Solved hao.360.cn always opens at start

[coolspyguy]

Basically every time I open Chrome after shutting down or restarting my computer, http://hao.360.cn/?src=lm&ls=n47ff6f3791 always opens up. Basically started after I accidentally installed some Chinese Hao software. I had uninstalled it with Revo uninstaller, which seemed to get rid of it, except that this problem still persists.

 

[TwinHeadedEagle]

Hello,

Please follow this topic and attach required reports

http://malwaretips.com/threads/preparation-guide-before-requesting-malware-removal-help.20334/

 

[coolspyguy]

ah sorry should have included them before. welp, here they are:

 

[TwinHeadedEagle]

Uninstall some programs

We need to uninstall some unwanted/unneeded programs.

• Press the
  
  + R on your keyboard at the same time. Type appwiz.cpl and click OK.
• Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

• RocketDock 1.3.5
• Snap.Do

After completing uninstalls, please manually reboot your machine!

Note: If you get the message like: An error occurred while trying to uninstall, just press Yes.

Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Wait until the database is updated.
• Accept the Terms of use and click Scan.
• When finished, please click Clean.
• Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:
  

  createsrpoint;
  autoclean;
  emptyalltemp;
  ipconfig /flushdns;b

• Make sure that Scan All Users option is checked.
• Push Run Script and wait patiently. The scan may take a couple of minutes.
• When the scan completes, a zoek-results logfile should open in notepad.
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

 

[coolspyguy]

thanks! looks like zoek did the trick and saved me nearly 71 gb of storage! had some troubles uploading the log for zoek so here it is:

Zoek.exe v5.0.0.0 Updated 06-February-2015
Tool run by Shang on 02/07/2015 Sat at 11:10:53.43.

Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Shang\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

