Results 1 to 10 of 37

Thread: Help remove popup movie

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. 2014-06-26, 09:34 #1
    Ghostryan
    Ghostryan is offline
    Junior Member
    Join Date
    Jun 2014
    Location
    Queen Creek AZ
    Posts
    20

    Unhappy Help remove popup movie

    Ran spy bot a chose to fix all,seem to ok but said 5 threats unable to fix. These DDS and aswMBR logs are from 2nd scan. aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
    Run date: 2014-06-25 18:18:28
    -----------------------------
    18:18:28.134 OS Version: Windows x64 6.1.7601 Service Pack 1
    18:18:28.134 Number of processors: 2 586 0x200
    18:18:28.136 ComputerName: GHOSTRYAN-PC UserName: Ghostryan
    18:18:29.969 Initialize success
    18:18:29.970 VM: initialized successfully
    18:18:30.043 VM: Amd CPU supported
    18:18:33.450 VM: disk I/O atapi.sys
    18:19:16.232 The log file has been saved successfully to "C:\Users\Ghostryan\Documents\tex\F up Prosseses\aswMBR.txt" DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.55.2
    Run by Ghostryan at 18:05:31 on 2014-06-25
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3576.1045 [GMT -7:00]
    .
    AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\PROGRA~1\FOLDER~1\FGKey64.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    svchost.exe
    C:\PROGRAM FILES (X86)\QWEST 11N WIRELESS WPS TOOL\WPSCENTERV.EXE
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\vssvc.exe
    C:\Program Files\Windows Media Player\wmprph.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
    C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\Dwm.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\msdtc.exe
    C:\Windows\system32\taskmgr.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
    C:\Windows\explorer.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\prevhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://msn.com/
    uDefault_Page_URL = hxxp://emachines.msn.com
    mStart Page = hxxp://search.coupons.com/
    uURLSearchHooks: {327f75ed-061b-4339-8cc6-5dd45ad1396d} - <orphaned>
    uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>
    dURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    mWinlogon: Userinit = userinit.exe,
    BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Social Privacy: {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp.dll
    BHO: Ads Removal: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
    BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
    TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
    TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
    EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
    EB: {c585d593-e7f4-4852-a200-561686ee02e4} - <orphaned>
    uRun: [Google Update] "C:\Users\Ghostryan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
    uRun: [reresdfj] "C:\Users\Ghostryan\AppData\Local\idvocpfp.exe"
    uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    uRun: [dcbjeutu] "C:\Users\Ghostryan\AppData\Local\dljutjde.exe"
    mRun: [BCSSync] "c:\program files (x86)\microsoft office\office14\bcssync.exe" /delayservices
    mRun: [EKIJ5000StatusMonitor] C:\Windows\System32\SPOOL\DRIVERS\X64\3\EKIJ5000MUI.EXE
    mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    dRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual
    dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
    StartupFolder: C:\Users\GHOSTR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    uPolicies-Explorer: HideSCAHealth = dword:1
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoDriveAutoRun = dword:67042867
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
    DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_client_4.5.1.0.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://www.fcd.maricopa.gov/Maps/gismaps/plugin/mgaxctrl6.5.cab
    DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
    DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
    DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 75.126.206.18,184.173.169.186
    TCP: NameServer = 97.64.183.164 97.64.209.37
    TCP: Interfaces\{1D0ACB32-9330-4A1C-B2A7-8AA8ACC492CA} : NameServer = 75.126.206.18,184.173.169.186
    TCP: Interfaces\{1D0ACB32-9330-4A1C-B2A7-8AA8ACC492CA} : DHCPNameServer = 97.64.183.164 97.64.209.37
    TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 75.126.206.18,184.173.169.186
    TCP: Interfaces\{E9B3D5B2-A38A-46A9-8A75-8091E88179A5} : NameServer = 75.126.206.18,184.173.169.186
    TCP: Interfaces\{E9B3D5B2-A38A-46A9-8A75-8091E88179A5} : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{E9B3D5B2-A38A-46A9-8A75-8091E88179A5}\1444D494E4D20534F5E4564777F627B6 : DHCPNameServer = 192.168.0.1 205.171.3.25
    TCP: Interfaces\{E9B3D5B2-A38A-46A9-8A75-8091E88179A5}\D697177756374713830373 : DHCPNameServer = 192.168.0.1 205.171.3.25
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    IFEO: Boost.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    IFEO: COMScore.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    IFEO: GameBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    IFEO: GameConsole-wt.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    x64-mStart Page = hxxp://start.mysearchdial.com/?f=1&a=foxtab&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0DtAtC0EtD0AtDtBtBtDtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=891733045&ir=
    x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
    x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
    x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} -
    x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
    x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
