Gorilla Price and click.cpvdr

coby9118 · December 21, 2013

I am currently infected with Gorilla Price. I have tried using multiple malware removal sites, but to no avail.

Here are the logs.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.9600.16428

Run by cdeegan at 16:00:16 on 2013-12-20

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6143.4197 [GMT -8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\PROGRA~2\RETROG~2\bar\1.bin\2zbarsvc.exe

C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Windows\system32\RunDll32.exe

C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\splwow64.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Users\cdeegan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskmgr.exe

C:\Users\cdeegan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uProxyServer = hxxp=127.0.0.1:8080

uURLSearchHooks: <No Name>: {1c583e40-0629-4bb9-ab68-1cf539f2f782} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zSrcAs.dll

mWinlogon: Userinit = userinit.exe

BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

BHO: Search Assistant BHO: {6ffed9d8-942f-4384-aa29-d3bd083a346a} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zSrcAs.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

BHO: Toolbar BHO: {fc1e426b-fa76-428f-b680-86ef1edb13c1} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbar.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

TB: Retrogamer: {54BA686E-738F-42FE-BADD-D8CB7CFBC07E} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbar.dll

TB: Retrogamer: {54ba686e-738f-42fe-badd-d8cb7cfbc07e} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbar.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

uRun: [Google Update] "C:\Users\cdeegan\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [Facebook Update] "C:\Users\cdeegan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

mRun: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\cdeegan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Monitor Ink Alerts - HP Photosmart 6510 series.lnk - C:\Windows\System32\RunDll32.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: NameServer = 192.168.1.1 68.238.64.12

TCP: Interfaces\{F10EB9C8-9946-48F6-A2FD-4B47BDC59FFC} : DHCPNameServer = 192.168.1.1 68.238.64.12

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= gpsort.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL

x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL

x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll

x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update

x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll

x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-5-26 75904]

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-5-26 38016]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-10-8 239616]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-10-8 344064]

R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]

R2 GorillaPrice;GorillaPrice;C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe -service --> C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe -service [?]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 134944]

R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-9-15 1907896]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-1-11 793048]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-5-26 1127448]

R2 Retrogamer_2zService;RetrogamerService;C:\PROGRA~2\RETROG~2\bar\1.bin\2zbarsvc.exe [2011-12-9 42504]

R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-6-19 1646608]

R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-5-26 1041760]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-5-26 412776]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-5-26 38456]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]

S2 eFixRealTimeProtection;eFix Real Time Protection;C:\Program Files\eFix\eFix Pro\ReiGuard.exe --> C:\Program Files\eFix\eFix Pro\ReiGuard.exe [?]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

S2 WatGorp;WatGorp;C:\ProgramData\GorillaPrice\WatGorp.exe -service --> C:\ProgramData\GorillaPrice\WatGorp.exe -service [?]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-8-7 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-12-20 23:44:00 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{17BB0A8F-92B1-4345-92E6-E2BFC6A7D89B}\offreg.dll

2013-12-20 22:41:51 -------- d-----w- C:\Program Files (x86)\VS Revo Group

2013-12-20 20:33:14 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{17BB0A8F-92B1-4345-92E6-E2BFC6A7D89B}\mpengine.dll

2013-12-20 20:22:06 -------- d-----w- C:\ProgramData\boost_interprocess

2013-12-19 20:27:12 10315576 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-12-17 03:00:09 -------- d-----w- C:\AdwCleaner

2013-12-17 02:32:11 -------- d-----w- C:\Users\cdeegan\AppData\Roaming\Open Download Manager

2013-12-17 02:24:16 449024 ----a-w- C:\Windows\gpcloud.dll

2013-12-17 02:24:16 378368 ----a-w- C:\Windows\SysWow64\gpsort.dll

2013-12-17 02:24:14 -------- d-----w- C:\ProgramData\GorillaPrice

2013-12-17 02:24:12 -------- d-----w- C:\Program Files (x86)\GorillaPrice

2013-12-17 02:21:35 -------- d-----w- C:\Program Files (x86)\OpenDownloaderManager

2013-12-17 01:13:32 970520 ----a-w- C:\Windows\System32\rlls64.dll

2013-12-17 01:13:32 660248 ----a-w- C:\Windows\SysWow64\rlls.dll

2013-12-16 01:18:06 -------- d-----w- C:\Program Files\iPod

2013-12-16 01:18:05 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-12-16 01:18:05 -------- d-----w- C:\Program Files\iTunes

2013-12-16 01:18:05 -------- d-----w- C:\Program Files (x86)\iTunes

2013-12-16 01:15:29 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll

2013-12-16 01:15:29 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll

2013-12-16 01:15:29 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll

2013-12-16 01:15:29 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll

2013-12-16 01:15:29 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll

2013-12-11 11:03:30 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2013-12-11 11:03:30 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2013-12-11 11:03:30 12625920 ----a-w- C:\Windows\System32\wmploc.DLL

2013-12-11 11:03:29 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2013-12-11 06:40:37 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2013-12-11 06:35:06 9293192 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2013-12-07 04:11:17 -------- d-----w- C:\Users\cdeegan\AppData\Local\AMD

2013-12-07 04:10:35 -------- d-----w- C:\Program Files (x86)\AMD AVT

2013-12-07 04:10:29 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies

2013-12-07 04:04:19 -------- d-----w- C:\Program Files\Common Files\ATI Technologies

2013-12-07 03:52:55 -------- d-----w- C:\ProgramData\Package Cache

2013-12-07 03:51:01 -------- d-----w- C:\AMD

2013-12-06 23:28:07 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2071183A-4781-4A5E-83B2-D71BBFBB81BC}\gapaengine.dll

2013-12-04 11:03:02 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2013-12-04 11:03:02 194048 ----a-w- C:\Windows\SysWow64\elshyph.dll

