Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Help remove Linkey and Obrana bundle package infection
Message
<blockquote data-quote="ohnovirus" data-source="post: 330582" data-attributes="member: 32962"><p>Zoek.exe v5.0.0.0 Updated 08-January-2015</p><p>Tool run by Tae Youn on Thu 01/08/2015 at 14:06:00.55.</p><p>Microsoft Windows 8.1 6.3.9600 x64</p><p>Running in: Normal Mode Internet Access Detected</p><p>Launched: C:\Users\Tae Youn\Downloads\zoek(1).exe [Scan all users] [Script inserted]</p><p></p><p>==== Older Logs ======================</p><p></p><p>C:\zoek-results2015-01-08-215111.log 21035 bytes</p><p></p><p>==== System Restore Info ======================</p><p></p><p>1/8/2015 2:06:34 PM Zoek.exe System Restore Point Created Succesfully.</p><p></p><p>==== Installed Programs ======================</p><p></p><p>64 Bit HP CIO Components Installer </p><p>Adblock Plus for IE (32-bit and 64-bit) </p><p>Adobe Digital Editions 4.0 </p><p>Adobe Reader XI (11.0.10) </p><p>Adobe Refresh Manager </p><p>AMD Accelerated Video Transcoding </p><p>AMD APP SDK Runtime </p><p>AMD Catalyst Install Manager </p><p>AMD Quick Stream </p><p>AMD VISION Engine Control Center </p><p>Anki </p><p>Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver </p><p>Avast Free Antivirus </p><p>Battlelog Web Plugins </p><p>Bejeweled 3 </p><p>BufferChm </p><p>C4700 </p><p>Catalyst Control Center - Branding </p><p>Catalyst Control Center Graphics Previews Common </p><p>Catalyst Control Center Localization All </p><p>ccc-utility64 </p><p>CCC Help Chinese Standard </p><p>CCC Help Chinese Traditional </p><p>CCC Help Czech </p><p>CCC Help Danish </p><p>CCC Help Dutch </p><p>CCC Help English </p><p>CCC Help Finnish </p><p>CCC Help French </p><p>CCC Help German </p><p>CCC Help Greek </p><p>CCC Help Hungarian </p><p>CCC Help Italian </p><p>CCC Help Japanese </p><p>CCC Help Korean </p><p>CCC Help Norwegian </p><p>CCC Help Polish </p><p>CCC Help Portuguese </p><p>CCC Help Russian </p><p>CCC Help Spanish </p><p>CCC Help Swedish </p><p>CCC Help Thai </p><p>CCC Help Turkish </p><p>D3DX10 </p><p>Destinations </p><p>DeviceDiscovery </p><p>Dropbox </p><p>ESN Sonar </p><p>FATE </p><p>FileHippo App Manager </p><p>Gardenscapes: Mansion Makeover </p><p>Google Toolbar for Internet Explorer </p><p>Google Update Helper </p><p>GPBaseService2 </p><p>HP Customer Participation Program 14.0 </p><p>HP Imaging Device Functions 14.0 </p><p>HP Photo Creations </p><p>HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 </p><p>HP Solution Center 14.0 </p><p>HP Update </p><p>HPPhotoGadget </p><p>HPProductAssistant </p><p>HPSSupply </p><p>Malwarebytes Anti-Malware version 2.0.4.1028 </p><p>MarketResearch </p><p>Microsoft Application Error Reporting </p><p>Microsoft Office </p><p>Microsoft Silverlight </p><p>Microsoft SkyDrive </p><p>Microsoft SQL Server 2005 Compact Edition [ENU] </p><p>Microsoft Visual C++ 2005 Redistributable </p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 </p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 </p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 </p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 </p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 </p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 </p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 </p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 </p><p>Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 </p><p>Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 </p><p>Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 </p><p>Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 </p><p>Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 </p><p>Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 </p><p>Mnemosyne 2.3.1 </p><p>More Games - WildTangent </p><p>Movie Maker </p><p>Mozilla Firefox 35.0 (x86 en-US) </p><p>MSVCRT </p><p>MSVCRT110 </p><p>MSVCRT110_amd64 </p><p>Network64 </p><p>Norton Anti-Theft </p><p>Norton Online Backup </p><p>Norton Online Backup ARA </p><p>Norton PC Checkup </p><p>Norton Security Dashboard </p><p>Origin </p><p>Penguins </p><p>Photo Common </p><p>Photo Gallery </p><p>PhotoScape </p><p>Plants vs. Zombies - Game of the Year </p><p>PlayReady PC Runtime amd64 </p><p>Polar Bowler </p><p>PS_AIO_06_C4700_SW_Min </p><p>QuickTransfer </p><p>Realtek High Definition Audio Driver </p><p>Realtek USB 2.0 Card Reader </p><p>REALTEK