Help remove popup movie

Status
Not open for further replies.
G

Ghostryan

New member
Ran spy bot a chose to fix all,seem to ok but said 5 threats unable to fix. These DDS and aswMBR logs are from 2nd scan. aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-06-25 18:18:28
-----------------------------
18:18:28.134 OS Version: Windows x64 6.1.7601 Service Pack 1
18:18:28.134 Number of processors: 2 586 0x200
18:18:28.136 ComputerName: GHOSTRYAN-PC UserName: Ghostryan
18:18:29.969 Initialize success
18:18:29.970 VM: initialized successfully
18:18:30.043 VM: Amd CPU supported
18:18:33.450 VM: disk I/O atapi.sys
18:19:16.232 The log file has been saved successfully to "C:\Users\Ghostryan\Documents\tex\F up Prosseses\aswMBR.txt" DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.55.2
Run by Ghostryan at 18:05:31 on 2014-06-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3576.1045 [GMT -7:00]
.
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRA~1\FOLDER~1\FGKey64.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k SDRSVC
svchost.exe
C:\PROGRAM FILES (X86)\QWEST 11N WIRELESS WPS TOOL\WPSCENTERV.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\explorer.exe
C:\Windows\system32\vssvc.exe
C:\Program Files\Windows Media Player\wmprph.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\Dwm.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\msdtc.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Windows\system32\prevhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://msn.com/
uDefault_Page_URL = hxxp://emachines.msn.com
mStart Page = hxxp://search.coupons.com/
uURLSearchHooks: {327f75ed-061b-4339-8cc6-5dd45ad1396d} - <orphaned>
uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned>
dURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Social Privacy: {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp.dll
BHO: Ads Removal: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
EB: Developer Tools: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll
EB: {c585d593-e7f4-4852-a200-561686ee02e4} - <orphaned>
uRun: [Google Update] "C:\Users\Ghostryan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [reresdfj] "C:\Users\Ghostryan\AppData\Local\idvocpfp.exe"
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [dcbjeutu] "C:\Users\Ghostryan\AppData\Local\dljutjde.exe"
mRun: [BCSSync] "c:\program files (x86)\microsoft office\office14\bcssync.exe" /delayservices
mRun: [EKIJ5000StatusMonitor] C:\Windows\System32\SPOOL\DRIVERS\X64\3\EKIJ5000MUI.EXE
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
dRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual
dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
StartupFolder: C:\Users\GHOSTR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
uPolicies-Explorer: HideSCAHealth = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDriveAutoRun = dword:67042867
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_client_4.5.1.0.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://www.fcd.maricopa.gov/Maps/gismaps/plugin/mgaxctrl6.5.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 75.126.206.18,184.173.169.186
TCP: NameServer = 97.64.183.164 97.64.209.37
TCP: Interfaces\{1D0ACB32-9330-4A1C-B2A7-8AA8ACC492CA} : NameServer = 75.126.206.18,184.173.169.186
TCP: Interfaces\{1D0ACB32-9330-4A1C-B2A7-8AA8ACC492CA} : DHCPNameServer = 97.64.183.164 97.64.209.37
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 75.126.206.18,184.173.169.186
TCP: Interfaces\{E9B3D5B2-A38A-46A9-8A75-8091E88179A5} : NameServer = 75.126.206.18,184.173.169.186
TCP: Interfaces\{E9B3D5B2-A38A-46A9-8A75-8091E88179A5} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{E9B3D5B2-A38A-46A9-8A75-8091E88179A5}\1444D494E4D20534F5E4564777F627B6 : DHCPNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{E9B3D5B2-A38A-46A9-8A75-8091E88179A5}\D697177756374713830373 : DHCPNameServer = 192.168.0.1 205.171.3.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: Boost.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: COMScore.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: GameBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
IFEO: GameConsole-wt.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-mStart Page = hxxp://start.mysearchdial.com/?f=1&a=foxtab&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0C0DtAtC0EtD0AtDtBtBtDtN0D0Tzu0SyEzyzytN1L2XzutBtFtBtFtCtFyCtCzztN1L1Czu1L1C1F1G1H1B1QtDyE&cr=891733045&ir=
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} -
x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-IFEO: ActionCenterDownloader.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: Boost.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: COMScore.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: GameBooster.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
x64-IFEO: GameConsole-wt.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-2-1 21184]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-1-28 881952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2011-8-9 202576]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-9-22 974944]
R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2011-8-4 137144]
