Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by van la Parra on wo 20-04-2016 at 14:23:27,03. Microsoft Windows 10 Pro 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\van la Parra\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-04-18-161756.log 111 bytes C:\zoek-results2016-04-18-170251.log 121001 bytes C:\zoek-results2016-04-19-143240.log 11079 bytes ==== Empty Folders Check ====================== C:\Users\van la Parra\AppData\Local\ActiveSync deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\VANLAP~1\AppData\Roaming\Mozilla\Firefox\Profiles\K4lJpN0q.default\extensions\abs@avira.com.xpi deleted ==== Folders Found ====================== 2016-04-19 12:19:45 2016-04-19 12:19:45 -------- d-----w- C:\ProgramData\Avira 2016-04-19 12:19:45 2016-04-19 12:19:45 -------- d-----w- C:\Users\All Users\Avira 2016-04-15 04:37:23 2016-04-15 04:37:23 -------- d-----w- C:\Users\van la Parra\AppData\Local\Avira 1601-01-01 00:00:00 1601-01-01 00:00:00 -------- d-----w- C:\Windows\System32\config\systemprofile\AppData\Local\Avira_Operations_GmbH_&_C 1601-01-01 00:00:00 1601-01-01 00:00:00 -------- d-----w- C:\Windows\System32\config\systemprofile\AppData\Local\Avira_Operations_GmbH_&_C\Avira.VpnService.exe_Url_mfwr2na2y5h2nb3xitshmzavuydxmdqw 2016-04-19 12:19:45 2016-04-19 12:19:45 -------- d-----w- C:\Windows.old\Users\All Users\Avira 2016-04-19 12:04:44 2016-04-19 12:04:46 -------- d---a-w- C:\zoek_backup\C_ProgramData_Avira 2016-04-19 12:04:44 2016-04-19 12:04:44 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Avira 2016-04-19 12:04:36 2016-04-19 12:04:44 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Avira 2016-04-17 15:27:40 2016-04-17 15:27:45 -------- d---a-w- C:\zoek_backup\C_Users_VANLAP~1_AppData_Roaming_Mozilla_Firefox_Profiles_d84ozzgd.default-1449068176930_extensions_abs@avira.com 2016-04-19 12:04:35 2016-04-19 12:04:36 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Kaspersky Lab 2016-04-19 12:04:36 2016-04-19 12:04:36 -------- d---a-w- C:\zoek_backup\C_PROGRA~2_Kaspersky Lab\KasperskyCleaner 2016-04-16 03:59:42 2016-04-18 12:09:01 -------- d-----w- C:\ProgramData\Heimdal Security 2016-04-16 03:59:42 2016-04-18 12:09:01 -------- d-----w- C:\Users\All Users\Heimdal Security 2016-04-16 04:01:23 2016-04-17 13:59:01 -------- d-----w- C:\Users\Public\Documents\Heimdal Security 2016-04-16 03:59:51 2016-04-18 12:09:04 -------- d-----w- C:\Windows\Microsoft.NET\assembly\GAC_32\Heimdal.AgentResourceManager 2016-04-16 03:59:53 2016-04-18 12:09:02 -------- d-----w- C:\Windows\Microsoft.NET\assembly\GAC_32\Heimdal.ClientManagerContracts 2016-04-16 03:59:52 2016-04-18 12:09:05 -------- d-----w- C:\Windows\Microsoft.NET\assembly\GAC_32\Heimdal.Domain 2016-04-16 03:59:54 2016-04-18 12:09:02 -------- d-----w- C:\Windows\Microsoft.NET\assembly\GAC_32\Heimdal.Helpers 2016-04-16 03:59:42 2016-04-18 12:09:01 -------- d-----w- C:\Windows.old\Users\All Users\Heimdal Security ==== Files Found ====================== --- C:\ProgramData\Avira\Launcher\apps\icons\aviravpn_v1.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3076 Created time: 2016-04-19 12:48:49 Modified time: 2016-04-19 12:48:49 MD5: 3C0E8A4CB71BD43EAA2D12F03DA9AA91 SHA1: 7BD31D85430485D4C5C23606CF5BF40DE2817D93 --- C:\ProgramData\Avira\Launcher\apps\icons\aviravpn_v1_grey.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1038 Created time: 2016-04-19 12:48:50 Modified time: 2016-04-19 12:48:50 MD5: 3CE006559FCB074A16B9A44F70466138 SHA1: 2E4C5F1C82B89ECBE173B5CBCCCE45BD795C9354 --- C:\Users\All Users\Avira\Launcher\apps\icons\aviravpn_v1.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3076 Created time: 2016-04-19 12:48:49 Modified time: 2016-04-19 12:48:49 MD5: 3C0E8A4CB71BD43EAA2D12F03DA9AA91 SHA1: 7BD31D85430485D4C5C23606CF5BF40DE2817D93 --- C:\Users\All Users\Avira\Launcher\apps\icons\aviravpn_v1_grey.