Wireless LAN Driver </p><p>Realtek WLAN Driver </p><p>Scan </p><p>Shop for HP Supplies </p><p>SolutionCenter </p><p>Status </p><p>Synaptics Pointing Device Driver </p><p>Toolbox </p><p>Toshiba App Place </p><p>TOSHIBA Application Installer </p><p>TOSHIBA Audio Enhancement </p><p>Toshiba Book Place </p><p>TOSHIBA Desktop Assist </p><p>TOSHIBA eco Utility </p><p>TOSHIBA Function Key </p><p>TOSHIBA HDD Accelerator </p><p>TOSHIBA Password Utility </p><p>TOSHIBA PC Health Monitor </p><p>TOSHIBA Quality Application </p><p>TOSHIBA Recovery Media Creator </p><p>TOSHIBA Resolution+ Plug-in for Windows Media Player </p><p>TOSHIBA Service Station </p><p>TOSHIBA System Driver </p><p>TOSHIBA System Settings </p><p>TOSHIBA User's Guide </p><p>TOSHIBA VIDEO PLAYER </p><p>TOSHIBARegistration </p><p>TrayApp </p><p>Update for Microsoft en-us Dictionary </p><p>Update Installer for WildTangent Games App </p><p>Vacation QuestT - Australia </p><p>Virtual Villagers 5 - New Believers </p><p>WebReg </p><p>WildTangent Games </p><p>WildTangent Games App (Toshiba Games) </p><p>Windows Live Communications Platform </p><p>Windows Live Essentials </p><p>Windows Live Installer </p><p>Windows Live Photo Common </p><p>Windows Live PIMT Platform </p><p>Windows Live SOXE </p><p>Windows Live SOXE Definitions </p><p>Windows Live UX Platform </p><p>Windows Live UX Platform Language Pack </p><p>Youda Jewel Shop </p><p></p><p>==== Running Processes ======================</p><p></p><p>C:\Program Files\AVAST Software\Avast\AvastSvc.exe</p><p>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe</p><p>C:\WINDOWS\SysWOW64\svchost.exe</p><p>C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscines.exe</p><p>C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe</p><p>C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe</p><p>C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscinesHelper.exe</p><p>C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe</p><p>C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe</p><p>C:\Program Files\AVAST Software\Avast\avastui.exe</p><p>C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe</p><p>C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe</p><p>C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe</p><p>C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe</p><p>C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p>C:\Users\Tae Youn\Downloads\zoek(1).exe</p><p>C:\WINDOWS\SysWOW64\cmd.exe</p><p>C:\WINDOWS\SysWOW64\cmd.exe</p><p>C:\WINDOWS\SysWOW64\cmd.exe</p><p></p><p>==== Folders Found ======================</p><p></p><p></p><p>==== Files Found ======================</p><p></p><p></p><p>==== System Specs ======================</p><p></p><p>Windows: Windows Version 6.2 (Build 9200)</p><p>Memory (RAM): 3551 MB</p><p>CPU Info: AMD A6-4400M APU with Radeon(tm) HD Graphics</p><p>CPU Speed: 2747.4 MHz</p><p>Sound Card: Speakers (Realtek High Definiti |</p><p>Display Adapters: AMD Radeon HD 7520G | AMD Radeon HD 7520G | AMD Radeon HD 7520G | AMD Radeon HD 7520G</p><p>Monitors: 1x; Generic PnP Monitor |</p><p>Screen Resolution: 1366 X 768 - 32 bit</p><p>Network: Network Present</p><p>Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC | Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)</p><p>CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SN-208AB</p><p>Ports: COM Ports NOT Present. LPT Port NOT Present.</p><p>Mouse: 5 Button Wheel Mouse Present</p><p>Hard Disks: C: 453.8GB</p><p>Hard Disks - Free: C: 413.3GB</p><p>Manufacturer *: Insyde Corp.</p><p>BIOS Info: AT/AT COMPATIBLE | | TOSINV - 1</p><p>Time Zone: Pacific Standard Time</p><p>Motherboard *: TOSHIBA Portable PC</p><p>Country: United States</p><p>Language: ENU</p><p></p><p>==== System Specs (Software) ======================</p><p></p><p>Anti-Virus: Windows Defender On-access scanning disabled (Outdated)</p><p>Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)</p><p>Anti-Spyware: Windows Defender disabled (Outdated)</p><p>Anti-Spyware: avast! Antivirus disabled (Outdated)</p><p>Default Browser: Firefox 35.0</p><p>Internet Explorer Version: 11.0.9600.17498</p><p>Mozilla Firefox version: 35.0 (x86 en-US)</p><p>Adobe Reader version: 11.0.10.32</p><p></p><p>==== Files Recently Created / Modified ======================</p><p></p><p>====== C:\WINDOWS ====</p><p>====== C:\Users\TAEYOU~1\AppData\Local\Temp ====</p><p>2015-01-08 10:54:02 