R2 FGUARD64;FGUARD64;C:\Program Files\Folder Guard\FGUARD64.sys [2012-9-10 73552]
R2 Live Updater Service;Live Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2011-8-10 255376]
R2 PfFilter;PfFilter;C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2014-1-29 39504]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-6-25 1738200]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-6-25 2081752]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-6-25 171928]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-3-13 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 LVUVC64;Logitech Webcam 120(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-9-21 4763680]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2014-1-29 34848]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-3-31 271064]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-3-31 888536]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2014-1-30 14544]
S1 fzwgfhko;fzwgfhko;C:\Windows\System32\drivers\fzwgfhko.sys [2014-6-20 55104]
S1 wsmolbie;wsmolbie;C:\Windows\System32\drivers\wsmolbie.sys [2014-6-24 55104]
S2 AutoInstallEJCD;Auto Install Eject CD Service; [x]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
S2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-1-29 341824]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-1-28 2152736]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
S3 DataSafeService;DataSafe Service 1.0;C:\Program Files (x86)\SofGem\DataSafe Backup 1.0\DataSafeService.exe [2009-4-13 14848]
S3 GREGService;GREGService;C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2011-5-29 36456]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-12 111616]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter_hs.sys [2014-1-30 20232]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-1-19 23152]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 QW720S64;Qwest 802.11n XN720 Driver(win7);C:\Windows\System32\drivers\WLANUHN.sys [2012-3-12 752640]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-28 19456]
S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-28 30208]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2014-1-29 23016]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-13 1255736]
S3 ZDCNDIS6a64;ZDCNDIS Protocol Driver;C:\Windows\System32\ZDCNDIS6a64.sys [2012-3-12 45624]
S4 DataSafeHelper;DataSafe Helper 1.0;C:\Program Files (x86)\SofGem\DataSafe Backup 1.0\DataSafeHelper.exe [2009-4-13 12800]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-1-29 23048]
S4 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-1-27 227904]
S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-1-19 652872]
S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-06-26 00:23:32 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\tmeaelpx.exe
2014-06-25 22:24:25 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\qgcrsgpr.exe
2014-06-25 21:50:22 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\hfvkarcw.exe
2014-06-25 20:25:16 139264 ----a-w- C:\Users\Ghostryan\AppData\Local\dljutjde.exe
2014-06-25 20:08:12 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\xpqjpxdf.exe
2014-06-25 18:09:04 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\xmkvcqfi.exe
2014-06-25 14:10:31 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\ejnredfa.exe
2014-06-25 12:11:21 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\vntulhjx.exe
2014-06-25 10:12:13 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\caxwaqxw.exe
2014-06-25 09:38:09 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\orncfgmw.exe
2014-06-25 09:18:56 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
2014-06-25 09:18:53 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-06-25 09:18:43 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-25 08:13:04 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\upfwbpsf.exe
2014-06-25 07:39:49 -------- d-----w- C:\Users\Ghostryan\AppData\Roaming\ProductData
2014-06-25 06:13:49 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\triqlokm.exe
2014-06-25 05:39:45 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\mxrpjdwk.exe
2014-06-25 04:14:38 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\goupjhor.exe
2014-06-25 02:15:30 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\mpwxcdfw.exe
2014-06-25 01:41:17 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\tppmbitt.exe
2014-06-25 00:16:09 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\owvwxwdg.exe
2014-06-24 22:17:02 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ebsiiieb.exe
2014-06-24 21:42:59 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\xlklterc.exe
2014-06-24 20:17:53 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\voqrpvdl.exe
2014-06-24 18:52:48 139264 ----a-w- C:\Users\Ghostryan\AppData\Local\idvocpfp.exe
2014-06-24 18:18:45 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\osuawcpc.exe
2014-06-24 17:44:41 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\rpugtftm.exe
2014-06-24 16:19:35 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ldnhcame.exe
2014-06-24 14:20:29 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ccaihgkk.exe
