leodnut
-
Posts
8 -
Joined
-
Last visited
-
I got infected with Groovorio several weeks ago, and someone helped me get rid of it. Now it's back. Please help. Thanks, Leodnut
-
With help from this forum, I was able to get groovorio off my laptop. Now its back. At this point, it's only affecting Chrome. I have Malwarebytes Premium. Not sure why it's not able to handle Groovorio. Anyway, I could use some help. Thanks. Leodnut
-
I think it's good now. Thank you so much!!! Zoek.exe v5.0.0.0 Updated 29-11-2014 Tool run by Leona on Mon 12/01/2014 at 21:57:44.80. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Leona\Downloads\zoek(2).exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-12-01-075540.log 8967 bytes C:\zoek-results2014-12-01-202338.log 9781 bytes ==== System Restore Info ====================== 12/1/2014 9:58:27 PM Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Oracle deleted successfully C:\Users\Leona\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [10/27/2014 03:55 PM] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Leona\AppData\Roaming\Mozilla\Firefox\Profiles\0pun12.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Leona\AppData\Roaming\Mozilla\Firefox\Profiles\0pun12.default 8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Leona\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104 ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] iomphmdalfmaifjccmagmllnicjoghhk - No path found[] Google Voice Search Hotword (Beta) - Leona\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{84A3EF68-78BA-4D9B-80B3-0B9F70FC3CA9} deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\86FE3A48AB87B9D4083BB0F907CFC39A deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leona\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leona\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Leona\AppData\Local\Mozilla\Firefox\Profiles\0pun12.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Leona\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=27 folders=16 96473394 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Leona\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Leona\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Mon 12/01/2014 at 22:16:35.21 ======================
-
Here are the results: Zoek.exe v5.0.0.0 Updated 29-11-2014 Tool run by Leona on Mon 12/01/2014 at 13:21:03.11. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Leona\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-12-01-075540.log 8967 bytes ==== System Restore Info ====================== 12/1/2014 1:23:07 PM Zoek.exe System Restore Point Created Succesfully. ==== Installed Programs ====================== Acrobat.com Adobe Acrobat 9 Pro - English, Fran‡ais, Deutsch Adobe AIR Adobe Anchor Service CS4 Adobe Anchor Service x64 CS4 Adobe Asset Services CS4 Adobe Bridge CS4 Adobe CMaps CS4 Adobe CMaps x64 CS4 Adobe Color - Photoshop Specific CS4 Adobe Color EU Recommended Settings CS4 Adobe Color JA Extra Settings CS4 Adobe Color NA Extra Settings CS4 Adobe Color Video Profiles CS CS4 Adobe Creative Suite 4 Design Premium Adobe CSI CS4 Adobe CSI CS4 x64 Adobe Default Language CS4 Adobe Device Central CS4 Adobe Dreamweaver CS4 Adobe Drive CS4 Adobe Drive CS4 x64 Adobe Dynamiclink Support Adobe ExtendScript Toolkit CS4 Adobe Extension Manager CS4 Adobe Fireworks CS4 Adobe Flash CS4 Adobe Flash CS4 Extension - Flash Lite STI en Adobe Flash CS4 STI-en Adobe Flash Player 10 ActiveX Adobe Flash Player 15 Plugin Adobe Fonts All Adobe Fonts All x64 Adobe Illustrator CS4 Adobe InDesign CS4 Adobe InDesign CS4 Application Feature Set Files (Roman) Adobe InDesign CS4 Common Base Files Adobe InDesign CS4 Icon Handler Adobe InDesign CS4 Icon Handler x64 