Jump to content

aznfoo

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I also have another question, i'm not sure if it's the exact cause, but ever since running those programs, my computer and internet have been running slower than usual. Is there a direct relation to any of these?
  2. I have yet to find out for myself. The thing that they hacked was my Steam and Gmail account, so i'll just have to wait and see if anything else has been done to them. Thanks for helping out though! I'll post a new topic if something pops back up again. What else do I do with these programs that I have downloaded now?
  3. Here is the new zoesk with your settings Zoek.exe v5.0.0.1 Updated 08-October-2015Tool run by Alarick Le on Sat 10/10/2015 at 13:15:11.59.Microsoft Windows 8.1 6.3.9600 x64Running in: Normal Mode Internet Access DetectedLaunched: C:\Users\Alarick Le\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2015-10-10-201215.log 41157 bytes ==== System Restore Info ====================== 10/10/2015 1:15:51 PM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Naver deleted successfullyC:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfullyC:\Users\Alarick Le\AppData\Local\InfiniteCrisis deleted successfullyC:\Users\Alarick Le\AppData\Local\SuperText deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2918447335-1727158776-3589145654-1004\Software\Microsoft\Internet Explorer\SearchScopes\{659D2FC1-79DF-4A0E-9B74-4CC9C046EEE3} deleted successfullyHKEY_USERS\S-1-5-21-2918447335-1727158776-3589145654-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfullyHKEY_USERS\S-1-5-21-2918447335-1727158776-3589145654-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{659D2FC1-79DF-4A0E-9B74-4CC9C046EEE3} deleted successfullyHKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfullyHKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Batch Command(s) Run By Tool====================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Naver not foundC:\PROGRA~2\Skillbrains deletedC:\Users\Alarick Le\AppData\Roaming\Rim.Desktop.Exception.log deletedC:\Users\Alarick Le\AppData\Roaming\Rim.Desktop.HttpServerSetup.log deletedC:\Users\Alarick Le\AppData\Roaming\Rim.DesktopHelper.Exception.log deletedC:\PROGRA~3\{D6A06EDD-9203-4050-8A05-45E7F4064FEB} deletedC:\PROGRA~3\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5} deletedC:\PROGRA~3\Package Cache deletedC:\Users\Alarick Le\AppData\Local\updater.log deletedC:\Users\Alarick Le\AppData\Local\Unity deletedC:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deletedC:\Users\Alarick Le\Downloads\VTBundle.zip deletedC:\Users\Alarick Le\Downloads\ReimageRepair.exe deletedC:\Users\Alarick Le\AppData\LocalLow\Unity deletedC:\Windows\Reimage.ini deletedC:\windows\SysNative\tasks\update-S-1-5-21-2918447335-1727158776-3589145654-1004 deletedC:\windows\SysNative\tasks\update-sys deletedC:\Windows\tasks\update-S-1-5-21-2918447335-1727158776-3589145654-1004.job deletedC:\Windows\tasks\update-sys.job deletedC:\end deleted"C:\windows\Installer\21e69.msi" deleted"C:\Windows\Syswow64\Windows.Media.MediaControl.dll" not deleted"C:\Windows\Syswow64\Windows.Media.Streaming.ps.dll" not deleted"C:\Windows\Syswow64\Windows.Networking.Connectivity.dll" not deleted"C:\Windows\Syswow64\Windows.UI.Immersive.dll" not deleted"C:\Windows\Syswow64\Windows.UI.Input.Inking.dll" not deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\ALARIC~2\AppData\Roaming\Mozilla\Firefox\Profiles\rk5npb88.defaultuser_pref("browser.startup.homepage", "https://www.kixeye.com/game/vegaconflict");user_pref("browser.search.defaultenginename", "Google");user_pref("browser.search.defaultenginename.US", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]"online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [06/06/2015 11:59 AM] ==== Firefox Extensions ====================== ProfilePath: C:\Users\ALARIC~2\AppData\Roaming\Mozilla\Firefox\Profiles\rk5npb88.default- Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com AppDir: C:\Program Files (x86)\Mozilla Firefox- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Alarick Le\AppData\Roaming\Mozilla\Firefox\Profiles\rk5npb88.default18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 20139291708CCD967887AF94BE708B43D64D - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll - Microsoft Office 2013F4C5E12008B713FE1B2F2A5990F00A43 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll - Shockwave for Director / Shockwave for Director1A62BB86D17B8DC0D4339BACC8D60635 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.101 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensionsdchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[11/11/2013 10:21 