2014-06-24 13:46:25 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\cvjqrvhv.exe
2014-06-24 12:21:17 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\hcddxqdh.exe
2014-06-24 10:22:10 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\fjtchwso.exe
2014-06-24 09:48:07 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\thbphdkc.exe
2014-06-24 09:45:31 55104 ----a-w- C:\Windows\System32\drivers\wsmolbie.sys
2014-06-24 09:35:42 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B36AE4C-C71C-45BC-8518-60CB33F42111}\offreg.dll
2014-06-24 09:31:32 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B36AE4C-C71C-45BC-8518-60CB33F42111}\mpengine.dll
2014-06-24 08:23:01 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\rumtouqe.exe
2014-06-24 02:07:50 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\aalecdbt.exe
2014-06-24 01:50:48 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\qqoxtxmt.exe
2014-06-24 00:08:42 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\viiuewnh.exe
2014-06-23 22:09:34 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\axnjopoo.exe
2014-06-23 21:52:32 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\aehuwlxj.exe
2014-06-23 20:10:18 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\lvflfjxm.exe
2014-06-23 19:53:16 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\xgqankje.exe
2014-06-23 08:09:58 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\wsabbsjl.exe
2014-06-23 06:10:45 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\hmfkvtqe.exe
2014-06-23 05:53:41 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\xatwjiii.exe
2014-06-23 04:11:26 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\updokjig.exe
2014-06-23 02:12:12 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\spejkboj.exe
2014-06-23 01:38:06 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\rcqoojjq.exe
2014-06-23 00:12:54 92688 ----a-w- C:\Users\Ghostryan\AppData\Local\dfgdafgf.exe
2014-06-22 22:13:40 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\iupqetvp.exe
2014-06-22 21:39:34 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\eltdvrsc.exe
2014-06-22 20:14:22 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ukxwtasn.exe
2014-06-22 18:15:09 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\dxuwtjvo.exe
2014-06-22 17:41:02 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\ofghsbbc.exe
2014-06-22 16:15:52 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\xtnqrlst.exe
2014-06-22 14:16:34 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\xsthhxqq.exe
2014-06-22 13:42:28 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\abxttkpf.exe
2014-06-22 12:17:17 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\ksruvkjq.exe
2014-06-22 10:18:05 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\qkchmuru.exe
2014-06-22 09:44:00 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\cldehqhq.exe
2014-06-22 08:18:39 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\sedkgkbw.exe
2014-06-22 06:19:30 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\bfnqiswx.exe
2014-06-22 05:45:19 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\cvvtfstm.exe
2014-06-22 04:19:56 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\moqvleqe.exe
2014-06-22 02:20:35 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\svcsmlbl.exe
2014-06-22 01:46:26 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\fnamehih.exe
2014-06-22 00:21:13 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\wlwwneql.exe
2014-06-21 22:21:48 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\gcikvkrv.exe
2014-06-21 21:47:41 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\qgdvmvrc.exe
2014-06-21 20:22:27 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\lsdximhp.exe
2014-06-21 18:23:06 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\dowroopm.exe
2014-06-21 17:48:59 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\gfgdnolb.exe
2014-06-21 17:14:53 114696 ----a-w- C:\Users\Ghostryan\AppData\Local\cbsuaglv.exe
2014-06-21 09:41:33 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\dxulmwup.exe
2014-06-21 08:16:18 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\efritvsg.exe
2014-06-21 06:17:04 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\lsugtsfq.exe
2014-06-21 05:42:59 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\tlbajvrh.exe
2014-06-21 04:34:46 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\jwkwketx.exe
2014-06-21 02:16:58 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\wfnlbgjt.exe
2014-06-21 01:42:56 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\atnkgcmb.exe
2014-06-21 00:17:51 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\oqotcnje.exe
2014-06-20 22:18:44 98048 ----a-w- C:\Users\Ghostryan\AppData\Local\hlqeqeos.exe
2014-06-20 21:44:41 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\taqabqot.exe
2014-06-20 20:19:35 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\thqsfolx.exe
2014-06-20 18:34:36 55104 ----a-w- C:\Windows\System32\drivers\fzwgfhko.sys
2014-06-20 18:20:27 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\klcaqehp.exe
