can't remove GooSave virus

[Shadowth]

Hi, I joined the forums recently because my pc got a virus called GooSave, I tried the AdwCleaner but it got no results and didn't found any Malware.It's bad because I can't remove it on Chrome, even if I clicked the "remove", it will still come back. now I tried the FRST and got a log.
Hope you guys can help me Thanks!

 

[argus]

.



Chrome installation is altered by malware. Reinstall is needed.

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

​

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

 

[Shadowth]

Thanks it fixed my problem in Google Chrome but it still has the GooSave File Format
here's the screenshot of it:

 

[argus]

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:
  

  createsrpoint;
  Quickscan;
  autoclean;
  emptyalltemp;
  ipconfig /flushdns;b

• Make sure that Scan All Users option is checked.
• Push Run Script and wait patiently. The scan may take a couple of minutes.
• When the scan completes, a zoek-results logfile should open in notepad.
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

 

[Shadowth]

Sorry about the late reply because got many things to do in private life so here's the results:

Zoek.exe v5.0.0.0 Updated 10-November-2014
Tool run by Ian on Mon 11/10/2014 at 18:18:09.47.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ian\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11/10/2014 6:20:16 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\autorun.inf deleted
C:\PROGRA~2\GooSave deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Ian\AppData\Local\CrashRpt deleted
C:\Users\Marc\AppData\Local\CrashRpt deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\GroupPolicy\User deleted
"C:\PROGRA~2\971d162ef6710d7c\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140930212210" deleted
"C:\PROGRA~2\971d162ef6710d7c\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140930212258" deleted
"C:\PROGRA~2\971d162ef6710d7c\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141101210405" deleted
"C:\PROGRA~2\971d162ef6710d7c\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141101210406" deleted
"C:\PROGRA~2\971d162ef6710d7c" deleted
"C:\Users\Ian\AppData\Roaming\rmi" deleted

 

[argus]

Sorry log is not complete.

Upload a file.


Do you reinstall Chrome?

 

[Shadowth]

I see, I'm gonna re-scan again please wait for a while....

Yes, I reinstalled Chrome.

 

[argus]

only slowly

 

[Shadowth]

Sorry but I can't upload the file there's always an error when I try to upload the file like this "The uploaded file is empty"
anyways here's the results:

Zoek.exe v5.0.0.0 Updated 10-November-2014
Tool run by Ian on Mon 11/10/2014 at 20:54:06.40.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ian\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-11-10-103115.log 1452 bytes