2013-12-04 11:03:00 806096 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-12-04 11:03:00 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-12-04 11:03:00 645120 ----a-w- C:\Windows\SysWow64\jsIntl.dll

2013-12-04 11:03:00 235008 ----a-w- C:\Windows\System32\elshyph.dll

2013-12-04 11:03:00 182272 ----a-w- C:\Windows\SysWow64\msls31.dll

2013-12-03 04:54:06 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll

2013-12-03 04:54:03 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll

2013-12-03 04:54:03 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll

2013-12-03 04:53:59 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll

2013-12-03 04:53:57 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll

2013-12-03 04:53:57 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll

2013-12-03 04:53:57 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll

2013-12-03 04:53:57 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll

2013-12-03 04:53:55 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll

2013-12-03 04:53:55 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll

2013-12-03 04:53:33 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll

2013-12-03 04:53:33 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll

2013-12-03 03:43:03 -------- d-----w- C:\Users\cdeegan\AppData\Roaming\3909

2013-11-27 05:06:21 -------- d-----w- C:\ProgramData\CanonIJ

.

==================== Find3M ====================

.

2013-12-11 06:35:15 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-12-11 06:35:15 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll

2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll

2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll

2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll

2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll

2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe

2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll

2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll

2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx

2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll

2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx

2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll

2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe

2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe

2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe

2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe

2013-10-08 17:50:12 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll

2013-10-08 17:45:08 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll

2013-10-08 14:01:14 78432 ----a-w- C:\Windows\System32\atimpc64.dll

2013-10-08 14:01:14 78432 ----a-w- C:\Windows\System32\amdpcom64.dll

2013-10-08 14:01:12 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2013-10-08 14:01:12 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2013-10-08 14:01:06 142792 ----a-w- C:\Windows\System32\atiuxp64.dll

2013-10-08 14:01:06 125824 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2013-10-08 14:01:04 97984 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2013-10-08 14:01:04 114488 ----a-w- C:\Windows\System32\atiu9p64.dll

2013-10-08 14:01:02 1237200 ----a-w- C:\Windows\System32\aticfx64.dll

2013-10-08 14:01:00 1030128 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2013-10-08 14:00:56 9464840 ----a-w- C:\Windows\System32\atidxx64.dll

2013-10-08 14:00:52 8215992 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2013-10-08 14:00:46 6176008 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2013-10-08 14:00:42 6189416 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2013-10-08 14:00:36 6767240 ----a-w- C:\Windows\System32\atiumd6a.dll

2013-10-08 14:00:32 7256496 ----a-w- C:\Windows\System32\atiumd64.dll

2013-10-08 13:58:42 12534784 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2013-10-08 13:39:22 229376 ----a-w- C:\Windows\System32\clinfo.exe

2013-10-08 13:39:10 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe

2013-10-08 13:39:10 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe

2013-10-08 13:39:08 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe

2013-10-08 13:39:08 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe

2013-10-08 13:39:06 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll

2013-10-08 13:38:58 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2013-10-08 13:38:58 127488 ----a-w- C:\Windows\System32\coinst_13.152.1.8.dll

2013-10-08 13:38:52 86528 ----a-w- C:\Windows\System32\OVDecode64.dll

2013-10-08 13:38:48 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2013-10-08 13:38:30 28192256 ----a-w- C:\Windows\System32\amdocl64.dll

2013-10-08 13:36:22 23761408 ----a-w- C:\Windows\SysWow64\amdocl.dll

2013-10-08 13:34:34 63488 ----a-w- C:\Windows\System32\OpenCL.dll

2013-10-08 13:34:28 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2013-10-08 13:17:50 25385984 ----a-w- C:\Windows\System32\atio6axx.dll

2013-10-08 13:13:44 368640 ----a-w- C:\Windows\System32\atiapfxx.exe

2013-10-08 13:13:34 62464 ----a-w- C:\Windows\System32\aticalrt64.dll

2013-10-08 13:13:32 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2013-10-08 13:13:26 55808 ----a-w- C:\Windows\System32\aticalcl64.dll

2013-10-08 13:13:24 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2013-10-08 13:13:08 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll

2013-10-08 13:09:52 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2013-10-08 13:00:30 21400064 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2013-10-08 12:54:10 442368 ----a-w- C:\Windows\System32\atidemgy.dll

2013-10-08 12:53:58 26112 ----a-w- C:\Windows\System32\atimuixx.dll

2013-10-08 12:53:50 576512 ----a-w- C:\Windows\System32\atieclxx.exe

2013-10-08 12:52:58 239616 ----a-w- C:\Windows\System32\atiesrxx.exe

2013-10-08 12:51:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll

2013-10-08 12:28:36 784384 ----a-w- C:\Windows\System32\atiadlxx.dll

2013-10-08 12:28:26 594944 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2013-10-08 12:28:12 75264 ----a-w- C:\Windows\System32\atig6pxx.dll

2013-10-08 12:28:08 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2013-10-08 12:28:08 69632 ----a-w- C:\Windows\System32\atiglpxx.dll

2013-10-08 12:28:04 100352 ----a-w- C:\Windows\System32\atig6txx.dll

2013-10-08 12:27:56 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2013-10-08 12:27:46 619008 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2013-10-08 12:24:54 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll

.

============= FINISH: 16:01:12.75 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 8/5/2011 9:25:46 PM

System Uptime: 12/20/2013 3:03:23 PM (1 hours ago)

.

Motherboard: FOXCONN | | 2AB1

Processor: AMD Phenom II X2 521 Processor | CPU 1 | 3500/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 920 GiB total, 732.681 GiB free.