2014-06-20 18:03:25 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\xjlugvfk.exe
2014-06-20 10:23:37 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\twmnjfmd.exe
2014-06-20 09:49:34 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\ebupcdhj.exe
2014-06-20 08:07:27 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\eexkvtlj.exe
2014-06-20 06:08:19 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\iexjnwgf.exe
2014-06-20 05:51:17 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\ebkwdvee.exe
2014-06-20 04:09:09 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\okbtsroh.exe
2014-06-20 02:17:27 -------- d-----w- C:\ProgramData\.mono
2014-06-20 02:10:01 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\pwiamcne.exe
2014-06-20 01:52:58 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\atccvcjn.exe
2014-06-20 00:10:51 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\bbmrgbwa.exe
2014-06-19 22:11:43 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\bvqxjjmw.exe
2014-06-19 21:37:28 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\lasfrkex.exe
2014-06-19 20:12:17 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\xbbdxnbh.exe
2014-06-19 18:13:10 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\xcertkjr.exe
2014-06-19 17:39:07 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\jcmraxcv.exe
2014-06-19 16:14:01 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\hconhrpc.exe
2014-06-19 14:14:53 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\xqoiflgj.exe
2014-06-19 13:40:50 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\dlocbmmc.exe
2014-06-19 12:15:44 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\tkcxrhav.exe
2014-06-19 10:15:51 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\tnavghfu.exe
2014-06-19 09:41:48 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\fkiaevrm.exe
2014-06-19 08:16:43 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\kchfjkfw.exe
2014-06-19 06:17:36 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\frkahboh.exe
2014-06-19 05:43:34 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\pcntddel.exe
2014-06-19 04:18:27 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\ckusodux.exe
2014-06-19 02:19:21 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\pmdwfiwk.exe
2014-06-19 01:44:05 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\ipfqelqg.exe
2014-06-19 00:18:54 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\wtawfubm.exe
2014-06-18 22:19:41 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\oojkokaw.exe
2014-06-18 21:45:35 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\spehhkvm.exe
2014-06-18 20:20:26 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\rsvuwntr.exe
2014-06-18 18:19:23 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\wljeioiw.exe
2014-06-18 17:45:17 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\ixqwwgsw.exe
2014-06-18 16:20:06 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\mramfevi.exe
2014-06-18 14:20:53 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\qngelbvq.exe
2014-06-18 13:46:47 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\itdajubg.exe
2014-06-18 12:21:38 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\lfxotvop.exe
2014-06-18 10:10:34 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\tkotersb.exe
2014-06-18 09:53:32 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\qdfjuglf.exe
2014-06-18 08:11:25 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\wmwwleok.exe
2014-06-18 06:12:17 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\nwlxgplk.exe
2014-06-18 05:38:12 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\tcvqrsiw.exe
2014-06-18 04:13:05 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\gxhgbhpc.exe
2014-06-18 02:13:58 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\mbpkirvu.exe
2014-06-18 01:39:54 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\fwklouec.exe
2014-06-18 00:14:48 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\nrxdfsis.exe
2014-06-17 22:15:41 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\nrswdosk.exe
2014-06-17 21:41:35 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\aqqiccsa.exe
2014-06-17 20:15:42 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\jphortpj.exe
2014-06-17 18:16:28 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\mtjahxtp.exe
2014-06-17 17:42:25 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\sjcbvevj.exe
2014-06-17 16:16:44 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\stphwrag.exe
2014-06-17 14:17:37 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\fsejrnui.exe
2014-06-17 13:43:34 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\hqjqraqi.exe
2014-06-17 12:18:29 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\qdsstgns.exe
2014-06-17 10:19:19 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\wpuclbiv.exe
2014-06-17 09:45:16 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\hkulwftv.exe
2014-06-17 08:20:08 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\rqrsxmsd.exe
2014-06-17 07:31:06 -------- d-----w- C:\Program Files (x86)\8BallClub
2014-06-17 06:37:48 -------- d-----w- C:\Users\Ghostryan\AppData\Local\Adobe
