Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Ads by compareitApplication google chrome
Message
<blockquote data-quote="Sbs95" data-source="post: 382484" data-attributes="member: 36275"><p>Thanks for the quick reply TwinHeadedEagle.</p><p></p><p>I'm done with the whole process it took me nearly 15 minutes, but here is the results; </p><p></p><p>Tried uploading it but it wont let me, it says the .txt file is empty so ill just copy paste it here i guess. :'x</p><p></p><p>Zoek.exe v5.0.0.0 Updated 04-May-2015</p><p>Tool run by Sbs on Sat 05/09/2015 at 14:41:53.41.</p><p>Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64</p><p>Running in: Normal Mode Internet Access Detected</p><p>Launched: C:\Users\Sbs\Desktop\zoek.exe [Scan all users] [Script inserted] </p><p></p><p>==== System Restore Info ======================</p><p></p><p>5/9/2015 2:42:21 PM Zoek.exe System Restore Point Created Successfully.</p><p></p><p>==== Empty Folders Check ======================</p><p></p><p>C:\PROGRA~2\AGEIA Technologies deleted successfully</p><p>C:\PROGRA~2\OpenVPN Technologies deleted successfully</p><p>C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully</p><p>C:\Program Files\Bitdefender deleted successfully</p><p>C:\PROGRA~3\4shared Desktop deleted successfully</p><p>C:\PROGRA~3\Oracle deleted successfully</p><p>C:\PROGRA~3\ProShopper deleted successfully</p><p>C:\Users\Sbs\AppData\Roaming\.technic deleted successfully</p><p>C:\Users\Sbs\AppData\Roaming\Media Player Classic deleted successfully</p><p>C:\Users\Sbs\AppData\Roaming\Publish Providers deleted successfully</p><p>C:\Users\Sbs\AppData\Roaming\QuickScan deleted successfully</p><p></p><p>==== Deleting CLSID Registry Keys ======================</p><p></p><p>HKEY_USERS\S-1-5-21-2992129235-516872252-1101186673-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully</p><p>HKEY_USERS\S-1-5-21-2992129235-516872252-1101186673-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully</p><p>HKEY_USERS\S-1-5-21-2992129235-516872252-1101186673-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully</p><p>HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully</p><p>HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully</p><p></p><p>==== Deleting CLSID Registry Values ======================</p><p></p><p></p><p>==== Deleting Services ======================</p><p></p><p></p><p>==== Batch Command(s) Run By Tool======================</p><p></p><p></p><p>==== Deleting Files \ Folders ======================</p><p></p><p>C:\PROGRA~2\AGEIA Technologies not found</p><p>C:\PROGRA~2\OpenVPN Technologies not found</p><p>C:\PROGRA~2\BrowserEnhancee deleted</p><p>C:\Users\Sbs\AppData\LocalLow\{0EC6B648-69B7-571B-8594-7D122362E2DF} deleted</p><p>C:\Users\Sbs\AppData\Local\Packages\windows_ie_ac_001\AC\{0EC6B648-69B7-571B-8594-7D122362E2DF} deleted</p><p>C:\Users\Sbs\AppData\Roaming\WB.CFG deleted</p><p>C:\Users\Sbs\AppData\Roaming\appdataFr3.bin deleted</p><p>C:\Users\Sbs\AppData\Roaming\trace_FilterInstaller.1.txt deleted</p><p>C:\Users\Sbs\AppData\Roaming\trace_FilterInstaller.txt deleted</p><p>C:\Users\Sbs\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt deleted</p><p>C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted</p><p>C:\PROGRA~3\InstallMate deleted</p><p>C:\PROGRA~3\Package Cache deleted</p><p>C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BigMacroTool deleted</p><p>C:\Windows\wininit.ini deleted</p><p>C:\Windows\SysNative\config\systemprofile\Searches deleted</p><p>C:\Windows\Syswow64\Hotspot Shield deleted</p><p>C:\Windows\SysWow64\AI_RecycleBin deleted</p><p>"C:\Users\Sbs\AppData\Local\LumaEmu" deleted</p><p>"C:\Users\Sbs\AppData\Local\{351488F1-694B-4739-9B11-1C32281B5D9B}" deleted</p><p>"C:\Users\Sbs\AppData\Local\{A5DF2A2E-99D8-4A8A-8F72-7425DB1700AC}" deleted</p><p></p><p>==== Firefox Extensions Registry ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]</p><p>"{F04D2D30-776C-4d02-8627-8E4385ECA58D}"="C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn" [09/28/2014 02:40 PM]</p><p></p><p>==== Chromium Look ======================</p><p></p><p>Google Chrome Version: 35.0.1916.114</p><p></p><p>HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions</p><p>iikflkcanblccfahdhdonehdalibjnif - No path found[]</p><p>lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[04/11/2014 07:46 PM]</p><p>nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx[07/31/2014 08:47 AM]</p><p></p><p>Google Voice Search Hotword (Beta) - Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn</p><p>LoungeDestroyer - Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl</p><p>AdBlock - Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom</p><p>TremendouSCooupO - Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hololohiielcnkgceidndajjobgkdmlj</p><p></p><p>==== Chromium Fix ======================</p><p></p><p>C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage deleted successfully</p><p>C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully</p><p>C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage deleted successfully</p><p>C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal deleted successfully</p><p>C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage deleted successfully</p><p>C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully</p><p>C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hololohiielcnkgceidndajjobgkdmlj deleted successfully</p><p></p><p>==== Set IE to Default ======================</p><p></p><p>Old Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p></p><p>New Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p></p><p>==== All HKCU SearchScopes ======================</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes</p><p>"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"</p><p>{012E1000-F331-11DB-8314-0800200C9A66} Google Url="<a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>"</p><p>{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="<a href="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" target="_blank">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC</a>"</p><p></p><p>==== Deleting Registry Keys ======================</p><p></p><p>HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Actual Multiple Monitors deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aeria Ignite deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Ultra Agent deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESL Wire deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallerLauncher deleted