    x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    x64-IFEO: Boost.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    x64-IFEO: COMScore.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    x64-IFEO: GameBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    x64-IFEO: GameConsole-wt.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
    .
    Note: multiple IFEO entries found. Please refer to Attach.txt
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-2-1 21184]
    R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-1-28 881952]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 239616]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
    R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2011-8-9 202576]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-9-22 974944]
    R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2011-8-4 137144]
    R2 FGUARD64;FGUARD64;C:\Program Files\Folder Guard\FGUARD64.sys [2012-9-10 73552]
    R2 Live Updater Service;Live Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2011-8-10 255376]
    R2 PfFilter;PfFilter;C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2014-1-29 39504]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-6-25 1738200]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-6-25 2081752]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-6-25 171928]
    R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-3-13 46136]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
    R3 LVUVC64;Logitech Webcam 120(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-9-21 4763680]
    R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2014-1-29 34848]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-3-31 271064]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-3-31 888536]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
    R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2014-1-30 14544]
    S1 fzwgfhko;fzwgfhko;C:\Windows\System32\drivers\fzwgfhko.sys [2014-6-20 55104]
    S1 wsmolbie;wsmolbie;C:\Windows\System32\drivers\wsmolbie.sys [2014-6-24 55104]
    S2 AutoInstallEJCD;Auto Install Eject CD Service; [x]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
    S2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-1-29 341824]
    S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-1-28 2152736]
    S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
    S3 DataSafeService;DataSafe Service 1.0;C:\Program Files (x86)\SofGem\DataSafe Backup 1.0\DataSafeService.exe [2009-4-13 14848]
    S3 GREGService;GREGService;C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2011-5-29 36456]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-12 111616]
    S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter_hs.sys [2014-1-30 20232]
    S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-19 23152]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
    S3 QW720S64;Qwest 802.11n XN720 Driver(win7);C:\Windows\System32\drivers\WLANUHN.sys [2012-3-12 752640]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-28 19456]
    S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
    S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-13 56832]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-28 30208]
    S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2014-1-29 23016]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-13 1255736]
    S3 ZDCNDIS6a64;ZDCNDIS Protocol Driver;C:\Windows\System32\ZDCNDIS6a64.sys [2012-3-12 45624]
    S4 DataSafeHelper;DataSafe Helper 1.0;C:\Program Files (x86)\SofGem\DataSafe Backup 1.0\DataSafeHelper.exe [2009-4-13 12800]
    S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-1-29 23048]
    S4 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-1-27 227904]
    S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-19 652872]
    S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2014-06-26 00:23:32 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\tmeaelpx.exe
    2014-06-25 22:24:25 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\qgcrsgpr.exe
    2014-06-25 21:50:22 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\hfvkarcw.exe
    2014-06-25 20:25:16 139264 ----a-w- C:\Users\Ghostryan\AppData\Local\dljutjde.exe
    2014-06-25 20:08:12 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\xpqjpxdf.exe
    2014-06-25 18:09:04 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\xmkvcqfi.exe
    2014-06-25 14:10:31 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\ejnredfa.exe
    2014-06-25 12:11:21 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\vntulhjx.exe
    2014-06-25 10:12:13 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\caxwaqxw.exe
    2014-06-25 09:38:09 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\orncfgmw.exe
    2014-06-25 09:18:56 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
    2014-06-25 09:18:53 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2014-06-25 09:18:43 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-06-25 08:13:04 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\upfwbpsf.exe
    2014-06-25 07:39:49 -------- d-----w- C:\Users\Ghostryan\AppData\Roaming\ProductData
    2014-06-25 06:13:49 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\triqlokm.exe
    2014-06-25 05:39:45 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\mxrpjdwk.exe
    2014-06-25 04:14:38 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\goupjhor.exe
    2014-06-25 02:15:30 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\mpwxcdfw.exe
    2014-06-25 01:41:17 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\tppmbitt.exe
    2014-06-25 00:16:09 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\owvwxwdg.exe
