ChripChrip
Members-
Posts
8 -
Joined
-
Last visited
Reputation
0 Neutral-
The first issue (cache) happened to me twice, The first time I was making a purchase on NCIX.ca, and the item wouldn't go to the shopping card and I was redirected to the picture shown in the first post. I thought it was a bug on their website, so informed them but a few days later, it happened on McAfee. I was trying to get some live support, I was getting redirected to the Set-Cookie page. It all started to happen randomly, I have absolutely no idea what happened. The second issues (streams not working on TwitchTV), I had Bell Internet Security and I felt like it was good enough and didn't need to upgrade to mcAfee, then my PC started slowing down and I thought that there must be like a virus or something as it just wouldn't launch at some point. I went in safe mode and installed McAfee, then installed malwarebytes shortly after. I ran scans, and quarantines/deleted the files. I hadn't been on TwitchTV while installing and running the scans, so a few days later, the videos would just load, go grey and smaller popup would say "loading". Also, a few weeks ago, my Windows Firewall and services would also turn off. I changed the permissions on regedit to make them work..
-
Drweb-Cure has found no thread, and I couldn't find the log. but here is the Microsoft Safety Scan I actually just realized that Chrome takes much less time to start (it's back to its normal speed!) --------------------------------------------------------------------------------------- Microsoft Safety Scanner v1.0, (build 1.153.905.0)Started On Sat Jun 29 12:18:02 2013 Results Summary:----------------No infection found.Microsoft Safety Scanner Finished On Sat Jun 29 12:24:56 2013 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Safety Scanner v1.0, (build 1.153.905.0)Started On Sat Jun 29 12:25:45 2013Microsoft Safety Scanner Finished On Sat Jun 29 12:25:49 2013 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Safety Scanner v1.0, (build 1.153.905.0)Started On Sat Jun 29 12:25:52 2013 Results Summary:----------------No infection found.Microsoft Safety Scanner Finished On Sat Jun 29 12:29:43 2013 Return code: 0 (0x0) mbam-log-2013-06-29 (12-19-28).txt
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Ultimate x64 Ran by Momo on 29/06/2013 at 10:34:01.84 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2117279006-2250545515-668574822-1000\Software\Microsoft\Internet Explorer\Main\\Start Page ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\nctaudiocdgrabber2.dll Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\yontooieclient.dll Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3282812 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3289847 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3298573 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3A9C6299-BFE1-4D4B-BB80-15BE29FB52AA} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9C677D72-CE23-4BDC-97C2-763346EC6E09} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9C677D72-CE23-4BDC-97C2-763346EC6E09} ~~~ Files Successfully deleted: [File] "C:\end" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon" Successfully deleted: [Folder] "C:\ProgramData\installmate" Successfully deleted: [Folder] "C:\ProgramData\tarma installer" Successfully deleted: [Folder] "C:\ProgramData\zoomex" Successfully deleted: [Folder] "C:\Users\Momo\AppData\Roaming\babylon" Failed to delete: [Folder] "C:\Users\Momo\AppData\Roaming\wondershare" Successfully deleted: [Folder] "C:\Users\Momo\appdata\local\conduit" Successfully deleted: [Folder] "C:\Users\Momo\appdata\local\swvupdater" Successfully deleted: [Folder] "C:\Users\Momo\appdata\local\wondershare" Successfully deleted: [Folder] "C:\Users\Momo\appdata\locallow\conduit" Successfully deleted: [Folder] "C:\Users\Momo\appdata\locallow\pricegong" Successfully deleted: [Folder] "C:\Program Files (x86)\conduit" Failed to delete: [Folder] "C:\Program Files (x86)\wondershare" Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo" Successfully deleted: [Folder] "C:\Program Files (x86)\zoomex" Failed to delete: [Folder] "C:\Program Files (x86)\Common Files\Wondershare" Successfully deleted: [Folder] "C:\Users\Momo\AppData\Roaming\microsoft\windows\start menu\programs\free ride games" Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{000C6AAC-8454-4F32-A861-66EA0A79C2EE} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{0CCE81CC-FA9D-40D1-9E8D-39066FFC973F} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{0D398974-E116-4483-9995-8561A1AC6BCF} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{0E414B6C-6023-4B4A-8CDF-8F18A7AA8D4C} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{152B6772-BFBE-4EB3-A77E-F034F9539FDF} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{1727A492-22E3-4513-8C85-85E4EB68199C} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{1A4E3088-CB61-4176-9323-7036C904DDE1} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{22C1AA1E-4EA9-441B-9D56-130D926609AB} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{28483D43-99FB-456E-85C4-D2D41B9619E9} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{29A29744-6636-4A63-B186-25A0D2ECC915} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{2D9CB753-91FF-4012-9275-A6510A64A3C8} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{32153DAC-F2BC-426C-91F9-2A29F55BA429} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{3970E871-DC61-48E7-B124-746E39ADB8E7} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{3A2F8D15-64FD-412D-8563-2050824B9BF8} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{3D4401B1-B806-4F70-AD88-5141F645D264} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{43102F33-8D23-4665-AC74-5196EE0CA8E5} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{48165CAA-65B8-4506-BB94-E92BD0332571} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{48178D68-80F5-44A7-8037-FCB5C9F95018} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{4D5B1B0A-E649-48AD-A981-72F24790C717} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{4EF01A4A-B1A3-431D-BD14-C4FDC5366082} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{4FCACF68-0C62-4BBF-B191-3BFF062F3D5C} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{53651E5D-531F-414C-A7EC-216829305F9F} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{551E717C-7BCB-42DE-A497-5CD83C2A93CE} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{56C654A5-BC28-4169-A79C-EE42386B741E} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{57DB88AB-A56A-4EED-A722-173BC089F2F8} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{5A5D8F19-558D-4733-94A9-5FE6EC51D164} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{5DF8C9D3-8CD1-4233-955B-59908C508894} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{61EE3C46-BBC6-45F1-996D-644378CB2C5F} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{64C1230F-552E-432A-A4CB-A16C0BA09441} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{65995AED-0760-4C97-A0EB-CC6D730BEFA9} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{67DEDA26-966E-4BBC-8DA0-76D42B12389A} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{69A559B1-701E-47FA-BCBB-E7BFEAD395DB} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{6CD5744D-AEC3-467D-80B3-8CA0B2E85748} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{6E06C805-E9F6-4481-B103-094B02409459} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{70843649-C557-455C-B73E-21045A3003F9} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{7596E2BE-CFA1-48D5-9B7E-769FF6D2359D} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{76CD9145-9DA3-42C0-9446-D22B47FCD8EF} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{78273DA8-F90E-49D0-91AD-71B22A67A029} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{78647C35-CFC1-4331-B4C6-93C7338AA8A3} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{7D53DE96-6F48-4268-86FB-57B761BFEA09} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{7FA4F796-C2C2-432E-BEF1-EA89D50D0257} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{7FEA4805-24ED-482D-91C1-EFE6E001F897} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{841D2094-4CF8-4D4D-A378-BAF8592723A1} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{8431D3AF-921C-44FE-B798-143B9245CB99} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{88FA37C1-5C7C-4202-831C-F727BDA31463} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{897DB803-6817-4C4A-87E5-08AFE187508F} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{89AD7953-7D23-4EFF-BD2E-995699775A51} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{89BDB946-45C2-4732-A1AF-4C8100DAB704} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{8C1D0355-6CF7-449C-9BE1-ACAFCEED5E5B} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{8F8A2059-1618-42E9-9818-C29735B7A47B} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{90459BEA-9996-4F68-8513-D92D8A28FC46} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{930FD25A-7EB7-4E7C-AF30-CB98C057B588} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{9A3BF137-2182-4105-AB1A-257EA2E61009} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{9A6FCF28-026C-4EE0-80B1-20A02FE0942F} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{9B6CC937-B56A-4A3A-8FA0-0DF8D5A2D46B} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{9D557BBE-9C0B-4DB2-9584-AEB99730A845} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{A351E690-50F1-4C80-BFCB-DA393F36CC03} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{A6EF58B1-E10C-4510-8295-94F3D4CE5FDF} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{ABC3E04D-D2FC-4B64-8F72-708E9EA6E9A8} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{AEFB2BFF-7214-4875-B631-B3B7EA96D947} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{B2AF60D9-051B-478C-850C-1EF910BA1AC5} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{B484BF11-3E46-47F0-B343-322D42CDFAC9} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{B85839EF-6C4C-4A11-8E1A-4F823EC5E015} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{B96B9124-AD55-4805-9C33-94D2CD8E9BAE} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{C506F7C6-582D-47B4-BFF7-902CCE73DE6E} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{C5217AF9-6438-4F68-82A6-F372D20939DF} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{C5456B39-4A8D-4033-A46D-4F05EDAC2C2B} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{C5B91C16-3E5E-4A5C-8AC5-6FD84496A565} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{CA49ED6A-9F79-4185-83FC-6DADEFDA97ED} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{CB92F980-F33C-480B-AEAC-8E45D558660D} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{D0A41FF3-BF35-4A96-BE44-3B0E04177C32} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{D0C28C32-CB57-4B9C-A43D-D372E7E94F0D} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{D0EF02FE-38F9-4CD9-BE2A-085EA02E5ADD} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{DA68FB17-0D06-4108-89B6-9B1DC52F14C8} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{DF2ED193-FBA2-4BE0-89D8-77394ADF29C0} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{DFC90D98-2820-4EFD-A547-AD6EE2493EDA} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{E00D18E6-1587-4873-8AC7-06CB5BA96AEF} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{E1F69476-42A6-4FFA-868F-E9D4AE0715A5} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{E4032C73-A98C-4485-9A93-B97C051F6970} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{E60AF29F-039A-453B-B49B-4346BB9C2B9C} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{EAB87914-B953-455B-96DE-9E0B2D67FF5C} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{EB62F8D7-4C91-403F-B2AF-B6072436D8D6} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{EB813DA4-85C4-4A7B-A551-E3F799DEF72B} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{ED2B8784-9DAB-4C9B-88B0-6D186F1E5CD3} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{EE6329B2-664A-4124-B1D5-55FBD3293406} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{F0A7EC5B-3D60-47FE-B0C4-67DC787BDDF1} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{F588383C-ABF8-4D8A-B067-C1343945A80B} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{F8E93F42-3C75-4CB6-AE6B-22E2923AFDF4} Successfully deleted: [Empty Folder] C:\Users\Momo\appdata\local\{FD8726D6-4293-45D9-8FF2-F5BD95C3C11F} ~~~ Chrome Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 29/06/2013 at 10:37:54.48 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 10:49:47.0686 5452 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 10:49:48.0112 5452 ============================================================ 10:49:48.0112 5452 Current date / time: 2013/06/29 10:49:48.0112 10:49:48.0112 5452 SystemInfo: 10:49:48.0112 5452 10:49:48.0112 5452 OS Version: 6.1.7601 ServicePack: 1.0 10:49:48.0112 5452 Product type: Workstation 10:49:48.0112 5452 ComputerName: MOMO-PC 10:49:48.0112 5452 UserName: Momo 10:49:48.0112 5452 Windows directory: C:\Windows 10:49:48.0112 5452 System windows directory: C:\Windows 10:49:48.0112 5452 Running under WOW64 10:49:48.0112 5452 Processor architecture: Intel x64 10:49:48.0112 5452 Number of processors: 4 10:49:48.0112 5452 Page size: 0x1000 10:49:48.0112 5452 Boot type: Normal boot 10:49:48.0112 5452 ============================================================ 10:49:48.0267 5452 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:49:48.0267 5452 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:49:48.0267 5452 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:49:48.0270 5452 ============================================================ 10:49:48.0270 5452 \Device\Harddisk0\DR0: 10:49:48.0270 5452 MBR partitions: 10:49:48.0270 5452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800 10:49:48.0270 5452 \Device\Harddisk1\DR1: 10:49:48.0270 5452 MBR partitions: 10:49:48.0271 5452 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 10:49:48.0271 5452 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352800 10:49:48.0271 5452 \Device\Harddisk2\DR2: 10:49:48.0479 5452 MBR partitions: 10:49:48.0479 5452 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800 10:49:48.0479 