1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

accessing online banking

Discussion in 'Virus & Other Malware Removal' started by reg70, Mar 14, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. reg70

    reg70 Thread Starter

    Joined:
    Mar 14, 2013
    Messages:
    4
    Good day. I am having a problem accessing my online banking site. I did post this problem on another site,but never got no reply. I was told to download SUPERantispyware,Malwarebytes anti malware, do the scans and post the logs along with a Hijack this log. I will post the results here. I hope someone can help me.



    Hi to all. When i try to access my bank online (BMO) i get this message "Do you want to open or save SsoGateKeeper(1.33 KB) from www.12.bmo.com?". Then there is an open,save or cancel option.

    If i click on cancel and then try to continue on to the online banking i get "online banking is temporarily unavailable". I contacted the bank and it has nothing to do with them.

    I am running windows7, using IE version 9. I never had a problem with online banking until a couple of days ago.Any help will be greatly appreciated.Thanks

    I am running Bitdefender Antivirus Plus and i have windows firewall turned on. Below is the logs that were requested.


    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 03/12/2013 at 06:58 PM

    Application Version : 5.6.1014

    Core Rules Database Version : 10119
    Trace Rules Database Version: 7931

    Scan type : Complete Scan
    Total Scan Time : 00:57:36

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Administrator

    Memory items scanned : 791
    Memory threats detected : 0
    Registry items scanned : 72982
    Registry threats detected : 43
    File items scanned : 52789
    File threats detected : 43

    Adware.Tracking Cookie
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\1FVXI8MJ.txt [ /h.atdmt.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\DB4LE22G.txt [ /sextracker.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\UJFTJ27H.txt [ /rts.pgmediaserve.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\3PU1C2O8.txt [ /www.partypoker.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\ZWCGS7P4.txt [ /counter4.sextracker.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\GZS62OGV.txt [ /atdmt.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\2JHHX35M.txt [ /ads.ad4game.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\B2AV095L.txt [ /clickbooth.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\R6EY86ZT.txt [ /exoclick.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\TBHZVY3X.txt [ /partypoker.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\3K8RLLG4.txt [ /ads.fhserve.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\P7O0WWHC.txt [ /wmedia.rotator.hadj7.adjuggler.net ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\TFB9PDDU.txt [ /7.rotator.wigetmedia.com ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\UNS5YL5I.txt [ /doubleclick.net ]
    C:\Users\reg\AppData\Roaming\Microsoft\Windows\Cookies\SQCMXCL4.txt [ /c.atdmt.com ]
    C:\USERS\REG\AppData\Roaming\Microsoft\Windows\Cookies\KCYG4GB4.txt [ Cookie:[email protected]/adServe ]
    C:\USERS\REG\Cookies\DB4LE22G.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\UJFTJ27H.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\3PU1C2O8.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\ZWCGS7P4.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\KCYG4GB4.txt [ Cookie:[email protected]/adServe ]
    C:\USERS\REG\Cookies\GZS62OGV.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\B2AV095L.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\R6EY86ZT.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\TBHZVY3X.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\P7O0WWHC.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\TFB9PDDU.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\UNS5YL5I.txt [ Cookie:[email protected]/ ]
    C:\USERS\REG\Cookies\SQCMXCL4.txt [ Cookie:[email protected]/ ]
    .doubleclick.net [ C:\USERS\REG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .divx.112.2o7.net [ C:\USERS\REG\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    Adware.Yontoo
    (x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32#ThreadingModel
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ProgID
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\Programmable
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\TypeLib
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\VersionIndependentProgID
    (x86) HKCR\YontooIEClient.Layers.1
    (x86) HKCR\YontooIEClient.Layers.1\CLSID
    (x86) HKCR\YontooIEClient.Layers
    (x86) HKCR\YontooIEClient.Layers\CLSID
    (x86) HKCR\YontooIEClient.Layers\CurVer
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0\win32
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\FLAGS
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\HELPDIR
    C:\PROGRAM FILES (X86)\YONTOO\YONTOOIECLIENT.DLL
    (x86) HKU\S-1-5-21-1644719223-3342795541-3147804208-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\InprocServer32
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\InprocServer32#ThreadingModel
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ProgID
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\Programmable
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\TypeLib
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\VersionIndependentProgID
    (x86) HKCR\YontooIEClient.Api.1
    (x86) HKCR\YontooIEClient.Api.1\CLSID
    (x86) HKCR\YontooIEClient.Api
    (x86) HKCR\YontooIEClient.Api\CLSID
    (x86) HKCR\YontooIEClient.Api\CurVer
    (x86) HKU\S-1-5-21-1644719223-3342795541-3147804208-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    (x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ProxyStubClsid32
    (x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\TypeLib
    (x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\TypeLib#Version
    (x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    (x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ProxyStubClsid32
    (x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\TypeLib
    (x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\TypeLib#Version