==== System Restore Info ======================

11/10/2014 9:06:53 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Ian\AppData\Local\Temp ====
2014-11-10 11:40:24 C5C698758BD9DA02CC2EF94DCF1B4637 2705744 ----a-w- C:\Users\Ian\AppData\Local\Temp\{1CBB4E8E-17BE-482A-AB40-5C230BBE15A2}\{CED8E25B-122A-4E80-B612-7F99B93284B3}\vcredist_x86.exe
2014-11-09 08:32:22 325B008AEC81E5AAA57096F05D4212B5 14848 ----a-w- C:\Users\Marc\AppData\Local\Temp\nscFF2B.tmp\InstallOptions.dll
2014-11-09 08:32:18 9384F4007C492D4FA040924F31C00166 5632 ----a-w- C:\Users\Marc\AppData\Local\Temp\nscFF2B.tmp\LangDLL.dll
2014-11-09 08:32:18 459E02E5FC18761C2CB80A5ED4CF80D0 1367040 ----a-w- C:\Users\Marc\AppData\Local\Temp\nscFF2B.tmp\gginst.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2014-11-10 12:07:18 174A41684ABDF725D29ABF13F90BD65C 234648 ------w- C:\Windows\System32\ravext.dll
2014-11-05 10:37:29 833051C6C6C42117191935F734CFBD97 26176 ---ha-w- C:\Windows\System32\hamachi.sys
2014-11-02 04:14:19 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\System32\sqlite3.dll
2014-10-30 01:38:13 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Windows\System32\javaws.exe
2014-10-30 01:38:03 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Windows\System32\javaw.exe
2014-10-30 01:38:03 279C281689A48D1CAF37338CAB312C06 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2014-10-30 01:38:03 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Windows\System32\java.exe
====== C:\Windows\system32\drivers =====
2014-11-02 06:11:59 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-02 06:11:27 E89B115E1DD297DCB694B22CFA90BF61 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-02 06:11:27 D2DED3C333A5D9CB3F4C244B0F0DD877 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-02 06:11:27 7A6526C8BD114DB7CA8930AB22D52A0B 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys
====== C:\Windows\Tasks ======
2014-11-05 10:38:51 C12B7037B39BCCEB04B3D2D9F3E31D20 3758 ----a-w- C:\Windows\system32\Tasks\AutoKMS
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-10-30 01:38:29 -------- d-----w- C:\Program Files\Common Files\Java
2014-10-30 01:37:47 -------- d-----w- C:\Program Files\Java
2014-10-25 17:06:31 -------- d-----w- C:\Program Files\EA Games
2014-10-17 00:35:58 -------- d-----w- C:\Program Files\Common Files\INCA Shared
2014-10-16 23:59:32 -------- d-----w- C:\Program Files\SEGA
======= C: =====
====== C:\Users\Ian\AppData\Roaming ======
2014-11-03 03:32:49 -------- d-----w- C:\Users\Marc\AppData\Local\Garena
2014-11-02 23:43:57 -------- d-----w- C:\Users\Marc\AppData\Roaming\Spotify
2014-11-02 23:43:57 -------- d-----w- C:\Users\Marc\AppData\Local\Spotify
2014-10-30 06:17:42 -------- d-----w- C:\Users\Ian\AppData\Local\Spotify
2014-10-30 06:07:50 -------- d-----w- C:\Users\Ian\AppData\Roaming\Spotify
2014-10-30 04:58:56 -------- d-----w- C:\Users\Ian\AppData\Local\Vitalwerks
2014-10-30 01:07:01 31C28B66A7F4B609C2C9053FD23031DA 45270 ----a-w- C:\Users\Ian\AppData\Roaming\room_v3.dat
2014-10-30 00:02:38 -------- d-----w- C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-10-26 22:48:35 9C9B7C29068C1C915B28B9237976A190 45270 ----a-w- C:\Users\Marc\AppData\Roaming\room_v3.dat
2014-10-25 16:14:15 -------- d-----w- C:\Users\Marc\AppData\Roaming\2K Sports
====== C:\Users\Ian ======
2014-11-10 11:49:57 9E437E301CF7F9118E077892E4803DA0 39389008 ----a-w- C:\Users\Ian\Downloads\ravintfree11.exe
2014-11-10 11:41:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-11-08 14:29:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-02 05:50:23 -------- d-----w- C:\ProgramData\HitmanPro
2014-10-30 01:38:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-16 23:44:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phantasy Star Online 2
2014-10-14 23:55:01 -------- d-----w- C:\ProgramData\Microsoft Toolkit

