Mocaflix.com shows up while opening my browser?

Page 1 of 2 12 LastLast

  1. Posts : 13
    Windows 7 Ultimate x64
       #1

    Mocaflix.com shows up while opening my browser?


    I have this issue for a week now and I dont know how to deal withi it.
    I saw a thread on this forum already but it didnt help me.
    When Im trying to open Chrome it opens a second tab named mocaflix.com.
    I did some research and ive seen that it is a hijacking virus or something that can remember your passwords, so if anybody can help me please post her.
      My Computer


  2. Posts : 1,442
    Windows 7 Professional 64bit
       #2

    http://forums.anvisoft.com/viewtopic-53-2296-0.html

    There is alot of removal tutorials on google about this.
      My Computer


  3. Posts : 13
    Windows 7 Ultimate x64
    Thread Starter
       #3

    I tried every one of them but still when I open Google Chrome it opens the second tab with mocaflix.com
      My Computer


  4. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #4

    Download DDS from one of these links:
    DDS.com
    DDS.pif
    • Disable any script blocking protection
    • Double click the dds icon to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt <--- will be minimized in the task tray
    • Save both reports to your desktop.

    Include the contents of both logs in your next post.
    The scan will instruct you to post Attach.txt as an attachment.
      My Computer


  5. Posts : 13
    Windows 7 Ultimate x64
    Thread Starter
       #5

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
    Run by Matej at 20:40:18 on 2012-12-04
    Microsoft Windows 7 Ultimate 6.1.7601.1.1250.387.1033.18.4079.2046 [GMT 1:00]
    .
    AV: PC Tools Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: PC Tools Spyware Doctor with AntiVirus *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
    C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
    C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
    C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uURLSearchHooks: PC Tools Browser Guard: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: PC Tools Browser Guard BHO: {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: PC Tools Browser Guard: {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
    uRun: [AdobeBridge] <no file>
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
    mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    mRun: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{045FDC38-D3AD-4A06-945C-A4F9DAE39746} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{045FDC38-D3AD-4A06-945C-A4F9DAE39746}\45A50205F64637472716E61602642756560294E6475627E65647 : DHCPNameServer = 10.5.50.1
    TCP: Interfaces\{72F6FB88-F39A-40A2-B723-72F70E93DE1F} : DHCPNameServer = 192.168.1.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    x64-BHO: GBHO.BHO: {45d30484-7ded-43d9-957a-d2fd1f046511} -
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: Smart Recovery 2: {1d09c093-f71e-43c3-b948-19316cbd695e} -
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\35rbexj0.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=386496&ilc=12&p=
    FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
    FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    FF - ExtSQL: 2012-12-01 15:45; {cb84136f-9c44-433a-9048-c5cd9df1dc16}; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore64.sys [2012-12-1 413448]
    R0 pctDS;PC Tools Data Store;C:\Windows\System32\drivers\pctDS64.sys [2012-12-1 453896]
    R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\System32\drivers\pctEFA64.sys [2012-12-1 1096176]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-3-16 55280]
    R0 TfFsMon;TfFsMon;C:\Windows\System32\drivers\TfFsMon.sys [2012-12-1 66344]
    R0 TFSysMon;TFSysMon;C:\Windows\System32\drivers\TfSysMon.sys [2012-12-1 709552]
    R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-3-11 21104]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-3-12 283200]
    R1 pctgntdi;pctgntdi;C:\Windows\System32\drivers\pctgntdi64.sys [2012-12-1 347016]
    R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\System32\drivers\PCTSD64.sys [2012-12-1 253256]
    R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-12-1 580728]
    R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]
    R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
    R2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-12-1 403416]
    R2 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [2012-12-1 1162360]
    R2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2012-3-11 114688]
    R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-3-11 2655768]
    R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-1-26 39808]
    R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-1-26 64256]
    R3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2012-5-28 15896]
    R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-5-28 327576]
    R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
    R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\netr7364.sys [2010-2-24 726816]
    R3 PCTBD;PC Tools Browser Defender Driver;C:\Windows\System32\drivers\PCTBD64.sys [2012-12-1 77144]
    R3 pctplsg;pctplsg;C:\Windows\System32\drivers\pctplsg64.sys [2012-12-1 93600]
    R3 pctplsm;pctplsm;C:\Windows\System32\drivers\pctplsm64.sys [2012-12-1 87968]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-11 412264]
    R3 TfNetMon;TfNetMon;C:\Windows\System32\drivers\TfNetMon.sys [2012-12-1 42648]
    R3 ThreatFire;ThreatFire;C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service --> C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [?]
    S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update --> C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
    S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
    S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-3-11 30528]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-3-14 20992]
    S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-3-12 59392]
    S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2012-3-11 16384]
    .
    =============== Created Last 30 ================
    .
    2012-12-04 19:28:08 -------- d-----r- C:\Program Files (x86)\Skype
    2012-12-04 12:43:07 833024 ----a-w- C:\Windows\SysWow64\user32.dll
    2012-12-04 12:43:07 410624 ----a-w- C:\Windows\SysWow64\systemcpl.dll
    2012-12-04 12:43:07 2048 ----a-w- C:\Windows\SysWow64\winver.exe
    2012-12-04 12:43:07 1536 ----a-w- C:\Windows\SysWow64\sppcomapi.dll
    2012-12-04 12:43:07 113543 ----a-w- C:\Windows\SysWow64\slmgr.vbs
    2012-12-03 22:17:01 -------- d-----w- C:\Users\Matej\AppData\Local\Google
    2012-12-03 21:23:44 -------- d-----w- C:\Windows\System32\SPReview
    2012-12-03 21:22:46 -------- d-----w- C:\Windows\System32\EventProviders
    2012-12-03 21:07:14 -------- d-sh--w- C:\found.000
    2012-12-03 20:58:49 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
    2012-12-01 14:52:27 709552 --s---w- C:\Windows\System32\drivers\TfSysMon.sys
    2012-12-01 14:52:27 66344 --s---w- C:\Windows\System32\drivers\TfFsMon.sys
    2012-12-01 14:52:27 42648 --s---w- C:\Windows\System32\drivers\TfNetMon.sys
    2012-12-01 14:45:56 77144 ----a-w- C:\Windows\System32\drivers\PCTBD64.sys
    2012-12-01 14:45:55 769144 ----a-w- C:\Windows\BDTSupport.dll
    2012-12-01 14:45:55 2280568 ----a-w- C:\Windows\PCTBDCore.dll
    2012-12-01 14:45:55 1690744 ----a-w- C:\Windows\PCTBDRes.dll
    2012-12-01 14:45:55 150648 ----a-w- C:\Windows\SGDetectionTool.dll
    2012-12-01 14:44:53 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
    2012-12-01 14:44:53 1096176 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
    2012-12-01 14:44:52 347016 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
    2012-12-01 14:44:52 258424 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
    2012-12-01 14:44:48 413448 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
    2012-12-01 14:44:47 253256 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
    2012-12-01 14:44:47 16392 ----a-w- C:\Windows\System32\drivers\pctBTFix64.sys
    2012-12-01 14:44:46 93600 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
    2012-12-01 14:44:46 87968 ----a-w- C:\Windows\System32\drivers\pctplsm64.sys
    2012-12-01 14:44:42 -------- d-----w- C:\Program Files (x86)\PC Tools
    2012-12-01 13:44:36 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F87578E9-EC82-4DB9-968E-9D8236E10955}\mpengine.dll
    2012-12-01 09:44:18 -------- d-----w- C:\Users\Matej\AppData\Roaming\Malwarebytes
    2012-12-01 09:44:00 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-12-01 09:43:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-12-01 09:39:11 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
    2012-12-01 09:37:54 -------- d-----w- C:\Users\Matej\AppData\Roaming\TestApp
    2012-12-01 09:37:54 -------- d-----w- C:\ProgramData\PC Tools
    2012-11-29 20:26:56 -------- d-----w- C:\ProgramData\Download and Sa
    2012-11-25 23:48:45 -------- d-----w- C:\Users\Matej\AppData\Local\Macromedia
    2012-11-20 08:06:45 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
    2012-11-15 23:46:51 9728 ----a-w- C:\Windows\System32\Wdfres.dll
    2012-11-15 23:46:51 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
    2012-11-15 23:46:51 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
    2012-11-15 23:46:51 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
    2012-11-15 23:39:27 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
    2012-11-15 23:39:26 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
    2012-11-15 23:39:26 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
    2012-11-15 23:39:26 744448 ----a-w- C:\Windows\System32\WUDFx.dll
    2012-11-15 23:39:26 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
    2012-11-15 23:39:26 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
    2012-11-15 23:39:26 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
    2012-11-15 21:57:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
    2012-11-15 21:57:13 95744 ----a-w- C:\Windows\System32\synceng.dll
    2012-11-15 21:57:13 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
    .
    ==================== Find3M ====================
    .
    2012-12-04 19:25:06 25640 ----a-w- C:\Windows\gdrv.sys
    2012-12-03 21:31:41 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2012-12-03 21:31:41 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2012-12-01 14:29:21 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-01 14:29:21 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-11-01 22:47:28 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
    2012-11-01 22:47:28 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2012-11-01 22:42:55 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
    2012-10-27 09:12:28 42440 ----a-w- C:\Windows\SysWow64\xfcodec.dll
    2012-10-27 09:12:26 28104 ----a-w- C:\Windows\System32\xfcodec64.dll
    2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
    2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll
    2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll
    2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll
    2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
    2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll
    2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
    2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
    2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
    2012-10-09 10:32:46 10220472 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-10-02 19:51:15 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin
    2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
    2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
    2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
    2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll
    2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
    2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll
    2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2012-09-24 22:16:33 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
    2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    .
    ============= FINISH: 20:41:01,29 ===============
    Mocaflix.com shows up while opening my browser? Attached Files
      My Computer


