Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Aggressive Malware - cdncache-a and "Ads by Notification" POP UPS
Message
<blockquote data-quote="AshleySue" data-source="post: 305807" data-attributes="member: 30124"><p>Zoek.exe v5.0.0.0 Updated 25-11-2014</p><p>Tool run by House of Matador on Tue 11/25/2014 at 20:43:18.08.</p><p>Microsoft Windows 8.1 6.3.9600 x64</p><p>Running in: Normal Mode Internet Access Detected</p><p>Launched: C:\Users\House of Matador\Desktop\zoek.exe [Scan all users] [Script inserted]</p><p></p><p>==== Older Logs ======================</p><p></p><p>C:\zoek-results2014-11-25-234639.log 13252 bytes</p><p></p><p>==== System Restore Info ======================</p><p></p><p>11/25/2014 8:44:10 PM Zoek.exe System Restore Point Created Succesfully.</p><p></p><p>==== Deleting CLSID Registry Keys ======================</p><p></p><p></p><p>==== Deleting CLSID Registry Values ======================</p><p></p><p></p><p>==== Deleting Services ======================</p><p></p><p></p><p>==== FireFox Fix ======================</p><p></p><p>ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\5jeohazu.default-1414975263666</p><p></p><p>user.js not found</p><p>---- FireFox user.js and prefs.js backups ----</p><p></p><p>prefs_20141125_0902_.backup</p><p></p><p>ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\6nq4jkl1.Ashley Sue Oct2014</p><p></p><p>user.js not found</p><p>---- FireFox user.js and prefs.js backups ----</p><p></p><p>prefs_20141125_0902_.backup</p><p></p><p>ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\jgcs9iav.default</p><p></p><p>user.js not found</p><p>---- Lines <a href="mailto:jid1-YcMV6ngYmQRA2w@jetpack.xpi">jid1-YcMV6ngYmQRA2w@jetpack.xpi</a> removed from prefs.js ----</p><p>user_pref("extensions.bootstrappedAddons", "{\"<a href="mailto:fbp@fbpurity.com">fbp@fbpurity.com</a>\":{\"version\":\"9.8.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\House</p><p>---- Lines <a href="mailto:jid1-YcMV6ngYmQRA2w@jetpack.xpi">jid1-YcMV6ngYmQRA2w@jetpack.xpi</a> modified from prefs.js ----</p><p></p><p>user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"<a href="mailto:web2pdfextension@web2pdf.adobedotcom">web2pdfextension@web2pdf.adobedotcom</a>\":{\"descriptor\":\"C:\\\\Pr</p><p>---- Lines <a href="mailto:abs@avira.com">abs@avira.com</a> modified from prefs.js ----</p><p></p><p>user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"<a href="mailto:web2pdfextension@web2pdf.adobedotcom">web2pdfextension@web2pdf.adobedotcom</a>\":{\"descriptor\":\"C:\\\\Pr</p><p>---- FireFox user.js and prefs.js backups ----</p><p></p><p>prefs_20141125_0902_.backup</p><p></p><p>ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Thunderbird\Profiles\glac7ek7.default</p><p></p><p>user.js not found</p><p>---- FireFox user.js and prefs.js backups ----</p><p></p><p>prefs_20141125_0902_.backup</p><p></p><p>==== Batch Command(s) Run By Tool======================</p><p></p><p></p><p>==== Deleting Files \ Folders ======================</p><p></p><p>C:\ProgramData\Anvisoft deleted</p><p>C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\6nq4jkl1.Ashley Sue Oct2014\extensions\<a href="mailto:abs@avira.com">abs@avira.com</a> deleted</p><p>"C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\jgcs9iav.default\extensions\<a href="mailto:jid1-YcMV6ngYmQRA2w@jetpack.xpi">jid1-YcMV6ngYmQRA2w@jetpack.xpi</a>" deleted</p><p></p><p>==== Firefox Extensions Registry ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]</p><p>"<a href="mailto:online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com">online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com</a>"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:online_banking@kaspersky.com">online_banking@kaspersky.com</a>" [11/19/2014 11:54 AM]</p><p>[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]</p><p>"<a href="mailto:smartwebprinting@hp.com">smartwebprinting@hp.com</a>"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2" [04/24/2014 09:38 AM]</p><p></p><p>==== Firefox Extensions ======================</p><p></p><p>ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\5jeohazu.default-1414975263666</p><p>- Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:content_blocker@kaspersky.com">content_blocker@kaspersky.com</a></p><p>- Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:virtual_keyboard@kaspersky.com">virtual_keyboard@kaspersky.com</a></p><p>- Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:online_banking@kaspersky.com">online_banking@kaspersky.com</a></p><p>- Undetermined - <a href="mailto:content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com">content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com</a></p><p>- Undetermined - <a href="mailto:virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com">virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com</a></p><p>- Undetermined - <a href="mailto:online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com">online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com</a></p><p></p><p>ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\jgcs9iav.default</p><p>- Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:content_blocker@kaspersky.com">content_blocker@kaspersky.com</a></p><p>- Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:online_banking@kaspersky.com">online_banking@kaspersky.com</a></p><p>- Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:virtual_keyboard@kaspersky.com">virtual_keyboard@kaspersky.com</a></p><p>- Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:content_blocker@kaspersky.com">content_blocker@kaspersky.com</a></p><p>- Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:online_banking@kaspersky.com">online_banking@kaspersky.com</a></p><p>- Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:virtual_keyboard@kaspersky.com">virtual_keyboard@kaspersky.com</a></p><p>- Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:content_blocker@kaspersky.com">content_blocker@kaspersky.com</a></p><p>- Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:online_banking@kaspersky.com">online_banking@kaspersky.com</a></p><p>- Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:virtual_keyboard@kaspersky.com">virtual_keyboard@kaspersky.com</a></p><p>- Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:content_blocker@kaspersky.com">content_blocker@kaspersky.com</a></p><p>- Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:online_banking@kaspersky.com">online_banking@kaspersky.com</a></p><p>- Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\<a