    2014-06-24 22:17:02 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ebsiiieb.exe
    2014-06-24 21:42:59 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\xlklterc.exe
    2014-06-24 20:17:53 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\voqrpvdl.exe
    2014-06-24 18:52:48 139264 ----a-w- C:\Users\Ghostryan\AppData\Local\idvocpfp.exe
    2014-06-24 18:18:45 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\osuawcpc.exe
    2014-06-24 17:44:41 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\rpugtftm.exe
    2014-06-24 16:19:35 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ldnhcame.exe
    2014-06-24 14:20:29 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ccaihgkk.exe
    2014-06-24 13:46:25 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\cvjqrvhv.exe
    2014-06-24 12:21:17 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\hcddxqdh.exe
    2014-06-24 10:22:10 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\fjtchwso.exe
    2014-06-24 09:48:07 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\thbphdkc.exe
    2014-06-24 09:45:31 55104 ----a-w- C:\Windows\System32\drivers\wsmolbie.sys
    2014-06-24 09:35:42 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B36AE4C-C71C-45BC-8518-60CB33F42111}\offreg.dll
    2014-06-24 09:31:32 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B36AE4C-C71C-45BC-8518-60CB33F42111}\mpengine.dll
    2014-06-24 08:23:01 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\rumtouqe.exe
    2014-06-24 02:07:50 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\aalecdbt.exe
    2014-06-24 01:50:48 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\qqoxtxmt.exe
    2014-06-24 00:08:42 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\viiuewnh.exe
    2014-06-23 22:09:34 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\axnjopoo.exe
    2014-06-23 21:52:32 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\aehuwlxj.exe
    2014-06-23 20:10:18 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\lvflfjxm.exe
    2014-06-23 19:53:16 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\xgqankje.exe
    2014-06-23 08:09:58 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\wsabbsjl.exe
    2014-06-23 06:10:45 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\hmfkvtqe.exe
    2014-06-23 05:53:41 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\xatwjiii.exe
    2014-06-23 04:11:26 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\updokjig.exe
    2014-06-23 02:12:12 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\spejkboj.exe
    2014-06-23 01:38:06 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\rcqoojjq.exe
    2014-06-23 00:12:54 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\dfgdafgf.exe
    2014-06-22 22:13:40 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\iupqetvp.exe
    2014-06-22 21:39:34 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\eltdvrsc.exe
    2014-06-22 20:14:22 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ukxwtasn.exe
    2014-06-22 18:15:09 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\dxuwtjvo.exe
    2014-06-22 17:41:02 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\ofghsbbc.exe
    2014-06-22 16:15:52 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\xtnqrlst.exe
    2014-06-22 14:16:34 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\xsthhxqq.exe
    2014-06-22 13:42:28 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\abxttkpf.exe
    2014-06-22 12:17:17 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\ksruvkjq.exe
    2014-06-22 10:18:05 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\qkchmuru.exe
    2014-06-22 09:44:00 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\cldehqhq.exe
    2014-06-22 08:18:39 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\sedkgkbw.exe
    2014-06-22 06:19:30 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\bfnqiswx.exe
    2014-06-22 05:45:19 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\cvvtfstm.exe
    2014-06-22 04:19:56 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\moqvleqe.exe
    2014-06-22 02:20:35 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\svcsmlbl.exe
    2014-06-22 01:46:26 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\fnamehih.exe
    2014-06-22 00:21:13 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\wlwwneql.exe
    2014-06-21 22:21:48 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\gcikvkrv.exe
    2014-06-21 21:47:41 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\qgdvmvrc.exe
    2014-06-21 20:22:27 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\lsdximhp.exe
    2014-06-21 18:23:06 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\dowroopm.exe
    2014-06-21 17:48:59 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\gfgdnolb.exe
    2014-06-21 17:14:53 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\cbsuaglv.exe
    2014-06-21 09:41:33 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\dxulmwup.exe
    2014-06-21 08:16:18 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\efritvsg.exe
    2014-06-21 06:17:04 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\lsugtsfq.exe
    2014-06-21 05:42:59 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\tlbajvrh.exe
    2014-06-21 04:34:46 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\jwkwketx.exe
    2014-06-21 02:16:58 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\wfnlbgjt.exe
    2014-06-21 01:42:56 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\atnkgcmb.exe
    2014-06-21 00:17:51 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\oqotcnje.exe
    2014-06-20 22:18:44 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\hlqeqeos.exe