Failed to create System Restore Point

==== Empty Folders Check ======================

C:\PROGRA~2\Hi-Rez Studios deleted successfully
C:\PROGRA~2\Nexon deleted successfully
C:\PROGRA~2\Samsung deleted successfully
C:\Program Files\Dell deleted successfully
C:\PROGRA~3\Karen's Power Tools deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Ralink deleted successfully
C:\Users\Shang\AppData\Roaming\Awesomium deleted successfully
C:\Users\Shang\AppData\Roaming\DataRepair deleted successfully
C:\Users\Shang\AppData\Roaming\HMYGSetting deleted successfully
C:\Users\Shang\AppData\Roaming\IrfanView deleted successfully
C:\Users\Shang\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Shang\AppData\Roaming\shrink_pic deleted successfully
C:\Users\Shang\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} deleted successfully
C:\Users\Shang\AppData\Local\55iZZWKuMMx4wE deleted successfully
C:\Users\Shang\AppData\Local\CutePDF Writer deleted successfully
C:\Users\Shang\AppData\Local\DriverToolkit deleted successfully
C:\Users\Shang\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Shang\AppData\Local\Samsung deleted successfully
C:\Users\Shang\AppData\Local\Solid State Networks deleted successfully
C:\Users\Shang\AppData\Local\Ubisoft Game Launcher deleted successfully
C:\Users\Shang\AppData\Local\Zame deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\Users\Shang\AppData\LocalLow\{0A083F82-924B-CD21-BA8C-426A4EA608D0} deleted
C:\Users\Shang\AppData\LocalLow\{0B75E915-A2DC-44D0-68DA-5158BE5BACC8} deleted
C:\Users\Shang\AppData\LocalLow\{0CA9F8F9-8530-218B-EAE7-73E95C6C6E2C} deleted
C:\Users\Shang\AppData\LocalLow\{110A7D38-420E-96B1-100B-AA964465A74E} deleted
C:\Users\Shang\AppData\LocalLow\{3922DB05-AFD4-99A4-0AF4-F1A0D774F91B} deleted
C:\Users\Shang\AppData\LocalLow\{3A1B0B7D-2769-DB76-AFCC-E1D0B0D6203B} deleted
C:\Users\Shang\AppData\LocalLow\{4894D796-212B-C095-17CD-09B35876BA0C} deleted
C:\Users\Shang\AppData\LocalLow\{4E60332B-E93B-2E52-9248-75481B883565} deleted
C:\Users\Shang\AppData\LocalLow\{60D9E95D-8693-D154-F6AF-DB12198B6C16} deleted
C:\Users\Shang\AppData\LocalLow\{72235747-F048-0264-9F81-ED17BB382EA7} deleted
C:\Users\Shang\AppData\LocalLow\{8182A3A4-4B1E-4AEE-AC5E-C0FC79BAD526} deleted
C:\Users\Shang\AppData\LocalLow\{890C1EFA-3F1D-B63F-D117-C629F504A57C} deleted
C:\Users\Shang\AppData\LocalLow\{96ADE3CE-2A9E-F003-716C-503E0E0EAB15} deleted
C:\Users\Shang\AppData\LocalLow\{9973E0A5-289F-E5C0-3FDB-8E6F768DCA73} deleted
C:\Users\Shang\AppData\LocalLow\{A1929DC3-7718-372D-E3AA-E2AAF923F9DB} deleted
C:\Users\Shang\AppData\LocalLow\{ACB7DD99-23B2-04B9-8274-7AAB72F110FC} deleted
C:\Users\Shang\AppData\LocalLow\{BF45DC9A-7A51-8BFE-3131-F68A6F405D3C} deleted
C:\Users\Shang\AppData\LocalLow\{C74AD9C9-8632-E4EA-AEDB-884675E63874} deleted
C:\Users\Shang\AppData\LocalLow\{D129F477-F8B8-4CF8-AFF2-BD919E7CBAC7} deleted
C:\Users\Shang\AppData\LocalLow\{E9DCB58E-29BA-C1F6-E029-122CD8458413} deleted
C:\Users\Shang\AppData\LocalLow\{F3A412ED-ADD4-5877-768F-02CB95006704} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{0A083F82-924B-CD21-BA8C-426A4EA608D0} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{0B75E915-A2DC-44D0-68DA-5158BE5BACC8} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{0CA9F8F9-8530-218B-EAE7-73E95C6C6E2C} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{110A7D38-420E-96B1-100B-AA964465A74E} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{3922DB05-AFD4-99A4-0AF4-F1A0D774F91B} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{3A1B0B7D-2769-DB76-AFCC-E1D0B0D6203B} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{4894D796-212B-C095-17CD-09B35876BA0C} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{4E60332B-E93B-2E52-9248-75481B883565} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{60D9E95D-8693-D154-F6AF-DB12198B6C16} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{72235747-F048-0264-9F81-ED17BB382EA7} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{8182A3A4-4B1E-4AEE-AC5E-C0FC79BAD526} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{890C1EFA-3F1D-B63F-D117-C629F504A57C} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{96ADE3CE-2A9E-F003-716C-503E0E0EAB15} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{9973E0A5-289F-E5C0-3FDB-8E6F768DCA73} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{A1929DC3-7718-372D-E3AA-E2AAF923F9DB} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{ACB7DD99-23B2-04B9-8274-7AAB72F110FC} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{BF45DC9A-7A51-8BFE-3131-F68A6F405D3C} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{C74AD9C9-8632-E4EA-AEDB-884675E63874} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{D129F477-F8B8-4CF8-AFF2-BD919E7CBAC7} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{E9DCB58E-29BA-C1F6-E029-122CD8458413} deleted
C:\Users\Shang\AppData\Local\Packages\windows_ie_ac_001\AC\{F3A412ED-ADD4-5877-768F-02CB95006704} deleted
C:\Users\Shang\.android deleted
C:\PROGRA~2\Skillbrains deleted
C:\STF87A6.tmp deleted
C:\STFF209.tmp deleted
C:\Users\Shang\AppData\Roaming\RamDate.ini deleted
C:\Users\Shang\AppData\Roaming\WinInstallFlashLog.ini deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Shang\AppData\Local\updater.log deleted
C:\Users\Shang\AppData\Local\Wondershare deleted
C:\Users\Shang\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Shang\Downloads\JD Builds Jinx Pepakura Bundle.rar deleted
C:\Users\Shang\AppData\LocalLow\{02A7224F-B425-91AE-62DE-978323ACF759} deleted
C:\Users\Shang\AppData\LocalLow\{36B39D7F-F875-CDB8-9803-03CF87E84620} deleted
C:\Users\Shang\AppData\LocalLow\{901839EA-E253-F2EA-75F3-558255272856} deleted
C:\Users\Shang\AppData\LocalLow\{D8E22640-EBF9-2269-115C-B662F1ACBF33} deleted
C:\Users\Shang\AppData\LocalLow\{DD499ABB-2FE3-B668-88EE-735B02871B42} deleted
C:\Users\Shang\AppData\LocalLow\{EF2782E3-8B68-C025-0CD3-07C43EFF87F3} deleted
C:\Users\Shang\AppData\LocalLow\boost_interprocess deleted
C:\WINDOWS\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
C:\Users\Public\Desktop\MegaDownloader.lnk deleted
C:\Users\Shang\AppData\Roaming\Font__7226_il101.exe deleted
"C:\Users\Shang\AppData\Local\LumaEmu" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\PROGRA~2\COMMON~1\Wondershare" not deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" not deleted