2014-06-17 06:20:58 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\mghdukqs.exe
2014-06-17 05:46:55 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ebfbqacc.exe
2014-06-17 04:21:45 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\cxfbatap.exe
2014-06-17 02:22:38 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ssjviurj.exe
2014-06-17 01:48:35 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\udcmgaot.exe
2014-06-17 00:23:29 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\fsrwuqew.exe
2014-06-16 22:07:21 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\gqqcbhun.exe
2014-06-16 21:50:18 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\ciikgrua.exe
2014-06-16 20:08:12 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\sqlldqwe.exe
2014-06-16 18:42:57 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\jqgqaqet.exe
2014-06-16 08:09:42 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\pwcjmawv.exe
2014-06-16 02:12:09 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\pjmolnde.exe
2014-06-16 01:38:06 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\rwassjpg.exe
2014-06-16 00:30:01 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\gjmrkaie.exe
2014-06-15 22:57:21 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\hhxqptha.exe
2014-06-14 16:12:59 -------- d-----w- C:\Users\Ghostryan\AppData\Local\Logishrd
2014-06-14 00:42:40 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\blcewlgn.exe
2014-06-13 22:13:10 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\xhwtsscm.exe
2014-06-13 21:38:10 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\mqacdfco.exe
2014-06-13 20:46:39 86024 ----a-w- C:\Users\Ghostryan\AppData\Local\gmmrsfva.exe
2014-06-13 08:10:43 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\lxdqceiq.exe
2014-06-13 05:37:33 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\equxsmbt.exe
2014-06-13 04:20:57 506368 ----a-w- C:\Windows\System32\aepdu.dll
2014-06-13 04:20:56 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-06-13 02:10:53 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\iadwnwcc.exe
2014-06-13 01:53:50 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\aidmsjwk.exe
2014-06-13 01:13:06 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-06-13 01:13:05 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-06-13 01:12:16 801280 ----a-w- C:\Windows\System32\usp10.dll
2014-06-13 01:12:16 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2014-06-13 01:11:32 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-06-13 01:11:32 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-06-13 01:11:32 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2014-06-13 01:11:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-06-13 01:11:32 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2014-06-13 01:11:32 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-06-13 01:11:32 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
2014-06-13 01:11:32 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-06-13 01:10:41 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-13 01:10:40 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-06-12 17:37:09 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\fukkcaoi.exe
2014-06-12 10:14:34 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\mkpwkqjh.exe
2014-06-12 09:48:31 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\rfcrmddd.exe
2014-06-12 08:17:25 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\vvtojojw.exe
2014-06-12 06:07:15 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ucpxlhav.exe
2014-06-12 05:41:12 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\lkhvwrgb.exe
2014-06-12 04:10:04 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\vnskkegs.exe
2014-06-12 02:12:56 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ripjulbi.exe
2014-06-12 01:46:53 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\afocmtbs.exe
2014-06-12 00:15:46 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\rxgjwbwr.exe
2014-06-11 22:18:38 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\oawwklde.exe
2014-06-11 21:52:35 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\gfhvwlqu.exe
2014-06-11 20:18:08 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ahsxlxge.exe
2014-06-11 18:19:52 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\vtpntwvr.exe
2014-06-11 16:09:35 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\vvvccoti.exe
2014-06-11 09:45:58 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\rdifigel.exe
2014-06-11 08:14:44 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\oxobqpog.exe
2014-06-11 04:19:58 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\davonehb.exe
2014-06-10 21:48:48 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\rxjnfqbo.exe
2014-06-10 20:16:38 131080 ----a-w- C:\Users\Ghostryan\AppData\Local\ncmrwfgl.exe
2014-06-10 18:10:05 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\shelpqii.exe
2014-06-10 17:57:02 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\eikpkevw.exe
2014-06-10 17:38:15 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\vwusaxue.exe