    2014-06-20 21:44:41 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\taqabqot.exe
    2014-06-20 20:19:35 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\thqsfolx.exe
    2014-06-20 18:34:36 55104 ----a-w- C:\Windows\System32\drivers\fzwgfhko.sys
    2014-06-20 18:20:27 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\klcaqehp.exe
    2014-06-20 18:03:25 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\xjlugvfk.exe
    2014-06-20 10:23:37 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\twmnjfmd.exe
    2014-06-20 09:49:34 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\ebupcdhj.exe
    2014-06-20 08:07:27 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\eexkvtlj.exe
    2014-06-20 06:08:19 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\iexjnwgf.exe
    2014-06-20 05:51:17 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\ebkwdvee.exe
    2014-06-20 04:09:09 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\okbtsroh.exe
    2014-06-20 02:17:27 -------- d-----w- C:\ProgramData\.mono
    2014-06-20 02:10:01 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\pwiamcne.exe
    2014-06-20 01:52:58 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\atccvcjn.exe
    2014-06-20 00:10:51 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\bbmrgbwa.exe
    2014-06-19 22:11:43 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\bvqxjjmw.exe
    2014-06-19 21:37:28 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\lasfrkex.exe
    2014-06-19 20:12:17 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\xbbdxnbh.exe
    2014-06-19 18:13:10 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\xcertkjr.exe
    2014-06-19 17:39:07 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\jcmraxcv.exe
    2014-06-19 16:14:01 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\hconhrpc.exe
    2014-06-19 14:14:53 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\xqoiflgj.exe
    2014-06-19 13:40:50 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\dlocbmmc.exe
    2014-06-19 12:15:44 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\tkcxrhav.exe
    2014-06-19 10:15:51 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\tnavghfu.exe
    2014-06-19 09:41:48 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\fkiaevrm.exe
    2014-06-19 08:16:43 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\kchfjkfw.exe
    2014-06-19 06:17:36 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\frkahboh.exe
    2014-06-19 05:43:34 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\pcntddel.exe
    2014-06-19 04:18:27 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\ckusodux.exe
    2014-06-19 02:19:21 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\pmdwfiwk.exe
    2014-06-19 01:44:05 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\ipfqelqg.exe
    2014-06-19 00:18:54 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\wtawfubm.exe
    2014-06-18 22:19:41 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\oojkokaw.exe
    2014-06-18 21:45:35 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\spehhkvm.exe
    2014-06-18 20:20:26 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\rsvuwntr.exe
    2014-06-18 18:19:23 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\wljeioiw.exe
    2014-06-18 17:45:17 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\ixqwwgsw.exe
    2014-06-18 16:20:06 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\mramfevi.exe
    2014-06-18 14:20:53 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\qngelbvq.exe
    2014-06-18 13:46:47 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\itdajubg.exe
    2014-06-18 12:21:38 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\lfxotvop.exe
    2014-06-18 10:10:34 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\tkotersb.exe
    2014-06-18 09:53:32 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\qdfjuglf.exe
    2014-06-18 08:11:25 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\wmwwleok.exe
    2014-06-18 06:12:17 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\nwlxgplk.exe
    2014-06-18 05:38:12 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\tcvqrsiw.exe
    2014-06-18 04:13:05 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\gxhgbhpc.exe
    2014-06-18 02:13:58 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\mbpkirvu.exe
    2014-06-18 01:39:54 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\fwklouec.exe
    2014-06-18 00:14:48 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\nrxdfsis.exe
    2014-06-17 22:15:41 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\nrswdosk.exe
    2014-06-17 21:41:35 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\aqqiccsa.exe
    2014-06-17 20:15:42 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\jphortpj.exe
    2014-06-17 18:16:28 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\mtjahxtp.exe
    2014-06-17 17:42:25 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\sjcbvevj.exe
    2014-06-17 16:16:44 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\stphwrag.exe
    2014-06-17 14:17:37 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\fsejrnui.exe
    2014-06-17 13:43:34 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\hqjqraqi.exe
    2014-06-17 12:18:29 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\qdsstgns.exe
    2014-06-17 10:19:19 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\wpuclbiv.exe
    2014-06-17 09:45:16 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\hkulwftv.exe
    2014-06-17 08:20:08 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\rqrsxmsd.exe
    2014-06-17 07:31:06 -------- d-----w- C:\Program Files (x86)\8BallClub