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Shang\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Shang\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

Google Chrome Version: 37.0.2062.124 (Possible outdated, latest Stable version: 40.0.2214.94)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[07/14/2014 05:22 PM]

Google Voice Search Hotword (Beta) - Shang\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Session Buddy - Shang\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko
The Deathly Hallows - Shang\AppData\Local\Google\Chrome\User Data\Default\Extensions\emajpkcnbjkgdchjlghpjlncgkaonpjj
AdBlock - Shang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
LastPass - Shang\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd
Don't Starve - Shang\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc
Disconnect - Shang\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo
The Great Suspender - Shang\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg
AS Magic Player - Shang\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
SNT - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\anokbgjgocihboecggjefdgkbijhoing
savve net - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\bgcmchkcneelcgigckndknipijkmaikd
Photo Zoom for Twitter - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc
SNT - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\fhieilhedoaelcencjkpffikakanibnb
sAve nEt - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\fodchppihdfbgpikbjngeojakecmiiho
save neaT - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\hgkbhfpbcbbplcfahnagbblbpiaaebga
SNT - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\hpceijmglekenibegbmpkomaakechmmh
SNT - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\ihpbikajahohdbmgffanekfbonljnpal
save. netu - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\iljgjeggpheapdapjdpnegffocdeejca
save net - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\inlemmkkkaihcalpckeemoeklmfjojmj
YoutubeAdblocker - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\iogeeepefgehfndlomdhkhfikdekichg
SNT - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\ipnihnknemhpjdpengamjhfmannpbhfj
SNT - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\kcgpiifkhffbodnkeccedocobaaeekgb
save nnet - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\kmajnljbagmiflnhjmkcollkfmcnifnc
SNT - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\lmnnoddaphbbgmlcnnnpbhbhceppffbo
websave - Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\modklgaolchfimmakbnnmfodpmhnecni

==== Chromium Startpages ======================

C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.google.com/",
"startup_urls": [ "http://www.google.ca/" ],


==== Chromium Fix ======================

C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.amaizingsearches.info_0.localstorage deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.amaizingsearches.info_0.localstorage-journal deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.calcitapp.info_0.localstorage deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.calcitapp.info_0.localstorage-journal deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.homesearch-hub.info_0.localstorage deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.homesearch-hub.info_0.localstorage-journal deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_adobeid-na1.services.adobe.com_0.localstorage deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_adobeid-na1.services.adobe.com_0.localstorage-journal deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_my-traveldeals.com_0.localstorage deleted successfully
C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_my-traveldeals.com_0.localstorage-journal deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\iogeeepefgehfndlomdhkhfikdekichg deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\modklgaolchfimmakbnnmfodpmhnecni deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\anokbgjgocihboecggjefdgkbijhoing deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\bgcmchkcneelcgigckndknipijkmaikd deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\eohjkphdfajdfhpmdaedemmgmbidbldc deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\fhieilhedoaelcencjkpffikakanibnb deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\fodchppihdfbgpikbjngeojakecmiiho deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\hgkbhfpbcbbplcfahnagbblbpiaaebga deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\hpceijmglekenibegbmpkomaakechmmh deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\ihpbikajahohdbmgffanekfbonljnpal deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\iljgjeggpheapdapjdpnegffocdeejca deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\inlemmkkkaihcalpckeemoeklmfjojmj deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\ipnihnknemhpjdpengamjhfmannpbhfj deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\kcgpiifkhffbodnkeccedocobaaeekgb deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\kmajnljbagmiflnhjmkcollkfmcnifnc deleted successfully
C:\Users\Shang\AppData\Local\Local\Comodo\Dragon\User Data\Default\Extensions\lmnnoddaphbbgmlcnnnpbhbhceppffbo deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.02995.com?tn=63"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.02995.com?tn=63"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== shortcuts on Users Desktops ======================