D: is FIXED (NTFS) - 11 GiB total, 1.362 GiB free.

E: is CDROM (CDFS)

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP197: 12/7/2013 3:27:58 PM - Windows Update

RP198: 12/8/2013 3:00:11 AM - Windows Update

RP199: 12/11/2013 3:00:25 AM - Windows Update

RP200: 12/14/2013 3:00:12 AM - Windows Update

RP201: 12/15/2013 3:00:11 AM - Windows Update

RP202: 12/16/2013 6:26:16 PM - Installed WeatherBug

RP203: 12/16/2013 6:36:27 PM - Removed WeatherBug

RP204: 12/16/2013 6:36:54 PM - Removed WeatherBug

RP205: 12/16/2013 6:38:31 PM - Removed WeatherBug

RP206: 12/16/2013 8:16:20 PM - Removed WeatherBug

RP207: 12/18/2013 5:09:53 PM - Removed Google Earth.

RP208: 12/19/2013 12:26:44 PM - Windows Update

RP209: 12/20/2013 2:45:38 PM - Revo Uninstaller's restore point - Blio

RP210: 12/20/2013 2:48:56 PM - Removed Blio.

RP211: 12/20/2013 2:58:11 PM - Revo Uninstaller's restore point - GorillaPrice

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Shockwave Player 12.0

Agatha Christie - Peril at End House

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Control Center

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Fuel

AMD Media Foundation Decoders

Antichamber

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audiosurf

Bejeweled 2 Deluxe

Bejeweled 3

Bing Rewards Client Installer

BioShock

BioShock Infinite

Blackhawk Striker 2

Blasterball 3

Bonjour

Bounce Symphony

Build-a-lot 2

Cake Mania

Canon Easy-PhotoPrint EX

Canon Easy-WebPrint EX

Canon MG5200 series MP Drivers

Canon MG5200 series User Registration

Canon MP Navigator EX 4.0

Canon My Printer

Canon Solution Menu EX

Castle Crashers

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chivalry: Medieval Warfare

Chuzzle Deluxe

Counter-Strike: Global Offensive

Coupon Printer for Windows

D3DX10

DC Universe Online Live

Diner Dash 2 Restaurant Rescue

DLC Quest

Dora's World Adventure

Facebook Video Calling 1.2.0.287

Fallout: New Vegas

Farm Frenzy

FATE - The Traitor Soul

FTL: Faster Than Light

GameMaker-Studio 1.1

Garry's Mod

Google Chrome

Google Earth

Google Update Helper

GorillaPrice

Gunpoint

Half-Life

Half-Life 2

Hewlett-Packard ACLM.NET v1.2.1.1

Hotline Miami

HP Auto

HP Client Services

HP Customer Experience Enhancements

HP Games

HP LinkUp

HP MediaSmart/TouchSmart Netflix

HP MovieStore

HP Odometer

HP Photo Creations

HP Photosmart 6510 series Basic Device Software

HP Photosmart 6510 series Help

HP Photosmart 6510 series Product Improvement Study

HP Setup

HP Setup Manager

HP Support Assistant

HP Support Information

HP Update

HP Vision Hardware Diagnostics

Hulu Desktop

iTunes

Junk Mail filter update

K-Lite Codec Pack 9.4.0 (Basic)

Kerbal Space Program

Kobo

LabelPrint

LeapFrog Connect

LeapFrog My Pals Plugin

Left 4 Dead 2

Mah Jong Medley

Mesh Runtime

Microsoft .NET Framework 4.5

Microsoft Application Error Reporting

Microsoft Default Manager

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft PowerPoint Viewer

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727

Microsoft WSE 3.0 Runtime

Microsoft XNA Framework Redistributable 4.0 Refresh

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2758694)

Mystery P.I. - Stolen in San Francisco

Namco All-Stars PAC-MAN

Norton Security Scan

NVIDIA PhysX

Office 15 Click-to-Run Extensibility Component

Office 15 Click-to-Run Licensing Component

Office 15 Click-to-Run Localization Component

OpenAL

Papers, Please

PC Tools Registry Mechanic 11.0

PDF Complete Special Edition

Penguins!

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

Poker Night 2

Poker Superstars III

Polar Bowler

Polar Golfer

Portal 2

Power2Go

PressReader

QuickTime

Realtek High Definition Audio Driver

Recovery Manager

Remote Graphics Receiver

Retrogamer

Rogue Legacy

Rosetta Stone Ltd Services

Rosetta Stone TOTALe

RoxioNow Player

Scribblenauts Unlimited

Security Update for Microsoft .NET Framework 4.5 (KB2737083)

Security Update for Microsoft .NET Framework 4.5 (KB2742613)

Security Update for Microsoft .NET Framework 4.5 (KB2789648)

Security Update for Microsoft .NET Framework 4.5 (KB2833957)

Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)

Security Update for Microsoft .NET Framework 4.5 (KB2861208)

Skype Click to Call

Skype™ 6.11

Slingo Supreme

Steam

swMSM

System Shock 2

Team Fortress 2

Terraria

The Binding of Isaac

The Stanley Parable

The Walking Dead

TurboTax 2011

TurboTax 2011 wcaiper

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wrapper

TurboTax 2012

TurboTax 2012 wcaiper

TurboTax 2012 WinPerFedFormset

TurboTax 2012 WinPerReleaseEngine

TurboTax 2012 WinPerTaxSupport

TurboTax 2012 wrapper

Unity Web Player

Update for Microsoft .NET Framework 4.5 (KB2750147)

Update for Microsoft .NET Framework 4.5 (KB2805221)

Update for Microsoft .NET Framework 4.5 (KB2805226)

Update Installer for WildTangent Games App

Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)

VideoPad Video Editor

Virtual Villagers 4 - The Tree of Life

Wheel of Fortune 2

WildTangent Games App (HP Games)

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Wizard101

Zinio Reader 4

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

12/20/2013 3:04:36 PM, Error: Service Control Manager [7000] - The WatGorp service failed to start due to the following error: The system cannot find the file specified.