2014-06-10 00:16:47 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\rampputa.exe
2014-06-09 22:19:39 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\pifhgwno.exe
2014-06-09 21:40:36 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\pidgdevf.exe
2014-06-09 18:11:51 72208 ----a-w- C:\Users\Ghostryan\AppData\Local\dhogkwbb.exe
2014-06-09 17:45:48 72208 ----a-w- C:\Users\Ghostryan\AppData\Local\mdvcatau.exe
2014-06-09 13:38:29 72208 ----a-w- C:\Users\Ghostryan\AppData\Local\qmhcalad.exe
2014-06-09 12:07:23 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\ddevairl.exe
2014-06-09 10:10:15 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\fidxapho.exe
2014-06-09 09:44:12 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\xbifiwlh.exe
2014-06-09 08:13:06 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\vtqqjeva.exe
2014-06-09 06:15:57 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\purakhel.exe
2014-06-09 05:49:54 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\svbwvpgi.exe
2014-06-08 17:40:51 72720 ----a-w- C:\Users\Ghostryan\AppData\Local\ktbwvgnt.exe
2014-06-08 16:09:44 77832 ----a-w- C:\Users\Ghostryan\AppData\Local\mirvlgjv.exe
2014-06-07 18:11:53 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\hxiqiwgl.exe
2014-06-07 17:45:50 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\fksbttaa.exe
2014-06-07 16:14:41 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\gdxbnfbo.exe
2014-06-07 10:09:59 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\bpxbxwms.exe
2014-06-07 09:43:57 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\hoaqmrio.exe
2014-06-07 08:12:51 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\tlxargdc.exe
2014-06-07 02:08:01 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\omauxako.exe
2014-06-07 01:41:58 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\cuoniwfl.exe
2014-06-07 00:09:18 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\faxpbqiw.exe
2014-06-06 09:37:17 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\lsomioom.exe
2014-06-06 08:19:10 135176 ----a-w- C:\Users\Ghostryan\AppData\Local\dxwetloj.exe
2014-06-06 05:42:56 72720 ----a-w- C:\Users\Ghostryan\AppData\Local\gmlntdxt.exe
2014-06-05 21:41:17 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\rnpibitc.exe
2014-06-05 20:09:22 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\fgjdituh.exe
2014-06-05 06:19:42 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\fbwrtvhh.exe
2014-06-05 05:40:37 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\kkautumo.exe
2014-06-05 04:09:28 113168 ----a-w- C:\Users\Ghostryan\AppData\Local\ujeliqis.exe
2014-06-05 02:12:19 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\afxboehl.exe
2014-06-05 01:46:17 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\rxttgbpn.exe
2014-06-05 00:15:09 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\fodkkttp.exe
2014-06-04 09:40:37 72720 ----a-w- C:\Users\Ghostryan\AppData\Local\glmvkwvo.exe
2014-06-03 08:11:23 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\vngwimex.exe
2014-06-03 06:13:21 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\fnimalwb.exe
2014-06-03 05:47:01 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\btclrrav.exe
2014-06-03 04:14:57 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\khcqlcgg.exe
2014-06-03 02:15:45 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\ftufhhkm.exe
2014-06-03 01:49:36 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\bfxbuvat.exe
2014-06-03 00:16:57 106504 ----a-w- C:\Users\Ghostryan\AppData\Local\lshvuvvc.exe
2014-06-02 18:23:05 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\cvdxfeal.exe
2014-06-02 18:19:57 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\lujrkojj.exe
2014-06-02 18:16:40 109072 ----a-w- C:\Users\Ghostryan\AppData\Local\olitmnum.exe
2014-06-01 05:52:41 -------- d-----w- C:\Users\Ghostryan\AppData\Local\Yummy Interactive Inc
.
==================== Find3M ====================
.
2014-06-14 16:12:49 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2014-06-13 00:46:15 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-13 00:46:15 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-15 09:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-04-15 03:14:16 880040 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2014-04-15 03:14:11 802728 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2014-04-15 03:13:43 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-09 16:34:05 353864 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-04-09 16:34:04 505416 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-04-01 06:25:46 9889352 ----a-w- C:\Windows\SysWow64\RsCRIcon.dll
2014-04-01 06:25:46 271064 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
2014-04-01 06:18:20 888536 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-04-01 06:18:20 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-04-01 06:18:20 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-03-31 16:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-01-21 07:27:59 50053120 ----a-w- C:\Program Files (x86)\GUT8045.tmp
.
============= FINISH: 18:06:51.22 ===============
 

