Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:02:25 PM, on 2015-04-28
Platform: Unknown Windows (WinNT 6.02.100
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\renyi_000\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\Tencent\QQ\QQProtect\Bin\QQProtect.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Tencent\QQ\Bin\TXPlatform.exe
C:\Program Files (x86)\Tencent\QQ\bin\QQ.exe
C:\Program Files (x86)\Tencent\QQ\bin\QQExternal.exe
C:\Users\renyi_000\Desktop\HijackThis.exe
C:\Program Files (x86)\Tencent\QQ\txupd.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.ca
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = google.ca
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: VideoUrlSniffer - {00000ADA-7E0D-47C1-986C-F017D09C4304} - C:\Users\Public\Thunder Network\XMP5\Addins\VideoUrlSniffer.2.3.3.211.(986).dll
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files (x86)\360\360safe\safemon\safemon.dll
O2 - BHO: QQMiniDL Helper Class - {C9C7334B-5657-41e1-8F79-F6AACECA05F4} - C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\QQIEHelper01.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: AccountProtect - {DDD362CF-523B-4BC9-8FDC-58F93B6BC945} - C:\Users\renyi_000\AppData\Roaming\Tencent\QQ\QQAntiPhishing\AccountProtect.dll
O2 - BHO: Xunlei BHO Platform - {DE05CF4A-7B0A-4775-B5E5-396244938679} - C:\Program Files (x86)\Thunder Network\Thunder\Thunder BHO Platform\np_tdieplat.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [360Safetray] "C:\Program Files (x86)\360\360safe\safemon\360Tray.exe" /start
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [QQ2009] "C:\Program Files (x86)\Tencent\QQ\QQProtect\Bin\QQProtect.exe" /background
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\renyi_000\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
O4 - HKCU\..\Run: [XMP] "C:\Users\Public\THUNDE~1\XMP5\V5115~1.379\Program\xmp.exe" /embedding /sstartfrom Startup104
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: ???? - C:\Program Files (x86)\Thunder Network\Thunder\BHO\OfflineDownload.htm
O8 - Extra context menu item: ???? - C:\Program Files (x86)\Thunder Network\Thunder\BHO\geturl.htm
O8 - Extra context menu item: ???? - C:\Program Files (x86)\Thunder Network\Thunder\BHO\GetAllUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: ???? - C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\xfgeturl.htm
O9 - Extra button: (no name) - {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP5\V5.1.15.3791\Program\XmpIEToolMenu.htm (file missing)
O9 - Extra 'Tools' menuitem: ?????? - {14c1d00e-0b92-4379-880b-444fa2d740dd} - C:\Users\Public\Thunder Network\XMP5\V5.1.15.3791\Program\XmpIEToolMenu.htm (file missing)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar32.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\PROGRA~2\KuGou\KGMusic\KUGOO3~1.OCX
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\PROGRA~2\KuGou\KGMusic\KUGOO3~1.OCX
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BaiduYunUtility - Unknown owner - C:\Users\renyi_000\AppData\Roaming\baidu\BaiduYunGuanjia\YunUtilityService.exe (file missing)
O23 - Service: @oem41.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: BDHY Service (bddlsvc) - Unknown owner - C:\Users\renyi_000\AppData\Roaming\baidu\BaiduRJDownloader\1.5.0.89\bddlsvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ???? (ZhuDongFangYu) - 360.cn - C:\Program Files (x86)\360\360safe\deepscan\ZhuDongFangYu.exe
--
End of file - 14466 bytes
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic