Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2013 04
Ran by Jones (administrator) on JONES-HP on 31-08-2013 21:14:47
Running from C:\Users\Jones\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
() C:\ProgramData\GorillaPrice\WatGorp.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2899216 2012-08-11] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-06] (IDT, Inc.)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-20] (Hewlett-Packard Development Company, L.P.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [896912 2012-09-03] (BitTorrent, Inc.)
HKCU\...\Run: [AppEx Accelerator UI] - C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: {d084e54d-1f3d-11e2-aa9d-28924a1ccf61} - F:\LaunchU3.exe -a
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2404016 2013-08-26] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?pc=U039&ocid=U039DHP&dt=071313
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT/1
URLSearchHook: (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM - {1949D522-5E6E-4D27-98B0-6EEC20C66534} URL =
http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL =
http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
http://rover.ebay.com/rover/1/711-3...://www.ebay.com/sch/I.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 - {1949D522-5E6E-4D27-98B0-6EEC20C66534} URL =
http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL =
http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
http://rover.ebay.com/rover/1/711-3...://www.ebay.com/sch/I.html?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
http://mysearch.avg.com/search?cid=...cec440f3a59&lang=en&ds=AVG&pr=fr&d=2013-08-26 11:01:17&v=15.6.1.2&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - CC867947F04F4DF2A41C4E90DC6DF7BA URL =
http://mysearch.avg.com/search?cid=...cec440f3a59&lang=en&ds=AVG&pr=fr&d=2013-05-25 00:33:18&v=15.3.0.11&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1949D522-5E6E-4D27-98B0-6EEC20C66534} URL =
http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL =
http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
http://mysearch.avg.com/search?cid=...cec440f3a59&lang=en&ds=AVG&pr=fr&d=2013-08-26 11:01:17&v=15.6.1.2&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL =
http://search.coupons.com/search.asp?p=df&q={searchTerms}
SearchScopes: HKCU - {B072F062-28D5-4EEC-A34C-252238B85B7E} URL =
http://search.conduit.com/ResultsEx...urce=4&ctid=CT3282134&CUI=UN42911543581478631
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
http://rover.ebay.com/rover/1/711-3...://www.ebay.com/sch/I.html?_nkw={searchTerms}
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.6.1.2\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: TBSB07898 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll No File
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.6.1.2\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No File
Toolbar: HKCU - No Name - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll (AVG Secure Search)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
FireFox:
========
FF ProfilePath: C:\Users\Jones\AppData\Roaming\Mozilla\Firefox\Profiles\wczi21wh.default
FF user.js: detected! => C:\Users\Jones\AppData\Roaming\Mozilla\Firefox\Profiles\wczi21wh.default\user.js
FF DefaultSearchEngine: AVG Secure Search
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://mysearch.avg.com/?cid={EAC2F7FE-41DB-491D-896F-3BF198D9D324}&mid=cde2f2c3faf047d3a29cf9db0cf82692-0f3e6c02e693a2a5d56b9002d885acec440f3a59&lang=en&ds=AVG&pr=fr&d=2013-08-26 11:01:17&v=15.6.1.2&pid=safeguard&sg=0&sap=hp
FF Keyword.URL: hxxp://
www.bing.com/search?FORM=U039DF&PC=U039&dt=071313&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Jones\AppData\Roaming\CATALI~3\NPBCSK~2.DLL (Catalina Marketing Corporation)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Jones\AppData\Roaming\Mozilla\Firefox\Profiles\wczi21wh.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Jones\AppData\Roaming\Mozilla\Firefox\Profiles\wczi21wh.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [
smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.6.1.2
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.6.1.2
FF HKLM-x32\...\Firefox\Extensions: [{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}] C:\Users\Jones\AppData\Roaming\Mozilla\FireFox\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}.xpi
FF Extension: No Name - C:\Users\Jones\AppData\Roaming\Mozilla\FireFox\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] C:\Program Files (x86)\RelevantKnowledge\firefox
FF HKCU\...\Firefox\Extensions: [
smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-12] (Advanced Micro Devices, Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-14] (AVG Secure Search)
R2 WatGorp; C:\ProgramData\GorillaPrice\WatGorp.exe [120832 2013-08-24] ()
S2 GorillaPrice; C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe -service [x]
S2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service [x]
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [31872 2012-02-02] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-07-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-14] (AVG Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-03-01] (Synaptics Incorporated)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-31 21:13 - 2013-08-31 21:13 - 01589860 _____ (Farbar) C:\Users\Jones\Desktop\FRST64.exe
2013-08-31 21:12 - 2013-08-31 21:12 - 05115930 _____ (Swearware) C:\Users\Jones\Desktop\ComboFix.exe
2013-08-31 19:47 - 2013-08-31 20:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-31 19:45 - 2013-08-31 20:57 - 00000000 ____D C:\Users\Jones\Desktop\mbar
2013-08-31 19:45 - 2013-08-31 19:45 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Jones\Downloads\mbar-1.07.0.1005.exe
2013-08-31 19:38 - 2013-08-31 19:38 - 00001904 _____ C:\Users\Jones\Desktop\RKreport[0]_D_08312013_193807.txt
2013-08-31 19:37 - 2013-08-31 19:37 - 00001853 _____ C:\Users\Jones\Desktop\RKreport[0]_S_08312013_193723.txt
2013-08-31 19:34 - 2013-08-31 19:42 - 00000000 ____D C:\Users\Jones\Desktop\RK_Quarantine
2013-08-31 19:34 - 2013-08-31 19:34 - 03771904 _____ C:\Users\Jones\Downloads\RogueKillerX64.exe
2013-08-31 19:34 - 2013-08-31 19:34 - 00913408 _____ C:\Users\Jones\Downloads\RogueKiller.exe
2013-08-31 19:18 - 2013-08-31 19:18 - 00032966 _____ C:\Users\Jones\Desktop\dds.txt
2013-08-31 19:18 - 2013-08-31 19:18 - 00022903 _____ C:\Users\Jones\Desktop\attach.txt
2013-08-31 15:49 - 2013-08-31 15:49 - 00688992 ____R (Swearware) C:\Users\Jones\Downloads\dds.com
2013-08-31 15:43 - 2013-08-31 15:43 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-31 15:43 - 2013-08-31 15:43 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Malwarebytes
2013-08-31 15:43 - 2013-08-31 15:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 15:43 - 2013-08-31 15:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-31 15:43 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-31 15:42 - 2013-08-31 15:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jones\Downloads\mbam-setup-1.75.0.1300(2).exe
2013-08-31 15:42 - 2013-08-31 15:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jones\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-08-31 15:41 - 2013-08-31 15:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jones\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-31 15:25 - 2013-08-31 15:25 - 00039340 _____ C:\Users\Jones\Documents\pay 4.htm
2013-08-31 15:25 - 2013-08-31 15:25 - 00039340 _____ C:\Users\Jones\Documents\pay 3.htm
2013-08-31 15:25 - 2013-08-31 15:25 - 00039339 _____ C:\Users\Jones\Documents\pay 2.htm
2013-08-31 15:25 - 2013-08-31 15:25 - 00039338 _____ C:\Users\Jones\Documents\pay 1.htm
2013-08-31 15:25 - 2013-08-31 15:25 - 00000000 ____D C:\Users\Jones\Documents\pay 4_files