====== C: exe-files ==
2014-11-10 11:49:57 9E437E301CF7F9118E077892E4803DA0 39389008 ----a-w- C:\Users\Ian\Downloads\ravintfree11.exe
2014-11-10 11:41:07 231FC322BA13F0B60073A4EAB8ABC42F 840576 ----a-w- C:\Program Files\InstallShield Installation Information\{CED8E25B-122A-4E80-B612-7F99B93284B3}\setup.exe
2014-11-10 11:40:24 C5C698758BD9DA02CC2EF94DCF1B4637 2705744 ----a-w- C:\Users\Ian\AppData\Local\Temp\{1CBB4E8E-17BE-482A-AB40-5C230BBE15A2}\{CED8E25B-122A-4E80-B612-7F99B93284B3}\vcredist_x86.exe
2014-11-08 14:29:29 859FC9E24C1F51D74B8A4C90E7FA646F 41100368 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\38.0.2125.111\38.0.2125.111_chrome_installer.exe
2014-11-08 14:27:23 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateBroker.exe
2014-11-08 14:27:23 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files\Google\Update\GoogleUpdate.exe
2014-11-08 14:27:23 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe
2014-11-08 14:27:23 307946BA83BA0E8989732386BA63E0E0 880272 ----a-w- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateSetup.exe
2014-11-08 14:27:21 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
2014-11-08 14:27:21 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdate.exe
2014-11-08 14:27:21 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe
2014-11-08 14:27:21 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
2014-11-08 14:27:07 307946BA83BA0E8989732386BA63E0E0 880272 ----a-w- C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NDGPHJTH\ChromeSetup[1].exe
2014-11-08 14:27:03 307946BA83BA0E8989732386BA63E0E0 880272 ----a-w- C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ND0KAR9G\ChromeSetup[1].exe
2014-11-08 12:59:49 A9C1B37DA1FDD74E6C9B91386211FADE 1107968 ----a-w- C:\Users\Ian\Desktop\Files\Anti Bullshit Things\FRST.exe
2014-11-08 12:56:46 BA4DEC5B5CDE662E0D66D37C6F8733AD 4130848 ----a-w- C:\Users\Ian\AppData\Local\NVIDIA\NvBackend\Packages\0000676c\DAO.19039144.exe
2014-11-08 07:17:02 189879824D01F9A0DD1D72259A120F50 833728 ----a-w- C:\Program Files\Common Files\Steam\SteamServiceTmp.exe
2014-11-08 07:16:35 8BDF3924BEDF0C68D0080FF0C32B129C 513216 ----a-w- C:\Program Files\Steam\steamerrorreporter.exe
2014-11-08 07:16:35 2C6B11FA286709450F0D87D872EFF236 565952 ----a-w- C:\Program Files\Steam\steamerrorreporter64.exe
2014-11-08 07:16:34 F1954C24D76C07B89B98393657B68C22 383168 ----a-w- C:\Program Files\Steam\GameOverlayUI.exe
2014-11-08 07:16:34 A4556B9A6DF8DBE724B6095B0BDEF628 2522304 ----a-w- C:\Program Files\Steam\streaming_client.exe
2014-11-08 07:16:33 AB474BE13C05E94BF42C224BB3CECC88 382656 ----a-w- C:\Program Files\Steam\bin\x86launcher.exe
2014-11-08 07:16:33 629643C7653DAE13563DCBDE6D03BD5A 1529536 ----a-w- C:\Program Files\Steam\bin\steamwebhelper.exe
2014-11-08 07:16:33 067297DC25D0AFD141EE3E401FD2D454 391872 ----a-w- C:\Program Files\Steam\bin\x64launcher.exe
2014-11-08 07:16:25 EE57DFA8CDE83118E8745BE09D5E8259 284456 ----a-w- C:\Program Files\Steam\WriteMiniDump.exe
2014-11-08 07:16:20 C34F746ACB2A8C69817AE58AA1DF5D30 238840 ----a-w- C:\Program Files\Steam\steam\games\appid_17300.exe
2014-11-08 07:16:20 B6AE77037F06336CF5046603E715D39F 226552 ----a-w- C:\Program Files\Steam\steam\games\appid_17340.exe
2014-11-08 07:16:20 A23357A49B79CBF46E15F367FBC2028E 500984 ----a-w- C:\Program Files\Steam\steam\games\appid_17330.exe
2014-11-08 07:16:20 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files\Steam\steam\games\appid_6520.exe