5452 ============================================================ 10:49:48.0482 5452 C: <-> \Device\Harddisk0\DR0\Partition1 10:49:48.0517 5452 E: <-> \Device\Harddisk1\DR1\Partition2 10:49:48.0521 5452 F: <-> \Device\Harddisk2\DR2\Partition1 10:49:48.0521 5452 ============================================================ 10:49:48.0521 5452 Initialize success 10:49:48.0521 5452 ============================================================ RogueKiller V8.6.1 [Jun 29 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Momo [Admin rights] Mode : Scan -- Date : 06/29/2013 10:53:24 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] hyperdesktop.exe -- C:\Users\Momo\AppData\Roaming\Hyperdesktop\hyperdesktop.exe [-] -> KILLED [TermProc] ¤¤¤ Registry Entries : 12 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : Hyperdesktop (C:\Users\Momo\AppData\Roaming\Hyperdesktop\hyperdesktop.exe [-]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-2117279006-2250545515-668574822-1000\[...]\Run : Hyperdesktop (C:\Users\Momo\AppData\Roaming\Hyperdesktop\hyperdesktop.exe [-]) -> FOUND [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ATA KINGSTON SVP200S SCSI Disk Device +++++ --- User --- [MBR] f2d75764c7c47cf62892996a23628a5f [bSP] 0450fd1626b6e628898b62e3926b9b85 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 114471 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: +++++ --- User --- [MBR] 376bf1e1c31dddadf3c69a8d9004bf92 [bSP] 8a544dab3b61e158f83161426581c5e0 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476837 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive2: +++++ --- User --- [MBR] c533c2c5b66da6de4ee3e2500f89fe16 [bSP] a623289173df718b2c44d633de19700c : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_06292013_105324.txt >>
-
This is happening so I thought it might be a hijack or I don't know. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 10:08:10 PM, on 28/06/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16611) FIREFOX: 21.0 (en-US) Boot mode: Normal Running processes: C:\Windows\vVX1000.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\System32\TiltWheelMouse.exe E:\User\Momo\Applications\IDM\Internet Download Manager\IDMan.exe C:\Users\Momo\AppData\Roaming\Hyperdesktop\hyperdesktop.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe E:\User\Momo\Applications\IDM\Internet Download Manager\IEMonitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGo.exe C:\PROGRA~2\COMMON~1\WONDER~1\WONDER~1\WSHelper.exe E:\User\Momo\Applications\League of Legends Replay\LOLReplay\LOLRecorder.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.171\deploy\LoLLauncher.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.30\deploy\LolClient.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe E:\User\Momo\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&CUI=UN22028586212056342&UM=2&ctid=CT3282812 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\User\Momo\Applications\IDM\Internet Download Manager\IDMIECC.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Java\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Zoomex - {B50DCC8E-967D-5B39-6447-E16D9DB46A80} - C:\ProgramData\Zoomex\5103e418938e6.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Java\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [agentantidote.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe" /LancementSession O4 - HKLM\..\Run: [agentantidote64.exe] "C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe" /LancementSession O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [iDMan] E:\User\Momo\Applications\IDM\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [Hyperdesktop] C:\Users\Momo\AppData\Roaming\Hyperdesktop\hyperdesktop.exe O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Momo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIEE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-200 Series" O4 - HKCU\..\Run: [skypeVoiceChanger] E:\User\Momo\Applications\VoiceMaster\New Folder\SkypeVoiceChanger.exe /auto O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKLM\..\Policies\Explorer\Run: [Microsift] C:\Program Files (x86)\Update.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: LOLRecorder.lnk = E:\User\Momo\Applications\League of Legends Replay\LOLReplay\LOLRecorder.exe O4 - Global Startup: MobileGo Service.lnk = C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe O8 - Extra context menu item: Download all links with IDM - E:\User\Momo\Applications\IDM\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - E:\User\Momo\Applications\IDM\Internet Download Manager\IEExt.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing) O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18380 bytes