    2014-06-17 06:37:48 -------- d-----w- C:\Users\Ghostryan\AppData\Local\Adobe
    2014-06-17 06:20:58 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\mghdukqs.exe
    2014-06-17 05:46:55 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ebfbqacc.exe
    2014-06-17 04:21:45 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\cxfbatap.exe
    2014-06-17 02:22:38 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ssjviurj.exe
    2014-06-17 01:48:35 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\udcmgaot.exe
    2014-06-17 00:23:29 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\fsrwuqew.exe
    2014-06-16 22:07:21 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\gqqcbhun.exe
    2014-06-16 21:50:18 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\ciikgrua.exe
    2014-06-16 20:08:12 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\sqlldqwe.exe
    2014-06-16 18:42:57 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\jqgqaqet.exe
    2014-06-16 08:09:42 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\pwcjmawv.exe
    2014-06-16 02:12:09 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\pjmolnde.exe
    2014-06-16 01:38:06 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\rwassjpg.exe
    2014-06-16 00:30:01 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\gjmrkaie.exe
    2014-06-15 22:57:21 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\hhxqptha.exe
    2014-06-14 16:12:59 -------- d-----w- C:\Users\Ghostryan\AppData\Local\Logishrd
    2014-06-14 00:42:40 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\blcewlgn.exe
    2014-06-13 22:13:10 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\xhwtsscm.exe
    2014-06-13 21:38:10 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\mqacdfco.exe
    2014-06-13 20:46:39 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\gmmrsfva.exe
    2014-06-13 08:10:43 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\lxdqceiq.exe
    2014-06-13 05:37:33 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\equxsmbt.exe
    2014-06-13 04:20:57 506368 ----a-w- C:\Windows\System32\aepdu.dll
    2014-06-13 04:20:56 424448 ----a-w- C:\Windows\System32\aeinv.dll
    2014-06-13 02:10:53 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\iadwnwcc.exe
    2014-06-13 01:53:50 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\aidmsjwk.exe
    2014-06-13 01:13:06 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
    2014-06-13 01:13:05 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
    2014-06-13 01:12:16 801280 ----a-w- C:\Windows\System32\usp10.dll
    2014-06-13 01:12:16 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
    2014-06-13 01:11:32 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
    2014-06-13 01:11:32 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
    2014-06-13 01:11:32 2048 ----a-w- C:\Windows\System32\msxml6r.dll
    2014-06-13 01:11:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
    2014-06-13 01:11:32 2002432 ----a-w- C:\Windows\System32\msxml6.dll
    2014-06-13 01:11:32 1882112 ----a-w- C:\Windows\System32\msxml3.dll
    2014-06-13 01:11:32 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2014-06-13 01:11:32 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2014-06-13 01:10:41 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2014-06-13 01:10:40 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2014-06-12 17:37:09 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\fukkcaoi.exe
    2014-06-12 10:14:34 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\mkpwkqjh.exe
    2014-06-12 09:48:31 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\rfcrmddd.exe
    2014-06-12 08:17:25 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\vvtojojw.exe
    2014-06-12 06:07:15 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ucpxlhav.exe
    2014-06-12 05:41:12 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\lkhvwrgb.exe
    2014-06-12 04:10:04 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\vnskkegs.exe
    2014-06-12 02:12:56 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ripjulbi.exe
    2014-06-12 01:46:53 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\afocmtbs.exe
    2014-06-12 00:15:46 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\rxgjwbwr.exe
    2014-06-11 22:18:38 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\oawwklde.exe
    2014-06-11 21:52:35 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\gfhvwlqu.exe
    2014-06-11 20:18:08 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ahsxlxge.exe
    2014-06-11 18:19:52 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\vtpntwvr.exe
    2014-06-11 16:09:35 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\vvvccoti.exe
    2014-06-11 09:45:58 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\rdifigel.exe
    2014-06-11 08:14:44 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\oxobqpog.exe
    2014-06-11 04:19:58 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\davonehb.exe
    2014-06-10 21:48:48 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\rxjnfqbo.exe
    2014-06-10 20:16:38 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ncmrwfgl.exe
    2014-06-10 18:10:05 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\shelpqii.exe
    2014-06-10 17:57:02 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\eikpkevw.exe
    2014-06-10 17:38:15 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\vwusaxue.exe
    2014-06-10 00:16:47 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\rampputa.exe
    2014-06-09 22:19:39 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\pifhgwno.exe
    2014-06-09 21:40:36 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\pidgdevf.exe
    2014-06-09 18:11:51 72208 ----a-w- C:\Users\Ghostryan\AppData\Local\dhogkwbb.exe
    2014-06-09 17:45:48 72208 ----a-w- C:\Users\Ghostryan\AppData\Local\mdvcatau.exe
    2014-06-09 13:38:29 72208 ----a-w- C:\Users\Ghostryan\AppData\Local\qmhcalad.exe
    2014-06-09 12:07:23 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\ddevairl.exe
    2014-06-09 10:10:15 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\fidxapho.exe
    2014-06-09 09:44:12 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\xbifiwlh.exe
    2014-06-09 08:13:06 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\vtqqjeva.exe
    2014-06-09 06:15:57 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\purakhel.exe
    2014-06-09 05:49:54 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\svbwvpgi.exe
    2014-06-08 17:40:51 72720 ----a-w- C:\Users\Ghostryan\AppData\Local\ktbwvgnt.exe
    2014-06-08 16:09:44 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\mirvlgjv.exe
    2014-06-07 18:11:53 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\hxiqiwgl.exe
    2014-06-07 17:45:50 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\fksbttaa.exe
    2014-06-07 16:14:41 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\gdxbnfbo.exe
    2014-06-07 10:09:59 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\bpxbxwms.exe
    2014-06-07 09:43:57 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\hoaqmrio.exe
    2014-06-07 08:12:51 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\tlxargdc.exe
    2014-06-07 02:08:01 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\omauxako.exe
    2014-06-07 01:41:58 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\cuoniwfl.exe
    2014-06-07 00:09:18 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\faxpbqiw.exe
    2014-06-06 09:37:17 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\lsomioom.exe
    2014-06-06 08:19:10 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\dxwetloj.exe
    2014-06-06 05:42:56 72720 ----a-w- C:\Users\Ghostryan\AppData\Local\gmlntdxt.exe
    2014-06-05 21:41:17 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\rnpibitc.exe
    2014-06-05 20:09:22 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\fgjdituh.exe
    2014-06-05 06:19:42 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\fbwrtvhh.exe
    2014-06-05 05:40:37 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\kkautumo.exe
    2014-06-05 04:09:28 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ujeliqis.exe
    2014-06-05 02:12:19 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\afxboehl.exe
    2014-06-05 01:46:17 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\rxttgbpn.exe
    2014-06-05 00:15:09 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\fodkkttp.exe
    2014-06-04 09:40:37 72720 ----a-w- C:\Users\Ghostryan\AppData\Local\glmvkwvo.exe
    2014-06-03 08:11:23 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\vngwimex.exe
    2014-06-03 06:13:21 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\fnimalwb.exe
    2014-06-03 05:47:01 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\btclrrav.exe
    2014-06-03 04:14:57 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\khcqlcgg.exe
    2014-06-03 02:15:45 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\ftufhhkm.exe
    2014-06-03 01:49:36 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\bfxbuvat.exe
    2014-06-03 00:16:57 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\lshvuvvc.exe
    2014-06-02 18:23:05 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\cvdxfeal.exe
    2014-06-02 18:19:57 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\lujrkojj.exe
    2014-06-02 18:16:40 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\olitmnum.exe
    2014-06-01 05:52:41 -------- d-----w- C:\Users\Ghostryan\AppData\Local\Yummy Interactive Inc
    .
    ==================== Find3M ====================
    .
    2014-06-14 16:12:49 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
    2014-06-13 00:46:15 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-06-13 00:46:15 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-04-15 09:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
    2014-04-15 03:14:16 880040 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2014-04-15 03:14:11 802728 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2014-04-15 03:13:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
    2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
    2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
    2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
    2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
    2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2014-04-09 16:34:05 353864 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2014-04-09 16:34:04 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2014-04-01 06:25:46 9889352 ----a-w- C:\Windows\SysWow64\RsCRIcon.dll
    2014-04-01 06:25:46 271064 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
    2014-04-01 06:18:20 888536 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
    2014-04-01 06:18:20 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll
    2014-04-01 06:18:20 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
    2014-03-31 16:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
    2014-01-21 07:27:59 50053120 ----a-w- C:\Program Files (x86)\GUT8045.tmp
    .
    ============= FINISH: 18:06:51.22 ===============
    Attached Files Attached Files
  2. 2014-06-26, 16:47 #2
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    Those files you have so many of may be related to the Vundo Trojan, have not seen that in awhile.