12/20/2013 3:04:25 PM, Error: Service Control Manager [7000] - The eFix Real Time Protection service failed to start due to the following error: The system cannot find the file specified.

12/13/2013 9:12:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

12/13/2013 9:12:26 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

MrCharlie · December 21, 2013

Uninstall these using Revo Uninstaller Free

Retrogamer
GorillaPrice

Please download and install Revo Uninstaller Free
http://www.revouninstaller.com/start_freeware_download.html

Double click Revo Uninstaller to run it.
From the list of programs double click on The Program to remove
When prompted if you want to uninstall click Yes.
Be sure the Moderate option is selected then click Next.
The program will run, If prompted again click Yes
When the built-in uninstaller is finished click on Next.
Once the program has searched for leftovers click Next.
Check/tick the bolded items only on the list then click Delete
When prompted click on Yes and then on next.
Put a check on any folders that are found and select delete
When prompted select yes then on next
Once done click Finish.

MrC

coby9118 · December 21, 2013

Wow! I tried using revo before, but it didn't delete it. It worked! Thank you!

MrCharlie · December 21, 2013

Lets see how well it did:

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

MrC

coby9118 · December 21, 2013

As I clicked run, it said it wasn't a valid Win32 application...

MrCharlie · December 21, 2013

Download a fresh copy using a different browser and make sure you're using the correct version.

MrC

coby9118 · December 21, 2013

I am clicking on the right download button (64-bit), but it keeps saying it's harmful to the computer. Therefore, it is not letting me run it at all. Is it possible that the malware is preventing me from doing so?

MrCharlie · December 21, 2013

There may be a problem with the program, hang on for a bit.

MrC

coby9118 · December 21, 2013

got it

coby9118 · December 21, 2013

I believe it isn't the progam. Since I first got the virus, I wasn't able to download malwarebytes because it was "corrupted" and still is.

MrCharlie · December 21, 2013

I can download it but I get the same message you got and the icon isn't correct.

The 32bit version downloads fine and the icon is correct.

I zipped up and attached the 64 bit version, see if you can download unzip and run it.

What's the icon look like??

Should look something like this:

http://www.bleepstatic.com/download/product-logos/2012/05/25/icon1337953436.png

MrC

coby9118 · December 21, 2013

It's up. Do I press scan or search files?

coby9118 · December 21, 2013

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2013 02

Ran by cdeegan (administrator) on CDEEGAN-HP on 21-12-2013 12:41:22

Running from C:\Users\cdeegan\AppData\Local\Temp\Temp1_FRST64.zip

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe

(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe

(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

() C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe

(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe

(Google Inc.) C:\Users\cdeegan\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2726728 2010-03-24] (CANON INC.)

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)

HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)

HKCU\...\Run: [Google Update] - C:\Users\cdeegan\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-07] (Google Inc.)

HKCU\...\Run: [Facebook Update] - C:\Users\cdeegan\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-13] (Facebook Inc.)

HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)

HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)

HKCU\...\Policies\system: [LogonHoursAction] 2

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKCU\...\Policies\Explorer: [NoInstrumentation] 1

MountPoints2: {9378aaf4-9c1c-11e1-90ac-3cd92b4a97de} - L:\TLBootstrap_WPP.exe

HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)

HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)

HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM-x32\...\Run: [sSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-10-25] (PC Tools)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [49208 2011-03-24] (Hewlett-Packard)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)

HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [268640 2011-11-12] (LeapFrog Enterprises, Inc.)

HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)

HKU\Josh\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

HKU\Josh\...\Run: [Google Update] - C:\Users\Josh\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-16] (Google Inc.)

HKU\Josh\...\Policies\system: [LogonHoursAction] 2

HKU\Josh\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\Lauren\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

HKU\Lauren\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -update activex

HKU\Lauren\...\Policies\system: [LogonHoursAction] 2

HKU\Lauren\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

AppInit_DLLs: C:\Windows\gpcloud.dll [449024 2013-12-13] ()

AppInit_DLLs-x32: gpsort.dll [378368 2013-12-13] ()

Startup: C:\Users\cdeegan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 6510 series.lnk

ShortcutTarget: Monitor Ink Alerts - HP Photosmart 6510 series.lnk -> C:\Program Files\hp\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: http=127.0.0.1:8080

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1

SearchScopes: HKLM - {6683B8C6-1263-4EA8-99F4-01789AE255CD} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}

SearchScopes: HKLM-x32 - {44f44034-6036-4f06-9336-74ec4620edab} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm003X9us&ptnrS=RGxdm003X9us&si=CMzqiLem9qwCFQVvhwoduAkQSA&ptb=1352ABB5-CBE3-4917-8C42-927A0B32315A&ind=2013042221&n=77fc962d&psa=&st=sb&searchfor={searchTerms}

SearchScopes: HKLM-x32 - {6683B8C6-1263-4EA8-99F4-01789AE255CD} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}

SearchScopes: HKCU - {44f44034-6036-4f06-9336-74ec4620edab} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm003X9us&ptb=1352ABB5-CBE3-4917-8C42-927A0B32315A&ind=2011120919&ptnrS=RGxdm003X9us&si=CMzqiLem9qwCFQVvhwoduAkQSA&n=77df4517&psa=&st=sb&searchfor={searchTerms}

SearchScopes: HKCU - {6314E1DD-E2D0-4A63-8338-66E7C7B5C404} URL = http://websearch.ask.com/redirect?client=ie&tb=NCH&o=15483&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=OW&apn_dtid=YYYYYYYYUS&apn_uid=9121FB43-7735-4900-8328-84F923EC5C82&apn_sauid=2C413554-E81F-4BC8-82D2-FED60D5930D1

SearchScopes: HKCU - {6683B8C6-1263-4EA8-99F4-01789AE255CD} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

DPF: HKLM-x32 {4F29DE54-5EB7-4D76-B610-A86B5CD2A234}

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 68.238.64.12

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.)