Attachments

:snwelcome:

Those files you have so many of may be related to the Vundo Trojan, have not seen that in awhile.


Your aswMBR log is not complete, please run it again and post the log .


1QYkxTZ.jpg
Please download aswMBR to your desktop.

  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.

I just want to see the report....Please Do Not Fix Anything











GUZVCQN.jpg
Please download Malwarebytes Anti-Malware to your desktop.



  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following: Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click Update Now
  • After the update completes, click the Scan Now Button.




  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.
 
aswmbr not working

Well i try to run several times , deleted and downloaded a few times, task manager says no responce ,so i end task,only shows exit and save highlighted . I downloaded from public avast also but did not work. Was not sure but want to send ya the Search results from Spy bot - Search & Destroy i hope this might help. I compressed i hope that was the proper thing to do. thanks hope to here from ya soon.
 

Attachments

OK, lets forget aswMBR for now, go ahead and download, install and run Malwarebytes. Your Spybot log is showing lots of bogus toolbars and such
 
Wll do that

i wanted to say that when i try to run the ERUNT that this error says . error saving file c/users\ghostryan\Desktop\Ghost\6-26-20014\software!} and i press yes 5 times and at the end of comands on 2nd says default! 3rd security! 4th sam! I dont know just thought i would mention it. ok i will run Malwarebytes Anti-Malware then send report.
 
Lets wait until I see what Malwarebytes removes and then I will link you to a better reg backup program
 
malwarebytes log

Ok this is what came up after scan , wow to much sickness :mad: I will fallow what ever you say to do, You did say not to fix anything so i didn't check any of them to fix or delete. However i still have it open at this point and time, 6:26 pm 6\26\14 :red:
 

Attachments

Good Morning,

All I can say is wow, all that stuff needs to go



  • Threat Scan < --- Select this type of scan
  • Custom Scan
  • Hyper Scan

  • Next click the Scan Now button.
  • When the scan is complete, if no malicious items are found you can close the program.
  • If malicious items are found be sure that everything is checked, and click Quarantine .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
 
scan

Thanks Ken i did make sure that all those boxes were checked, then quarantined .{The Log that i just sent you is what i quarantined} Asked me to reboot so i did, and.{ Error Saving File c:\windows\ERNDT\AutoBackup\6-27\BCD! }Continue with next file? [RegcreateKeyEx:5Access Denied] I clicked yes i think it was 6 times then box cleared. Now you didn't say wether to scan again with malwarebytes or spy bot . couldn't find a threat scan for malwarebytes but i am sure that is the program that you want me to run. Anyway i will do that and send log file in the morning, i work late so might be late when i am able to see your reply . Thanks again Ken have a good day.
 
Good Morning,

Open Malwarebytes and check for updates, then run a new Threat Scan , if the log is clean let me know, if not post the log please.



THEN

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
 
Detected: 19

Ok ken scan came up with 19 files, i quarantined all,, ask to reboot and did so. But before i rebooted i ran Farbar tool . After reboot still came up error saveing the ERDNT thing ? Anyway here are the logs. Thanks again for the help, check ya later tonight.
 

Attachments

Download CKScanner by askey127 from Here & save it to your Desktop.
  • Doubleclick CKScanner.exe then click Search For Files
  • When the cursor hourglass disappears, click Save List To File
  • A message box will verify the file saved
  • Please Run this program only once
  • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply







-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.




thisisujrt.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Last edited:
Can you explain to me how you acquired the listed software

ashampoo burning studio 14

genius v12

eset.smart.security.5.&.eset.nod32.antivirus.5

malwarebytes anti-malware v1.60.0.1800

glary utilities pro 2.48.0.1568

nero 10.0

xilisoft.video.converter.ultimate

acdsee video converter pro

sony acid pro 7
 
Last edited:
Yes

All of those i am sure were from torrent's . I don't have any use for them . pretty sure my son in law did those when suggested that he could get a good anti virus for me. I will uninstall all if that helps .
 