PM]lpoimibckejjdjcfbdnajaicnklhfplh - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh[]pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[11/11/2013 10:21 PM] BTTV - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgpedSTRATEGO - Official - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckpgdjbodiacocpojlgipgkphcihfbdoSpotify - Music for every moment - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgiehPartyCloud DJ Mixer - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgkoRealm of the Mad God - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflpNisekoi - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\feajbjkmgkeiipookccieahdjohgblooFull Screen Weather - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibgAdBlock - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidomNotifier for Twitter - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmnMy Cloud Mixer - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\inljlgancgnjdphflkoalgpkdlchnaehSoundCloud - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambpUntil AM Web App - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnkChrome Hotword Shared Module - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkgGoogle Dictionary (by Google) - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcojaUntil AM for Chrome - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofldrumbit - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\mplpmdejoamenolpcojgegminhcnmiboMy Cloud Player - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfjhlpinelhnncgfpgfekddidnbnaabTwitch Giveaways - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd ==== Chromium Fix ====================== C:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsfreak.com_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsfreak.com_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.stlyrics.com_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.stlyrics.com_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_csgoteamfinder.com_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_csgoteamfinder.com_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.moddb.com_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.moddb.com_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d23716qn9q7omq.cloudfront.net_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d23716qn9q7omq.cloudfront.net_0.localstorage-journal deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d2i49pn6mosg0g.cloudfront.net_0.localstorage deleted successfullyC:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d2i49pn6mosg0g.cloudfront.net_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A6F2EDADB7E5594DB660309B322D3FD deleted successfullyHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfullyHKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7A6F2EDADB7E5594DB660309B322D3FD deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\Alarick Le\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfullyC:\Users\Alarick Le\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfullyC:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfullyC:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfullyC:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfullyC:\Users\Alarick Le\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfullyC:\Users\Alarick Le\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfullyC:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfullyC:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Alarick Le\AppData\Local\Mozilla\Firefox\Profiles\rk5npb88.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=9095 folders=4510 4626882167 bytes) ==== Empty Temp Folders ====================== C:\Users\Alarick Le\AppData\Local\Temp will be emptied at rebootC:\Users\Default\AppData\Local\Temp emptied successfullyC:\Users\Default User\AppData\Local\Temp emptied successfullyC:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfullyC:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfullyC:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptiedC:\Users\ALARIC~2\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\Syswow64\Windows.Media.MediaControl.dll" not deleted"C:\Windows\Syswow64\Windows.Media.Streaming.ps.dll" not deleted"C:\Windows\Syswow64\Windows.Networking.Connectivity.dll" not deleted"C:\Windows\Syswow64\Windows.UI.Immersive.dll" not deleted"C:\Windows\Syswow64\Windows.UI.Input.Inking.dll" not deleted ==== EOF on Sat 10/10/2015 at 15:14:13.69 ======================