2014-11-08 07:16:20 9F54C8A9C92C42165575C1428862AF2B 2364920 ----a-w- C:\Program Files\Steam\steam\games\appid_6510.exe
2014-11-08 07:16:19 E52C1B99FB8622F6F79144F84EA1382D 193784 ----a-w- C:\Program Files\Steam\steam\games\appid_10560.exe
2014-11-08 07:16:19 9F0ACFF4C39190F3F84CF87FE4C34085 193784 ----a-w- C:\Program Files\Steam\steam\games\appid_10540.exe
2014-11-08 05:39:10 BA4DEC5B5CDE662E0D66D37C6F8733AD 4130848 ----a-w- C:\Users\Marc\AppData\Local\NVIDIA\NvBackend\Packages\0000676c\DAO.19039144.exe
2014-11-05 00:34:05 5AA60EF37E7E15B2C8AA4570D73827AD 426960 ----a-w- C:\Users\Marc\AppData\Local\NVIDIA\NvBackend\Packages\0000672b\CoProc update.19024411.exe
2014-11-04 02:06:01 5AA60EF37E7E15B2C8AA4570D73827AD 426960 ----a-w- C:\Users\Ian\AppData\Local\NVIDIA\NvBackend\Packages\0000672b\CoProc update.19024411.exe
=== C: other files ==
2014-11-05 10:37:29 833051C6C6C42117191935F734CFBD97 26176 ---ha-w- C:\Windows\System32\hamachi.sys
2014-11-04 03:36:33 90A882134B3895A00C95FC028E24176F 595 ----a-w- C:\Games\Nexus Mod Manager\FalloutNV\Mods\cache\DK Hair.rar.zip
2014-11-04 03:36:32 585278F7688CA8AF3BC1C26C6E9D1DBF 607 ----a-w- C:\Games\Nexus Mod Manager\FalloutNV\Mods\cache\DK Female Face Textures.rar.zip
2014-11-04 03:36:31 85138B6F87BB0B27026EC0F3425ED74D 610 ----a-w- C:\Games\Nexus Mod Manager\FalloutNV\Mods\cache\DK Female Face Textures Fix.rar.zip
2014-11-04 03:36:04 B7BEB7473DA34286A298D42AE2B5445A 599 ----a-w- C:\Games\Nexus Mod Manager\FalloutNV\Mods\cache\Cazy Conversions.7z.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3455295321-2722733427-4229038928-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="C:\Program Files\Garena Plus\GarenaMessenger.exe -autolaunch"
"FlashGet 3"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe -minimize"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"
"Spotify"="C:\Users\Ian\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Spotify Web Helper"="C:\Users\Ian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"LogMeIn Hamachi Ui"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="C:\Program Files\Garena Plus\GarenaMessenger.exe -autolaunch"
"FlashGet 3"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe -minimize"
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"
"Spotify"="C:\Users\Ian\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Spotify Web Helper"="C:\Users\Ian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09/13/2014 06:05 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/08/2014 10:27 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/08/2014 10:27 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe]
"C:\Windows\system32\tasks\gg_uac_daemon_Ian" [C:\Program Files\Garena Plus\ggdllhost.exe]
"C:\Windows\system32\tasks\gg_uac_daemon_Marc" [C:\Program Files\Garena Plus\ggdllhost.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Torch deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Guest\AppData\Local\Torch deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Chromatic Browser deleted
Fake profile C:\Users\Ian\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Ian\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Marc\AppData\Local\Torch deleted
Fake profile C:\Users\Marc\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Marc\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Marc\AppData\Local\Chromatic Browser deleted