4447723C9263C249C25E9EB93A759E52 1153144 ----a-w- C:\Users\Tae Youn\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe</p><p>====== Java Cache =====</p><p>====== C:\WINDOWS\SysWOW64 =====</p><p>====== C:\WINDOWS\SysWOW64\drivers =====</p><p>====== C:\WINDOWS\Sysnative =====</p><p>====== C:\WINDOWS\Sysnative\drivers =====</p><p>2015-01-08 13:16:49 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys</p><p>2015-01-08 13:14:29 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys</p><p>2015-01-08 13:14:29 9D7BFFDB5FA62B600DF1FCB4919D9D79 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys</p><p>2015-01-08 13:14:29 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys</p><p>2014-12-10 00:50:23 B02118A776C368F7EE1A8CC81378D265 153920 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys</p><p>2014-12-10 00:50:23 7B7C482CF48E6EE33664340D1A78E6FE 238912 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys</p><p>2014-12-10 00:50:23 24A8DFC07E4BAF29AEA26E383D4CC886 86336 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys</p><p>2014-12-10 00:50:22 A770340FC02B999EF0DE6C2A6BC8437C 39744 -c--a-w- C:\WINDOWS\Sysnative\drivers\intelpep.sys</p><p>====== C:\WINDOWS\Tasks ======</p><p>2015-01-08 13:11:22 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Acrobat Update Task</p><p>====== C:\WINDOWS\Temp ======</p><p>======= C:\Program Files =====</p><p>2015-01-08 16:44:51 -------- d-----w- C:\Program Files\HitmanPro</p><p>======= C:\PROGRA~2 =====</p><p>2015-01-08 12:11:42 -------- d-sh--w- C:\PROGRA~2\MpkingAcpoiscines</p><p>======= C: =====</p><p>====== C:\Users\Tae Youn\AppData\Roaming ======</p><p>2015-01-08 11:27:14 -------- d-----w- C:\Users\Tae Youn\AppData\Roaming\Google</p><p>====== C:\Users\Tae Youn ======</p><p>2015-01-08 21:28:33 5234F7CA5CA202CC4B7E59717E3F9FE6 182295 ----a-w- C:\Users\Tae Youn\Downloads\FRST64(2).exe</p><p>2015-01-08 21:14:54 05EE8B7DE7067EC38D232FE84B5BE9C1 1115648 ----a-w- C:\Users\Tae Youn\Downloads\FRST.exe</p><p>2015-01-08 21:12:44 31A10EBA3ADA65164B487635B1F7A42D 1613095 ----a-w- C:\Users\Tae Youn\Downloads\FRST64(1).exe</p><p>2015-01-08 21:04:35 D4B7755578C77AB576FDF45B26B19719 600 ----a-w- C:\Users\Tae Youn\PUTTY.RND</p><p>2015-01-08 17:47:25 13672E741CEAC976A55864659329EF4C 2765678 ----a-w- C:\Users\Tae Youn\Downloads\mbar-1.08.2.1001.exe</p><p>2015-01-08 17:30:16 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Tae Youn\Downloads\FRST64.exe</p><p>2015-01-08 16:42:29 00FD7C6BEDEE9B24B0DB02B68B07AD54 11222744 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro_x64(2).exe</p><p>2015-01-08 16:39:37 BD6C3071F98A563989F99AC61BDDC925 10284408 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro.exe</p><p>2015-01-08 16:38:40 C6A1CCEDFC872EBAB73105F3290AF79F 8324532 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro_x64(1).exe</p><p>2015-01-08 13:13:01 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Tae Youn\Downloads\mbam-setup-2.0.4.1028.exe</p><p>2015-01-08 13:06:59 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp</p><p>2015-01-08 12:49:57 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\Tae Youn\Downloads\adwcleaner_4.107.exe</p><p></p><p>====== C: exe-files ==</p><p>2015-01-08 21:28:33 5234F7CA5CA202CC4B7E59717E3F9FE6 182295 ----a-w- C:\Users\Tae Youn\Downloads\FRST64(2).exe</p><p>2015-01-08 21:14:54 05EE8B7DE7067EC38D232FE84B5BE9C1 1115648 ----a-w- C:\Users\Tae Youn\Downloads\FRST.exe</p><p>2015-01-08 21:12:44 31A10EBA3ADA65164B487635B1F7A42D 1613095 ----a-w- C:\Users\Tae Youn\Downloads\FRST64(1).exe</p><p>2015-01-08 17:47:25 13672E741CEAC976A55864659329EF4C 2765678 ----a-w- C:\Users\Tae Youn\Downloads\mbar-1.08.2.1001.exe</p><p>2015-01-08 17:30:16 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Tae Youn\Downloads\FRST64.exe</p><p>2015-01-08 16:44:51 00FD7C6BEDEE9B24B0DB02B68B07AD54 11222744 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe</p><p>2015-01-08 16:42:29 00FD7C6BEDEE9B24B0DB02B68B07AD54 11222744 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro_x64(2).exe</p><p>2015-01-08 16:39:37 BD6C3071F98A563989F99AC61BDDC925 10284408 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro.exe</p><p>2015-01-08 16:38:40 C6A1CCEDFC872EBAB73105F3290AF79F 8324532 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro_x64(1).exe</p><p>2015-01-08 13:13:01 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Tae Youn\Downloads\mbam-setup-2.0.4.1028.exe</p><p>2015-01-08 