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1038 Created time: 2016-04-19 12:48:50 Modified time: 2016-04-19 12:48:50 MD5: 3CE006559FCB074A16B9A44F70466138 SHA1: 2E4C5F1C82B89ECBE173B5CBCCCE45BD795C9354 --- C:\Users\Public\Desktop\Avira Launcher.lnk --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1285 Created time: 2016-04-16 12:08:58 Modified time: 2016-04-16 12:08:58 MD5: 488E44670588DED7DE9B8FA621D0C837 SHA1: C47AF7614C3D533AA6D0AE598968DE4EF67AC3E2 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.9.1_1\img\abs_avira_umbrella_white.svg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1757 Created time: 2016-04-16 10:58:47 Modified time: 2016-04-06 07:40:28 MD5: D1A2DF87A809DEA421F2FA1F0B11BB73 SHA1: 3BE4D661C033394722FC0C7332D3C1E4B66E1503 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.9.1_1\img\avira-app-icon.svg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 28060 Created time: 2016-04-16 10:58:47 Modified time: 2016-04-06 07:40:32 MD5: 9A763EB5F14D0B7437B02BE35E2D328E SHA1: 7D75E52CF966A2679BC9E4B96660330FCA6A29B2 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.9.1_1\img\avira_icon128.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 4674 Created time: 2016-04-16 10:58:47 Modified time: 2016-04-16 10:58:54 MD5: 4DACCE8BE14179027C70BDF05932FFBD SHA1: 5B4955B40D24D36B63787FCE5408CA7F90304207 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.9.1_1\img\avira_icon16.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 545 Created time: 2016-04-16 10:58:47 Modified time: 2016-04-16 10:58:54 MD5: 7A9DD8AB450C0F37918CC8BAC16082C0 SHA1: 7E4D07ED70F32A0A4B1DC3465E171238D9B12D2D --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.9.1_1\img\avira_icon24.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 857 Created time: 2016-04-16 10:58:47 Modified time: 2016-04-06 07:40:32 MD5: 3BB83ADF4CCD38A7762B341C08802686 SHA1: 2EECFFB05A27460668C86F12E5490BA0DC09B767 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.9.1_1\img\avira_icon32.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1922 Created time: 2016-04-16 10:58:47 Modified time: 2016-04-06 07:40:32 MD5: 0493D466B17ECF18FBA2976478B62E5A SHA1: 8568B236C193F8460919D37AD6CD3FF9D251BD55 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.9.1_1\img\avira_icon48.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1701 Created time: 2016-04-16 10:58:47 Modified time: 2016-04-16 10:58:54 MD5: B53558C75FB1DF9D2E6C1FDAFABC73B1 SHA1: 3C769A02F4C221A163F3C82B5CF76D4A7922D5C4 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.9.1_1\img\avira_logo.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1404 Created time: 2016-04-16 10:58:47 Modified time: 2016-04-16 10:58:54 MD5: 1EB740D0FE9DA113498D71A41737AD52 SHA1: 670B2967A0C2B83F09DA14F34C2D559857145848 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.9.1_1\img\avira_logo.svg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1014 Created time: 2016-04-16 10:58:47 Modified time: 2016-04-06 07:40:32 MD5: C9238133E73B7C42EA5C05BB502B2B4C SHA1: AA8BD6526B8F895302F801DD037610B0DF94B043 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.0_0\img\avira_biglogo.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2735 Created time: 2016-04-18 13:00:47 Modified time: 2016-02-22 09:52:50 MD5: 1C28FBC0DA7A825BB50A282C07D76635 SHA1: 1C7B8581C6349140089FD4DEE023804B1A025C70 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.0_0\img\avira_search_icon128.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 4553 Created time: 2016-04-18 13:00:47 Modified time: 2016-04-18 13:00:54 MD5: 6BEEEB146BCD0334FDD0E5EBB5865A12 SHA1: 40959D5D50BEDE131E4D5B9B30E5EAECC724EC6F --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.0_0\img\avira_search_icon16.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 589 Created time: 2016-04-18 13:00:47 Modified time: 2016-04-18 13:00:54 MD5: ACB54FEBD4CAAC8A84AE4CF2664641C7 SHA1: 8A80E9C9F036FAF660993E869E4723192AD7448A --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.0_0\img\avira_search_icon24.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1005 Created time: 2016-04-18 13:00:47 Modified time: 2016-02-22 09:52:52 MD5: 5EF3F9849A5B51CC2D249B3E284DC694 SHA1: 1CB585C8243AD35B990F43C53A8308426C7DEAF0 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.0_0\img\avira_search_icon32.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1290 Created time: 2016-04-18 13:00:47 Modified time: 2016-02-22 09:52:52 MD5: 357385F39162F844D96F3E51CE9B4244 SHA1: 89FD87A97451230D0F203F8238D0B14C6DE8033C --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.0_0\img\avira_search_icon48.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1801 Created time: 2016-04-18 13:00:47 Modified time: 2016-04-18 13:00:54 MD5: 1BC11ECFB11CB3F909252162D0BE00AF SHA1: 250CA8E5EAF2138E1E08EB5FA747217AB1607BAB --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.0_0\img\avira_search_logo.