    Trojan.Agent/Gen-PhotoBot
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\007.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\008.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\009.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\010.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\011.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\012.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\013.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\014.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\015.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\016.JPG.EXE
    C:\USERS\REG\DOCUMENTS\DOS DRIVE\017.JPG.EXE



    Malwarebytes : Free anti-malware download

    Database version: v2013.03.12.10

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    reg :: REG-PC [administrator]

    Protection: Enabled

    12/03/2013 7:19:09 PM
    mbam-log-2013-03-12 (19-19-09).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 211222
    Time elapsed: 8 minute(s), 6 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Users\reg\Favorites\Free Porn & Adult Videos Forum.url (Rogue.Link) -> Quarantined and deleted successfully.

    (end)



    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16464)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\ExpressFiles\EFUpdater.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe
    C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Users\reg\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
    C:\Users\reg\AppData\Roaming\Yontoo\YontooDesktop.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
    C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPService.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\reg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\525LZK45\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: Do Not Track Me - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPAddon.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [Bell Canada Connection Manager] "C:\Program Files (x86)\Bell\Mobile Connect\MobileConnect.exe" -a
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [SanDiskSecureAccess_Manager.exe] C:\Users\reg\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
    O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\reg\AppData\Roaming\Yontoo\YontooDesktop.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [{91120000-002F-0000-0000-0000000FF1CE}] C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [{91120000-002F-0000-0000-0000000FF1CE}] C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Do Not Track Me (c) Abine - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPAddon.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Phantasmat/Images/stg_drm.ocx
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/...soft/wrc32.ocx
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Phantasmat/Images/armhelper.ocx
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Bell Canada Rc App Svc (BellCanadaRcAppSvc) - SmithMicro Inc. - C:\Program Files (x86)\Bell\Mobile Connect\RcAppSvc.exe
    O23 - Service: Bell Canada Con App Svc (CABellCanada) - SmithMicro Inc. - C:\Program Files (x86)\Bell\Mobile Connect\ConAppsSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: lxdd_device - - C:\Windows\system32\lxddcoms.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O23 - Service: NovaCore SDK Service (NvtlService) - Unknown owner - C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
    O23 - Service: Novatel Wireless Device Helper (NWHelper) - Novatel Wireless Inc. - C:\Program Files (x86)\Novatel Wireless\Bell\Drivers\NWHelper.exe
    O23 - Service: Native WiFi Profile Importer (ProfileImpSvc) - SmithMicro Inc. - C:\Program Files (x86)\Bell\Mobile Connect\ProfileImpSvc.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Sierra Wireless Card Detection Service (SwiCardDetectSvc) - Sierra Wireless, Inc. - C:\Program Files (x86)\Bell\Mobile Connect\SwiCardDetect64.exe
    O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
    O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: BitDefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 15227 bytes
     
  2. reg70

    reg70 Thread Starter

    Joined:
    Mar 14, 2013
    Messages:
    4
    Problem solved. I deleted divx player and adobe reader that i downloaded in the past week and now i have no problem accessing my bank site. Not sure if there is anything else in the logs that i should be worried about though.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1093043