R2 GorillaPrice; C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe [643072 2013-12-16] ()

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation)

R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)

R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)

S2 eFixRealTimeProtection; C:\Program Files\eFix\eFix Pro\ReiGuard.exe [x]

S2 WatGorp; C:\ProgramData\GorillaPrice\WatGorp.exe -service [x]

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)

S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-21 12:38 - 2013-12-21 12:38 - 00000000 ____D C:\FRST

2013-12-21 12:37 - 2013-12-21 12:37 - 01793247 _____ C:\Users\cdeegan\Downloads\FRST64.zip

2013-12-20 21:23 - 2013-12-20 21:23 - 00449456 _____ C:\Users\cdeegan\Downloads\FRST64 (1).exe

2013-12-20 21:21 - 2013-12-20 21:21 - 00258196 _____ C:\Users\cdeegan\Downloads\FRST64.exe

2013-12-20 21:12 - 2013-12-20 21:12 - 00080456 _____ (Malwarebytes Corporation) C:\Users\cdeegan\Downloads\mbam-clean-1.60.2.0003.exe

2013-12-20 21:10 - 2013-12-20 21:10 - 06036822 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300 (5).exe

2013-12-20 21:10 - 2013-12-20 21:10 - 00003158 _____ C:\Windows\System32\Tasks\{03449F8A-E932-469A-87B0-7F4F12B4B923}

2013-12-20 21:10 - 2013-12-20 21:10 - 00000000 ____D C:\ProgramData\Lavasoft

2013-12-20 21:09 - 2013-12-20 21:10 - 01725064 _____ C:\Users\cdeegan\Downloads\Adaware_Installer.exe

2013-12-20 21:08 - 2013-12-20 21:08 - 03147483 _____ (AVG Technologies) C:\Users\cdeegan\Downloads\avg_isit_stb_all_2014_4259.exe

2013-12-20 20:38 - 2013-12-20 20:38 - 00007605 _____ C:\Users\cdeegan\AppData\Local\Resmon.ResmonCfg

2013-12-20 17:09 - 2011-12-09 16:59 - 00689552 _____ (MindSpark) C:\Program Files (x86)\2zUninstall Retrogamer.dll

2013-12-20 17:09 - 2011-12-09 16:59 - 00165832 _____ () C:\Program Files (x86)\2zres.dll

2013-12-20 17:08 - 2013-12-20 17:08 - 00001288 _____ C:\Users\cdeegan\Desktop\Revo Uninstaller.lnk

2013-12-20 17:07 - 2013-12-20 17:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\cdeegan\Downloads\revosetup (2).exe

2013-12-20 16:01 - 2013-12-20 16:02 - 00029263 _____ C:\Users\cdeegan\Desktop\dds.txt

2013-12-20 16:01 - 2013-12-20 16:02 - 00009593 _____ C:\Users\cdeegan\Desktop\attach.txt

2013-12-20 15:59 - 2013-12-20 16:00 - 00688992 ____R (Swearware) C:\Users\cdeegan\Downloads\dds.com

2013-12-20 15:43 - 2013-12-20 15:43 - 08460700 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300 (4).exe

2013-12-20 15:00 - 2013-12-20 15:00 - 00003270 _____ C:\Windows\System32\Tasks\{1014BE84-E386-4F88-AC86-C62E1D24D424}

2013-12-20 14:41 - 2013-12-20 17:08 - 00000000 ____D C:\Program Files (x86)\VS Revo Group

2013-12-20 14:41 - 2013-12-20 14:41 - 00143676 _____ (VS Revo Group Ltd.) C:\Users\cdeegan\Downloads\revosetup (1).exe

2013-12-20 14:41 - 2013-12-20 14:41 - 00137048 _____ C:\Users\cdeegan\Downloads\RevoUninProSetup (1).exe

2013-12-20 14:39 - 2013-12-20 14:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\cdeegan\Downloads\revosetup.exe

2013-12-20 14:28 - 2013-12-20 14:28 - 08137540 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300 (3).exe

2013-12-20 14:27 - 2013-12-20 14:28 - 04964960 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300 (2).exe

2013-12-20 12:54 - 2013-12-20 12:54 - 09339000 _____ (VS Revo Group ) C:\Users\cdeegan\Downloads\RevoUninProSetup.exe

2013-12-20 12:48 - 2013-12-20 12:49 - 01034531 _____ (Thisisu) C:\Users\cdeegan\Downloads\JRT.exe

2013-12-20 12:22 - 2013-12-20 21:13 - 00000000 ____D C:\ProgramData\boost_interprocess

2013-12-20 12:16 - 2013-12-20 12:16 - 00815916 _____ C:\Users\cdeegan\Downloads\AdwCleaner (1).exe

2013-12-19 17:24 - 2013-12-19 17:24 - 00324668 _____ C:\Users\Josh\Downloads\adwcleaner.exe

2013-12-19 17:21 - 2013-12-19 17:21 - 00000000 ____D C:\Users\Josh\AppData\Roaming\3909

2013-12-19 17:17 - 2013-12-19 17:17 - 00000000 ____D C:\Users\Josh\AppData\Local\AMD

2013-12-18 17:27 - 2013-12-18 17:27 - 03053496 _____ (Symantec Corporation) C:\Users\cdeegan\Downloads\NPE.exe