href="mailto:virtual_keyboard@kaspersky.com">virtual_keyboard@kaspersky.com</a></p><p>- F.B. Purity - Cleans Up Facebook - %ProfilePath%\extensions\<a href="mailto:fbp@fbpurity.com.xpi">fbp@fbpurity.com.xpi</a></p><p>- feedly - %ProfilePath%\extensions\<a href="mailto:feedly@devhd.xpi">feedly@devhd.xpi</a></p><p></p><p>AppDir: C:\Program Files (x86)\Mozilla Firefox</p><p>- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}</p><p></p><p>==== Firefox Plugins ======================</p><p></p><p>Profilepath: C:\Users\House of Matador\AppData\Roaming\Mozilla\Firefox\Profiles\5jeohazu.default-1414975263666</p><p>8303B3CEC05500F763B4FA75210598BB - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash</p><p>18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013</p><p></p><p>Profilepath: C:\Users\House of Matador\AppData\Roaming\Mozilla\Firefox\Profiles\jgcs9iav.default</p><p>18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013</p><p></p><p></p><p>==== Chromium Look ======================</p><p></p><p>HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions</p><p>flliilndjeohchalpbbcdekjklbdgfkk - No path found[]</p><p></p><p>Google Voice Search Hotword (Beta) - House of Matador\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn</p><p>Shield For Chrome - House of Matador\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbaffjopmgmcijlkoafmgnaiciogpdel</p><p>Google Wallet - House of Matador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda</p><p></p><p>==== Set IE to Default ======================</p><p></p><p>Old Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.google.com/" target="_blank">http://www.google.com/</a>"</p><p></p><p>New Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.google.com/" target="_blank">http://www.google.com/</a>"</p><p></p><p>==== All HKCU SearchScopes ======================</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes</p><p>"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"</p><p>{012E1000-F331-11DB-8314-0800200C9A66} Google Url="<a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>"</p><p>{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="<a href="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" target="_blank">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC</a>"</p><p>{8A893382-9C8B-4E55-BE15-2405DA837C45} Google Url="<a href="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}" target="_blank">http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}</a>"</p><p></p><p>==== Deleting Registry Keys ======================</p><p></p><p>HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully</p><p></p><p>==== Empty IE Cache ======================</p><p></p><p>C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Users\House of Matador\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully</p><p>C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully</p><p>C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully</p><p>C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully</p><p>C:\Users\House of Matador\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully</p><p>C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully</p><p>C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully</p><p></p><p>==== Empty FireFox Cache ======================</p><p></p><p>C:\Users\House of Matador\AppData\Local\Mozilla\Firefox\Profiles\5jeohazu.default-1414975263666\cache2 emptied successfully</p><p></p><p>==== Empty Chrome Cache ======================</p><p></p><p>C:\Users\House of Matador\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully</p><p>C:\Users\House of Matador\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully</p><p></p><p>==== Empty All Flash Cache ======================</p><p></p><p>Flash Cache Emptied Successfully</p><p></p><p>==== Empty All Java Cache ======================</p><p></p><p>Java Cache cleared successfully</p><p></p><p>==== C:\zoek_backup content ======================</p><p></p><p>C:\zoek_backup (files=87 folders=54 33120546 bytes)</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\Users\Default\AppData\Local\Temp emptied successfully</p><p>C:\Users\Default User\AppData\Local\Temp emptied successfully</p><p>C:\Users\House of Matador\AppData\Local\Temp will be emptied at reboot</p><p>C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully</p><p>C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully</p><p>C:\WINDOWS\Temp will be emptied at reboot</p><p></p><p>==== After Reboot ======================</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\WINDOWS\Temp successfully emptied</p><p>C:\Users\HOUSEO~1\AppData\Local\Temp successfully emptied</p><p></p><p>==== Empty Recycle Bin ======================</p><p></p><p>C:\$RECYCLE.BIN successfully emptied</p><p></p><p>==== EOF on Tue 11/25/2014 at 21:38:03.34 ======================</p></blockquote><p></p>