successfully</p><p>HKEY<a href="http://malwaretips.com/#" target="_blank"> local<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a>_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveSupport deleted successfully</p><p>HKEY<a href="http://malwaretips.com/#" target="_blank"> local<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a>_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg<a href="http://malwaretips.com/#" target="_blank"> optimizer pro<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a> deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Helper deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify deleted successfully</p><p>HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully</p><p></p><p>==== Empty IE Cache ======================</p><p></p><p>C:<a href="http://malwaretips.com/#" target="_blank"> windows<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a>\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet<a href="http://malwaretips.com/#" target="_blank"> files<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a>\Content.IE5 emptied successfully</p><p>C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully</p><p>C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\25LD3OHT will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2EJ6838 will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSVLWZM3 will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E0LDW9XA will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KC7R4YOS will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9EXBU5E will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUF0IVQ4 will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MVU981O2 will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RTSOLKO4 will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU1XLQBR will be deleted at reboot</p><p>C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQ8C4ASO will be deleted at reboot</p><p></p><p>==== Empty FireFox Cache ======================</p><p></p><p>No FireFox<a href="http://malwaretips.com/#" target="_blank"> profiles<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a> found</p><p></p><p>==== Empty Chrome Cache ======================</p><p></p><p>C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully</p><p></p><p>==== Empty All Flash Cache ======================</p><p></p><p>Flash Cache Emptied Successfully</p><p></p><p>==== Empty All Java Cache ======================</p><p></p><p>Java Cache cleared successfully</p><p></p><p>==== C:\zoek_backup content ======================</p><p></p><p>C:\zoek_backup <a href="http://malwaretips.com/#" target="_blank"> files<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a>=61 folders=82 32842734 bytes)</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\Users\admin\AppData<a href="http://malwaretips.com/#" target="_blank"> local<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a>\Temp emptied successfully</p><p>C:\Users\Default\AppData<a href="http://malwaretips.com/#" target="_blank"> local<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a>\Temp emptied successfully</p><p>C:\Users\Default User\AppData\Local\Temp emptied successfully</p><p>C:\Users\Sbs\AppData\Local\Temp will be emptied at reboot</p><p>C:<a href="http://malwaretips.com/#" target="_blank"> windows<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a>\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully</p><p>C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully</p><p>C:\Windows\Temp will be emptied at reboot</p><p></p><p>==== After Reboot ======================</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\Windows\Temp successfully emptied</p><p>C:\Users\Sbs\AppData\Local\Temp successfully emptied</p><p></p><p>==== Empty Recycle Bin ======================</p><p></p><p>C:\$RECYCLE.BIN successfully emptied</p><p></p><p>==== Deleting Files / Folders ======================</p><p></p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\25LD3OHT" not<a href="http://malwaretips.com/#" target="_blank"> found<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a></p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2EJ6838" not<a href="http://malwaretips.com/#" target="_blank"> found<img src="http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></a></p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSVLWZM3" not found</p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E0LDW9XA" not found</p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KC7R4YOS" not found</p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9EXBU5E" not found</p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUF0IVQ4" not found</p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MVU981O2" not found</p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RTSOLKO4" not found</p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU1XLQBR" not found</p><p>"C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQ8C4ASO" not found</p><p></p><p>==== EOF on Sat 05/09/2015 at 14:50:03.35 ======================</p></blockquote><p></p>
[QUOTE="Sbs95, post: 382484, member: 36275"] Thanks for the quick reply TwinHeadedEagle. I'm done with the whole process it took me nearly 15 minutes, but here is the results; Tried uploading it but it wont let me, it says the .txt file is empty so ill just copy paste it here i guess. :'x Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Sbs on Sat 05/09/2015 at 14:41:53.41. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Sbs\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 5/9/2015 2:42:21 PM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\OpenVPN Technologies deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Bitdefender deleted successfully C:\PROGRA~3\4shared Desktop deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\ProShopper deleted successfully C:\Users\Sbs\AppData\Roaming\.technic deleted successfully C:\Users\Sbs\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Sbs\AppData\Roaming\Publish Providers deleted successfully C:\Users\Sbs\AppData\Roaming\QuickScan deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2992129235-516872252-1101186673-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully HKEY_USERS\S-1-5-21-2992129235-516872252-1101186673-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully HKEY_USERS\S-1-5-21-2992129235-516872252-1101186673-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7AEFE841-DCA1-4A95-80CB-BE935D020302} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\PROGRA~2\OpenVPN