2013-08-31 15:25 - 2013-08-31 15:25 - 00000000 ____D C:\Users\Jones\Documents\pay 3_files
2013-08-31 15:25 - 2013-08-31 15:25 - 00000000 ____D C:\Users\Jones\Documents\pay 2_files
2013-08-31 15:25 - 2013-08-31 15:25 - 00000000 ____D C:\Users\Jones\Documents\pay 1_files
2013-08-30 19:47 - 2013-08-31 12:14 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-30 19:47 - 2013-08-31 11:30 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Open Download Manager
2013-08-30 19:47 - 2013-08-30 19:47 - 00000000 ____D C:\ProgramData\GorillaPrice
2013-08-30 19:46 - 2013-08-30 19:46 - 00482624 _____ (My Company) C:\Users\Jones\Downloads\Setup.exe
2013-08-21 14:51 - 2013-08-21 15:51 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-08-16 22:56 - 2013-08-26 11:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 13:08 - 2013-08-16 13:08 - 00772976 _____ C:\Windows\Minidump\081613-38953-01.dmp
2013-08-15 09:49 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 09:49 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 09:49 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 09:49 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 09:49 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 09:49 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 09:49 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 09:49 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 09:49 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 09:49 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 09:49 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 09:49 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 09:49 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 09:49 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 09:49 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 09:49 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 09:49 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 09:49 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 09:49 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 09:49 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 09:49 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 09:49 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 22:12 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 22:12 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 22:12 - 2013-07-18 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 22:12 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 22:12 - 2013-07-09 02:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 22:12 - 2013-07-09 01:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 22:12 - 2013-07-09 01:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 22:12 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 22:12 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 22:12 - 2013-07-09 01:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 22:12 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 22:12 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 22:12 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 22:12 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 22:12 - 2013-07-09 00:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 22:12 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 22:12 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 22:12 - 2013-07-09 00:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 22:12 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 22:12 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 22:12 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 22:12 - 2013-07-08 22:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 22:12 - 2013-07-08 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 22:12 - 2013-07-08 22:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 22:12 - 2013-07-08 22:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 22:12 - 2013-07-06 02:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 22:12 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-09 21:23 - 2013-08-23 04:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-09 21:23 - 2013-08-15 19:13 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Skype
