http://altlpad.com/ad/index3.php

[Konut]

Hi all,

 

I'm getting popups through internet explorer to the listed site amoung others.  Here's what I've tried so far to fix the problem.

 

Ran Malwarebytes, Spybot S&D, Super AntiSpyware, AVG Antivirus and Avast Antivirus full system scans in safe mode and normal windows mode.  They all came up with some "threats" and fixed them, but I'm still getting the popups.  I was getting a lot of advertisments and ads from "we-care.come" but those seemed to be fixed.

 

I proceeded to try to uninstall IE, but I was only able to uninstall back to version 7.  Finally, I disabled the IE, but I'm still getting popups.

 

It should be noted that I use Firefox regurarly, not IE.

 

Any ideas?

[MrCharlie]

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes)

P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes)

MrC

Note:

Please read all of my instructions completely including these.

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

[Konut]

Hi,

 

Thanks for the response.  This is what's in the file that got saved to my desktop:

 

 

 

RogueKiller V8.6.2 _x64_ [Jul  2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com


Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Matt [Admin rights]
Mode : Scan -- Date : 07/16/2013 17:06:23
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH] watgorp.exe -- C:\ProgramData\GorillaPrice\watgorp.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD32 00BPVT-22JJ5T0 SATA Disk Device +++++
--- User ---
[MBR] 4e9466c9e9d80be7543d22edfe9e4245
[bSP] df68a2ab22a0805c8af9c2ef777a2713 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 16000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 32770048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 32974848 | Size: 289143 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD32 00BPVT-22JJ5T0 SATA Disk Device +++++
--- User ---
[MBR] 83b42057fb3fd1d945874c9bf1406a5b
[bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 3777 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_S_07162013_170623.txt >>



 

[MrCharlie]

DDS.txt and Attach.txt logs???

[Konut]

Sorry, here you go -

 

