WebShield blocking the same harmful webpage or file every 5 seconds!

[REDACTED]

Ok so I am completely new to the world of virus removal as I am encountering my very first problem with malware, believe it or not... About a month ago I got infected by a trojan, which I have since removed, but I am still feeling the after-effects. Every 5 seconds, my WebShield pops up notfying me that it has blocked a harmful webpage or file from running. This file is called "http://blablablaoldtraff.in/index.php" the infection type is URL:Mal and the affected process is "C:\Windows\explorer.exe" Not sure where to turn, I have tried MalwareBytes and multiple boot-time scans, these popups are starting to make my computer impossible and unbearable to use. I would really, really appreciate any bit of help I can find, just let me know what I can do to identify and get rid of this annoying crap!

[Asyn]

Attach your basic diagnostic logs. (MBAM, FRST and aswMBR)
Instructions: https://forum.avast.com/index.php?topic=53253.0

[TwinHeadedEagle]

Monitoring...

[REDACTED]

Here are the logs you requested...

[TwinHeadedEagle]

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
  
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:

Code: [Select]

createsrpoint;
autoclean;
bitsadmin /reset /allusers;b
emptyalltemp;
ipconfig /flushdns;b

• Make sure that Scan All Users option is checked.
  
• Push Run Script and wait patiently. The scan may take a couple of minutes.
  
• When the scan completes, a zoek-results logfile should open in notepad.
  
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

[REDACTED]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by j0hnj_000 on Thu 05/07/2015 at 12:33:07.64.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\j0hnj_000\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5/7/2015 12:34:23 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X7 deleted successfully
C:\Users\j0hnj_000\AppData\Roaming\webex deleted successfully
C:\Users\j0hnj_000\AppData\Local\HockeyCrashes deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\New Folder not found
C:\Users\j0hnj_000\AppData\Roaming\Sublime Text 2 deleted
C:\Users\j0hnj_000\AppData\Roaming\HKTunes.ini deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\Users\j0hnj_000\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
"C:\windows\Installer\10c7c3.msi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [03/25/2015 04:54 PM]

==== Chromium Look ======================

Google Chrome Version: 42.0.2311.135

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[09/23/2012 08:43 PM]
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx[08/12/2014 11:21 PM]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04/21/2015 02:23 PM]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Google Cast - j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd
Reditr Web App - The Best Reddit Client - j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejmiceoebcclihjdpnmmkdcmcboekibc
Avast SafePrice - j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
AdBlock - j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Bookmark Manager - j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
LongClick New Tab - j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jphlcgnallcfbnpgmblmlmkehbffnoph
Chrome Hotword Shared Module - j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Drive App Launcher - j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh

==== Chromium Startpages ======================

C:\Users\j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",
"startup_urls": [ "http://www.google.com/" ]


==== Chromium Fix ======================

C:\Users\j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_services1.capitalone.com_0.localstorage deleted successfully
C:\Users\j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_services1.capitalone.com_0.localstorage-journal deleted successfully
C:\Users\j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jphlcgnallcfbnpgmblmlmkehbffnoph deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{E9F39962-1D1A-453B-B707-FF14785CB09F} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\75932EE05AB03F84FAFA19C253187532 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0EE23957-0BA5-48F3-AFAF-912C35815723} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LenovoBrowserGuard deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\75932EE05AB03F84FAFA19C253187532 deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\j0hnj_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\j0hnj_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\j0hnj_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\j0hnj_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\j0hnj_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=10365 folders=330 551669524 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\j0hnj_000\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\J0HNJ_~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Thu 05/07/2015 at 12:53:47.24 ======================

[TwinHeadedEagle]

How is your PC behaving now?

[REDACTED]

Since MalwareBytes removed the latest trojan, I've gotten no webShield popups. However, this has happened twice before -- virus gets removed, nothing happens for a few days, then the webShield popups come pouring back in.

[TwinHeadedEagle]

Keep me updated.

[REDACTED]

Ok I will, thanks so much for the help!

[REDACTED]

Hi,

I have the same problem and tried zoek, but it did not work. Below is my log file. Your assistance will be appreciated.