2013-08-09 21:23 - 2013-08-09 21:23 - 00002515 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-09 21:21 - 2013-08-09 21:21 - 01492848 _____ (Skype Technologies S.A.) C:\Users\Jones\Downloads\SkypeSetup.exe
2013-08-01 16:03 - 2013-08-01 20:22 - 00000000 ____D C:\Users\Jones\AppData\Local\{DC268CBE-FD63-48A6-9B03-84A471616005}
2013-08-01 16:03 - 2013-08-01 16:03 - 00000000 ____D C:\Users\Jones\AppData\Local\{C4C0402A-07D4-4635-8AA5-9A5C65D606F9}
2013-08-01 12:00 - 2013-08-01 12:00 - 00772976 _____ C:\Windows\Minidump\080113-42541-01.dmp
==================== One Month Modified Files and Folders =======
2013-08-31 21:14 - 2013-08-31 21:14 - 00000000 ____D C:\FRST
2013-08-31 21:14 - 2009-07-14 00:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-31 21:14 - 2009-07-14 00:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-31 21:13 - 2013-08-31 21:13 - 01589860 _____ (Farbar) C:\Users\Jones\Desktop\FRST64.exe
2013-08-31 21:12 - 2013-08-31 21:12 - 05115930 _____ (Swearware) C:\Users\Jones\Desktop\ComboFix.exe
2013-08-31 21:08 - 2009-07-14 01:13 - 00779724 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 21:06 - 2012-08-10 03:44 - 01632027 _____ C:\Windows\WindowsUpdate.log
2013-08-31 21:03 - 2012-09-03 21:57 - 00000000 ____D C:\Users\Jones\AppData\Roaming\uTorrent
2013-08-31 21:03 - 2012-08-10 00:45 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-31 21:02 - 2013-05-29 14:55 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-31 21:01 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-31 21:01 - 2009-07-14 00:51 - 00058344 _____ C:\Windows\setupact.log
2013-08-31 20:57 - 2013-08-31 19:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-31 20:57 - 2013-08-31 19:45 - 00000000 ____D C:\Users\Jones\Desktop\mbar
2013-08-31 20:51 - 2013-05-29 14:55 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-31 20:51 - 2012-04-19 21:00 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 19:45 - 2013-08-31 19:45 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Jones\Downloads\mbar-1.07.0.1005.exe
2013-08-31 19:42 - 2013-08-31 19:34 - 00000000 ____D C:\Users\Jones\Desktop\RK_Quarantine
2013-08-31 19:38 - 2013-08-31 19:38 - 00001904 _____ C:\Users\Jones\Desktop\RKreport[0]_D_08312013_193807.txt
2013-08-31 19:37 - 2013-08-31 19:37 - 00001853 _____ C:\Users\Jones\Desktop\RKreport[0]_S_08312013_193723.txt
2013-08-31 19:34 - 2013-08-31 19:34 - 03771904 _____ C:\Users\Jones\Downloads\RogueKillerX64.exe
2013-08-31 19:34 - 2013-08-31 19:34 - 00913408 _____ C:\Users\Jones\Downloads\RogueKiller.exe
2013-08-31 19:18 - 2013-08-31 19:18 - 00032966 _____ C:\Users\Jones\Desktop\dds.txt
2013-08-31 19:18 - 2013-08-31 19:18 - 00022903 _____ C:\Users\Jones\Desktop\attach.txt
2013-08-31 19:09 - 2013-05-25 00:14 - 00000000 ____D C:\ProgramData\MFAData
2013-08-31 19:04 - 2010-11-20 23:47 - 00398524 _____ C:\Windows\PFRO.log
2013-08-31 15:49 - 2013-08-31 15:49 - 00688992 ____R (Swearware) C:\Users\Jones\Downloads\dds.com
2013-08-31 15:43 - 2013-08-31 15:43 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-31 15:43 - 2013-08-31 15:43 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Malwarebytes
2013-08-31 15:43 - 2013-08-31 15:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-31 15:43 - 2013-08-31 15:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-31 15:42 - 2013-08-31 15:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jones\Downloads\mbam-setup-1.75.0.1300(2).exe
2013-08-31 15:42 - 2013-08-31 15:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jones\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-08-31 15:41 - 2013-08-31 15:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Jones\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-31 15:25 - 2013-08-31 15:25 - 00039340 _____ C:\Users\Jones\Documents\pay 4.htm