13:11:01 516C021FEBEDE2962C9252DF85606C76 382168 ----a-w- C:\ProgramData\Adobe\ARM\S\25162\AdobeARMHelper.exe</p><p>2015-01-08 12:49:57 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\Tae Youn\Downloads\adwcleaner_4.107.exe</p><p>2015-01-08 12:11:51 4322211DD95CA2D940E57D6D48B7908A 154112 ----a-r- C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscinesHelper.exe</p><p>2015-01-08 12:11:49 4AEC96190CFCB442AEECB275D73A4470 110080 ----a-w- C:\Program Files (x86)\MpkingAcpoiscines\temp\certutil.exe</p><p>2015-01-08 12:11:47 CE41813E100762C5F7BFD809114E6C11 4316160 --sh--w- C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscines.exe</p><p>2015-01-08 12:11:46 96B3771A6024C8F00E8AC29462220D64 7168 --sh--w- C:\Program Files (x86)\MpkingAcpoiscines\LoopbackForWin8.exe</p><p>2015-01-08 12:11:46 2764C3E30034E9469ADBDBBC99BD98E7 70992 --sh--w- C:\Program Files (x86)\MpkingAcpoiscines\CertMgr.exe</p><p>2015-01-08 10:54:02 4447723C9263C249C25E9EB93A759E52 1153144 ----a-w- C:\Users\Tae Youn\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe</p><p>2015-01-06 11:30:42 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\0117A78A-2F48-41D4-ABC7-39CBBD2BDC3F\DismHost.exe</p><p>2015-01-06 11:24:23 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\B7010B8F-37CD-467A-A866-8348ADDEAFE6\DismHost.exe</p><p>2015-01-06 11:19:36 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\8A41FB17-E15A-4B94-B1AD-7A9409CD9D25\DismHost.exe</p><p>2015-01-06 11:09:25 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\DF34B8CA-314F-48B6-A048-E28A201A6833\DismHost.exe</p><p>2015-01-06 10:38:37 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\85A7FDDE-EAD8-44B0-AEC3-C650CD3789DA\DismHost.exe</p><p>2015-01-06 10:33:48 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\CED7003D-6979-48AC-9884-92C071D0CDD4\DismHost.exe</p><p>2015-01-06 10:28:39 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\B51FEBCD-CEB4-4915-858D-61323BFD822B\DismHost.exe</p><p>=== C: other files ==</p><p>2015-01-08 16:50:23 A24624807D91E77E06EEB016D4C2D053 1443602 ----a-w- C:\Users\Tae Youn\AppData\Roaming\Mozilla\Firefox\Profiles\026mgjs4.default-1420720268969\extensions\<a href="mailto:firefox@ghostery.com.xpi">firefox@ghostery.com.xpi</a></p><p>2015-01-08 16:48:47 A1B1BC6A14B437C82AC830116979E9F6 979699 ----a-w- C:\Users\Tae Youn\AppData\Roaming\Mozilla\Firefox\Profiles\026mgjs4.default-1420720268969\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi</p><p>2015-01-08 13:16:49 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys</p><p>2015-01-08 13:14:29 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys</p><p>2015-01-08 13:14:29 9D7BFFDB5FA62B600DF1FCB4919D9D79 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys</p><p>2015-01-08 13:14:29 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys</p><p>2015-01-08 10:54:02 026B5640E2613119DCA395EADB881425 2053640 ----a-w- C:\Users\Tae Youn\Desktop\u_14_04.zip</p><p></p><p>==== Startup Registry Enabled ======================</p><p></p><p>[HKEY_USERS\S-1-5-21-575280890-2764862635-724835175-1001\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"FileHippo.com"="C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe /background"</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"</p><p>"ToshibaAppPlace"="C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"</p><p>"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"</p><p>"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"</p><p>"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"</p><p></p><p>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"FileHippo.com"="C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe /background"</p><p></p><p>==== Startup Registry Enabled x64 ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"</p><p>"TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe"</p><p>"TODDMain"="C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe"</p><p>"TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe "</p><p>"TCrdMain"="C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"</p><p></p><p>==== Startup Folders ======================</p><p></p><p>2014-08-04 00:19:02 2130 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk</p><p></p><p>==== Task Scheduler Jobs ======================</p><p></p><p>C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/14/2013 07:55 