  6. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #6

    Looks like you have 1ClickDownloader and possibly more add-ons in Firefox, causing the problem.

    Download AdWareCleaner AdwCleaner Download to your desktop
    1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
    2.Click on Delete button.
    3.Confirm each time with OK.
    4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
    Note: You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
      My Computer


  7. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #7

    I know you said you did everything in the other topic you followed here, but I can't help you if you don't help me see what you see.

    Please post the content of the AdwCleaner log file/text as asked in my above post.
      My Computer


  8. Posts : 13
    Windows 7 Ultimate x64
    Thread Starter
       #8

    In the meantime my Windows have crashed, I installed Win7 again and formatted the disc while doing it in the advanced install options and when i downloaded Chrome i loged in with my account and it showed up again the same tab with mocaflix again.
    I made a new account on Google and re-installed Chrome, loged in with that account and it didnt show up again.
    I dont want to lose my other e-mail account,so if you have any idea how to get rid of it please tell me.
      My Computer


  9. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #9

    Have you tried changing your password?
      My Computer


  10. Posts : 13
    Windows 7 Ultimate x64
    Thread Starter
       #10

    i tried,and i didnt notice that when i logged in with the infected account with the new password it synched all data with the other account so whenever i open my chrome it shows me websearch mocaflix.
    then i uninstalled chrome and opened it again and didnt log in with any of my 2 accounts and it doesnt show up
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 14:37.
Find Us