2013-12-16 19:00 - 2013-12-20 12:19 - 00000000 ____D C:\AdwCleaner

2013-12-16 18:59 - 2013-12-16 18:59 - 01226750 _____ C:\Users\cdeegan\Downloads\adwcleaner.exe

2013-12-16 18:47 - 2013-12-16 18:47 - 05246740 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-12-16 18:43 - 2013-12-16 18:43 - 04831402 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300.exe

2013-12-16 18:33 - 2013-12-16 18:33 - 00170469 _____ C:\Users\cdeegan\Downloads\winrar-x64-501.exe

2013-12-16 18:32 - 2013-12-16 20:15 - 00000000 ____D C:\Users\cdeegan\AppData\Roaming\Open Download Manager

2013-12-16 18:32 - 2013-12-16 18:32 - 00001085 _____ C:\Users\Lauren\Desktop\OpenDownloaderManager.lnk

2013-12-16 18:32 - 2013-12-16 18:32 - 00001085 _____ C:\Users\Josh\Desktop\OpenDownloaderManager.lnk

2013-12-16 18:24 - 2013-12-20 20:15 - 00000000 ____D C:\ProgramData\GorillaPrice

2013-12-16 18:24 - 2013-12-16 18:24 - 00000000 ____D C:\Program Files (x86)\GorillaPrice

2013-12-16 18:24 - 2013-12-13 06:31 - 00449024 _____ C:\Windows\gpcloud.dll

2013-12-16 18:24 - 2013-12-13 06:31 - 00378368 _____ C:\Windows\SysWOW64\gpsort.dll

2013-12-16 18:21 - 2013-12-16 20:15 - 00000000 ____D C:\Program Files (x86)\OpenDownloaderManager

2013-12-16 18:21 - 2013-12-16 18:21 - 00342184 _____ (My Company) C:\Users\cdeegan\Downloads\Setup_ODM.exe

2013-12-16 17:13 - 2013-11-13 12:52 - 00970520 _____ (TMRG, Inc.) C:\Windows\system32\rlls64.dll

2013-12-16 17:13 - 2013-11-13 12:52 - 00660248 _____ (TMRG, Inc.) C:\Windows\SysWOW64\rlls.dll

2013-12-15 17:19 - 2013-12-15 17:19 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-12-15 17:18 - 2013-12-15 17:18 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-12-15 17:18 - 2013-12-15 17:18 - 00000000 ____D C:\Program Files\iTunes

2013-12-15 17:18 - 2013-12-15 17:18 - 00000000 ____D C:\Program Files\iPod

2013-12-15 17:18 - 2013-12-15 17:18 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-12-15 17:15 - 2013-12-15 17:15 - 00001853 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2013-12-15 17:15 - 2013-12-15 17:15 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-12-11 03:03 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2013-12-11 03:03 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2013-12-11 03:03 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2013-12-11 03:03 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2013-12-11 03:01 - 2013-11-26 03:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-12-11 03:01 - 2013-11-26 02:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-12-11 03:01 - 2013-11-26 02:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-12-11 03:01 - 2013-11-26 02:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-12-11 03:01 - 2013-11-26 01:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-12-11 03:01 - 2013-11-26 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-12-11 03:01 - 2013-11-26 01:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-12-11 03:01 - 2013-11-26 01:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-12-11 03:01 - 2013-11-26 01:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-12-11 03:01 - 2013-11-26 01:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-12-11 03:01 - 2013-11-26 01:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-12-11 03:01 - 2013-11-26 01:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-12-11 03:01 - 2013-11-26 01:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-12-11 03:01 - 2013-11-26 01:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-12-11 03:01 - 2013-11-26 00:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-12-11 03:01 - 2013-11-26 00:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-12-11 03:01 - 2013-11-26 00:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-12-11 03:01 - 2013-11-26 00:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-12-11 03:01 - 2013-11-26 00:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-12-11 03:01 - 2013-11-26 00:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-12-11 03:01 - 2013-11-26 00:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-12-11 03:01 - 2013-11-26 00:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-12-11 03:01 - 2013-11-25 23:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-12-11 03:01 - 2013-11-25 23:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-12-11 03:01 - 2013-11-25 23:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-12-11 03:01 - 2013-11-25 23:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-12-11 03:01 - 2013-11-25 22:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-12-11 03:01 - 2013-11-25 22:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-12-11 03:01 - 2013-11-25 22:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-12-11 03:01 - 2013-11-25 22:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-12-11 03:01 - 2013-11-25 22:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-12-10 22:40 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-12-10 22:40 - 2013-11-23 09:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2013-12-10 22:40 - 2013-11-11 18:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2013-12-10 22:40 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2013-12-10 22:40 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2013-12-10 22:40 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2013-12-10 22:40 - 2013-10-29 17:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-12-10 22:40 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2013-12-10 22:40 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2013-12-10 22:40 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2013-12-10 22:40 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2013-12-10 22:40 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2013-12-10 22:40 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2013-12-10 22:40 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2013-12-10 22:40 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2013-12-10 22:40 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2013-12-10 22:40 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2013-12-10 22:40 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2013-12-10 22:40 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2013-12-10 22:35 - 2013-12-10 22:35 - 09293192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2013-12-06 20:11 - 2013-12-06 20:11 - 00000000 ____D C:\Users\cdeegan\AppData\Local\AMD

2013-12-06 20:11 - 2013-12-06 20:11 - 00000000 ____D C:\ProgramData\ATI

2013-12-06 20:10 - 2013-12-06 20:10 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201312062010158022.log

2013-12-06 20:10 - 2013-12-06 20:10 - 00000000 ____D C:\Program Files (x86)\AMD AVT

2013-12-06 20:04 - 2013-12-06 20:04 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies

2013-12-06 19:52 - 2013-12-06 20:02 - 00000000 ____D C:\ProgramData\Package Cache

