Jump to content

BobBrightson

Members
 View Profile  See their activity

  • Posts

    5

  • Joined

  • Last visited

 Content Type 

Everything posted by BobBrightson

  1. BobBrightson
    Thank you for the help.
  2. BobBrightson
    Well if that is usual, then everything seems to be normal and no blocked inbound message has popped up since those first ones on Thursday.
  3. BobBrightson
    Everything seems to be behaving normally. Should I be worried about the 14 svchost.exe processes in task manager? They all show the svchost.exe file in the system 32 folder as the file location but I don't remember so much of that process running before.
  4. BobBrightson
    Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by BOYS on Thu 08/27/2015 at 17:29:12.60. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\BOYS\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 8/27/2015 5:30:25 PM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Directx June 2010 deleted successfully C:\PROGRA~2\NCSOFT deleted successfully C:\Program Files\Google deleted successfully C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully C:\PROGRA~3\Turbine deleted successfully C:\Users\BOYS\AppData\Roaming\TP deleted successfully C:\Users\BOYS\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\BOYS\AppData\Local\EmieSiteList deleted successfully C:\Users\BOYS\AppData\Local\EmieUserList deleted successfully C:\Users\BOYS\AppData\Local\PackageAware deleted successfully C:\Users\BOYS\AppData\Local\Red 5 Studios deleted successfully C:\Users\BOYS\AppData\Local\Unity deleted successfully C:\Users\Guest\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-164054093-1534190593-1080446514-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44606278-A44A-4B18-8D36-A5281EFBBA35} deleted successfully HKEY_USERS\S-1-5-21-164054093-1534190593-1080446514-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8237F98E-8BEE-496C-9986-674C5B9E1191} deleted successfully HKEY_USERS\S-1-5-21-164054093-1534190593-1080446514-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{891EF23D-E76B-43FE-A7A2-19F7CFDFB21A} deleted successfully HKEY_USERS\S-1-5-21-164054093-1534190593-1080446514-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9849C0E6-2293-47B8-BAEA-482844328C7E} deleted successfully HKEY_USERS\S-1-5-21-164054093-1534190593-1080446514-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4D47627-B827-417A-BC29-13AE915B2C53} deleted successfully HKEY_USERS\S-1-5-21-164054093-1534190593-1080446514-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9071AF-7B56-46FA-A42A-E3F722163288} deleted successfully HKEY_USERS\S-1-5-21-164054093-1534190593-1080446514-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFF1FF83-D72B-46DC-AC26-DEE8D1BD8B3F} deleted successfully HKEY_USERS\S-1-5-21-164054093-1534190593-1080446514-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E97EE1DE-3BBC-4C3B-BD8E-7BF1297820F1} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Batch Command(s) Run By Tool====================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Directx June 2010 not found C:\PROGRA~2\NCSOFT not found C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found C:\PROGRA~3\Adobe deleted C:\install.exe deleted C:\Users\BOYS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk deleted C:\PROGRA~3\hash.dat deleted C:\PROGRA~3\Package Cache deleted C:\Users\BOYS\AppData\Local\CrashRpt deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons deleted C:\windows\tasks\FreeFileViewerUpdateChecker.job deleted C:\windows\SysNative\tasks\FreeFileViewerUpdateChecker deleted C:\end deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\windows\Syswow64\sho1CCE.tmp deleted C:\windows\Syswow64\sho7F18.tmp deleted C:\windows\Syswow64\sho8BA0.tmp deleted C:\windows\Syswow64\shoD8D2.tmp deleted C:\windows\Syswow64\shoEAB5.tmp deleted C:\windows\SysWow64\AI_RecycleBin deleted C:\PROGRA~3\flashax10.exe deleted "C:\Users\BOYS\AppData\Roaming\Natural Selection 2" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [07/01/2015 05:32 PM] ==== Chromium Look ====================== Google Chrome Version: 44.0.2403.157 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx[08/04/2014 05:26 PM] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07/01/2015 05:31 PM] Bookmark Manager - BOYS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Avast Online Security - BOYS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Adventure Time - Finn Jake and BMO - BOYS\AppData\Local\Google\Chrome\User Data\Default\Extensions\klmgldhndejkhjokapdbmcldedofhabl Chrome Hotword Shared Module - BOYS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg AdBlock - BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom Avast Online Security - BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki ThemeBeta.com - BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ikopomaefbjajlopndpiejcalcpomlgg Chrome Hotword Shared Module - BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg Google Voice Search Hotword (Beta) - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn ShopAtHome.com - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc Avast SafePrice - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck Avast Online Security - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Webcam Toy - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade ==== Chromium Startpages ====================== C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "https://www.google.com/", "startup_urls": [ "http://google.com/"] C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences screen":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"created_by_version":"42.0.2311.152","exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Stevie","per_host_zoom_levels":{},"using_default_avatar":false,"using_default_name":false,"using_gaia_avatar":false},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Users\\BOYS\\Desktop","type":1},"selectfile":{"last_directory":"C:\\Users\\BOYS\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13076640910547847"},"settings":{"privacy":{"drm_salt":"2ED07EE2EF2EA9FB0E1F6F437A95EF45B2A88B028F840B3D285FCD407599D8FC"}},"sync":{"memory_warning_count":1609},"sync_promo":{"startup_count":3,"user_skipped":true},"translate_accepted_count":{"de":3,"en":0,"es":0,"it":0,"ja":1,"ko":2,"zh-CN":0},"translate_blocked_languages":["en"],"translate_denied_count":{"es":2,"ko":0},"translate_denied_count_for_language":{"de":0,"en":2,"es":2,"it":1,"ja":0,"zh-CN":1},"translate_last_denied_time":1435947336643.862,"translate_last_denied_time_for_language":{"en":1440362976251.969,"es":1439234061572.293,"it":1440451668917.694,"ja":1439600725901.839,"zh-CN":1438288169152.178},"translate_too_often_denied":true,"translate_whitelists":{}} s":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076640910557377","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\ProgramFiles (x86)\\Google\\Chrome\\Application\\42.0.2311.152\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"homepage":"https://www.google.com/","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"894F4D0372647AF0EF32DB5B3247C6187509F55CFF0AD1ACE8654943D8F046D1"},"default_search_provider":{"keyword":"4F37AECB59667CF002A0E8D870F4A1349A954F06B05F57AFA07A820E260DB286","name":"FCC6B28DE8E163860871C42A550D10B4A157AF463B6393B765CB251F30610729","search_url":"A22DA62F7787EE54C93E65FE4F4153180DCCDA6B06970C0858313ACCDDB3E5A9"},"default_search_provider_data":{"template_url_data":"7D563D35AE0A015FB02C453DA3AF4205851C50FDC6B578AF1B39C533B3D9A88D"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"7E6DD7BDE29B113B8A3E0D17A91642EB8AD6B8178765A806FA93D359F04B541C","bepbmhgboaologfdajaanbcjmnhjmhfn":"0CE686445181F19FE620FE6B0395C37CCF913F4516F70AD6C5072A672B90DC93","cflheckfmhopnialghigdlggahiomebp":"61EB493B95B1EDC2051111041C644FA0D15F0D6111BC0E7ED1C28EEF8CE86A8A","eemcgdkfndhakfknompkggombfjjjeno":"EE0FF5E20610696AF545669A4A52C99865DFECDAF4A66AA6481515A7A615B03A","ennkphjdgehloodpbhlhldgbnhmacadg":"3578382C2C203399C560A323A3D70F48B2AD526A456DBAADF3097E12EF600719","eofcbnmajmjmplflapaojjnihcjkigck":"B5BA4D1D4075A3A0634675EA541A1327C4680067A1E3897D402EAEEC446D5008","gfdkimpbcpahaombhbimeihdjnejgicl":"00092C834768F5A1EDC0F91BD123D4B20816F6F2A9340B7425B335D2DB5FAC9A","gighmmpiobklfepjocnamgkkbiglidom":"07A4A0381431DB652C2B21C97615EDD1BCC5C01A4EAE6EDABC4F6F338BF3E739","gomekmidlodglbbmalcneegieacbdmki":"196205975CAD3AE7C6585F5CFDF6A09FB97A4A321841CBB7FDC3D74930C5B830","ikopomaefbjajlopndpiejcalcpomlgg":"51933CA2949E3F64ABA5B9681CCA8BD2AB59ACF6AA5FD1B0FDA6262E55D56C84","kmendfapggjehodndflmmgagdbamhnfd":"DE5803994A9E9779EC219D9719B6E6AC1C1AB098DEAB686B32A9C2B48FF12E57","lccekmodgklaepjeofjdjpbminllajkg":"1E2C0F16D66887F3A8235E6F797E6917DD383C87DF57A4785C698EF44E91CFE6","mfehgcgbbipciphmccgaenjidiccnmng":"E16145C9CBA01FAADE19317641C74ACA6DD4A1DED6547A5C39BB79CBA6ECE951","mfffpogegjflfpflabcdkioaeobkgjik":"97F233D1E1D65C08A8F92F9C8020A37518CC7D8683FD3A582A7F97D900CF35E1","mgndgikekgjfcpckkfioiadnlibdjbkf":"181A351E4C36D13A076414264E008C45F7950489A1FAF6AE0142ABCD2B8FF0E4","mhjfbmdgcfjbbpaeojofohoefgiehjai":"15D514C6F9B2C4A0F94570EAEE1395BE5738C21D319B34E01D555520B99783BF","nbpagnldghgfoolbancepceaanlmhfmd":"31DD16251523F43370F9ABA53994F18E37BABEC1E50B2FCFC638345070A5A1CF","neajdppkdcdipfabeoofebfddakdcjhd":"E2A3F34F3FF9D014D6B6ACBDA68C8807F0DA00AB03BC219F4E31B3713A9669DD","nkeimhogjdpnpccoofpliimaahmaaome":"AB1A8EF3C6D48C239BBA3FC9DDC95792C03ED072ED0DADC07466E8DC756D67DD","nmmhkkegccagdldgiimedpiccmgmieda":"7B9F923CBA14886E119E2FFEAC6224D262CEAFF58471DA9A134CC2D31D3EF0D7","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"79E3BD52E666B6FF9F885E99A0FD2F0714D36B1C06D6E6BC481EE2F0A1E4236C"}},"google":{"services":{"account_id":"D7CF562EC6C53C3EA31286FB171E1D7CA4F44F099AB238D87B9ECE3E4CAB5201","last_username":"E41557402E7DEBED647330B40B791E2442B4480921C102EF8230B08E97D49259","username":"5803D3DA21CA765914651E31EB02094119C1EE590640119196386C76E52062F6"}},"homepage":"76A15B2C6320EDBDB1BDB8AD7BD1E5BA8E070B91A1AC810BEF318BB52809A24A","homepage_is_newtabpage":"D81655508E3695520CE2C4C6F784C5CC01ACA9FB78AEFD19E9766D1854D495D3","pinned_tabs":"8BE7D6BBBB58871E1FB5E122F389ED94EE50BDCABEF712A7B37CF40238BF808B","prefs":{"preference_reset_time":"09D26733923E84BE8B015EBD25BD046AF9F1F78688D4016C5F37B41BEE6180E4"},"profile":{"reset_prompt_memento":"C52