PM]</p><p>C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/14/2013 07:55 PM]</p><p></p><p>==== Other Scheduled Tasks ======================</p><p></p><p>"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]</p><p>"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\WINDOWS\SysNative\tasks\LaunchSignup" [C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe]</p><p>"C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"]</p><p>"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{0E750434-667E-464D-B455-06D74C555142}" [C:\WINDOWS\system32\msfeedssync.exe]</p><p>"C:\WINDOWS\SysNative\tasks\Norton Anti-Theft\Norton Error Analyzer" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe]</p><p>"C:\WINDOWS\SysNative\tasks\Norton Anti-Theft\Norton Error Processor" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe]</p><p>"C:\WINDOWS\SysNative\tasks\TOSHIBA\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"]</p><p></p><p>==== Firefox Extensions Registry ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]</p><p>"<a href="mailto:wrc@avast.com">wrc@avast.com</a>"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11/08/2014 01:12 AM]</p><p></p><p>==== Firefox Extensions ======================</p><p></p><p>ProfilePath: C:\Users\TAEYOU~1\AppData\Roaming\Mozilla\Firefox\Profiles\026mgjs4.default-1420720268969</p><p>- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF</p><p>- Undetermined - <a href="mailto:wrc@avast.com">wrc@avast.com</a></p><p>- Ghostery - %ProfilePath%\extensions\<a href="mailto:firefox@ghostery.com.xpi">firefox@ghostery.com.xpi</a></p><p>- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi</p><p></p><p>AppDir: C:\Program Files (x86)\Mozilla Firefox</p><p>- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}</p><p></p><p>==== Firefox Plugins ======================</p><p></p><p></p><p>==== Chromium Look ======================</p><p></p><p>HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions</p><p>gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11/08/2014 01:12 AM]</p><p></p><p>==== IE Start and Search Settings ======================</p><p></p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://msn.com/" target="_blank">http://msn.com/</a>"</p><p>"Search Page"="<a href="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" target="_blank">http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01</a>"</p><p>[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>"Search Page"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>"Default_Page_URL"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>"Default_Search_URL"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>"Search Page"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>"Default_Page_URL"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>"Default_Search_URL"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]</p><p>"Tabs"="about:newtab"</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]</p><p>"Tabs"="about:newtab"</p><p>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]</p><p>"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"</p><p></p><p>==== All HKCU SearchScopes ======================</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes</p><p>{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="<a href="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" target="_blank">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC</a>"</p><p>{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="<a href="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" target="_blank">http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7</a>"</p><p>{F917EF2A-9949-43A5-A95C-944EE71EA1F1} Unknown Url="Not_Found"</p><p></p><p>==== C:\zoek_backup content ======================</p><p></p><p>C:\zoek_backup (files=0 folders=0 0 bytes)</p><p></p><p>==== EOF on Thu 01/08/2015 at 14:14:45.30 ======================</p></blockquote><p></p>