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1538 Created time: 2016-04-18 13:00:47 Modified time: 2016-02-22 09:52:52 MD5: 759A2EA6BAA4849595CDE8F5EBE8613C SHA1: 0AC2062537A81B058ACFA63A7EEB555F8950799D --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.0_0\img\avira_search_logo.svg --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1636 Created time: 2016-04-18 13:00:47 Modified time: 2016-02-22 09:52:50 MD5: A4701409363A326D81A0BC8FBE00A466 SHA1: 22891BAA7857725058A680F176E4603C4A7B17E3 --- C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp\1.4.0_0\img\logo-avira-antivirus.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 840 Created time: 2016-04-18 13:00:47 Modified time: 2016-02-22 09:52:50 MD5: E2DB107F9448A33652E11C32DAE61DF0 SHA1: E293903D826F13D46167D90AFD8BDB64ED4A552C --- C:\Windows\Installer\MSID40D.tmp-\Avira.OE.Setup.CustomActions.dll --- Company: Avira Operations GmbH & Co. KG File Description: Avira.OE.Setup.CustomActions File Version: 1.1.58.35540 Product Name: Avira.OE.Setup.CustomActions Copyright: Copyright © 2015 Avira Operations GmbH & Co. KG and its Licensors Original Filename: Avira.OE.Setup.CustomActions.dll File type: ----a-w- File size: 116224 Created time: 2016-04-16 12:08:15 Modified time: 2016-04-16 12:08:15 MD5: 6767CD3A8563E69FD4C51C14657CB3E3 SHA1: 12864B29DC0894F9BA0DDBF4927310F06768D3AE --- C:\Windows\Prefetch\AVIRA.OE.SETUP.BUNDLE.EXE-6C6299E3.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 8392 Created time: 2016-04-16 12:07:47 Modified time: 2016-04-16 12:07:47 MD5: D58E48010A399C2DAC65D90498EDDFC3 SHA1: 6BE6AF7451895AD11B337BE337EE47372C325C3E --- C:\Windows\Prefetch\AVIRA.OE.SETUP.BUNDLE.EXE-9F71F947.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 12086 Created time: 2016-04-14 17:23:18 Modified time: 2016-04-14 17:23:18 MD5: D14CC13979C316414B32C00E3DA3DC02 SHA1: 2C989D1CB566463901BC0292AFC4AC9A08A22DC3 --- C:\Windows\Prefetch\AVIRA.OE.SETUP.BUNDLE.EXE-C995C7DE.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 21386 Created time: 2016-04-16 05:00:49 Modified time: 2016-04-16 13:57:37 MD5: 3E91B6C249E0B4D6224A257069D722FD SHA1: 8D1188490858E05BD965699DB5BE081175BB48C5 --- C:\Windows\Prefetch\AVIRA_EN_AVPN0_57121C85074CC_-71BF7664.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 13984 Created time: 2016-04-16 12:07:32 Modified time: 2016-04-16 12:07:32 MD5: 300F5CF5FA6053AE9C4946ED611BB889 SHA1: EB6AFE984762E52197E98F4BB2C6571EC809DEAA --- C:\Windows\Prefetch\AVIRA_NL_AV_570FD1BD72AA6__WS-A201A9BC.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 12458 Created time: 2016-04-14 17:23:07 Modified time: 2016-04-14 17:23:07 MD5: 702B2181B31C697FF54C1E1D27ACCB7D SHA1: 0716FFAF11D2C77E34C213DECC512FFEFD54EB5C --- C:\Windows\Prefetch\AVIRA_PC_CLEANER_DE.EXE-2444C3FA.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 13355 Created time: 2016-04-14 21:41:44 Modified time: 2016-04-14 21:41:44 MD5: 79A019A1A1BC4EC8CF78E6493F5D46C7 SHA1: 87A10946C5683B49257F6EB965A39B2B9BB8F7F4 --- C:\Windows\Prefetch\AVIRA_SYSTEM_SPEEDUP.TMP-4F082983.pf --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 16353 Created time: 2016-04-14 17:36:09 Modified time: 2016-04-14 17:36:09 MD5: 88741E7F745F8CA6549420AF94F61185 SHA1: C82D4969B3CACE3E44C55022B8EA31A473CC1D79 --- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Avira.ServiceHost.exe.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3448 Created time: 2016-04-17 13:53:01 Modified time: 2016-04-18 16:10:18 MD5: 30E3DCD05820DC2CAE47AB3C7570B5D1 SHA1: 2CAF9875D3342CB7ED7CD5B8F10781EB853D04E0 --- C:\Windows.old\Users\All Users\Avira\Launcher\apps\icons\aviravpn_v1.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3076 Created time: 2016-04-19 12:48:49 Modified time: 2016-04-19 12:48:49 MD5: 3C0E8A4CB71BD43EAA2D12F03DA9AA91 SHA1: 7BD31D85430485D4C5C23606CF5BF40DE2817D93 --- C:\Windows.old\Users\All Users\Avira\Launcher\apps\icons\aviravpn_v1_grey.png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 1038 Created time: 2016-04-19 12:48:50 Modified time: 2016-04-19 12:48:50 MD5: 3CE006559FCB074A16B9A44F70466138 SHA1: 2E4C5F1C82B89ECBE173B5CBCCCE45BD795C9354 --- C:\Users\van la Parra\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Heimdal.Agent.exe.