dds:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16496  BrowserJavaVersion: 10.25.2
Run by Matt at 23:38:14 on 2013-07-16
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3558.1212 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Dolby PCEE4\pcee4.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\splwow64.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Google Update] "C:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [GorillaPrice] "C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe"
uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [spotify Web Helper] "C:\Users\Matt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [GorillaPrice] "C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{44A4F3EB-ADE1-4FE4-BC73-EFD8DBB075C5} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{44A4F3EB-ADE1-4FE4-BC73-EFD8DBB075C5}\531313 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{44A4F3EB-ADE1-4FE4-BC73-EFD8DBB075C5}\84F6D656 : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{56C13E54-3532-4D11-9C05-749DA4413C86} : DHCPNameServer = 10.158.4.85 10.158.4.86
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\xgykcosg.default\
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Matt\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-06-08 02:42; plugin@getwebcake.com; C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\xgykcosg.default\extensions\plugin@getwebcake.com
FF - ExtSQL: 2013-06-08 23:25; wecarereminder@bryan; C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\xgykcosg.default\extensions\wecarereminder@bryan
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.webcake.installId - b431f2bd-9625-45d9-9c6c-58af558f400b
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2012-1-31 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2012-1-31 40064]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-5-12 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-5-12 189936]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-6-28 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-6-28 378944]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-7-5 283200]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2012-1-31 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2012-1-31 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2012-1-31 62776]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-31 204288]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-6-28 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-6-28 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-12 46808]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-1-31 352336]
R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-1-31 872552]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-29 36456]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-5-12 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-5-12 701512]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-23 256832]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-6-17 1153368]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-1-31 114704]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2011-1-20 67624]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2011-1-20 19496]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-9-29 245760]
R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2011-4-12 51240]
R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2011-1-13 85544]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-1-31 142632]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-2-14 412712]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-6-28 25928]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-1-31 53376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S2 WatGorp;WatGorp;C:\ProgramData\GorillaPrice\WatGorp.exe -service --> C:\ProgramData\GorillaPrice\WatGorp.exe -service [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files\BitComet\tools\BitCometService.exe -service --> C:\Program Files\BitComet\tools\BitCometService.exe -service [?]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2012-9-29 87552]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2012-9-29 14592]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-25 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-25 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-25 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-29 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-07-15 03:17:23    --------    d-----w-    C:\Program Files\CCleaner
2013-07-15 01:45:39    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-11 23:13:09    --------    d-----w-    C:\Users\Matt\AppData\Roaming\AVG2013
2013-07-11 23:11:47    --------    d-----w-    C:\Users\Matt\AppData\Roaming\TuneUp Software
2013-07-11 23:10:43    --------    d--h--w-    C:\$AVG
2013-07-11 23:10:43    --------    d-----w-    C:\ProgramData\AVG2013
2013-07-11 23:09:10    --------    d-----w-    C:\Program Files (x86)\AVG
2013-07-11 23:05:00    --------    d--h--w-    C:\ProgramData\Common Files
2013-07-11 23:05:00    --------    d-----w-    C:\Users\Matt\AppData\Local\MFAData
2013-07-11 23:05:00    --------    d-----w-    C:\Users\Matt\AppData\Local\Avg2013
2013-07-11 23:05:00    --------    d-----w-    C:\ProgramData\MFAData
2013-07-10 23:24:14    --------    d-----w-    C:\Program Files\Common Files\Propellerhead Software
2013-07-10 22:14:24    571904    ----a-w-    C:\Program Files\Windows Defender\MpClient.dll