D5B01179398789D6708175ADD613FDBFE6903957FAFCF693A3F80B105C890"},"safebrowsing":{"incidents_sent":"C6E8BC494D75E78A22B88623B835316D5C5715A4334778EF585DB9A9B849E01F"},"search_provider_overrides":"E9A03043A8A7230A7657B8292C23C13ECEB2DA5ADFD3525DCF8067B63E7A0804","session":{"restore_on_startup":"A6FCC56DC4E5D78012DC366CB774CED6208755EB9F95570CC01CA1FCFA2FC5AC","startup_urls":"E4112F4960D5AEDE89A32B0684DCD8F5FF259B62CED881BDA3A687FCB7D6A4AA"},"software_reporter":{"prompt_reason":"9C58D45E79F632EB5A067F9AB3E461B9D41F41C0070ED9C1830BAEC2231CECF9","prompt_seed":"1C41776D7312B568C728E5876D68276563E5054C334599FF985E636B3807A38E","prompt_version":"9E78120F7D294691CCD691A0B2A9D10DBEDDCEF818E9F9C691C6CD0E12AA1551"},"sync":{"remaining_rollback_tries":"8669FC6724F7423F9C18B73CAD97AE2C40AA0CDBEEE79A9EE67902BC8C7A4452"}},"super_mac":"E5D5B84E52DD352168E2AB641DC168E627302CB3629534345556D956FBD30D08"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.com/"]},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"}} ==== Chromium Fix ====================== C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adultcatfinder.com_0.localstorage deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_adultcatfinder.com_0.localstorage-journal deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.save.org_0.localstorage deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.save.org_0.localstorage-journal deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage-journal deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage-journal deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_media.mtvnservices.com_0.localstorage deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_media.mtvnservices.com_0.localstorage-journal deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage-journal deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_deals.kinja.com_0.localstorage deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_deals.kinja.com_0.localstorage-journal deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.moddeals.com_0.localstorage deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.moddeals.com_0.localstorage-journal deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_deals.kinja.com_0.localstorage deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_deals.kinja.com_0.localstorage-journal deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_slickdeals.net_0.localstorage deleted successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_slickdeals.net_0.localstorage-journal deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hiresearch.com_0.localstorage deleted successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hiresearch.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.1.5 deleted successfully ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\BOYS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\BOYS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\BOYS\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\BOYS\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\BOYS\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=9059 folders=532 1563145595 bytes) ==== Empty Temp Folders ====================== C:\Users\BOYS\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Guest\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\BOYS\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\admin.brightcove.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\apps.cooliris.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\b.monetate.net" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\cdn-hiro.s3.amazonaws.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\cdn2.baronsmedia.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\d.yimg.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\emp.bbci.co.uk" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\g-ecx.images-amazon.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\gg.playsnail.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\image.com.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\imagecache.blastro.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\media.mtvnservices.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\motdgd.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\oystatic.ignimgs.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\sb.monetate.net" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\static.iheart.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\uploads.ungrounded.net" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\us.media.blizzard.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\www.springboardplatform.com" not found "C:\Users\BOYS\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JNTNX7WM\www.viddler.com" not found "C:\Users\Guest\AppData\Local\Temp\HP" not found "C:\Users\Guest\AppData\Local\Temp\MUI" not found ==== EOF on Thu 08/27/2015 at 18:18:48.03 ======================
  5. BobBrightson
    While I was on the computer last night, I got multiple blocked inbound notices from an ip address (104.152.215.114), while it has not yet happened today I am still worried about it. FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.