Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Mocaflix.com shows up while opening my browser?

04 Dec 2012   #1

Windows 7 Ultimate x64
 
 
Mocaflix.com shows up while opening my browser?

I have this issue for a week now and I dont know how to deal withi it.
I saw a thread on this forum already but it didnt help me.
When Im trying to open Chrome it opens a second tab named mocaflix.com.
I did some research and ive seen that it is a hijacking virus or something that can remember your passwords, so if anybody can help me please post her.

My System SpecsSystem Spec
.

04 Dec 2012   #2

Windows 7 Professional 64bit
 
 

http://forums.anvisoft.com/viewtopic-53-2296-0.html

There is alot of removal tutorials on google about this.
My System SpecsSystem Spec
04 Dec 2012   #3

Windows 7 Ultimate x64
 
 

I tried every one of them but still when I open Google Chrome it opens the second tab with mocaflix.com
My System SpecsSystem Spec
.


04 Dec 2012   #4
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Download DDS from one of these links:
DDS.com
DDS.pif
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.
My System SpecsSystem Spec
04 Dec 2012   #5

Windows 7 Ultimate x64
 
 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by Matej at 20:40:18 on 2012-12-04
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.387.1033.18.4079.2046 [GMT 1:00]
.
AV: PC Tools Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: PC Tools Spyware Doctor with AntiVirus *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: PC Tools Browser Guard: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: PC Tools Browser Guard: {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
uRun: [AdobeBridge] <no file>
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{045FDC38-D3AD-4A06-945C-A4F9DAE39746} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{045FDC38-D3AD-4A06-945C-A4F9DAE39746}\45A50205F64637472716E61602642756560294E6475627E65647 : DHCPNameServer = 10.5.50.1
TCP: Interfaces\{72F6FB88-F39A-40A2-B723-72F70E93DE1F} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: GBHO.BHO: {45d30484-7ded-43d9-957a-d2fd1f046511} -
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Smart Recovery 2: {1d09c093-f71e-43c3-b948-19316cbd695e} -
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Matej\AppData\Roaming\Mozilla\Firefox\Profiles\35rbexj0.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=386496&ilc=12&p=
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-12-01 15:45; {cb84136f-9c44-433a-9048-c5cd9df1dc16}; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\System32\drivers\PCTCore64.sys [2012-12-1 413448]
R0 pctDS;PC Tools Data Store;C:\Windows\System32\drivers\pctDS64.sys [2012-12-1 453896]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\System32\drivers\pctEFA64.sys [2012-12-1 1096176]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-3-16 55280]
R0 TfFsMon;TfFsMon;C:\Windows\System32\drivers\TfFsMon.sys [2012-12-1 66344]
R0 TFSysMon;TFSysMon;C:\Windows\System32\drivers\TfSysMon.sys [2012-12-1 709552]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-3-11 21104]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-3-12 283200]
R1 pctgntdi;pctgntdi;C:\Windows\System32\drivers\pctgntdi64.sys [2012-12-1 347016]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\System32\drivers\PCTSD64.sys [2012-12-1 253256]
R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-12-1 580728]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-11-19 2462128]
R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
R2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-12-1 403416]
R2 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [2012-12-1 1162360]
R2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2012-3-11 114688]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-3-11 2655768]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-1-26 39808]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-1-26 64256]
R3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2012-5-28 15896]
R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\System32\drivers\LVPr2M64.sys [2009-10-7 30232]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-5-28 327576]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2008-7-26 50072]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\netr7364.sys [2010-2-24 726816]
R3 PCTBD;PC Tools Browser Defender Driver;C:\Windows\System32\drivers\PCTBD64.sys [2012-12-1 77144]
R3 pctplsg;pctplsg;C:\Windows\System32\drivers\pctplsg64.sys [2012-12-1 93600]
R3 pctplsm;pctplsm;C:\Windows\System32\drivers\pctplsm64.sys [2012-12-1 87968]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-11 412264]
R3 TfNetMon;TfNetMon;C:\Windows\System32\drivers\TfNetMon.sys [2012-12-1 42648]
R3 ThreatFire;ThreatFire;C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service --> C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [?]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update --> C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-3-11 30528]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-3-14 20992]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-3-12 59392]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2012-3-11 16384]
.
=============== Created Last 30 ================
.
2012-12-04 19:28:08 -------- d-----r- C:\Program Files (x86)\Skype
2012-12-04 12:43:07 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2012-12-04 12:43:07 410624 ----a-w- C:\Windows\SysWow64\systemcpl.dll
2012-12-04 12:43:07 2048 ----a-w- C:\Windows\SysWow64\winver.exe
2012-12-04 12:43:07 1536 ----a-w- C:\Windows\SysWow64\sppcomapi.dll
2012-12-04 12:43:07 113543 ----a-w- C:\Windows\SysWow64\slmgr.vbs
2012-12-03 22:17:01 -------- d-----w- C:\Users\Matej\AppData\Local\Google
2012-12-03 21:23:44 -------- d-----w- C:\Windows\System32\SPReview
2012-12-03 21:22:46 -------- d-----w- C:\Windows\System32\EventProviders
2012-12-03 21:07:14 -------- d-sh--w- C:\found.000
2012-12-03 20:58:49 -------- d-----w- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2012-12-01 14:52:27 709552 --s---w- C:\Windows\System32\drivers\TfSysMon.sys
2012-12-01 14:52:27 66344 --s---w- C:\Windows\System32\drivers\TfFsMon.sys
2012-12-01 14:52:27 42648 --s---w- C:\Windows\System32\drivers\TfNetMon.sys
2012-12-01 14:45:56 77144 ----a-w- C:\Windows\System32\drivers\PCTBD64.sys
2012-12-01 14:45:55 769144 ----a-w- C:\Windows\BDTSupport.dll
2012-12-01 14:45:55 2280568 ----a-w- C:\Windows\PCTBDCore.dll
2012-12-01 14:45:55 1690744 ----a-w- C:\Windows\PCTBDRes.dll
2012-12-01 14:45:55 150648 ----a-w- C:\Windows\SGDetectionTool.dll
2012-12-01 14:44:53 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2012-12-01 14:44:53 1096176 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2012-12-01 14:44:52 347016 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
2012-12-01 14:44:52 258424 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
2012-12-01 14:44:48 413448 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2012-12-01 14:44:47 253256 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-12-01 14:44:47 16392 ----a-w- C:\Windows\System32\drivers\pctBTFix64.sys
2012-12-01 14:44:46 93600 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
2012-12-01 14:44:46 87968 ----a-w- C:\Windows\System32\drivers\pctplsm64.sys
2012-12-01 14:44:42 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-12-01 13:44:36 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F87578E9-EC82-4DB9-968E-9D8236E10955}\mpengine.dll
2012-12-01 09:44:18 -------- d-----w- C:\Users\Matej\AppData\Roaming\Malwarebytes
2012-12-01 09:44:00 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-01 09:43:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-01 09:39:11 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-12-01 09:37:54 -------- d-----w- C:\Users\Matej\AppData\Roaming\TestApp
2012-12-01 09:37:54 -------- d-----w- C:\ProgramData\PC Tools
2012-11-29 20:26:56 -------- d-----w- C:\ProgramData\Download and Sa
2012-11-25 23:48:45 -------- d-----w- C:\Users\Matej\AppData\Local\Macromedia
2012-11-20 08:06:45 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2012-11-15 23:46:51 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-15 23:46:51 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-15 23:46:51 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-15 23:46:51 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-15 23:39:27 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-15 23:39:26 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-15 23:39:26 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-15 23:39:26 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-15 23:39:26 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-15 23:39:26 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-15 23:39:26 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-15 21:57:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-15 21:57:13 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-11-15 21:57:13 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
.
==================== Find3M ====================
.
2012-12-04 19:25:06 25640 ----a-w- C:\Windows\gdrv.sys
2012-12-03 21:31:41 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-12-03 21:31:41 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-12-01 14:29:21 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-01 14:29:21 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-01 22:47:28 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-11-01 22:47:28 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-11-01 22:42:55 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-10-27 09:12:28 42440 ----a-w- C:\Windows\SysWow64\xfcodec.dll
2012-10-27 09:12:26 28104 ----a-w- C:\Windows\System32\xfcodec64.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll
2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll
2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll
2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll
2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2012-10-09 10:32:46 10220472 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-02 19:51:15 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-09-24 22:16:33 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 20:41:01,29 ===============