  4. Zoek.exe v5.0.0.1 Updated 08-October-2015 Tool run by Alarick Le on Sat 10/10/2015 at 13:04:48.72. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Alarick Le\Downloads\zoek.exe [scan all users] [Deep Scan] ==== System Restore Info ====================== 10/10/2015 1:06:46 PM Zoek.exe System Restore Point Created Successfully. ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe C:\Program Files (x86)\Hp\HP System Event\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Users\Alarick Le\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Users\Alarick Le\AppData\Local\FluxSoftware\Flux\flux.exe C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\plugin-nm-server.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Alarick Le\AppData\Roaming\Spotify\Spotify.exe C:\Users\Alarick Le\AppData\Roaming\Spotify\SpotifyCrashService.exe C:\Users\Alarick Le\AppData\Roaming\Spotify\Spotify.exe C:\Users\Alarick Le\AppData\Roaming\Spotify\Spotify.exe C:\Users\Alarick Le\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 12219 MB CPU Info: Intel® Core i5-4210U CPU @ 1.70GHz CPU Speed: 2399.3 MHz Sound Card: Speaker/HP (Realtek High Defini | Display Adapters: Intel® HD Graphics Family | Intel® HD Graphics Family | Intel® HD Graphics Family Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Intel® Dual Band Wireless-AC 3160 | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (E: | ) E: hp DVDRW GUB0N Ports: COM4 | COM5 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 907.0GB | D: 23.5GB Hard Disks - Free: C: 684.7GB | D: 2.6GB Manufacturer *: Insyde BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1 Time Zone: Pacific Standard Time Motherboard *: Hewlett-Packard 227E Country: United States Language: ENU ==== System Specs (Software) ====================== AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky PURE 3.0 *Disabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B} SP: Kaspersky PURE 3.0 *Disabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky PURE 3.0 *Disabled* {8C27F4BD-7F99-4CD1-5651-D3EB97674300} Default Browser: Google Chrome 45.0.2454.101 Internet Explorer Version: 11.0.9600.18036 Mozilla Firefox version: 41.0.1 (x86 en-US) Google Chrome version: 45.0.2454.101 Adobe Reader version: 11.0.12.18 Sun Java version: 1.8.0_45 (32-bit) Sun Java version: 1.8.0_45 (64-bit) Flash Player version: 19.0.0.185 Shockwave Player version: 12.1.8r158 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ALARIC~2\AppData\Local\Temp ==== 2015-10-07 20:44:54 E08963774FD3A9403BD8BE34C05E6F0E 30208 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\imageformats\qgif.dll 2015-10-07 20:44:54 C7B5B9314AFE9FB50076D49BD44D4460 5626368 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\Qt5Core.dll 2015-10-07 20:44:54 BBA429E6087B652FAFE6D6C673AB50B7 1092608 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\Qt5Network.dll 2015-10-07 20:44:54 9C861C079DD81762B6C54E37597B7712 963232 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\msvcr120.dll 2015-10-07 20:44:54 9818BB0BCFDD55A31EB52E9C52B50C21 3937280 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\Qt5Gui.dll 2015-10-07 20:44:54 46060C35F697281BC5E7337AEE3722B1 660128 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\msvcp120.dll 2015-10-07 20:44:54 3B5AA8BF764882791C4ABD5EB8331206 236544 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\imageformats\qjpeg.dll 2015-10-07 20:44:54 3A59536B9461CE1C955658DF973130FB 1166336 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\platforms\qwindows.dll 2015-10-07 20:44:54 341091E72F4937C321944E0ED49D035D 1514984 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\update.exe 2015-10-07 20:44:54 0CF36C778EB3E5C0C27F6C37A4B2279C 5424128 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\teamspeak_temp_0\Qt5Widgets.dll 2015-10-03 21:59:01 2630730D9C02459358B38A5CE1EB46DE 394974 ----a-w- C:\Users\Alarick Le\AppData\Local\Temp\BF2SP\Install.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-10-10 07:18:07 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\788942C3.sys 2015-10-10 05:49:05 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\57867E9F.sys 2015-10-10 05:48:13 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\50417DF5.sys 2015-10-10 04:57:57 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-10-10 04:57:26 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-10-10 04:57:26 A8D28D5B3E2A528D1EF0E338E44F2820 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-10-10 04:57:26 85CFE7AB85B43B6B7AC7961AA3983A9F 64216 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-10-01 00:06:55 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_WinUsb_01007.Wdf ====== C:\Windows\Tasks ====== 2015-09-22 05:00:33 -------- d-----w- C:\Windows\Sysnative\Tasks\Apple 2015-09-14 03:39:20 55786C32F7EB9D5B2B9EE7E2F964D5AE 3436 ----a-w- C:\Windows\Sysnative\Tasks\GyazoUpdateTaskMachineDaily 2015-09-14 03:39:18 33D322C9499EE4622C6867475D21981A 3310 ----a-w- C:\Windows\Sysnative\Tasks\GyazoUpdateTaskMachine 2015-09-12 05:08:22 FCF47B46BE10AFEE881B0998ED2A0EA2 378 ----a-w- C:\Windows\Tasks\HPCeeScheduleForAlarick Le.job 2015-09-12 05:08:22 C481F2A23B84D47012BFE05405C0FC7F 3202 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForAlarick Le ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-09-22 05:03:30 -------- d-----w- C:\Program Files\iPod 2015-09-22 05:03:29 -------- d-----w- C:\Program Files\iTunes 2015-09-22 05:01:18 -------- d-----w- C:\Program Files\Bonjour 2015-09-15 06:58:29 -------- d-----w- C:\Program Files\Common Files\Intel ======= C:\PROGRA~2 ===== 2015-09-22 05:03:30 -------- d-----w- C:\PROGRA~2\iTunes 2015-09-22 05:01:18 -------- d-----w- C:\PROGRA~2\Bonjour 2015-09-22 05:00:28 -------- d-----w- C:\PROGRA~2\Apple Software Update 2015-09-15 06:58:10 -------- d-----w- C:\PROGRA~2\Cisco 2015-09-14 03:39:12 -------- d-----w- C:\PROGRA~2\Gyazo ======= C: ===== ====== C:\Users\Alarick Le\AppData\Roaming ====== 2015-10-07 20:47:03 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Alarick Le\AppData\Roaming\1.zip 2015-09-16 05:57:04 AFD1B8394DC801A2B5C655F40379EB77 7617 ----a-w- C:\Users\Alarick Le\AppData\Local\Resmon.ResmonCfg 2015-09-14 03:39:45 -------- d-----w- C:\Users\Alarick Le\AppData\Roaming\Gyazo ====== C:\Users\Alarick Le ====== 2015-10-10 07:17:25 0ABA853F75358DF63CA44DB8207F53EF 2194944 ----a-w- C:\Users\Alarick Le\Downloads\FRST64.exe 2015-10-10 04:53:55 D3B6FA14CB7E12B7FBC0B3AA26235898 24345872 ----a-w- C:\Users\Alarick Le\Downloads\mbam-setup-2.1.8.1057.exe 2015-10-07 21:49:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2015-10-07 21:46:15 A7CD7CFA1D2AA279E4C954795D0BA535 27864920 ----a-w- C:\Users\Alarick Le\Downloads\LeagueofLegends_NA_Installer_9_15_2014 (1).exe 2015-10-03 21:58:47 83E99DCCEF878BB87E4C96986A3342F4 622839 ----a-w- C:\Users\Alarick Le\Downloads\bf2sp64_103.exe 2015-10-02 02:41:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot 2015-09-22 05:04:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-09-15 06:57:58 -------- d-----w- C:\ProgramData\Intel.sav 2015-09-15 06:19:18 -------- d-----w- C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5} 2015-09-14 03:39:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo ====== C: exe-files == 2015-10-08 04:53:29 75ECC6852BF488A87957474808044520 838224 ----a-w- C:\Program Files (x86)\Common Files\Steam\SteamServiceTmp.exe 2015-10-08 02:12:18 3A82A323CCFD46C97CF7DDF1C38FBFE1 398624 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe 2015-10-07 21:44:15 A081B7DF8CD546E020E39F47A137C7BE 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2918447335-1727158776-3589145654-1004\$IAG1TO7.exe 2015-10-07 21:43:51 E89F23D9979C10D6A7EBFB73B0FA1D92 1245696 ----a-w- C:\$Recycle.Bin\S-1-5-21-2918447335-1727158776-3589145654-1004\$RAG1TO7.exe 2015-10-05 17:10:19 21673BE2C5C493349923C553EF65B6D6 118960 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe 2015-10-05 17:10:13 9DDA7685386807B7D7954CE1A0908C17 207128 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\MCPP\bin\mcpp.exe 2015-10-05 16:45:26 DF0EB0306BD79C2E043935D17674B4A1 1197336 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\ImgTec\PVRTexTool.exe 2015-10-05 16:45:26 CEDE02D7AF62449A2C38C49ABECC0CD3 4995416 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\vcredist_x86_vs2010sp1.exe 2015-10-05 16:45:26 BF3F290275C21BDD3951955C9C3CF32C 517976 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\DXRedistCutdown\DXSETUP.exe 2015-10-05 16:45:26 B936F0F378B9A35489353E878154E899 1821192 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\vcredist_x86.exe 2015-10-05 16:45:26 B936F0F378B9A35489353E878154E899 1821192 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\vcredist_2008_x86.exe 2015-10-05 16:45:26 6402438591B548121F54B0706A2C6423 2745256 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\vcredist_2005_atl_x86.exe 2015-10-05 16:45:26 5DADED5D81DBE995F90A1563D689B59E 35984664 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe 2015-10-05 16:45:26 5663C13A59817AD3B1B30B2D5EFDF484 2966160 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\AMD\amdcpusetup.exe 2015-10-05 16:45:26 4E33C98627EA50D3E44CD62D323345D6 2686232 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\vcredist_2005_x86.exe 2015-10-05 16:45:26 1CF262F35322D6C9C7A27FCA513FC269 43000680 ----a-w- C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Redist\dotNetFx40_Client_x86_x64.exe === C: other files == 2015-10-10 07:18:07 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\System32\drivers\788942C3.sys 