==== Chromium Look ======================

Google Slides - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Assassin's Creed IV Black Flag - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance
Google Docs - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Wallet - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Voice Search Hotword (Beta) - Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
GoSSaVe - Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpfmgnidfcielcecnadbjnilidbgecl
Google Wallet - Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_downloadmytoolbar.com_0.localstorage deleted successfully
C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ourworldcom.ourtoolbar.com_0.localstorage deleted successfully
C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.savemygame.fr_0.localstorage deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpfmgnidfcielcecnadbjnilidbgecl deleted successfully
C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpfmgnidfcielcecnadbjnilidbgecl deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NDGPHJTH will be deleted at reboot
C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWSXFQA2 will be deleted at reboot
C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=43 folders=27 80069389 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ian\AppData\Local\Temp will be emptied at reboot
C:\Users\Marc\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ian\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NDGPHJTH" not found
"C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWSXFQA2" not found

==== EOF on Mon 11/10/2014 at 21:26:13.42 ======================

 

[argus]

Re-run zoek and run this script:

autoclean;
mfpfmgnidfcielcecnadbjnilidbgecl;chr
emptyfolderscheck;delete
emptyclsid;
emptyalltemp;
ipconfig /flushdns;b

 

[Shadowth]

Results:

Zoek.exe v5.0.0.0 Updated 10-November-2014
Tool run by Ian on Mon 11/10/2014 at 22:26:28.35.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ian\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-11-10-103115.log 1452 bytes
C:\zoek-results2014-11-10-132613.log 20908 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\Oracle deleted successfully
C:\Users\Ian\AppData\Roaming\Awesomium deleted successfully
C:\Users\Marc\AppData\Roaming\Awesomium deleted successfully
C:\Users\Administrator\AppData\Local\Comodo deleted successfully
C:\Users\Administrator\AppData\Local\Google deleted successfully
C:\Users\Guest\AppData\Local\Comodo deleted successfully
C:\Users\Ian\AppData\Local\Comodo deleted successfully
C:\Users\Marc\AppData\Local\Comodo deleted successfully
C:\Users\Marc\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3455295321-2722733427-4229038928-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Slides - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Assassin's Creed IV Black Flag - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance
Google Docs - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
YouTube - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Wallet - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Voice Search Hotword (Beta) - Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Google Wallet - Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SKDBU8D will be deleted at reboot
C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=43 folders=27 80069389 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ian\AppData\Local\Temp will be emptied at reboot
C:\Users\Marc\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ian\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Ian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7SKDBU8D" not found

==== EOF on Mon 11/10/2014 at 22:43:59.93 ======================

 

[argus]

Is everything ok now?

 

[Shadowth]

Not yet idk why but the GooSave things is still there

 

[argus]

Re-run zoek and run this script:

mfpfmgnidfcielcecnadbjnilidbgecl;z
GoSSaVe;z
installer-list;
uninstall-list;

 

[Shadowth]

results:

Zoek.exe v5.0.0.0 Updated 10-November-2014
Tool run by Ian on Tue 11/11/2014 at 18:42:24.34.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ian\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-11-10-103115.log 1452 bytes
C:\zoek-results2014-11-10-132613.log 20908 bytes
C:\zoek-results2014-11-10-144359.log 6936 bytes

==== Windows Installer Info ======================

D3DX10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\c3810d.msi
Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\Windows\Installer\7add2.msi
Java 7 Update 71 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF230120717FF]C:\Windows\Installer\19d4c1e.msi
LogMeIn Hamachi [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FDB6BC23564F8EB4B975412250B7169B]C:\Windows\Installer\1d0be.msi
Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\65FC11932FE9AB9348A62CB73DDC6058]C:\Windows\Installer\222a101.msi
Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400000000000F01FEC]C:\Windows\Installer\c380f9.msi
Microsoft Office Access MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109510090400000000000F01FEC]C:\Windows\Installer\4c4a9fd.msi