[QUOTE="ohnovirus, post: 330582, member: 32962"] Zoek.exe v5.0.0.0 Updated 08-January-2015 Tool run by Tae Youn on Thu 01/08/2015 at 14:06:00.55. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tae Youn\Downloads\zoek(1).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-01-08-215111.log 21035 bytes ==== System Restore Info ====================== 1/8/2015 2:06:34 PM Zoek.exe System Restore Point Created Succesfully. ==== Installed Programs ====================== 64 Bit HP CIO Components Installer Adblock Plus for IE (32-bit and 64-bit) Adobe Digital Editions 4.0 Adobe Reader XI (11.0.10) Adobe Refresh Manager AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Quick Stream AMD VISION Engine Control Center Anki Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Avast Free Antivirus Battlelog Web Plugins Bejeweled 3 BufferChm C4700 Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish D3DX10 Destinations DeviceDiscovery Dropbox ESN Sonar FATE FileHippo App Manager Gardenscapes: Mansion Makeover Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP Photo Creations HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 HP Solution Center 14.0 HP Update HPPhotoGadget HPProductAssistant HPSSupply Malwarebytes Anti-Malware version 2.0.4.1028 MarketResearch Microsoft Application Error Reporting Microsoft Office Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Mnemosyne 2.3.1 More Games - WildTangent Movie Maker Mozilla Firefox 35.0 (x86 en-US) MSVCRT MSVCRT110 MSVCRT110_amd64 Network64 Norton Anti-Theft Norton Online Backup Norton Online Backup ARA Norton PC Checkup Norton Security Dashboard Origin Penguins Photo Common Photo Gallery PhotoScape Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 Polar Bowler PS_AIO_06_C4700_SW_Min QuickTransfer Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader REALTEK Wireless LAN Driver Realtek WLAN Driver Scan Shop for HP Supplies SolutionCenter Status Synaptics Pointing Device Driver Toolbox Toshiba App Place TOSHIBA Application Installer TOSHIBA Audio Enhancement Toshiba Book Place TOSHIBA Desktop Assist TOSHIBA eco Utility TOSHIBA Function Key TOSHIBA HDD Accelerator TOSHIBA Password Utility TOSHIBA PC Health Monitor TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA Resolution+ Plug-in for Windows Media Player TOSHIBA Service Station TOSHIBA System Driver TOSHIBA System Settings TOSHIBA User's Guide TOSHIBA VIDEO PLAYER TOSHIBARegistration TrayApp Update for Microsoft en-us Dictionary Update Installer for WildTangent Games App Vacation QuestT - Australia Virtual Villagers 5 - New Believers WebReg WildTangent Games WildTangent Games App (Toshiba Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Youda Jewel Shop ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\WINDOWS\SysWOW64\svchost.exe C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscines.exe C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscinesHelper.exe C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Tae Youn\Downloads\zoek(1).exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Folders Found ====================== ==== Files Found ====================== ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3551 MB CPU Info: AMD A6-4400M APU with Radeon(tm) HD Graphics CPU Speed: 2747.4 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: AMD Radeon HD 7520G | AMD Radeon HD 7520G | AMD Radeon HD 7520G | AMD Radeon HD 7520G Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC | Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30) CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SN-208AB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 453.8GB Hard Disks - Free: C: 413.3GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | | TOSINV - 1 Time Zone: Pacific Standard Time Motherboard *: TOSHIBA Portable PC Country: United States Language: ENU ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Firefox 35.0 Internet Explorer Version: 11.0.9600.17498 Mozilla Firefox version: 35.0 (x86 en-US) Adobe Reader version: 11.0.10.32 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\TAEYOU~1\AppData\Local\Temp ==== 2015-01-08 10:54:02 4447723C9263C249C25E9EB93A759E52 1153144 ----a-w- C:\Users\Tae Youn\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2015-01-08 13:16:49 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2015-01-08 13:14:29 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2015-01-08 13:14:29 9D7BFFDB5FA62B600DF1FCB4919D9D79 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2015-01-08 13:14:29 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2014-12-10 00:50:23 B02118A776C368F7EE1A8CC81378D265 153920 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2014-12-10 00:50:23 7B7C482CF48E6EE33664340D1A78E6FE 238912 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2014-12-10 00:50:23 24A8DFC07E4BAF29AEA26E383D4CC886 86336 