2013-12-06 19:51 - 2013-12-06 19:51 - 00000000 ____D C:\AMD

2013-12-06 19:18 - 2013-12-06 19:19 - 00791552 _____ (AMD) C:\Users\cdeegan\Downloads\amddriverdownloader (1).exe

2013-12-06 19:10 - 2013-12-06 19:10 - 00791552 _____ (AMD) C:\Users\cdeegan\Downloads\amddriverdownloader.exe

2013-12-04 21:29 - 2013-12-04 21:29 - 00001419 _____ C:\Users\cdeegan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-12-04 03:05 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2013-12-04 03:03 - 2013-12-04 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-12-04 03:03 - 2013-12-04 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-12-04 03:03 - 2013-12-04 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-12-04 03:03 - 2013-12-04 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-12-04 03:03 - 2013-12-04 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-12-04 03:03 - 2013-12-04 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-12-04 03:03 - 2013-12-04 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-12-04 03:02 - 2013-12-04 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-12-04 03:02 - 2013-12-04 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-12-04 03:02 - 2013-12-04 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-12-04 03:02 - 2013-12-04 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-12-04 03:02 - 2013-12-04 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-12-04 03:02 - 2013-12-04 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-12-04 03:02 - 2013-12-04 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-12-04 03:02 - 2013-12-04 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-12-04 03:00 - 2013-12-04 03:05 - 00007785 _____ C:\Windows\IE11_main.log

2013-12-02 20:54 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll

2013-12-02 20:54 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll

2013-12-02 20:54 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll

2013-12-02 20:53 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll

2013-12-02 20:53 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll

2013-12-02 20:53 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll

2013-12-02 20:53 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll

2013-12-02 20:53 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll

2013-12-02 20:53 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll

2013-12-02 20:53 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll

2013-12-02 20:53 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll

2013-12-02 20:53 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll

2013-12-02 19:43 - 2013-12-02 19:43 - 00000000 ____D C:\Users\cdeegan\AppData\Roaming\3909

2013-11-26 21:06 - 2013-11-26 21:06 - 00000000 ____D C:\ProgramData\CanonIJ

==================== One Month Modified Files and Folders =======

2013-12-21 12:38 - 2013-12-21 12:38 - 00000000 ____D C:\FRST

2013-12-21 12:37 - 2013-12-21 12:37 - 01793247 _____ C:\Users\cdeegan\Downloads\FRST64.zip

2013-12-21 12:35 - 2012-05-18 16:58 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-12-21 12:33 - 2011-10-07 09:46 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037834696-1014634092-2110831400-1000UA.job

2013-12-21 12:24 - 2012-09-02 14:31 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037834696-1014634092-2110831400-1004UA.job

2013-12-21 12:15 - 2011-08-05 20:25 - 01187640 _____ C:\Windows\WindowsUpdate.log

2013-12-21 12:13 - 2012-09-09 10:37 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037834696-1014634092-2110831400-1003UA.job

2013-12-21 12:07 - 2012-06-19 23:45 - 00000000 ____D C:\Program Files (x86)\Steam

2013-12-21 12:01 - 2012-03-18 18:18 - 00000260 _____ C:\Windows\Tasks\HP Photo Creations Messager.job

2013-12-21 11:45 - 2012-01-07 20:06 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-12-21 11:11 - 2012-04-21 00:00 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3037834696-1014634092-2110831400-1000UA.job

2013-12-21 11:03 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-12-21 11:03 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-12-20 21:41 - 2012-07-02 18:26 - 00000000 ____D C:\Users\cdeegan\AppData\Roaming\Skype

2013-12-20 21:23 - 2013-12-20 21:23 - 00449456 _____ C:\Users\cdeegan\Downloads\FRST64 (1).exe

2013-12-20 21:21 - 2013-12-20 21:21 - 00258196 _____ C:\Users\cdeegan\Downloads\FRST64.exe

2013-12-20 21:20 - 2009-07-13 21:13 - 00783360 _____ C:\Windows\system32\PerfStringBackup.INI

2013-12-20 21:14 - 2012-01-07 20:06 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-12-20 21:14 - 2011-05-26 01:43 - 00000000 ____D C:\ProgramData\PDFC

2013-12-20 21:13 - 2013-12-20 12:22 - 00000000 ____D C:\ProgramData\boost_interprocess

2013-12-20 21:13 - 2010-11-20 19:47 - 00570338 _____ C:\Windows\PFRO.log

2013-12-20 21:13 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-12-20 21:13 - 2009-07-13 20:51 - 00074648 _____ C:\Windows\setupact.log

2013-12-20 21:12 - 2013-12-20 21:12 - 00080456 _____ (Malwarebytes Corporation) C:\Users\cdeegan\Downloads\mbam-clean-1.60.2.0003.exe

2013-12-20 21:10 - 2013-12-20 21:10 - 06036822 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300 (5).exe

2013-12-20 21:10 - 2013-12-20 21:10 - 00003158 _____ C:\Windows\System32\Tasks\{03449F8A-E932-469A-87B0-7F4F12B4B923}

2013-12-20 21:10 - 2013-12-20 21:10 - 00000000 ____D C:\ProgramData\Lavasoft

2013-12-20 21:10 - 2013-12-20 21:09 - 01725064 _____ C:\Users\cdeegan\Downloads\Adaware_Installer.exe

2013-12-20 21:08 - 2013-12-20 21:08 - 03147483 _____ (AVG Technologies) C:\Users\cdeegan\Downloads\avg_isit_stb_all_2014_4259.exe

2013-12-20 20:58 - 2012-01-07 20:06 - 00000000 ____D C:\Program Files (x86)\Google

