geboden: de Catalog Database-service, die de handtekeningen van Windows-bestanden bevestigt en waarmee nieuwe programma's kunnen worden geļnstalleerd, de Protected Root-service, die op deze computer certificaten van vertrouwde basiscertificeringsinstanties toevoegt en verwijdert, Automatic Root Certificate Update-service, waarmee basiscertificaten van Windows Update worden opgehaald en scenarios zoals SSL worden ingeschakeld, en de Key-service, die helpt bij het inschrijven van deze computer voor certificaten. Als deze service wordt gestopt, werken deze beheersservices niet naar behoren. Als deze service wordt uitgeschakeld, kunnen services die afhankelijk zijn van deze service niet worden gestart."

[HKEY_USERS\S-1-5-21-3985488779-3452437005-2477218925-1000_Classes\Local Settings\MuiCache\95\3B4B3F2E]
"@%SystemRoot%\\system32\\cryptsvc.dll,-1002"="Hiermee worden vier beheersservices geboden: de Catalog Database-service, die de handtekeningen van Windows-bestanden bevestigt en waarmee nieuwe programma's kunnen worden geļnstalleerd, de Protected Root-service, die op deze computer certificaten van vertrouwde basiscertificeringsinstanties toevoegt en verwijdert, Automatic Root Certificate Update-service, waarmee basiscertificaten van Windows Update worden opgehaald en scenarios zoals SSL worden ingeschakeld, en de Key-service, die helpt bij het inschrijven van deze computer voor certificaten. Als deze service wordt gestopt, werken deze beheersservices niet naar behoren. Als deze service wordt uitgeschakeld, kunnen services die afhankelijk zijn van deze service niet worden gestart."

==== Registry Search Results for "gdata" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0383751a-098b-11d8-9414-505054503030}]
@="IApiTracingDataCollector"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{411F3E08-E6B1-4789-AB29-755C52E52AC4}]
@="IDebugDataGrid"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0383751a-098b-11d8-9414-505054503030}]
@="IApiTracingDataCollector"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{411F3E08-E6B1-4789-AB29-755C52E52AC4}]
@="IDebugDataGrid"

[HKEY_USERS\S-1-5-21-3985488779-3452437005-2477218925-1000\Software\Microsoft\Windows\CurrentVersion\GWX\TrayIcon]
"GWXRegDataC"=dword:00000001

[HKEY_USERS\S-1-5-21-3985488779-3452437005-2477218925-1000\Software\Microsoft\Windows\CurrentVersion\GWX\Triggers]
"GWXRegDataC"=dword:00000001

==== Registry Search Results for "avira" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\360TotalSecurity\DeepScan]
"EnableAvira"=dword:00000001

==== Registry Search Results for "norton" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\Compatibility\NortonSystemInfo]

==== Registry Search Results for "g data" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA4E3DA0-D07D-11d0-BD50-00A0C911CE86}\Instance\{2EB07EA0-7E70-11D0-A5D6-28DB04C10000}]
"FriendlyName"="WDM Streaming Data Transforms"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DA4E3DA0-D07D-11d0-BD50-00A0C911CE86}\Instance\{2EB07EA0-7E70-11D0-A5D6-28DB04C10000}]
"FriendlyName"="WDM Streaming Data Transforms"

[HKEY_USERS\S-1-5-21-3985488779-3452437005-2477218925-1000\Software\Classes\Local Settings\MuiCache\95\3B4B3F2E]
"@%SystemRoot%\\system32\\cryptsvc.dll,-1002"="Hiermee worden vier beheersservices geboden: de Catalog Database-service, die de handtekeningen van Windows-bestanden bevestigt en waarmee nieuwe programma's kunnen worden geļnstalleerd, de Protected Root-service, die op deze computer certificaten van vertrouwde basiscertificeringsinstanties toevoegt en verwijdert, Automatic Root Certificate Update-service, waarmee basiscertificaten van Windows Update worden opgehaald en scenarios zoals SSL worden ingeschakeld, en de Key-service, die helpt bij het inschrijven van deze computer voor certificaten. Als deze service wordt gestopt, werken deze beheersservices niet naar behoren. Als deze service wordt uitgeschakeld, kunnen services die afhankelijk zijn van deze service niet worden gestart."

[HKEY_USERS\S-1-5-21-3985488779-3452437005-2477218925-1000_Classes\Local Settings\MuiCache\95\3B4B3F2E]
"@%SystemRoot%\\system32\\cryptsvc.dll,-1002"="Hiermee worden vier beheersservices geboden: de Catalog Database-service, die de handtekeningen van Windows-bestanden bevestigt en waarmee nieuwe programma's kunnen worden geļnstalleerd, de Protected Root-service, die op deze computer certificaten van vertrouwde basiscertificeringsinstanties toevoegt en verwijdert, Automatic Root Certificate Update-service, waarmee basiscertificaten van Windows Update worden opgehaald en scenarios zoals SSL worden ingeschakeld, en de Key-service, die helpt bij het inschrijven van deze computer voor certificaten. Als deze service wordt gestopt, werken deze beheersservices niet naar behoren. Als deze service wordt uitgeschakeld, kunnen services die afhankelijk zijn van deze service niet worden gestart."

==== Registry Search Results for "gdata" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0383751a-098b-11d8-9414-505054503030}]
@="IApiTracingDataCollector"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{411F3E08-E6B1-4789-AB29-755C52E52AC4}]
@="IDebugDataGrid"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0383751a-098b-11d8-9414-505054503030}]
@="IApiTracingDataCollector"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{411F3E08-E6B1-4789-AB29-755C52E52AC4}]
@="IDebugDataGrid"

[HKEY_USERS\S-1-5-21-3985488779-3452437005-2477218925-1000\Software\Microsoft\Windows\CurrentVersion\GWX\TrayIcon]
"GWXRegDataC"=dword:00000001

[HKEY_USERS\S-1-5-21-3985488779-3452437005-2477218925-1000\Software\Microsoft\Windows\CurrentVersion\GWX\Triggers]
"GWXRegDataC"=dword:00000001

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on di 27-09-2016 at 16:51:32,76 ======================