Regards


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by patrick on 2015/05/11 at 12:32:06.18.
Microsoft Windows 7 Home Basic  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\patrick\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2015/05/11 12:34:43 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\DC-Unlocker deleted successfully
C:\PROGRA~2\LMSOFT deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\PDF Architect deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\PROGRA~3\Evernote deleted successfully
C:\Users\patrick\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1789757520-3763477244-4059058576-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-

==== Batch Command(s) Run By Tool======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\DC-Unlocker not found
C:\PROGRA~2\LMSOFT not found
C:\PROGRA~2\MakeMKV deleted
C:\Users\patrick\AppData\Local\41 deleted
C:\Users\patrick\AppData\Local\ElevatedDiagnostics deleted
C:\Users\patrick\AppData\Local\EmieBrowserModeList deleted
C:\Users\patrick\AppData\Local\Skype deleted
C:\PROGRA~2\TornTV.com deleted
C:\Users\patrick\.android deleted
C:\PROGRA~2\Vittalia deleted
C:\PROGRA~2\BrowseFox deleted
C:\PROGRA~2\Registry Dr deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\FreeRIP deleted
C:\Program Files\PCDApp deleted
C:\Users\patrick\AppData\Roaming\Rim.Desktop.Exception.log deleted
C:\Users\patrick\AppData\Roaming\Rim.Desktop.HttpServerSetup.log deleted
C:\Users\patrick\AppData\Roaming\Rim.DesktopHelper.Exception.log deleted
C:\Users\patrick\AppData\Roaming\Babylon deleted
C:\PROGRA~3\APN deleted
C:\PROGRA~3\BitGuard deleted
C:\PROGRA~3\DSearchLink deleted
C:\Users\patrick\AppData\Local\RegistryDR deleted
C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\tasks\PrivacyDR_Popup deleted
C:\windows\SysNative\tasks\PrivacyDR_Start deleted
C:\windows\SysNative\tasks\RegistryDr_Popup deleted
C:\windows\SysNative\tasks\RegistryDr_Start deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\kznd975t.default\Invalidprefs.js deleted
"C:\Users\patrick\AppData\Local\{32A848C3-CF21-4D2A-B35B-DBDBA2E3FD0B}" deleted
"C:\Users\patrick\AppData\Roaming\OpenCandy" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\kznd975t.default
user_pref("browser.startup.homepage", "https://www.google.co.za/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [2015/04/27 05:40 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\kznd975t.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

ExtDir: C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\kznd975t.default
43583AB4DFD406F4C188342F41B1F91C   - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll -   Shockwave Flash


==== Deleted Firefox Extensions ======================

C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted

==== Chromium Look ======================

Google Chrome Version: 42.0.2311.135

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files (x86)\TornTV.com\torntv10.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[2015/04/07 07:41 PM]

Avast Online Security - patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.co.za/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.co.za/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1789757520-3763477244-4059058576-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1789757520-3763477244-4059058576-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1789757520-3763477244-4059058576-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} deleted successfully
HKEY_USERS\S-1-5-21-1789757520-3763477244-4059058576-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} deleted successfully
HKEY_USERS\S-1-5-21-1789757520-3763477244-4059058576-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-1789757520-3763477244-4059058576-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Torntv Downloader deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BRYK3XMX will be deleted at reboot
C:\Users\patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLGHY8CW will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\patrick\AppData\Local\Mozilla\Firefox\Profiles\kznd975t.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\patrick\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=508 folders=84 86022385 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\patrick\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
c:\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BRYK3XMX" not found
"C:\Users\patrick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLGHY8CW" not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\acjs.aliyun.com"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\cdn3b.static.hardsextube.com"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\f.vimeocdn.com"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\filetype.flash-container.info"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\i.alipayobjects.com"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\img5.uloz.to"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\pagead2.googlesyndication.com"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\slotsheaven.com"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\specials.checkers.co.za"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\va1en.sftcdn.net"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\www.ajaxcdn.org"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\www.bogabids.com"  not found
"C:\Users\patrick\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LJRCCULY\www.superfish.com"  not found

==== EOF on 2015/05/11 at 13:07:35.29 ======================

[Asyn]

Hi,

I have the same problem and tried zoek, but it did not work. Below is my log file. Your assistance will be appreciated.

Start a new topic and post your logs there: https://forum.avast.com/index.php?action=post;board=4.0