2013-12-20 20:38 - 2013-12-20 20:38 - 00007605 _____ C:\Users\cdeegan\AppData\Local\Resmon.ResmonCfg

2013-12-20 20:15 - 2013-12-16 18:24 - 00000000 ____D C:\ProgramData\GorillaPrice

2013-12-20 17:23 - 2012-09-02 14:31 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037834696-1014634092-2110831400-1004Core.job

2013-12-20 17:08 - 2013-12-20 17:08 - 00001288 _____ C:\Users\cdeegan\Desktop\Revo Uninstaller.lnk

2013-12-20 17:08 - 2013-12-20 14:41 - 00000000 ____D C:\Program Files (x86)\VS Revo Group

2013-12-20 17:07 - 2013-12-20 17:07 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\cdeegan\Downloads\revosetup (2).exe

2013-12-20 16:02 - 2013-12-20 16:01 - 00029263 _____ C:\Users\cdeegan\Desktop\dds.txt

2013-12-20 16:02 - 2013-12-20 16:01 - 00009593 _____ C:\Users\cdeegan\Desktop\attach.txt

2013-12-20 16:00 - 2013-12-20 15:59 - 00688992 ____R (Swearware) C:\Users\cdeegan\Downloads\dds.com

2013-12-20 15:43 - 2013-12-20 15:43 - 08460700 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300 (4).exe

2013-12-20 15:13 - 2012-09-09 10:37 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037834696-1014634092-2110831400-1003Core.job

2013-12-20 15:00 - 2013-12-20 15:00 - 00003270 _____ C:\Windows\System32\Tasks\{1014BE84-E386-4F88-AC86-C62E1D24D424}

2013-12-20 14:41 - 2013-12-20 14:41 - 00143676 _____ (VS Revo Group Ltd.) C:\Users\cdeegan\Downloads\revosetup (1).exe

2013-12-20 14:41 - 2013-12-20 14:41 - 00137048 _____ C:\Users\cdeegan\Downloads\RevoUninProSetup (1).exe

2013-12-20 14:39 - 2013-12-20 14:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\cdeegan\Downloads\revosetup.exe

2013-12-20 14:28 - 2013-12-20 14:28 - 08137540 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300 (3).exe

2013-12-20 14:28 - 2013-12-20 14:27 - 04964960 _____ (Malwarebytes Corporation ) C:\Users\cdeegan\Downloads\mbam-setup-1.75.0.1300 (2).exe

2013-12-20 12:54 - 2013-12-20 12:54 - 09339000 _____ (VS Revo Group ) C:\Users\cdeegan\Downloads\RevoUninProSetup.exe

2013-12-20 12:49 - 2013-12-20 12:48 - 01034531 _____ (Thisisu) C:\Users\cdeegan\Downloads\JRT.exe

2013-12-20 12:21 - 2012-01-07 20:07 - 00000000 ____D C:\Program Files\Google

2013-12-20 12:19 - 2013-12-16 19:00 - 00000000 ____D C:\AdwCleaner

2013-12-20 12:16 - 2013-12-20 12:16 - 00815916 _____ C:\Users\cdeegan\Downloads\AdwCleaner (1).exe

2013-12-20 12:15 - 2012-01-17 07:04 - 00000414 _____ C:\Windows\SysWOW64\AppLog.log

2013-12-20 12:15 - 2012-01-11 21:02 - 00000290 _____ C:\Windows\Tasks\RMSchedule.job

2013-12-20 12:14 - 2012-04-21 00:00 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3037834696-1014634092-2110831400-1000Core.job

2013-12-19 17:24 - 2013-12-19 17:24 - 00324668 _____ C:\Users\Josh\Downloads\adwcleaner.exe

2013-12-19 17:21 - 2013-12-19 17:21 - 00000000 ____D C:\Users\Josh\AppData\Roaming\3909

2013-12-19 17:21 - 2013-01-23 16:09 - 00000000 ____D C:\Users\Josh\Documents\my games

2013-12-19 17:19 - 2012-09-02 14:31 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037834696-1014634092-2110831400-1004UA

2013-12-19 17:18 - 2012-09-02 14:31 - 00003476 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037834696-1014634092-2110831400-1004Core

2013-12-19 17:17 - 2013-12-19 17:17 - 00000000 ____D C:\Users\Josh\AppData\Local\AMD

2013-12-19 17:17 - 2012-09-02 14:30 - 00113112 _____ C:\Users\Josh\AppData\Local\GDIPFONTCACHEV1.DAT

2013-12-19 17:17 - 2012-09-02 14:29 - 00001419 _____ C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-12-19 17:17 - 2012-09-02 14:29 - 00000000 ___RD C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-12-19 17:17 - 2012-09-02 14:29 - 00000000 ___RD C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-12-18 17:27 - 2013-12-18 17:27 - 03053496 _____ (Symantec Corporation) C:\Users\cdeegan\Downloads\NPE.exe

2013-12-18 17:09 - 2011-10-07 09:46 - 00000000 ____D C:\Users\cdeegan\AppData\Local\Google

2013-12-18 07:00 - 2013-08-18 18:23 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForcdeegan

2013-12-18 07:00 - 2013-08-18 18:23 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForcdeegan.job

2013-12-18 07:00 - 2012-09-19 19:45 - 00000346 _____ C:\Windows\Tasks\HPCeeScheduleForCDEEGAN-HP$.job

2013-12-18 07:00 - 2011-10-29 15:30 - 00003222 _____ C:\Windows\System32\Tasks\HPCeeScheduleForCDEEGAN-HP$

2013-12-16 20:15 - 2013-12-16 18:32 - 00000000 ____D C:\Users\cdeegan\AppData\Roaming\Open Download Manager

2013-12-16 20:15 - 2013-12-16 18:21 - 00000000 ____D C:\Program Files (x86)\OpenDownloaderManager