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3812 Created time: 2016-04-18 12:08:48 Modified time: 2016-04-18 12:08:48 MD5: 17253F5F276DA076A3CFF48618D39084 SHA1: 56BAA33E4338CD28EB8ABCAA749FE68F6C1C3AA6 --- C:\Users\van la Parra\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\heimdal.wizard.exe.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3425 Created time: 2016-04-18 12:08:56 Modified time: 2016-04-18 12:08:56 MD5: 2375134BF07A43E699509AD36305D541 SHA1: C5CDD211973E79D16D03F1100B503F8AA0B92C80 --- C:\Users\van la Parra\Downloads\Heimdal.msi --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 19691520 Created time: 2016-04-16 03:56:41 Modified time: 2016-04-16 03:57:05 MD5: F04FE05FBFA9B12DEED64767FE7E8349 SHA1: DF9B8E36F4FC9FDF3A771D163FCE4FEF56D92084 --- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Heimdal.ClientHost.exe.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3671 Created time: 2016-04-17 11:10:25 Modified time: 2016-04-17 11:10:25 MD5: 7DFDDE9B1A8C68A480B6D8AD63BEE804 SHA1: 39068884E2233B871B5BFEF6699B1F672E9E8ED1 --- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Heimdal.SecureDNS.exe.log --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2541 Created time: 2016-04-17 11:12:25 Modified time: 2016-04-17 11:12:25 MD5: 706A61ABF235AEB29CC6978084AE806E SHA1: F02256D3CBCBA47ED5107B29872D5248977FD00B ==== Registry Search Results for "avira" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Avira] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Launcher] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Launcher] "InstallationPath"="C:\\Program Files (x86)\\Avira\\Launcher\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Launcher] "PartnerId"="avira" [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Launcher] "ProductName"="Avira" [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Launcher] "ExternalNamedPipe"="Avira.ExternalCommunicationTaskPipe" [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Launcher] "CommunicatorNamedPipe"="Avira.Launcher.CommunicatorPipe" [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Launcher] "AcpNamedPipeName"="Avira.Launcher.AcpNamedPipe" [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\My Avira] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\My Avira] "InstallationPath"="C:\\Program Files (x86)\\Avira\\Launcher\\" [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\BootOptimizer] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\General] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\General] "Path"="C:\\Program Files (x86)\\Avira\\System Speedup" [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\JunkCleaner] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\MyA] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\Power Profiles] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\Power Profiles\BatteryBoostMode] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\Power Profiles\TurboBoostMode] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\PrivacyCleaner] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\RegistryCleaner] [HKEY_LOCAL_MACHINE\SOFTWARE\Avira\Speedup\Scanner] [HKEY_LOCAL_MACHINE\SOFTWARE\AviraSpeedup] [HKEY_LOCAL_MACHINE\SOFTWARE\AviraSpeedup\AviraSpeedup] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Avira_RASAPI32] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Avira_RASMANCS] [HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Launcher] "MasterKey"="Software\\Avira\\Launcher" [HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Launcher] "Avira"="Software\\Avira\\Launcher" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Dependencies\{34CE35A5-BC22-4045-9F05-6C411D3A74DB}] "DisplayName"="Avira Launcher" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Dependencies\{74d1ef14-dd39-4749-b051-e183a1e27f5e}] "DisplayName"="Avira Launcher" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\5A53EC4322CB5404F950C614D1A347BD] "Avira.OE.ServiceHost"="" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avira.ServiceHost] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avira.ServiceHost] "DisplayName"="Avira Service Host" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Avira.ServiceHost] "Description"="Hosts multiple Avira services within one Windows service." [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Avira Service Host] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Avira