[QUOTE="AshleySue, post: 305807, member: 30124"] Zoek.exe v5.0.0.0 Updated 25-11-2014 Tool run by House of Matador on Tue 11/25/2014 at 20:43:18.08. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\House of Matador\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-11-25-234639.log 13252 bytes ==== System Restore Info ====================== 11/25/2014 8:44:10 PM Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\5jeohazu.default-1414975263666 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141125_0902_.backup ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\6nq4jkl1.Ashley Sue Oct2014 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141125_0902_.backup ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\jgcs9iav.default user.js not found ---- Lines [email]jid1-YcMV6ngYmQRA2w@jetpack.xpi[/email] removed from prefs.js ---- user_pref("extensions.bootstrappedAddons", "{\"[email]fbp@fbpurity.com[/email]\":{\"version\":\"9.8.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\House ---- Lines [email]jid1-YcMV6ngYmQRA2w@jetpack.xpi[/email] modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"[email]web2pdfextension@web2pdf.adobedotcom[/email]\":{\"descriptor\":\"C:\\\\Pr ---- Lines [email]abs@avira.com[/email] modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"[email]web2pdfextension@web2pdf.adobedotcom[/email]\":{\"descriptor\":\"C:\\\\Pr ---- FireFox user.js and prefs.js backups ---- prefs_20141125_0902_.backup ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Thunderbird\Profiles\glac7ek7.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20141125_0902_.backup ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\ProgramData\Anvisoft deleted C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\6nq4jkl1.Ashley Sue Oct2014\extensions\[email]abs@avira.com[/email] deleted "C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\jgcs9iav.default\extensions\[email]jid1-YcMV6ngYmQRA2w@jetpack.xpi[/email]" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "[email]online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com[/email]"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]online_banking@kaspersky.com[/email]" [11/19/2014 11:54 AM] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "[email]smartwebprinting@hp.com[/email]"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2" [04/24/2014 09:38 AM] ==== Firefox Extensions ====================== ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\5jeohazu.default-1414975263666 - Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]content_blocker@kaspersky.com[/email] - Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]virtual_keyboard@kaspersky.com[/email] - Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]online_banking@kaspersky.com[/email] - Undetermined - [email]content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com[/email] - Undetermined - [email]virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com[/email] - Undetermined - [email]online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com[/email] ProfilePath: C:\Users\HOUSEO~1\AppData\Roaming\Mozilla\Firefox\Profiles\jgcs9iav.default - Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]content_blocker@kaspersky.com[/email] - Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]online_banking@kaspersky.com[/email] - Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]virtual_keyboard@kaspersky.com[/email] - Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]content_blocker@kaspersky.com[/email] - Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]online_banking@kaspersky.com[/email] - Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]virtual_keyboard@kaspersky.com[/email] - Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]content_blocker@kaspersky.com[/email] - Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]online_banking@kaspersky.com[/email] - Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]virtual_keyboard@kaspersky.com[/email] - Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]content_blocker@kaspersky.com[/email] - Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]online_banking@kaspersky.com[/email] - Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email]virtual_keyboard@kaspersky.com[/email] - F.B. Purity - Cleans Up Facebook - %ProfilePath%\extensions\[email]fbp@fbpurity.com.xpi[/email] - feedly - %ProfilePath%\extensions\[email]feedly@devhd.xpi[/email] AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\House of Matador\AppData\Roaming\Mozilla\Firefox\Profiles\5jeohazu.default-1414975263666 8303B3CEC05500F763B4FA75210598BB - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 Profilepath: C:\Users\House of Matador\AppData\Roaming\Mozilla\Firefox\Profiles\jgcs9iav.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] Google Voice Search Hotword (Beta) - House of Matador\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn Shield For Chrome - House of Matador\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbaffjopmgmcijlkoafmgnaiciogpdel Google Wallet - House of Matador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://www.google.com/[/url]" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://www.google.com/[/url]" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="[url]http://www.google.com/search?q={searchTerms}[/url]" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="[url]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC[/url]" {8A893382-9C8B-4E55-BE15-2405DA837C45} Google Url="[url]http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}[/url]" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\House of Matador\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\House of Matador\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\House of Matador\AppData\Local\Mozilla\Firefox\Profiles\5jeohazu.default-1414975263666\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\House of Matador\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\House of Matador\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=87 folders=54 33120546 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\House of Matador\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\HOUSEO~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Tue 11/25/2014 at 21:38:03.34 ====================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top