C:\Users\Shang\Desktop\Ace Player.lnk - C:\Users\Shang\AppData\Roaming\ACEStream\player\ace_player.exe
C:\Users\Shang\Desktop\Adobe After Effects CC 2014.lnk - C:\Program Files (x86)\Adobe\Adobe After Effects CC 2014\Support Files\AfterFX.exe
C:\Users\Shang\Desktop\Adobe Premiere Pro CC.lnk - C:\Program Files\Adobe\Adobe Premiere Pro CC\Adobe Premiere Pro.exe
C:\Users\Shang\Desktop\Camtasia Studio 8.lnk - C:\Windows\Installer\{BFA04EE0-8240-4667-8D53-45496A901C33}\CamtasiaIcons.exe
C:\Users\Shang\Desktop\Chrome App Launcher.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://hao.360.cn/?src=lm&ls=n47ff6f3791
C:\Users\Shang\Desktop\Dropbox.lnk - C:\Users\Shang\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Shang\Desktop\Flash CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Flash CS6\Flash.exe
C:\Users\Shang\Desktop\Half Life 2 Episode Two - Shortcut.lnk - G:\WD SmartWare.swstor\SHANG_YI5\Volume.8d3fd33c.c579.480c.8106.a603c08440be\Users\Shang\Desktop\Half Life 2 Episode Two
C:\Users\Shang\Desktop\Launcher - Shortcut.lnk - G:\WD SmartWare.swstor\SHANG_YI5\Volume.8d3fd33c.c579.480c.8106.a603c08440be\Games\Alien Isolation\Launcher.exe
C:\Users\Shang\Desktop\osu.lnk -
C:\Users\Shang\Desktop\peerblock - Shortcut.lnk - C:\Program Files\PeerBlock\peerblock.exe
C:\Users\Shang\Desktop\Pepakura Viewer 3.lnk - C:\Program Files (x86)\tamasoftware\pepakura3en\viewer\pepakura_viewer3.exe
C:\Users\Shang\Desktop\Photoshop - Shortcut.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CC\Photoshop.exe
C:\Users\Shang\Desktop\PowerPoint 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\Users\Shang\Desktop\the walking dead - Shortcut.lnk - G:\WD SmartWare.swstor\SHANG_YI5\Volume.8d3fd33c.c579.480c.8106.a603c08440be\Users\Shang\Desktop\the walking dead
C:\Users\Shang\Desktop\TheWalkingDead2 - Shortcut.lnk - C:\Program Files (x86)\The Walking Dead Season 2\TheWalkingDead2.exe
C:\Users\Shang\Desktop\Thinking with Time Machine.lnk - C:\Games\Thinking with Time Machine\Launcher_TWTM.exe
C:\Users\Shang\Desktop\Transistor - Shortcut.lnk - C:\Program Files (x86)\R.G. Mechanics\Transistor\x86\Transistor.exe
C:\Users\Shang\Desktop\TweakBit Driver Updater.lnk - C:\Program Files (x86)\TweakBit\Driver Updater\DriverUpdater.exe
C:\Users\Shang\Desktop\Uranium - Shortcut.lnk - C:\Program Files (x86)\Pokémon Uranium Team\Pokémon Uranium Beta 4.0\Uranium.exe
C:\Users\Shang\Desktop\Windows.Defender.lnk -
C:\Users\Shang\Desktop\Word 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\Users\Shang\Desktop\?Torrent.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --appletID=HomePanel_BL --appletVersion=1.0
C:\Users\Public\Desktop\Cave Story.lnk - C:\Program Files (x86)\Cave Story Deluxe\CaveStory\Doukutsu.exe
C:\Users\Public\Desktop\CLIP STUDIO PAINT (64bit).lnk - C:\Program Files\CELSYS\CLIP STUDIO EN\CLIP STUDIO PAINT\CLIPStudioPaint.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://hao.360.cn/?src=lm&ls=n47ff6f3791
C:\Users\Public\Desktop\HitmanPro.lnk - C:\Program Files (x86)\HitmanPro\HitmanPro.exe
C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.0.lnk - C:\Program Files (x86)\Intel Driver Update Utility\DriverUpdateUI.exe
C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk - C:\WINDOWS\system32\GfxUIEx.exe
C:\Users\Public\Desktop\Play League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Users\Public\Desktop\Razer Cortex.lnk - C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Public\Desktop\Watch_Dogs.lnk - C:\Games\Watch_Dogs\GameUpdater.exe /Mode=Launcher /GameExePath="Launcher.exe" /GameExeCmdLine=""
C:\Users\Public\Desktop\WD Drive Utilities.lnk - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe
C:\Users\Public\Desktop\WD Security.lnk - C:\Program Files (x86)\Western Digital\WD Security\WDDriveSecurity.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Launcher - Shortcut.lnk - C:\Program Files (x86)\Valve\Portal 2\Launcher.exe http://hao.360.cn/?src=lm&ls=n47ff6f3791
C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://hao.360.cn/?src=lm&ls=n47ff6f3791
C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu.lnk -
C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Shang\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Shang\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list
C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Shang\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --appletID=HomePanel_BL --appletVersion=1.0
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk - C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC.lnk - C:\Program Files\Adobe\Adobe Media Encoder CC\Adobe Media Encoder.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Bridge CS6 (64bit).lnk - C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Bridge CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe ExtendScript Toolkit CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Extension Manager CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Flash Professional CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Flash CS6\Flash.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Media Encoder CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Media Encoder CS6\Adobe Media Encoder.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5\AviSynth Documentation.lnk - C:\Program Files (x86)\AviSynth 2.5\Docs\English\index.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5\Example Scripts.lnk - C:\Program Files (x86)\AviSynth 2.5\Examples