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2014-12-10 00:50:22 A770340FC02B999EF0DE6C2A6BC8437C 39744 -c--a-w- C:\WINDOWS\Sysnative\drivers\intelpep.sys ====== C:\WINDOWS\Tasks ====== 2015-01-08 13:11:22 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Acrobat Update Task ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-01-08 16:44:51 -------- d-----w- C:\Program Files\HitmanPro ======= C:\PROGRA~2 ===== 2015-01-08 12:11:42 -------- d-sh--w- C:\PROGRA~2\MpkingAcpoiscines ======= C: ===== ====== C:\Users\Tae Youn\AppData\Roaming ====== 2015-01-08 11:27:14 -------- d-----w- C:\Users\Tae Youn\AppData\Roaming\Google ====== C:\Users\Tae Youn ====== 2015-01-08 21:28:33 5234F7CA5CA202CC4B7E59717E3F9FE6 182295 ----a-w- C:\Users\Tae Youn\Downloads\FRST64(2).exe 2015-01-08 21:14:54 05EE8B7DE7067EC38D232FE84B5BE9C1 1115648 ----a-w- C:\Users\Tae Youn\Downloads\FRST.exe 2015-01-08 21:12:44 31A10EBA3ADA65164B487635B1F7A42D 1613095 ----a-w- C:\Users\Tae Youn\Downloads\FRST64(1).exe 2015-01-08 21:04:35 D4B7755578C77AB576FDF45B26B19719 600 ----a-w- C:\Users\Tae Youn\PUTTY.RND 2015-01-08 17:47:25 13672E741CEAC976A55864659329EF4C 2765678 ----a-w- C:\Users\Tae Youn\Downloads\mbar-1.08.2.1001.exe 2015-01-08 17:30:16 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Tae Youn\Downloads\FRST64.exe 2015-01-08 16:42:29 00FD7C6BEDEE9B24B0DB02B68B07AD54 11222744 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro_x64(2).exe 2015-01-08 16:39:37 BD6C3071F98A563989F99AC61BDDC925 10284408 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro.exe 2015-01-08 16:38:40 C6A1CCEDFC872EBAB73105F3290AF79F 8324532 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro_x64(1).exe 2015-01-08 13:13:01 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Tae Youn\Downloads\mbam-setup-2.0.4.1028.exe 2015-01-08 13:06:59 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2015-01-08 12:49:57 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\Tae Youn\Downloads\adwcleaner_4.107.exe ====== C: exe-files == 2015-01-08 21:28:33 5234F7CA5CA202CC4B7E59717E3F9FE6 182295 ----a-w- C:\Users\Tae Youn\Downloads\FRST64(2).exe 2015-01-08 21:14:54 05EE8B7DE7067EC38D232FE84B5BE9C1 1115648 ----a-w- C:\Users\Tae Youn\Downloads\FRST.exe 2015-01-08 21:12:44 31A10EBA3ADA65164B487635B1F7A42D 1613095 ----a-w- C:\Users\Tae Youn\Downloads\FRST64(1).exe 2015-01-08 17:47:25 13672E741CEAC976A55864659329EF4C 2765678 ----a-w- C:\Users\Tae Youn\Downloads\mbar-1.08.2.1001.exe 2015-01-08 17:30:16 1D52BA6FE6E435CE9E9C801D2B175936 2124288 ----a-w- C:\Users\Tae Youn\Downloads\FRST64.exe 2015-01-08 16:44:51 00FD7C6BEDEE9B24B0DB02B68B07AD54 11222744 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe 2015-01-08 16:42:29 00FD7C6BEDEE9B24B0DB02B68B07AD54 11222744 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro_x64(2).exe 2015-01-08 16:39:37 BD6C3071F98A563989F99AC61BDDC925 10284408 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro.exe 2015-01-08 16:38:40 C6A1CCEDFC872EBAB73105F3290AF79F 8324532 ----a-w- C:\Users\Tae Youn\Downloads\HitmanPro_x64(1).exe 2015-01-08 13:13:01 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Tae Youn\Downloads\mbam-setup-2.0.4.1028.exe 2015-01-08 13:11:01 516C021FEBEDE2962C9252DF85606C76 382168 ----a-w- C:\ProgramData\Adobe\ARM\S\25162\AdobeARMHelper.exe 2015-01-08 12:49:57 61CA40317EBF1254770BF8B495B3F8DA 2191360 ----a-w- C:\Users\Tae Youn\Downloads\adwcleaner_4.107.exe 2015-01-08 12:11:51 4322211DD95CA2D940E57D6D48B7908A 154112 ----a-r- C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscinesHelper.exe 2015-01-08 12:11:49 4AEC96190CFCB442AEECB275D73A4470 110080 ----a-w- C:\Program Files (x86)\MpkingAcpoiscines\temp\certutil.exe 2015-01-08 12:11:47 CE41813E100762C5F7BFD809114E6C11 4316160 --sh--w- C:\Program Files (x86)\MpkingAcpoiscines\MpkingAcpoiscines.exe 2015-01-08 12:11:46 96B3771A6024C8F00E8AC29462220D64 7168 --sh--w- C:\Program Files (x86)\MpkingAcpoiscines\LoopbackForWin8.exe 2015-01-08 12:11:46 2764C3E30034E9469ADBDBBC99BD98E7 70992 --sh--w- C:\Program Files (x86)\MpkingAcpoiscines\CertMgr.exe 2015-01-08 10:54:02 4447723C9263C249C25E9EB93A759E52 1153144 ----a-w- C:\Users\Tae Youn\AppData\Local\Temp\SoftonicAssistant_v0-1-6.exe 2015-01-06 11:30:42 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\0117A78A-2F48-41D4-ABC7-39CBBD2BDC3F\DismHost.exe 2015-01-06 11:24:23 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\B7010B8F-37CD-467A-A866-8348ADDEAFE6\DismHost.exe 