VPN] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\AviraSpeedupService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avira.ServiceHost] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avira.ServiceHost] "DisplayName"="Avira Service Host" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avira.ServiceHost] "Description"="Hosts multiple Avira services within one Windows service." [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Avira Service Host] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Avira VPN] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\AviraSpeedupService] [HKEY_USERS\.DEFAULT\Software\Avira] [HKEY_USERS\.DEFAULT\Software\Avira\VPN] [HKEY_USERS\.DEFAULT\Software\Avira\VPN] @="C:\\Program Files (x86)\\Avira\\VPN" [HKEY_USERS\.DEFAULT\Software\AviraSpeedup] [HKEY_USERS\.DEFAULT\Software\AviraSpeedup\AviraSpeedup] [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "Avira.Systray.exe"=dword:00002af9 [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Avira] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Avira\Launcher] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\AviraSpeedup] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\AviraSpeedup\AviraSpeedup] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "Avira.Systray.exe"=dword:00002af9 [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Users\\van la Parra\\Downloads\\avira_nl_av_570fd1bd72aa6__ws.exe"=hex:53,\ [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Users\\van la Parra\\Downloads\\avira_pc_cleaner_de.exe"=hex:53,41,43,50,\ [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\ProgramData\\Package Cache\\{74d1ef14-dd39-4749-b051-e183a1e27f5e}\\Avira.OE.Setup.Bundle.exe"=hex:53,\ [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Program Files (x86)\\Avira\\VPN\\uninstaller.exe"=hex:53,41,43,50,01,00,\ [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Users\\van la Parra\\Downloads\\avira_en_avpn0_57121c85074cc__ws.exe"=hex:53,\ [HKEY_USERS\S-1-5-18\Software\Avira] [HKEY_USERS\S-1-5-18\Software\Avira\VPN] [HKEY_USERS\S-1-5-18\Software\Avira\VPN] @="C:\\Program Files (x86)\\Avira\\VPN" [HKEY_USERS\S-1-5-18\Software\AviraSpeedup] [HKEY_USERS\S-1-5-18\Software\AviraSpeedup\AviraSpeedup] [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "Avira.Systray.exe"=dword:00002af9 ==== Registry Search Results for "kaspersky" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab] [HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\KSS2] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\KasperskyLab] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\KasperskyLab\KSS2] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts] "C:\\Users\\van la Parra\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Kaspersky Security Scan\\Kaspersky Security Scan.lnk"=dword:00000001 [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\Kaspersky Lab] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files (x86)\Kaspersky Lab] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\imageformats] ==== Registry Search Results for "heimdal" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\HeimdalSecurity] [HKEY_LOCAL_MACHINE\SOFTWARE\HeimdalSecurity] "InstallPath"="C:\\Program Files (x86)\\Heimdal" [HKEY_LOCAL_MACHINE\SOFTWARE\HeimdalSecurity\Local Storage] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\heimdal_RASAPI32] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\heimdal_RASMANCS] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218077F0}] "InstallSource"="C:\\Users\\Public\\Documents\\Heimdal Security\\Patching\\Downloads\\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\Heimdal Client Host] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\HeimdalClientManager] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\HeimdalSecureDNS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\Heimdal Client Host] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\HeimdalClientManager] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\HeimdalSecureDNS] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\\Users\\van la Parra\\Downloads\\Heimdal.msi"=hex:53,41,43,50,01,00,00,00,\ [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Explorer\DOMStorage\heimdalsecurity.com] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Explorer\EdpDomStorage\heimdalsecurity.com] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Explorer\DOMStorage\heimdalsecurity.com] [HKEY_USERS\S-1-5-21-3654615766-1524511065-2618837555-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Explorer\EdpDomStorage\heimdalsecurity.com] ==== Firefox