Adobe Linguistics CS4 Adobe Linguistics CS4 x64 Adobe Media Encoder CS4 Adobe Media Encoder CS4 Importer Adobe Media Player Adobe Output Module Adobe PDF Library Files CS4 Adobe PDF Library Files x64 CS4 Adobe Photoshop CS4 Adobe Photoshop CS4 (64 Bit) Adobe Photoshop CS4 Support Adobe Reader X (10.1.7) MUI Adobe Search for Help Adobe Service Manager Extension Adobe Setup Adobe SGM CS4 Adobe SING CS4 Adobe Type Support CS4 Adobe Type Support x64 CS4 Adobe Update Manager CS4 Adobe Version Cue CS4 Server Adobe WinSoft Linguistics Plugin Adobe WinSoft Linguistics Plugin x64 Adobe XMP Panels CS4 AdobeColorCommonSetCMYK AdobeColorCommonSetRGB Bitdefender Antivirus Free Edition Camtasia Studio 8 Citrix Online Launcher Connect Create Recovery Media Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 DisplayLink Core Software Dolby Home Theater v4 Dropbox Google Chrome Google Update Helper GoToMeeting 7.0.4.2033 Inst5676 Integrated Camera Intel® Management Engine Components Intel® PRO/Wireless Driver Intel® Processor Graphics Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1412.3) Intel® Update Manager Intel® WiDi Intelr PROSet/Wireless Software Intelr PROSet/Wireless WiFi Software Intelr Trusted Connect Service Client kuler Lenovo Auto Scroll Utility Lenovo Communications Utility Lenovo Fingerprint Manager Pro Lenovo Patch Utility Lenovo Patch Utility 64 bit Lenovo Peer Connect SDK Lenovo Power Management Driver Lenovo QuickControl Lenovo QuickDisplay Lenovo Reach Lenovo Registration Lenovo SHAREit Lenovo Solution Center Lenovo System Update Lenovo USB Graphics Lenovo USB3.0 to DVI VGA Monitor Adapter Lenovo User Guide Lenovo Warranty Information Malwarebytes Anti-Malware version 2.0.3.1025 McAfee Security Scan Plus Message Center Plus Metric Collection SDK Metric Collection SDK 35 Microsoft .NET Framework 4.5.1 Microsoft Corporation Microsoft LifeCam Microsoft Mouse and Keyboard Center Microsoft Office Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft OneDrive Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Mozilla Firefox 33.1.1 (x86 en-US) Mozilla Maintenance Service Nitro Pro 9 On Screen Display PDF Settings CS4 Photoshop Camera Raw Photoshop Camera Raw_x64 Pixel Bender Toolkit Power Manager Realtek Card Reader Realtek High Definition Audio Driver Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 Rhinoceros 5 Rhinoceros 5 (64-bit) Rhinoceros 5 Help Media Rhinoceros 5 Language Pack Installer (en-US) Screencast-O-Matic Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2899526) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2899527) 32-Bit Edition Shopop Suite Shared Configuration CS4 ThinkPad Hotkey Features Integration Setup Thinkpad USB 3.0 Ethernet Adapter Driver ThinkVantage Active Protection System Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899525) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) USB Enhanced Performance Keyboard Windows Driver Package - Intel (e1dexpress) Net (03/13/2014 12.11.77.1) Windows Driver Package - Intel Corporation (iaStorA) HDC (11/15/2013 12.8.10.1005) Windows Driver Package - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) Windows Driver Package - Synaptics (SmbDrv) System (04/07/2014 18.0.7.40) Windows Driver Package - Synaptics (SynTP) Mouse (04/07/2014 18.0.7.40) ==== C:\zoek_backup content ====================== C:\zoek_backup (files=27 folders=16 96473394 bytes) ==== EOF on Mon 12/01/2014 at 13:23:38.23 ======================
-
Groovorio is gone, but it looks like I have a few other problems. I've got something called Shopop that I can't delete. Also Disable AMT Profile Synchronization... is something I don't recognize and can't delete. Also, displaylink core software. Any Ideas on these?