2013-08-31 15:25 - 2013-08-31 15:25 - 00039340 _____ C:\Users\Jones\Documents\pay 3.htm
2013-08-31 15:25 - 2013-08-31 15:25 - 00039339 _____ C:\Users\Jones\Documents\pay 2.htm
2013-08-31 15:25 - 2013-08-31 15:25 - 00039338 _____ C:\Users\Jones\Documents\pay 1.htm
2013-08-31 15:25 - 2013-08-31 15:25 - 00000000 ____D C:\Users\Jones\Documents\pay 4_files
2013-08-31 15:25 - 2013-08-31 15:25 - 00000000 ____D C:\Users\Jones\Documents\pay 3_files
2013-08-31 15:25 - 2013-08-31 15:25 - 00000000 ____D C:\Users\Jones\Documents\pay 2_files
2013-08-31 15:25 - 2013-08-31 15:25 - 00000000 ____D C:\Users\Jones\Documents\pay 1_files
2013-08-31 12:36 - 2012-08-11 14:45 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForJones.job
2013-08-31 12:35 - 2009-07-14 01:08 - 00026972 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-31 12:14 - 2013-08-30 19:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-31 11:41 - 2012-08-12 23:18 - 00000000 ____D C:\Users\Jones\AppData\Local\CrashDumps
2013-08-31 11:30 - 2013-08-30 19:47 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Open Download Manager
2013-08-31 11:29 - 2012-08-10 23:47 - 00000024 _____ C:\Users\Jones\random.dat
2013-08-31 11:11 - 2012-08-09 20:55 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{05558852-A78C-4E24-B47E-DDD66BD9B2BC}
2013-08-30 19:47 - 2013-08-30 19:47 - 00000000 ____D C:\ProgramData\GorillaPrice
2013-08-30 19:46 - 2013-08-30 19:46 - 00482624 _____ (My Company) C:\Users\Jones\Downloads\Setup.exe
2013-08-30 19:25 - 2013-07-29 18:40 - 00000044 _____ C:\Users\Jones\jagex_cl_oldschool_LIVE.dat
2013-08-30 10:34 - 2012-12-07 11:27 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-08-30 10:34 - 2012-08-11 14:45 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJones
2013-08-30 10:34 - 2012-08-10 21:29 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-08-26 11:01 - 2013-08-16 22:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-26 11:01 - 2013-05-25 00:34 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-08-26 11:01 - 2013-05-25 00:33 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-08-25 04:38 - 2013-05-29 13:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-23 04:59 - 2013-08-09 21:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-21 15:51 - 2013-08-21 14:51 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-08-21 15:51 - 2012-04-19 21:00 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 15:51 - 2012-04-19 21:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 15:51 - 2012-04-19 21:00 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-19 22:30 - 2012-08-10 23:47 - 00000044 _____ C:\Users\Jones\jagex_cl_runescape_LIVE.dat
2013-08-17 07:43 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 13:08 - 2013-08-16 13:08 - 00772976 _____ C:\Windows\Minidump\081613-38953-01.dmp
2013-08-16 13:08 - 2013-07-11 10:39 - 00000000 ____D C:\Windows\Minidump
2013-08-16 13:08 - 2013-07-11 10:38 - 578086321 _____ C:\Windows\MEMORY.DMP
2013-08-15 19:13 - 2013-08-09 21:23 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Skype
2013-08-15 09:49 - 2012-10-16 19:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-15 09:43 - 2013-07-12 12:42 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 09:40 - 2012-08-29 16:33 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 16:33 - 2013-05-25 00:33 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-08-12 16:50 - 2013-06-13 01:20 - 02162416 _____ (Catalina Marketing Corp) C:\Users\Jones\AppData\Local\BcsKtYcHW.dll
2013-08-12 16:50 - 2013-06-13 01:20 - 00893239 _____ C:\Users\Jones\AppData\Local\a.zip
2013-08-12 11:20 - 2012-08-09 20:55 - 00000000 ____D C:\Users\Jones\AppData\Roaming\Hewlett-Packard
2013-08-12 11:20 - 2012-07-16 10:27 - 00000000 ____D C:\Windows\Hewlett-Packard
2013-08-12 11:20 - 2011-02-10 15:23 - 00000000 ____D C:\SWSetup