Read this please. Reply # 4
http://forums.spybot.info/showthrea...-this-Procedure-Before-Requesting-Assistance)

You have illegal software on your system, this is how you infected your computer, besides it being illegal, cracked/keygens are one of the fastest ways of infecting your system, 100% of Cracked/KeyGen software contains some form of malicious code. This forum as well as most of the other malware removal forums do not support the use of illegal software, if I was to continue helping you it could be construed in the eyes of the law as aiding and abetting a crime. In using the crack, the 'cracker' has broken the 'End User Licence Agreement' (EULA) of the product concerned. The distribution and use of cracked software is illegal in almost every developed country. They are also one of the biggest causes of infection. This applies to Cracks, Keygens and Warez

In the future I strongly suggest you stay away from using cracks and/or Keygens. If you you want to continue, what I need you to do is to look through the CKScanner log and uninstall all the illegal software that you have downloaded and installed . After you uninstall them all, run CKScanner again and post a new log. If I dont hear back from you in 24 hours this thread will be closed and no more help will be offered.
 
more time needed

Ken i do understand and have read the rules, I am going to take your advice and uninstall , delete or what ever it takes to have my pc run better, just 24hrs is not enough time, not sure after looking at installed programs because not all that is on list is there, So i guess i copy from CKscanner log and paste ,, then search my pc and delete. After 24hrs Can i post a new topic when i am sure all is deleted ?Thanks again ken hope to here from you.
 
Good Morning,

The 24 hour reply was just for your acknowledgement, take the time you need to uninstall those programs. You may want to ask your son in law for help as you stated he installed them all. Besides our service helping a person clean up there system we also like to give advice to keep you safe online. If you were sitting in my chair doing what I do and where aware of the threats going around it would make you think twice about using the torrents or any of those other file sharing programs. Do the math, why would someone take an expensive program, crack it, host it on a server somewhere for someone else to come along and download and install it for free ? There are threats going around that can steal all your passwords and log on information for any banking your may do online or sites you use a credit card for purchases, there are even threats that hold your computer hostage until you pay a ransom. There are two that are uncleanable because the infection is so great that it leaves you no other option but to format and reinstall windows. Helped a fellow last year that had one of these uncleanable threats, this threat was named Virut, it infects every .exe file on your system, even in the back up folder so replacing a file is out of the question. This poor guy formatted and reinstalled windows three times and was still infected, he was pulling his hair out and finally came here for help. What he had done was make a backup of his system using Norton Ghost and was using it to reinstall windows....but Norton Ghost was infected as well so it was a vicious circle until he finally got the windows cd to do in reinstall. Virut infects so much that if you made a backup to a cd or thumb drive of your important documents and sometimes photos, did a clean install of windows and then copy those files back to your computer you would be infected all over again so those docs and such would be lost. I am not saying all of this to frighten you, its not my intent, my intent is just to make you aware of whats going on around you and the dangers of downloading cracked software or via the torrents. Using any form of P2P (File sharing) is like playing Russian Roulette malwarewise, you will never know what you will get along with that free program.

You can try this program to uninstall those bad programs and when your done I will link you to free legit antivirus programs unless you plan on purchasing one on your own. You can get by with the free version of Revo, its just a trail , may be good for 30 days, not sure

http://www.revouninstaller.com/revo_uninstaller_free_download.html
 
uninstall those programs

Thanks ken i will download that and run, My son in law dose not live with me anymore, he more than likely is infecting some one's pc,:sick:...And some of those are not installed so i guess i will run the Revo and see what i can do. yes i will need a good free antivirus and other security that you might suggest. OK i will post soon and send log. thanks
 
If you go to Programs and Features in the Control Panel, I see these listed, its a good start

µTorrent
Ashampoo Burning Studio 14 v.14.0.1
ACID Pro 7.0
ESET NOD32 Antivirus
Malwarebytes Anti-Malware version 1.60.0.1800
Nero Burning ROM 10
Xilisoft Video Converter Ultimate
DVD Flick 1.3.0.7


This brings adds and really is not needed
IncrediMail
 
Status
Not open for further replies.
Back
Top