2015-10-10 05:49:05 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\System32\drivers\57867E9F.sys 2015-10-10 05:48:13 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\System32\drivers\50417DF5.sys 2015-10-10 04:57:57 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-10-10 04:57:26 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-10-10 04:57:26 A8D28D5B3E2A528D1EF0E338E44F2820 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-10-10 04:57:26 85CFE7AB85B43B6B7AC7961AA3983A9F 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-10-07 20:47:03 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Alarick Le\AppData\Roaming\1.zip 2015-10-05 19:13:23 166FA79FA32E0FA0452751751AD42429 15901 ----a-w- C:\Users\Alarick Le\Downloads\Essay #1 attached files Oct 5, 2015 1213 PM.zip 2015-10-03 22:02:34 8D9284B8CB9BCAB9B7791BBB5B7A795E 51331352 ----a-w- C:\Users\Alarick Le\Desktop\Huy Transfer Files\New folder\Objects_server.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2918447335-1727158776-3589145654-1004\Software\Microsoft\Windows\CurrentVersion\Run] "f.lux"="C:\Users\Alarick Le\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Spotify Web Helper"="C:\Users\Alarick Le\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AccelerometerSysTrayApplet"="C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Lightshot"="C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe" "RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "HPMessageService"="C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "f.lux"="C:\Users\Alarick Le\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Spotify Web Helper"="C:\Users\Alarick Le\AppData\Roaming\Spotify\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2014-12-01 07:31:22 1122 ----a-w- C:\Users\Alarick Le\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk 2014-08-26 09:57:04 2077 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/21/2015 10:00 PM] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/27/2015 07:15 PM] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- [undetermined Task] C:\Windows\tasks\HPCeeScheduleForAlarick Le.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [06/16/2015 09:51 AM] C:\Windows\tasks\update-S-1-5-21-2918447335-1727158776-3589145654-1004.job --a-------- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [11/28/2014 02:29 PM] C:\Windows\tasks\update-sys.job --a-------- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [11/28/2014 02:29 PM] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GyazoUpdateTaskMachine" ["C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"] "C:\Windows\SysNative\tasks\GyazoUpdateTaskMachineDaily" ["C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"] "C:\Windows\SysNative\tasks\HPCeeScheduleForAlarick Le" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCheckDropBoxStatus" ["c:\HP\HPQWare\DropBox\HPAppDetector.exe"] "C:\Windows\SysNative\tasks\HPGenoobeReminder" ["C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe"] "C:\Windows\SysNative\tasks\Start OPBHOBroker" ["C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"] "C:\Windows\SysNative\tasks\Start OPBHOBrokerDesktop" ["C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"] "C:\Windows\SysNative\tasks\Start SimplePass" ["C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe"] "C:\Windows\SysNative\tasks\update-S-1-5-21-2918447335-1727158776-3589145654-1004" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe] "C:\Windows\SysNative\tasks\update-sys" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe] "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\First Boot" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\ALARIC~2\AppData\Roaming\Mozilla\Firefox\Profiles\rk5npb88.default user_pref("browser.startup.homepage", "https://www.kixeye.com/game/vegaconflict"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.defaultenginename.US", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [06/06/2015 11:59 AM] ==== Firefox Extensions ====================== ProfilePath: C:\Users\ALARIC~2\AppData\Roaming\Mozilla\Firefox\Profiles\rk5npb88.default - Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Alarick Le\AppData\Roaming\Mozilla\Firefox\Profiles\rk5npb88.