Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Marijke on zo 25-12-2016 at 14:58:51,72. Microsoft Windows 10 Home 10.0.14393 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Marijke\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-03-01-184229.log 50473 bytes C:\zoek-results2016-12-03-145519.log 16911 bytes C:\zoek-results2016-12-05-181152.log 15964 bytes C:\zoek-results2016-12-18-191200.log 1642084 bytes ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\CH] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\FF] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\IE] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize\CONFIGXML] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize\CP] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize\DSP] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize\General] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize\HOSTS] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize\HP] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize\IGTB] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize\NT] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize\STATS] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp\Initialize] [-HKEY_LOCAL_MACHINE\SOFTWARE\AVG Web TuneUp] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}\LocalServer32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}\LocalServer32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}\1.0\0\win32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}\1.0\0\win64] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}\1.0\HELPDIR] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}\1.0\0\win32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}\1.0\HELPDIR] @=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WtuServer.WtuServerObj] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WtuServer.WtuServerObj.1] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0116av] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0216sc] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0316av] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0316tb] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0516av] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0516tb] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0616tb] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0716tb] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0816tb] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0816tb2] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0915av] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0916av] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\0916tb] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\1015av] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\1016tb] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\1116avz] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\1116tb] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\1215av] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\1216avz] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\Campaigns] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\Campaigns\0415avt] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\Campaigns\0615avt] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\Campaigns\0715av] [-HKEY_USERS\.DEFAULT\Software\Avg Secure Update\Campaigns\1014avt] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zSFF8C.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zS18F2.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zSFC5F.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zS2318.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zS7436.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zSE15B.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zS8CA6.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zSBCFA.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zSE977.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zS7841.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zSACBD.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zS5F55.tmp\\AVG-Secure-Search-Update.exe"=- [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Windows\\Temp\\7zS6CFC.tmp\\AVG-Secure-Search-Update.exe"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}\LocalServer32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}\LocalServer32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}\LocalServer32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}\1.0\0\win32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}\1.0\0\win64] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}\1.0\HELPDIR] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}\1.0\0\win32] @=- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}\1.0\HELPDIR] @=- ==== Deleting Files \ Folders ====================== C:\Program Files\Common Files\AVG Secure Search deleted C:\Users\Marijke\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp deleted ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1076 folders=343 439678461 bytes) ==== EOF on zo 25-12-2016 at 15:01:53,38 ======================