2013-07-10 22:14:24    392704    ----a-w-    C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-10 22:14:24    314880    ----a-w-    C:\Program Files\Windows Defender\MpCommu.dll
2013-07-10 22:14:24    1011712    ----a-w-    C:\Program Files\Windows Defender\MpSvc.dll
2013-07-10 22:14:23    9216    ----a-w-    C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 22:14:23    54784    ----a-w-    C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-10 22:14:23    4608    ----a-w-    C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 22:14:20    624128    ----a-w-    C:\Windows\System32\qedit.dll
2013-07-10 22:14:20    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2013-07-10 22:14:18    1887744    ----a-w-    C:\Windows\System32\WMVDECOD.DLL
2013-07-10 22:14:17    1620480    ----a-w-    C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-10 22:13:44    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-07-10 22:13:40    1732608    ----a-w-    C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-10 22:13:40    1367040    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 22:13:39    1393152    ----a-w-    C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-10 22:13:38    1402880    ----a-w-    C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-10 22:13:37    936448    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 19:02:22    1643520    ----a-w-    C:\Windows\System32\DWrite.dll
2013-07-10 19:02:21    1247744    ----a-w-    C:\Windows\SysWow64\DWrite.dll
2013-07-10 18:55:38    9552976    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BE30F726-179C-4729-AA3A-0C6C814933B3}\mpengine.dll
2013-07-08 17:53:30    --------    d-----w-    C:\Program Files (x86)\Common Files\Digidesign
2013-07-08 17:52:23    --------    d-----w-    C:\Users\Matt\AppData\Roaming\KORG
2013-07-08 17:52:23    --------    d-----w-    C:\Program Files (x86)\Common Files\KORG
2013-07-08 17:50:55    --------    d-----w-    C:\Program Files (x86)\KORG
2013-07-07 18:06:26    --------    d-----w-    C:\Users\Matt\AppData\Local\Spotify
2013-07-07 18:06:06    --------    d-----w-    C:\Users\Matt\AppData\Roaming\Spotify
2013-07-02 22:35:59    263576    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-07-02 22:35:58    74136    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2013-07-02 22:35:57    19352    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2013-06-25 21:53:56    --------    d-----w-    C:\Users\Matt\AppData\Roaming\SUPERAntiSpyware.com
2013-06-25 21:53:50    --------    d-----w-    C:\Program Files\SUPERAntiSpyware
2013-06-25 21:53:49    --------    d-----w-    C:\ProgramData\SUPERAntiSpyware.com
2013-06-25 21:44:26    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-25 19:16:36    514560    ----a-w-    C:\Windows\SysWow64\qdvd.dll
2013-06-25 19:16:36    366592    ----a-w-    C:\Windows\System32\qdvd.dll
2013-06-25 19:16:35    340992    ----a-w-    C:\Windows\System32\schannel.dll
2013-06-25 19:16:35    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2013-06-25 19:16:34    458712    ----a-w-    C:\Windows\System32\drivers\cng.sys
2013-06-25 19:16:34    154480    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2013-06-25 19:16:33    1448448    ----a-w-    C:\Windows\System32\lsasrv.dll
2013-06-25 19:16:32    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2013-06-25 19:16:32    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2013-06-24 19:35:19    --------    d-----w-    C:\Program Files (x86)\Guild Wars 2
2013-06-17 16:18:21    --------    d-----w-    C:\ProgramData\Spybot - Search & Destroy
2013-06-17 16:18:21    --------    d-----w-    C:\Program Files (x86)\Spybot - Search & Destroy
.
==================== Find3M  ====================
.
2013-07-16 19:36:19    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-16 19:36:19    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-28 06:45:40    189936    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2013-06-28 06:45:40    1030952    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-06-25 21:44:18    867240    ----a-w-    C:\Windows\SysWow64\npdeployJava1.dll
2013-06-25 21:44:17    789416    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2013-05-13 05:51:01    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00    1464320    ----a-w-    C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-05-13 04:45:55    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55    1160192    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-05-13 03:08:10    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27    30720    ----a-w-    C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54    24576    ----a-w-    C:\Windows\SysWow64\cryptdlg.dll
2013-05-09 08:59:07    72016    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2013-05-09 08:59:07    65336    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2013-05-09 08:59:06    80816    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:58:37    41664    ----a-w-    C:\Windows\avastSS.scr
2013-05-08 06:39:01    1910632    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-05-02 06:06:08    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-04-26 05:51:36    751104    ----a-w-    C:\Windows\System32\win32spl.dll
2013-04-26 04:55:21    492544    ----a-w-    C:\Windows\SysWow64\win32spl.dll
2013-04-25 23:30:32    1505280    ----a-w-    C:\Windows\SysWow64\d3d11.dll
.
============= FINISH: 23:39:44.61 ===============
 