Microsoft Office Access Setup Metadata MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109711090400000000000F01FEC]C:\Windows\Installer\4c4aa03.msi
Microsoft Office Excel MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109610090400000000000F01FEC]C:\Windows\Installer\4c4a9c6.msi
Microsoft Office Groove MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109AB0090400000000000F01FEC]C:\Windows\Installer\4c4a9cc.msi
Microsoft Office InfoPath MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109440090400000000000F01FEC]C:\Windows\Installer\4c4a9f6.msi
Microsoft Office OneNote MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000041091A0090400000000000F01FEC]C:\Windows\Installer\4c4a9f0.msi
Microsoft Office Outlook MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A10090400000000000F01FEC]C:\Windows\Installer\4c4a9d2.msi
Microsoft Office PowerPoint MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109810090400000000000F01FEC]C:\Windows\Installer\4c4a9c0.msi
Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109110000000000000000F01FEC]C:\Windows\Installer\4c4aa17.msi
Microsoft Office Proof (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400000000000F01FEC]C:\Windows\Installer\4c4a9e4.msi
Microsoft Office Proof (French) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400000000000F01FEC]C:\Windows\Installer\4c4a9de.msi
Microsoft Office Proof (Spanish) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00000000000F01FEC]C:\Windows\Installer\4c4a9d8.msi
Microsoft Office Proofing (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109C20090400000000000F01FEC]C:\Windows\Installer\4c4a9ea.msi
Microsoft Office Publisher MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109910090400000000000F01FEC]C:\Windows\Installer\4c4aa09.msi
Microsoft Office Shared MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400000000000F01FEC]C:\Windows\Installer\4c4a9b4.msi
Microsoft Office Shared Setup Metadata MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109511090400000000000F01FEC]C:\Windows\Installer\4c4a9ba.msi
Microsoft Office Word MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109B10090400000000000F01FEC]C:\Windows\Installer\4c4aa0f.msi
Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D034B0FAA6BD374B960AAD30DF10D8B]C:\Windows\Installer\c38119.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\Windows\Installer\4dfc47.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F9E66FF7E38E3A3FA41D89E8A906A4A]C:\Windows\Installer\1b886ba.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\bba990.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\1f9f31.msi
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\20b3268.msi
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\22BEFC8F7E2A1793E9ADB411DEFE1C58]C:\Windows\Installer\7f3dd8.msi
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21EE4A31AE32173319EEFE3BD6FDFFE3]C:\Windows\Installer\7f3dd2.msi
Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\96530F83636A3FC4DBED30C2C8523140]C:\Windows\Installer\c38135.msi
Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B4EB76DD26E75124FA3A1F328A003A98]C:\Windows\Installer\c38121.msi
MSVCRT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\c380e9.msi
MSVCRT110 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8CDD41E806AE81E43B3E917301D4B5AD]C:\Windows\Installer\c380ed.msi
NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7AB7040836775934BA8925331F3BE456]C:\Windows\Installer\2229f3b.msi
Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A75F0AACC8AB8DA4AA303FB2E0F46532]C:\Windows\Installer\c3812d.msi
Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0EFF299C23CA9AF4CBA91F36B7E956D5]C:\Windows\Installer\c38131.msi
Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E66BAA708174D2242981A4BFC329A217]C:\Windows\Installer\c3811d.msi
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\80316C14DFC645D4BAA61763DE801AE8]C:\Windows\Installer\c38105.msi
Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D9185B6607EDEB244BF079F8AB2154E2]C:\Windows\Installer\c38129.msi
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F78F652845587544C8D3F3334296D7F9]C:\Windows\Installer\c380f1.msi
Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C18BC956E45B1FD46B813F757793A345]C:\Windows\Installer\c380f5.msi
Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4B2346D1D42EE5044ABA7D6E0D88BC9C]C:\Windows\Installer\c38115.msi
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A8F1162B7EFE88E478D5910FFEEA784E]C:\Windows\Installer\c38109.msi
Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00BA1CDCFF107CF418A6616CF790320C]C:\Windows\Installer\c38101.msi
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0003981D77AEC394D8DD2E2634E659B9]C:\Windows\Installer\c380fd.msi
Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C8BD9F007D5674D4BAF56F89EE8385D0]C:\Windows\Installer\c38111.msi
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9F5F2256B11431547AB5EC0A30590F23]C:\Windows\Installer\c38125.msi