Technologies not found C:\PROGRA~2\BrowserEnhancee deleted C:\Users\Sbs\AppData\LocalLow\{0EC6B648-69B7-571B-8594-7D122362E2DF} deleted C:\Users\Sbs\AppData\Local\Packages\windows_ie_ac_001\AC\{0EC6B648-69B7-571B-8594-7D122362E2DF} deleted C:\Users\Sbs\AppData\Roaming\WB.CFG deleted C:\Users\Sbs\AppData\Roaming\appdataFr3.bin deleted C:\Users\Sbs\AppData\Roaming\trace_FilterInstaller.1.txt deleted C:\Users\Sbs\AppData\Roaming\trace_FilterInstaller.txt deleted C:\Users\Sbs\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted C:\PROGRA~3\InstallMate deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BigMacroTool deleted C:\Windows\wininit.ini deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\Hotspot Shield deleted C:\Windows\SysWow64\AI_RecycleBin deleted "C:\Users\Sbs\AppData\Local\LumaEmu" deleted "C:\Users\Sbs\AppData\Local\{351488F1-694B-4739-9B11-1C32281B5D9B}" deleted "C:\Users\Sbs\AppData\Local\{A5DF2A2E-99D8-4A8A-8F72-7425DB1700AC}" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{F04D2D30-776C-4d02-8627-8E4385ECA58D}"="C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn" [09/28/2014 02:40 PM] ==== Chromium Look ====================== Google Chrome Version: 35.0.1916.114 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[04/11/2014 07:46 PM] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx[07/31/2014 08:47 AM] Google Voice Search Hotword (Beta) - Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn LoungeDestroyer - Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl AdBlock - Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom TremendouSCooupO - Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hololohiielcnkgceidndajjobgkdmlj ==== Chromium Fix ====================== C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage deleted successfully C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage deleted successfully C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal deleted successfully C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage deleted successfully C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Extensions\hololohiielcnkgceidndajjobgkdmlj deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[URL]http://www.google.com[/URL]" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="[URL]http://www.google.com/search?q={searchTerms}[/URL]" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="[URL]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC[/URL]" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Actual Multiple Monitors deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aeria Ignite deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Ultra Agent deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESL Wire deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallerLauncher deleted successfully HKEY[URL='http://malwaretips.com/#'] local[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL]_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveSupport deleted successfully HKEY[URL='http://malwaretips.com/#'] local[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL]_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg[URL='http://malwaretips.com/#'] optimizer pro[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL] deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Helper deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully ==== Empty IE Cache ====================== C:[URL='http://malwaretips.com/#'] windows[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL]\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet[URL='http://malwaretips.com/#'] files[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL]\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\25LD3OHT will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2EJ6838 will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSVLWZM3 will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E0LDW9XA will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KC7R4YOS will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9EXBU5E will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUF0IVQ4 will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MVU981O2 will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RTSOLKO4 will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU1XLQBR will be deleted at reboot C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQ8C4ASO will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox[URL='http://malwaretips.com/#'] profiles[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL] found ==== Empty Chrome Cache ====================== C:\Users\Sbs\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup [URL='http://malwaretips.com/#'] files[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL]=61 folders=82 32842734 bytes) ==== Empty Temp Folders ====================== C:\Users\admin\AppData[URL='http://malwaretips.com/#'] local[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL]\Temp emptied successfully C:\Users\Default\AppData[URL='http://malwaretips.com/#'] local[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL]\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Sbs\AppData\Local\Temp will be emptied at reboot C:[URL='http://malwaretips.com/#'] windows[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL]\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Sbs\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\25LD3OHT" not[URL='http://malwaretips.com/#'] found[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL] "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2EJ6838" not[URL='http://malwaretips.com/#'] found[IMG]http://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png[/IMG][/URL] "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BSVLWZM3" not found "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E0LDW9XA" not found "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KC7R4YOS" not found "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9EXBU5E" not found "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MUF0IVQ4" not found "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MVU981O2" not found "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RTSOLKO4" not found "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU1XLQBR" not found "C:\Users\Sbs\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YQ8C4ASO" not found ==== EOF on Sat 05/09/2015 at 14:50:03.35 ====================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top