2015-01-06 11:19:36 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\8A41FB17-E15A-4B94-B1AD-7A9409CD9D25\DismHost.exe 2015-01-06 11:09:25 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\DF34B8CA-314F-48B6-A048-E28A201A6833\DismHost.exe 2015-01-06 10:38:37 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\85A7FDDE-EAD8-44B0-AEC3-C650CD3789DA\DismHost.exe 2015-01-06 10:33:48 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\CED7003D-6979-48AC-9884-92C071D0CDD4\DismHost.exe 2015-01-06 10:28:39 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\B51FEBCD-CEB4-4915-858D-61323BFD822B\DismHost.exe === C: other files == 2015-01-08 16:50:23 A24624807D91E77E06EEB016D4C2D053 1443602 ----a-w- C:\Users\Tae Youn\AppData\Roaming\Mozilla\Firefox\Profiles\026mgjs4.default-1420720268969\extensions\[email]firefox@ghostery.com.xpi[/email] 2015-01-08 16:48:47 A1B1BC6A14B437C82AC830116979E9F6 979699 ----a-w- C:\Users\Tae Youn\AppData\Roaming\Mozilla\Firefox\Profiles\026mgjs4.default-1420720268969\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2015-01-08 13:16:49 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-01-08 13:14:29 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-01-08 13:14:29 9D7BFFDB5FA62B600DF1FCB4919D9D79 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-01-08 13:14:29 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-01-08 10:54:02 026B5640E2613119DCA395EADB881425 2053640 ----a-w- C:\Users\Tae Youn\Desktop\u_14_04.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-575280890-2764862635-724835175-1001\Software\Microsoft\Windows\CurrentVersion\Run] "FileHippo.com"="C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" "ToshibaAppPlace"="C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "FileHippo.com"="C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe /background" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe" "TODDMain"="C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe" "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe " "TCrdMain"="C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe" ==== Startup Folders ====================== 2014-08-04 00:19:02 2130 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/14/2013 07:55 PM] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/14/2013 07:55 PM] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\LaunchSignup" [C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{0E750434-667E-464D-B455-06D74C555142}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Norton Anti-Theft\Norton Error Analyzer" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Anti-Theft\Norton Error Processor" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe] "C:\WINDOWS\SysNative\tasks\TOSHIBA\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "[email]wrc@avast.com[/email]"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11/08/2014 01:12 AM] ==== Firefox Extensions ====================== ProfilePath: C:\Users\TAEYOU~1\AppData\Roaming\Mozilla\Firefox\Profiles\026mgjs4.default-1420720268969 - Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - [email]wrc@avast.com[/email] - Ghostery - %ProfilePath%\extensions\[email]firefox@ghostery.com.xpi[/email] - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11/08/2014 01:12 AM] ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://msn.com/[/url]" "Search Page"="[url]http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01[/url]" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://www.google.com[/url]" "Search Page"="[url]http://www.google.com[/url]" "Default_Page_URL"="[url]http://www.google.com[/url]" "Default_Search_URL"="[url]http://www.google.com[/url]" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://www.google.com[/url]" "Search Page"="[url]http://www.google.com[/url]" "Default_Page_URL"="[url]http://www.google.com[/url]" "Default_Search_URL"="[url]http://www.google.com[/url]" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="[url]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC[/url]" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="[url]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]" {F917EF2A-9949-43A5-A95C-944EE71EA1F1} Unknown Url="Not_Found" ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on Thu 01/08/2015 at 14:14:45.30 ====================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top