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 9291708CCD967887AF94BE708B43D64D - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll - Microsoft Office 2013 F4C5E12008B713FE1B2F2A5990F00A43 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll - Shockwave for Director / Shockwave for Director 1A62BB86D17B8DC0D4339BACC8D60635 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash E154CF1647A8EF74278B4E976C0B0143 - C:\Users\Alarick Le\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.101 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[11/11/2013 10:21 PM] lpoimibckejjdjcfbdnajaicnklhfplh - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh[] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[11/11/2013 10:21 PM] Google Slides - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek BTTV - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped Google Docs - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo STRATEGO - Official - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckpgdjbodiacocpojlgipgkphcihfbdo Spotify - Music for every moment - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh Google Search - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky URL Advisor - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj PartyCloud DJ Mixer - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgko Realm of the Mad God - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp Dropbox for Gmail - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec Nisekoi - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\feajbjkmgkeiipookccieahdjohgbloo Google Sheets - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Full Screen Weather - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg Google Docs Offline - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi AdBlock - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Notifier for Twitter - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmn My Cloud Mixer - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\inljlgancgnjdphflkoalgpkdlchnaeh SoundCloud - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp Until AM Web App - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk Chrome Hotword Shared Module - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg Kaspersky Protection - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh Google Dictionary (by Google) - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja Until AM for Chrome - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl drumbit - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\mplpmdejoamenolpcojgegminhcnmibo My Cloud Player - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfjhlpinelhnncgfpgfekddidnbnaab Chrome Web Store Payments - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Anti-Banner - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman Twitch Giveaways - Alarick Le\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {659D2FC1-79DF-4A0E-9B74-4CC9C046EEE3} Amazon Search Suggestions Url="http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (file missing) O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe O4 - HKCU\..\Run: [f.lux] "C:\Users\Alarick Le\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKCU\..\Run: [Power2GoExpress8] NA O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Alarick Le\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing) O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe O23 - Service: BlackBerry Device Manager (Blackberry Device Manager) - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing) O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - c:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @oem25.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel® Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - c:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on Sat 10/10/2015 at 13:12:15.99 ======================
  5. I don't think I added in the lines that you told me to copy and paste to.
  6. So should i select the option to remove them and then run the Farbar tool?
  7. Here are both of the logs. Addition.txt FRST.txt
  8. I ran the malware bytes home free version, and the scan found 19 threats in my computer. What course of action should I take now? If I fix and remove those files, will it affect my computer processes? I have included a copy of the log that was saved. Here is a clipboard version: Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 10/9/2015Scan Time: 9:59 PMLogfile: Administrator: Yes Version: 2.1.8.1057Malware Database: v2015.10.10.01Rootkit Database: v2015.10.06.