Attached Files
File Type: txt attach.txt (14.7 KB, 2 views)
My System SpecsSystem Spec
04 Dec 2012   #6
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Looks like you have 1ClickDownloader and possibly more add-ons in Firefox, causing the problem.

Download AdWareCleaner AdwCleaner Download to your desktop
1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
2.Click on Delete button.
3.Confirm each time with OK.
4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
Note: You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
My System SpecsSystem Spec
04 Dec 2012   #7
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

I know you said you did everything in the other topic you followed here, but I can't help you if you don't help me see what you see.

Please post the content of the AdwCleaner log file/text as asked in my above post.
My System SpecsSystem Spec
07 Dec 2012   #8

Windows 7 Ultimate x64
 
 

In the meantime my Windows have crashed, I installed Windows 7 again and formatted the disc while doing it in the advanced install options and when i downloaded Chrome i loged in with my account and it showed up again the same tab with mocaflix again.
I made a new account on Google and re-installed Chrome, loged in with that account and it didnt show up again.
I dont want to lose my other e-mail account,so if you have any idea how to get rid of it please tell me.
My System SpecsSystem Spec
07 Dec 2012   #9
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Have you tried changing your password?
My System SpecsSystem Spec
08 Dec 2012   #10

Windows 7 Ultimate x64
 
 

i tried,and i didnt notice that when i logged in with the infected account with the new password it synched all data with the other account so whenever i open my chrome it shows me websearch mocaflix.
then i uninstalled chrome and opened it again and didnt log in with any of my 2 accounts and it doesnt show up
My System SpecsSystem Spec
Reply

 Mocaflix.com shows up while opening my browser?




Thread Tools



Similar help and support threads for2: Mocaflix.com shows up while opening my browser?
Thread Forum
BSoD when opening Chrome browser BSOD Help and Support
Help! Mocaflix virus System Security
Web browser not opening, mozilla, IE , Opera etc.. Browsers & Mail
Wrong homepage etc on opening browser. Browsers & Mail
Some sites not opening in any browser :( :( HELP !!!! Network & Sharing
Help me to avoid opening web browser Browsers & Mail
When opening internet browser, explorer crashes. BSOD Help and Support

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:00 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33