==== Folders Found ======================

2014-10-01 04:22:00 2014-10-01 04:22:00 -------- d-----w- C:\FRST\Quarantine\C\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpfmgnidfcielcecnadbjnilidbgecl

==== Files Found ======================


==== Uninstall List x86 ======================

æTorrent [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
Adobe Flash Player 15 Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]
Arc [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CED8E25B-122A-4E80-B612-7F99B93284B3}]
Auto Clicker by Shocker [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Auto Clicker by Shocker_is1]
BOSS [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BOSS]
Cheat Engine 6.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Cheat Engine 6.4_is1]
D3DX10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]
DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite]
Fallout Mod Manager 0.13.21 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Generic Mod Manager_is1]
Fallout New Vegas 1.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fallout New Vegas_is1]
FlashGet3.7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\FlashGet3.7]
Garena+ [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\im]
Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
Hi-Rez Studios Authenticate and Update Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}]
Java 7 Update 71 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F03217071FF}]
LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{32CB6BDF-F465-4BE8-9B57-1422057B61B9}]
LogMeIn Hamachi [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\LogMeIn Hamachi]
Malwarebytes Anti-Malware version 2.0.3.1025 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1]
Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3911CF56-9EF2-39BA-846A-C27BD3CD0685}]
Microsoft .NET Framework 4.5.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUS]
Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ce085a78-074e-4823-8dc1-8a721b94b76d}]
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}]
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}]
Minecraft1.7.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Minecraft1.7.2]
Movie Maker [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{38F03569-A636-4CF3-BDDE-032C8C251304}]
Movie Maker [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DD67BE4B-7E62-4215-AFA3-F123A800A389}]
MSVCRT [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]
MSVCRT110 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}]
Nexus Mod Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\6af12c54-643b-4752-87d0-8335503010de_is1]
NVIDIA 3D Vision Controller Driver 340.50 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB]
NVIDIA 3D Vision Driver 340.52 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision]
NVIDIA Control Panel 340.52 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]
NVIDIA GeForce Experience 2.1.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience]
NVIDIA GeForce Experience Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService]
NVIDIA Graphics Driver 340.52 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]
NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]
NVIDIA LED Visualizer 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer]
NVIDIA Network Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service]
NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{80407BA7-7763-4395-AB98-5233F1B34E65}]
NVIDIA PhysX System Software 9.13.1220 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX]
NVIDIA ShadowPlay 16.13.42 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay]
NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo]
NVIDIA Update 16.13.42 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]
NVIDIA Update Core [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core]
NVIDIA Virtual Audio 1.2.25 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver]
PCSX2 - Playstation 2 Emulator [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\pcsx2-r5875]
Phantasy Star Online 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\http://pso2.jp/appid/release/asiasoft_sg_is1]
Phantasy Star Online 2 Manual Patch Data [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\http://pso2.jp/appid/manual_patch/asiasoft_sg_is1]
Photo Common [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CAA0F57A-BA8C-4AD8-AA03-F32B0E4F5623}]
Photo Gallery [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{07AAB66E-4718-422D-9218-4AFB3C922A71}]
Photo Gallery [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C992FFE0-AC32-4FA9-BC9A-F1637B9E655D}]
Rising Software Deployment System [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\RSD]
SHIELD Streaming [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv]
SHIELD Wireless Controller Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController]
Skyrim Legendary Edition version 1.9.32.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1633F558-BDD4-493B-93DA-139217092F1B}_is1]
Smite [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}]
Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify]
Steam [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Steam]
TeraCopy 2.27 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TeraCopy_is1]
Test Drive Unlimited 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Test Drive Unlimited 2_is1]
Torchlight II (c) Runic Games version 1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Torchlight II (c) Runic Games_is1]
VLC media player [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{66B5819D-DE70-42BE-B40F-978FBA12452E}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8256F87F-8554-4457-8C3D-3F3324697D9F}]
Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{659CB81C-B54E-4DF1-B618-F35777393A54}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}]
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}]
Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}]
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1893000-EA77-493C-8DDD-E262436E959B}]
Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}]
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6522F5F9-411B-4513-A75B-CEA00395F032}]
WinRAR 5.10 (32-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
Winrar Activator version 1.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AE0B3F2A-EB65-4D01-A3E1-6D879C6AAF2A}_is1]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=43 folders=27 80069389 bytes)

==== EOF on Tue 11/11/2014 at 18:54:01.65 ======================

Should I restart my pc?

 

[argus]

Yes.

 

[argus]

Thanks it fixed my problem in Google Chrome but it still has the GooSave File Format
here's the screenshot of it:

This is a temp folder, download TFC Cleaner
http://www.bleepingcomputer.com/download/tfc/

System is clean.

 

[argus]

GooSave
GoSSaVe -> Google Chrome problem

Not the same







Download DelFix by Xplode and save it to your desktop.

• Run the tool by right click on the
  
  icon and Run as administrator option.
• Make sure that these ones are checked:
  • Remove disinfection tools
  • Purge system restore
  • Reset system settings
• Push Run and wait until the tool completes his work.
• All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.

 

[Shadowth]

I cleaned the Temp Folder but the problem is still there..
example
I made a file out of notepad named it "asease.asd" (it's an ASD File) but it says that the Type of the file is GooSave
here's a screenshot:

and if I removed the .asd, instead of being a non-format file it becomes a GooSave File

results of DelFix:
# DelFix v10.8 - Logfile created 11/11/2014 at 19:49:06
# Updated 29/07/2014 by Xplode
# Username : Ian - IAN-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2014-11-10-103115.log
Deleted : C:\zoek-results2014-11-10-132613.log
Deleted : C:\zoek-results2014-11-10-144359.log
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #43 [zoek.exe restore point | 11/10/2014 10:19:57]
Deleted : RP #44 [Installed Arc | 11/10/2014 11:40:39]
Deleted : RP #45 [zoek.exe restore point | 11/10/2014 13:06:37]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

 

[argus]

File 0 bytes,

Do you chrome works correctly?