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5\License.lnk - C:\Program Files (x86)\AviSynth 2.5\gpl.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5\Plugin Directory.lnk - C:\Program Files (x86)\AviSynth 2.5\plugins
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5\Uninstall AviSynth.lnk - C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Balrog Paper Craft.lnk - C:\Program Files (x86)\Cave Story Deluxe\Balrog Papercraft\up0064.bmp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Boosters Lab.lnk - C:\Program Files (x86)\Cave Story Deluxe\BoostLab_0251\BoostLab_0251.jar
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Cave Editor.lnk - C:\Program Files (x86)\Cave Story Deluxe\CaveEditor0.99d\CaveEditor.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Cave Story Manual.lnk - C:\Program Files (x86)\Cave Story Deluxe\CaveStory\Manual.html
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Cave Story Setup.lnk - C:\Program Files (x86)\Cave Story Deluxe\CaveStory\DoConfig.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Cave Story Tribute Site.lnk - C:\Program Files (x86)\Cave Story Deluxe\Cave Story Tribute Site.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Explore Files.lnk - C:\Program Files (x86)\Cave Story Deluxe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Play Cave Story.lnk - C:\Program Files (x86)\Cave Story Deluxe\CaveStory\Doukutsu.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\README.lnk - C:\Program Files (x86)\Cave Story Deluxe\README.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Run Ikachan Mini-game.lnk - C:\Program Files (x86)\Cave Story Deluxe\Ikachan\dxIka.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Run ORG Maker.lnk - C:\Program Files (x86)\Cave Story Deluxe\ORG Maker\ORG Maker 134 English.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cave Story Deluxe\Uninstall Cave Story Deluxe.lnk - C:\Program Files (x86)\Cave Story Deluxe\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Update.lnk - C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\My Dell.lnk - C:\Program Files\My Dell\pcdlauncher.exe -lloc dsc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\PC Checkup.lnk - C:\Program Files\My Dell\pcdlauncher.exe -startingpage pccheckup -lloc pccheckup
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\HitmanPro.lnk - C:\Program Files (x86)\HitmanPro\HitmanPro.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Remove HitmanPro 3.7.lnk - C:\Program Files (x86)\HitmanPro\HitmanPro.exe /uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot\Lightshot.lnk - C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot\Uninstall Lightshot.lnk - C:\Program Files (x86)\Skillbrains\lightshot\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack\Codec Settings (Run as administrator).lnk - C:\Windows\SysWOW64\C2MP\CodecSettingsADMIN.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack\Codec Settings.lnk - C:\Windows\SysWOW64\C2MP\CodecSettings.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack\Media Player Classic.lnk - C:\Windows\SysWOW64\C2MP\mpc-hc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Lync Recording Manager.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN - Ultimate Ninja STORM Revolution\NARUTO SHIPPUDEN - Ultimate Ninja STORM Revolution.lnk - C:\Program Files (x86)\NARUTO SHIPPUDEN - Ultimate Ninja STORM Revolution\NSUNSR_launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NARUTO SHIPPUDEN - Ultimate Ninja STORM Revolution\Uninstall NARUTO SHIPPUDEN - Ultimate Ninja STORM Revolution.lnk - C:\Program Files (x86)\NARUTO SHIPPUDEN - Ultimate Ninja STORM Revolution\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless\Ralink Wireless Utility.lnk - C:\Program Files (x86)\Ralink\Common\RaUI.exe -s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless\Uninstall - RT2870.lnk - C:\Program Files (x86)\InstallShield Installation Information\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}\setup.exe -runfromtemp -removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RiP by Fenixx\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC.lnk - C:\Program Files (x86)\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC\AC4BFSP.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RiP by Fenixx\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC\腻桧耱嚯腓痤忄螯 Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC.lnk - C:\Program Files (x86)\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC\Uninstall\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit\Driver Updater\TweakBit Driver Updater.lnk - C:\Program Files (x86)\TweakBit\Driver Updater\DriverUpdater.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD Quick View.lnk - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD SmartWare.lnk - C:\Program Files (x86)\Western Digital\WD SmartWare\WDSmartWare.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Shang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://hao.360.cn/?src=lm&ls=n47ff6f3791
C:\Users\Shang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://hao.360.cn/?src=lm&ls=n47ff6f3791
C:\Users\Shang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Shang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Shang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\computer.lnk - C:\WINDOWS\explorer.exe /E,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
C:\Users\Shang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://hao.360.cn/?src=lm&ls=n47ff6f3791