Extensions ====================== ProfilePath: C:\Users\VANLAP~1\AppData\Roaming\Mozilla\Firefox\Profiles\d84ozzgd.default-1449068176930 - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\van la Parra\AppData\Roaming\Mozilla\Firefox\Profiles\d84ozzgd.default-1449068176930 8CE35D76726DFC8C3848BB26B3C79A54 - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 57C7E359ED8D049132EED23EFA444C63 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash AF8A94BCB98C299C49B28CC12EBC0ED2 - C:\Users\van la Parra\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll - Google Update 77B6DD23DCA19A217D5A4C4CAF962895 - C:\Users\van la Parra\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] ipmkfpcnmccejididiaagpgchgjfajgp - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjllphbppobebmjpjcijfbakobcheof - No path found[] fkkcgfbgohboipdhliafmacjnhjbhmim - No path found[] Comodo Drag&Drop Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo Rapport - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof Comodo Web Inspector - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn selector is not a valid CSS selector - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Comodo Media Downloader - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo MSN Homepage - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim Google Analytics Opt-out Add-on by Google - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh Avira Browser Safety - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk IBA Opt-out (by Google) - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb Avira SafeSearch Plus - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp Google Analytics Debugger - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna Comodo Dragon Browser Light Theme - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kglppafajjeikfgmjjegogphhkjnnmgc Ad Sanitizer - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbklemiimcpdblemkogjenikmcfhpnib Comodo Share Page Service - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf Chrome Web Store Payments - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Fixer for Java - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ocoiokalhgfiblapcgelblmeakhidmle Bitdefender QuickScan - van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie Rapport - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof selector is not a valid CSS selector - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Analytics Opt-out Add-on by Google - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh IBA Opt-out (by Google) - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb Google Analytics Debugger - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna Chrome Web Store Payments - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Fixer for Java - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocoiokalhgfiblapcgelblmeakhidmle Bitdefender QuickScan - van la Parra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie ==== Chromium Fix ====================== C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp deleted successfully C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_ipmkfpcnmccejididiaagpgchgjfajgp_0.localstorage deleted successfully C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_ipmkfpcnmccejididiaagpgchgjfajgp_0.localstorage-journal deleted successfully C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim deleted successfully C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_fkkcgfbgohboipdhliafmacjnhjbhmim_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\van la Parra\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\van la Parra\AppData\Local\Mozilla\Firefox\Profiles\d84ozzgd.default-1449068176930\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\van la Parra\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully C:\Users\van la Parra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=551 folders=187 96531301 bytes) ==== Empty Temp Folders ====================== C:\Users\van la Parra\AppData\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\VANLAP~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 20-04-2016 at 16:13:14,46 ======================