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Alarick Le Scan Type: Threat ScanResult: CompletedObjects Scanned: 469964Time Elapsed: 30 min, 55 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 7PUP.Optional.Trovi, HKU\S-1-5-21-2918447335-1727158776-3589145654-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{589B893E-773C-4941-88C2-0DCC718E621C}, , [f158d0850f7cf640371556a9eb17fe02], PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{589B893E-773C-4941-88C2-0DCC718E621C}, , [f158d0850f7cf640371556a9eb17fe02], PUP.Optional.Taplika, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\lfkjojacgdjkninepeghaamnapdjmlfn, , [b693163fa5e6979f58a65d787490c33d], PUP.Optional.Taplika, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [e1686ee7c1ca67cff9077561af55ec14], PUP.Optional.Taplika, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lfkjojacgdjkninepeghaamnapdjmlfn, , [d673f65fc6c50a2c01fd2fa605ff5ca4], PUP.Optional.Taplika, HKU\S-1-5-21-2918447335-1727158776-3589145654-1004\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\lfkjojacgdjkninepeghaamnapdjmlfn, , [cc7da9ac4d3e24121fd7597c659fad53], PUP.Optional.Taplika, HKU\S-1-5-21-2918447335-1727158776-3589145654-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [ef5a5df82c5fb5816f89b4219d67a957], Registry Values: 11PUP.Optional.Taplika, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_tight2_15_05&cd=2XzuyEtN2Y1L1QzutAzzyCtA0B0BzyyE0AzytA0F0EtA0AtAtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtDzzyB0FyBtA0EtGtDtDtAzztG0E0Fzz0FtG0CtCzyyDtGtAyEtDtB0F0DtC0C0B0E0FtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtBzy0FyBtBzytDtGyB0Bzz0FtGyE0AtC0DtGzzyE0DyCtG0FyDzy0FyDzzyBzyyCyByCyE2Q&cr=1625904639&ir=,, [e1686ee7c1ca67cff9077561af55ec14] PUP.Optional.Taplika, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_tight2_15_05&cd=2XzuyEtN2Y1L1QzutAzzyCtA0B0BzyyE0AzytA0F0EtA0AtAtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtDzzyB0FyBtA0EtGtDtDtAzztG0E0Fzz0FtG0CtCzyyDtGtAyEtDtB0F0DtC0C0B0E0FtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtBzy0FyBtBzytDtGyB0Bzz0FtGyE0AtC0DtGzzyE0DyCtG0FyDzy0FyDzzyBzyyCyByCyE2Q&cr=1625904639&ir=,, [0841dd786625b185e0209343d62e9a66] PUP.Optional.Taplika, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\WSE_Taplika\\FavIcon.ico, , [98b1c88df8931d19bd439d3946be5da3]PUP.Optional.Taplika, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Taplika, , [4900ce871378221455ab6274a65e30d0]PUP.Optional.Taplika, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Taplika, , [1d2ccb8adfac989ebc44ebeba064a15f]PUP.Optional.Taplika, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Taplika\\, , [e960074e76151026d02fa82d27ddf40c]PUP.Optional.Taplika, HKU\S-1-5-21-2918447335-1727158776-3589145654-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_tight2_15_05&cd=2XzuyEtN2Y1L1QzutAzzyCtA0B0BzyyE0AzytA0F0EtA0AtAtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtDzzyB0FyBtA0EtGtDtDtAzztG0E0Fzz0FtG0CtCzyyDtGtAyEtDtB0F0DtC0C0B0E0FtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtBzy0FyBtBzytDtGyB0Bzz0FtGyE0AtC0DtGzzyE0DyCtG0FyDzy0FyDzzyBzyyCyByCyE2Q&cr=1625904639&ir=,, [ef5a5df82c5fb5816f89b4219d67a957] PUP.Optional.Taplika, HKU\S-1-5-21-2918447335-1727158776-3589145654-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_tight2_15_05&cd=2XzuyEtN2Y1L1QzutAzzyCtA0B0BzyyE0AzytA0F0EtA0AtAtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtDzzyB0FyBtA0EtGtDtDtAzztG0E0Fzz0FtG0CtCzyyDtGtAyEtDtB0F0DtC0C0B0E0FtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtBzy0FyBtBzytDtGyB0Bzz0FtGyE0AtC0DtGzzyE0DyCtG0FyDzy0FyDzzyBzyyCyByCyE2Q&cr=1625904639&ir=,, [5bee83d26328023486728c4911f3f010] PUP.Optional.Taplika, HKU\S-1-5-21-2918447335-1727158776-3589145654-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\WSE_Taplika\\FavIcon.ico, , [fd4cfd58c9c2f3438a6e686d3ec68d73]PUP.Optional.Taplika, HKU\S-1-5-21-2918447335-1727158776-3589145654-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Taplika, , [4009c78eb1da9f976395399c06fe44bc]PUP.Optional.Taplika, HKU\S-1-5-21-2918447335-1727158776-3589145654-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Taplika, , [b4957dd8bad12c0ae90ff3e2659f21df] Registry Data: 1PUP.Optional.Taplika, HKU\S-1-5-21-2918447335-1727158776-3589145654-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://taplika.com/?f=1&a=tpl_tight2_15_05&cd=2XzuyEtN2Y1L1QzutAzzyCtA0B0BzyyE0AzytA0F0EtA0AtAtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtDzzyB0FyBtA0EtGtDtDtAzztG0E0Fzz0FtG0CtCzyyDtGtAyEtDtB0F0DtC0C0B0E0FtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtBzy0FyBtBzytDtGyB0Bzz0FtGyE0AtC0DtGzzyE0DyCtG0FyDzy0FyDzzyBzyyCyByCyE2Q&cr=1625904639&ir=, Good: (www.google.com), Bad: (http://taplika.com/?f=1&a=tpl_tight2_15_05&cd=2XzuyEtN2Y1L1QzutAzzyCtA0B0BzyyE0AzytA0F0EtA0AtAtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyBtDzzyB0FyBtA0EtGtDtDtAzztG0E0Fzz0FtG0CtCzyyDtGtAyEtDtB0F0DtC0C0B0E0FtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtBzy0FyBtBzytDtGyB0Bzz0FtGyE0AtC0DtGzzyE0DyCtG0FyDzy0FyDzzyBzyyCyByCyE2Q&cr=1625904639&ir=),,[0049282dd7b4a6904bdf028fb451748c] Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)Scan Log.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.