-
I think I may have posted the wrong information. Here is the zoek report: Zoek.exe v5.0.0.0 Updated 29-11-2014 Tool run by Leona on Mon 12/01/2014 at 0:29:11.03. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Leona\AppData\Local\Temp\Temp1_zoek.zip\zoek.exe.pif [scan all users] [script inserted] ==== System Restore Info ====================== 12/1/2014 12:31:58 AM Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~3\ALM deleted successfully C:\Users\Leona\AppData\Roaming\FirefoxToolbar deleted successfully C:\Users\Leona\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1407123308-3660940682-995406574-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-1407123308-3660940682-995406574-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-1407123308-3660940682-995406574-1000\Software\Microsoft\Internet Explorer\SearchScopes\{64C2A17D-9817-4215-8D9B-C1319D06504B} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Leona\AppData\Roaming\Mozilla\Firefox\Profiles\0pun12.default ---- Lines Techgile removed from prefs.js ---- user_pref("extensions.Techgile.asul", "1417408715127"); user_pref("extensions.Techgile.aul", "1417408645074"); user_pref("extensions.Techgile.irl", true); user_pref("extensions.Techgile.is", "IM27lsUS"); user_pref("extensions.Techgile.ug", "028C187D-905F-4D9E-A155-4221DE97C8AB"); ---- Lines snipsmart removed from prefs.js ---- user_pref("extensions.snipsmart.asul", "1417414047869"); user_pref("extensions.snipsmart.aul", "1417414054073"); user_pref("extensions.snipsmart.irl", true); user_pref("extensions.snipsmart.is", "ob301ppUS"); user_pref("extensions.snipsmart.ug", "64AFFA39-CCA3-41FC-B7A0-61A0AEA2F3AF"); ---- Lines groovorio removed from prefs.js ---- user_pref("browser.newtab.url", "http://groovorio.com/?f=2&a=grv_otbrw2_14_35&cd=2XzuyEtN2Y1L1QzutB0A0BtB0B0DtC0EzytAyD0EyC0B0CzytN0D0Tzu0StCtDyCyEtN1 ---- Lines search.net removed from prefs.js ---- user_pref("browser.search.order.1", "default-search.net"); ---- FireFox user.js and prefs.js backups ---- user_20141201_1248_.backup prefs_20141201_1248_.backup ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\Users\Leona\AppData\Local\StormWatch deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Users\Leona\Downloads\firesaver.exe deleted C:\Windows\tasks\Nok Nok LabsMFACUpdaterTaskMachineCore.job deleted C:\Windows\tasks\Nok Nok LabsMFACUpdaterTaskMachineUA.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Windows\Installer\5c72a.msi" deleted ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [10/27/2014 03:55 PM] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Leona\AppData\Roaming\Mozilla\Firefox\Profiles\0pun12.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Leona\AppData\Roaming\Mozilla\Firefox\Profiles\0pun12.default 8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\Leona\AppData\Local\Citrix\Plugins\104\npappdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104 ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] iomphmdalfmaifjccmagmllnicjoghhk - No path found[] Google Voice Search Hotword (Beta) - Leona\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{64C2A17D-9817-4215-8D9B-C1319D06504B}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{64C2A17D-9817-4215-8D9B-C1319D06504B}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {9F62B5E9-74DC-4244-9726-C94F2A111B9D} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1407123308-3660940682-995406574-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9F62B5E9-74DC-4244-9726-C94F2A111B9D} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D} deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\363FB0CBBA367FF4E81FEAD0F717B142 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leona\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Leona\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5H9CHS8 will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Leona\AppData\Local\Mozilla\Firefox\Profiles\0pun12.default\cache2 will be emptied at reboot ==== Empty Chrome Cache ====================== C:\Users\Leona\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=27 folders=16 96473394 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Leona\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Leona\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Leona\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5H9CHS8" not found ==== EOF on Mon 12/01/2014 at 0:55:40.46 ======================
-
Here's the result: Zoek.exe v5.0.0.0 Updated 29-11-2014 Tool run by Leona on Mon 12/01/2014 at 0:29:11.03. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Leona\AppData\Local\Temp\Temp1_zoek.zip\zoek.exe.pif [scan all users] [script inserted] ===== Runcheck 0:31:41.56 ===== --- Create Environment Variables 0:31:43.51 --- Create System Restore Point 0:31:52.49 --- Checking Input 0:31:59.85 --- AU AppData Check 0:32:06.56 --- Remove From Windows Installer 0:32:11.11 Thanks for your help.
-
I'm not sure how but I've gotten Groovorio. I've run malwarebytes, but no luck. Please help! Thanks.