2013-08-09 21:23 - 2013-08-09 21:23 - 00002515 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-09 21:23 - 2012-04-19 21:19 - 00000000 ____D C:\ProgramData\Skype
2013-08-09 21:21 - 2013-08-09 21:21 - 01492848 _____ (Skype Technologies S.A.) C:\Users\Jones\Downloads\SkypeSetup.exe
2013-08-06 03:39 - 2013-05-25 03:12 - 00000000 ____D C:\Users\Jones\AppData\Local\PMB Files
2013-08-06 03:39 - 2013-05-25 03:12 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-01 20:22 - 2013-08-01 16:03 - 00000000 ____D C:\Users\Jones\AppData\Local\{DC268CBE-FD63-48A6-9B03-84A471616005}
2013-08-01 16:03 - 2013-08-01 16:03 - 00000000 ____D C:\Users\Jones\AppData\Local\{C4C0402A-07D4-4635-8AA5-9A5C65D606F9}
2013-08-01 16:02 - 2012-08-09 20:57 - 00000000 ____D C:\Users\Jones\AppData\Local\Windows Live Writer
2013-08-01 12:00 - 2013-08-01 12:00 - 00772976 _____ C:\Windows\Minidump\080113-42541-01.dmp
2013-08-01 01:24 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\FxsTmp
Files to move or delete:
====================
C:\Users\Jones\jagex_cl_oldschool_LIVE.dat
C:\Users\Jones\jagex_cl_runescape_LIVE.dat
C:\Users\Jones\jagex_cl_runescape_LIVE1.dat
C:\Users\Jones\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Jones\random.dat
C:\Users\Jones\AppData\Local\Temp\7zDecode.exe
C:\Users\Jones\AppData\Local\Temp\air5B37.exe
C:\Users\Jones\AppData\Local\Temp\air7952.exe
C:\Users\Jones\AppData\Local\Temp\autorun.dll
C:\Users\Jones\AppData\Local\Temp\BSTIEPrintCtl2.dll
C:\Users\Jones\AppData\Local\Temp\catalyst_mobility_64-bit_util.exe
C:\Users\Jones\AppData\Local\Temp\Couponscom.exe
C:\Users\Jones\AppData\Local\Temp\devcon.exe
C:\Users\Jones\AppData\Local\Temp\Extract.exe
C:\Users\Jones\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jones\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Jones\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Jones\AppData\Local\Temp\oi_{274B9D9D-97AB-42CC-9349-3A0D3EB44C75}.exe
C:\Users\Jones\AppData\Local\Temp\Selfdel.dll
C:\Users\Jones\AppData\Local\Temp\SP56478.exe
C:\Users\Jones\AppData\Local\Temp\SP56750.exe
C:\Users\Jones\AppData\Local\Temp\SP56954.exe
C:\Users\Jones\AppData\Local\Temp\SP57232.exe
C:\Users\Jones\AppData\Local\Temp\SP58540.exe
C:\Users\Jones\AppData\Local\Temp\SP58543.exe
C:\Users\Jones\AppData\Local\Temp\sp58915.exe
C:\Users\Jones\AppData\Local\Temp\SP58975.exe
C:\Users\Jones\AppData\Local\Temp\SP59096.exe
C:\Users\Jones\AppData\Local\Temp\SP59202.exe
C:\Users\Jones\AppData\Local\Temp\SP59664.exe
C:\Users\Jones\AppData\Local\Temp\SP60051.exe
C:\Users\Jones\AppData\Local\Temp\SP61006.exe
C:\Users\Jones\AppData\Local\Temp\SP61037.exe
C:\Users\Jones\AppData\Local\Temp\SP61399.exe
C:\Users\Jones\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Jones\AppData\Local\Temp\tbedrs.dll
C:\Users\Jones\AppData\Local\Temp\tbuTor.dll
C:\Users\Jones\AppData\Local\Temp\tbWis0.dll
C:\Users\Jones\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Jones\AppData\Local\Temp\utt3348.tmp.exe
C:\Users\Jones\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\Jones\AppData\Local\Temp\{AC76BA86-7AD7-1033-7B44-AA1000000001}\FixTransforms.exe
C:\Users\Jones\AppData\Local\Temp\{4C64E4B1-4CEC-48A4-8FB8-9F72ED73C141}\adobeshockwavextrabundle.exe
C:\Users\Jones\AppData\Local\Temp\{27D2AB98-65FC-496A-98EE-3EB2B2150BA4}\InstallFlashPlayer.exe
C:\Users\Jones\AppData\Local\Temp\{203CFE07-F791-4F1F-B67F-2E4A65165C7D}\CleanerUI\cleanapi.dll
C:\Users\Jones\AppData\Local\Temp\{203CFE07-F791-4F1F-B67F-2E4A65165C7D}\CleanerUI\cleanapi.exe
C:\Users\Jones\AppData\Local\Temp\{203CFE07-F791-4F1F-B67F-2E4A65165C7D}\CleanerUI\klssrmv.dll
C:\Users\Jones\AppData\Local\Temp\{203CFE07-F791-4F1F-B67F-2E4A65165C7D}\CleanerStorage\cleanapi.dll
C:\Users\Jones\AppData\Local\Temp\{203CFE07-F791-4F1F-B67F-2E4A65165C7D}\CleanerStorage\cleanapi.exe
C:\Users\Jones\AppData\Local\Temp\{203CFE07-F791-4F1F-B67F-2E4A65165C7D}\CleanerStorage\klssrmv.dll