 

 

 

attach:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/28/2012 5:45:22 PM
System Uptime: 7/16/2013 9:54:21 PM (2 hours ago)
.
Motherboard: Acer |  | Aspire 5560
Processor: AMD A6-3420M APU with Radeon HD Graphics | Socket FS1 | 1500/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 282 GiB total, 147.575 GiB free.
D: is CDROM ()
E: is CDROM (UDF)
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Canon MX700 ser Network
Device ID: ROOT\CANON_IJ_NETWORK\0000
Manufacturer: Canon
Name: Canon MX700 ser Network
PNP Device ID: ROOT\CANON_IJ_NETWORK\0000
Service: StillCam
.
==== System Restore Points ===================
.
RP126: 7/11/2013 7:53:32 AM - Windows Update
RP127: 7/11/2013 7:08:25 PM - Installed AVG 2013
RP128: 7/11/2013 7:09:34 PM - Installed AVG 2013
RP129: 7/12/2013 2:13:12 PM - Installed Microsoft Fix it 50195
RP130: 7/12/2013 11:00:26 PM - Windows Update
RP131: 7/14/2013 10:42:24 PM - Windows Modules Installer
RP132: 7/14/2013 10:55:01 PM - Windows Modules Installer
RP133: 7/16/2013 11:06:36 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
Ableton Live 9 Suite
Acer Backup Manager
Acer Crystal Eye Webcam
Acer ePower Management
Acer eRecovery Management
Acer Games
Acer Registration
Acer ScreenSaver
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.0) MUI
Adobe Reader X (10.1.7)
Adobe Shockwave Player 11.6
Agatha Christie - Death on the Nile
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Media Foundation Decoders
AMD Steady Video Plug-In
AMD VISION Engine Control Center
ASIO4ALL
Audacity 2.0.2
avast! Free Antivirus
AVG 2013
Backup Manager V3
Bejeweled 2 Deluxe
Bing Bar
BitComet 1.32 64-bit
Broadcom Card Reader Driver Installer
Broadcom Gigabit NetLink Controller
Brother MFL-Pro Suite MFC-J6710DW
Build-a-lot 4 - Power Source
Canon MP Navigator EX 1.0
Canon MX700 series
Canon MX700 series User Registration
Canon My Printer
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chronicles of Albian
Chuzzle Deluxe
clear.fi
clear.fi Client
Cradle of Rome 2
D3DX10
DAEMON Tools Lite
Deckadance
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dolby Advanced Audio v2
Dora's World Adventure
Dota 2
ETDWare PS/2-X64 8.0.6.3_WHQL
Evernote v. 4.5.1
FATE: The Cursed King
Final Drive: Nitro
FL Studio 10
Galerie de photos Windows Live
Google Chrome
Google Earth
GorillaPrice
Governor of Poker 2 Premium Edition
Guild Wars 2
Identity Card
IL Download Manager
IL Shared Libraries
Java 7 Update 25
Java Auto Updater
Jewel Match 3
Junk Mail filter update
KORG microSTATION Editor
KORG microSTATION External Setup Template
KORG microSTATION Plug-In Editor RTAS
KORG microSTATION Plug-In Editor VST
KORG USB-MIDI Driver Tools for Windows
LAME v3.99.3 (for Windows)
Launch Manager
League of Legends
Majesty 2: The Fantasy Kingdom Sim
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Mystery of Mortlake Mansion
MyWinLocker
MyWinLocker 4
MyWinLocker Suite
newsXpresso
NOOK for PC
Norton Online Backup
NTI Media Maker 9
Origin
Pando Media Booster
PeerBlock 1.1 (r518)
Penguins!
PIXMA Extended Survey Program
Plants vs. Zombies - Game of the Year
Polar Bowler
Polar Golfer
Realtek High Definition Audio Driver
SavetheChildren Reminder by We-Care.com v4.1.22.4
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shredder
Skype™ 6.5
Spotify
Spybot - Search & Destroy
Steam
SUPERAntiSpyware
swMSM
Torchlight
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 5 - New Believers
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.1
Welcome Center
WildTangent Games App (Acer Games)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (32-bit)
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
7/9/2013 7:27:00 AM, Error: cdrom [11]  - The driver detected a controller error on \Device\CdRom0.
7/16/2013 5:03:29 PM, Error: Service Control Manager [7034]  - The WatGorp service terminated unexpectedly.  It has done this 1 time(s).
7/16/2013 3:42:55 PM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 107.
7/16/2013 3:42:55 PM, Error: Schannel [36874]  - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
7/16/2013 3:31:54 PM, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
7/16/2013 3:31:54 PM, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
7/16/2013 3:31:15 PM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.
7/14/2013 8:53:31 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
7/14/2013 11:43:10 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/14/2013 11:43:10 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/14/2013 11:43:07 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
7/14/2013 11:43:06 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/14/2013 11:42:56 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/14/2013 11:42:49 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswRvrt aswSnx aswSP aswTdi aswVmm AVGIDSDriver Avgldx64 discache mwlPSDFilter mwlPSDNServ mwlPSDVDisk SASDIFSV SASKUTIL spldr Wanarpv6
7/14/2013 11:42:47 AM, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.
7/13/2013 3:38:00 AM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
7/11/2013 8:24:38 PM, Error: Service Control Manager [7034]  - The AVGIDSAgent service terminated unexpectedly.  It has done this 1 time(s).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2850851).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2847927).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2845187).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2835364).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2835361).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2834886).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2803821).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2844286).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2840631).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2833946).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2832414).
7/11/2013 8:16:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2846071).
7/11/2013 8:15:18 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
7/11/2013 8:15:18 PM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

[MrCharlie]

You have AVG and AVAST running as your anti-virus, this is no good. They only conflict with each other and provide spotty protection.
Please pick one and uninstall the other.
 

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.

 

Please uninstall GorillaPrice from your add/remove programs.

Then.......

Please download AdwCleaner from here and save it on your Desktop.
 

AdwCleaner is a reliable removal tool for Adware, Foistware, toolbars and potentially unwanted programs.

AdwCleaner is a tool that deletes :
· Adwares (software ads)
· PUP/LPI (Potentially Undesirable Program)
· Toolbars
· Hijacker (Hijack of the browser's homepage)

It works with a Search and Deletion method. It can be easily uninstalled using the "Uninstall" mode.

• Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
• Now click on the Search tab.
• Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Note:
Please look over what was found......especially any folders, we're going to permanently delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.
If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.

Please note that Antivir Webguard uses ASK Toolbar as part of its web security. If you remove ASK by using Adwcleaner, Antivir Webguard will no longer work properly. Therefore, if you use this program please use the instructions below to access the options screen where you should enable /DisableAskDetections before using AdwCleaner.

You can click on the question mark (?) in the upper left corner of the program and then click on Options. You will then be presented with a dialog where you can disable various detections. These options are described below:

/DisableAskDetection - This option disables Ask Toolbar detection.

MrC

[MrCharlie]

How are we doing??

Do you still need help or can I close this post??

MrC

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!