==== shortcuts After Repair ======================

C:\Users\Shang\Desktop\Chrome App Launcher.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Launcher - Shortcut.lnk - C:\Program Files (x86)\Valve\Portal 2\Launcher.exe
C:\Users\Shang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Shang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Shang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Shang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{62D64B30-6E10-4C49-95FE-EDD8F8165DED}_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\9028C33F0E8E8C94D8E763C33D648C10 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\E2K2FTG6 will be deleted at reboot
C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\HFP49C0C will be deleted at reboot
C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\HRNP1WJZ will be deleted at reboot
C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\JA2O6YPZ will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Shang\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=308 folders=170 154631548 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Shang\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Shang\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\COMMON~1\Wondershare" not found
"C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\E2K2FTG6" not found
"C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\HFP49C0C" not found
"C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\HRNP1WJZ" not found
"C:\Users\Shang\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\JA2O6YPZ" not found
"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 02/07/2015 Sat at 16:08:49.78 ======================

 

[TwinHeadedEagle]

Very good. How is your PC now?

 

[coolspyguy]

Very good. How is your PC now?

Great! It's a little faster, thanks very much! There is another problem, although it's not related to this at all and I completely get it if you can't do anything about it, but if you could quickly take a look in your spare time, I posted the question here:
http://en.community.dell.com/support-forums/laptop/f/3518/t/19617323
once again, thanks very much! your help is appreciated very much

 

[TwinHeadedEagle]

I think you should stick with their support, they probably know better than myself