    Your aswMBR log is not complete, please run it again and post the log .


    Please download aswMBR to your desktop.

    • Double click the aswMBR icon to run it.
    • Click the Scan button to start scan.
    • If you are asked to update the Avast Virus database please allow it to do so.
    • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.


    I just want to see the report....Please Do Not Fix Anything











    Please download Malwarebytes Anti-Malware to your desktop.



    • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to the following: Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
    • Click Finish.
    • On the Dashboard, click Update Now
    • After the update completes, click the Scan Now Button.




    • A Threat Scan will begin.
    • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
    • In most cases, a restart will be required.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the scan log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'
    • Paste the contents of the clipboard into your reply.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  3. 2014-06-26, 21:50 #3
    Ghostryan
    Ghostryan is offline
    Junior Member
    Join Date
    Jun 2014
    Location
    Queen Creek AZ
    Posts
    20

    Unhappy aswmbr not working

    Well i try to run several times , deleted and downloaded a few times, task manager says no responce ,so i end task,only shows exit and save highlighted . I downloaded from public avast also but did not work. Was not sure but want to send ya the Search results from Spy bot - Search & Destroy i hope this might help. I compressed i hope that was the proper thing to do. thanks hope to here from ya soon.
    Attached Files Attached Files
  4. 2014-06-26, 22:04 #4
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    OK, lets forget aswMBR for now, go ahead and download, install and run Malwarebytes. Your Spybot log is showing lots of bogus toolbars and such
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  5. 2014-06-26, 23:47 #5
    Ghostryan
    Ghostryan is offline
    Junior Member
    Join Date
    Jun 2014
    Location
    Queen Creek AZ
    Posts
    20

    Unhappy Wll do that

    i wanted to say that when i try to run the ERUNT that this error says . error saving file c/users\ghostryan\Desktop\Ghost\6-26-20014\software!} and i press yes 5 times and at the end of comands on 2nd says default! 3rd security! 4th sam! I dont know just thought i would mention it. ok i will run Malwarebytes Anti-Malware then send report.
  6. 2014-06-27, 01:28 #6
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Lets wait until I see what Malwarebytes removes and then I will link you to a better reg backup program
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules