Inactive Repair error 0x45d, possible virus

Status
Not open for further replies.
PLEASE HELP!!!! what should I do next? My FRST log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Acer (administrator) on ACER-PC on 20-06-2014 13:19:49
Running from E:\
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)

The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [623520 2011-02-02] (Zbshareware Lab)
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [969104 2013-01-21] (BitTorrent, Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Google Update] => C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-21] (Google Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Acer\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Facebook Update] => C:\Users\Acer\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-03] (Facebook Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {68b07e37-ee33-11e2-aa47-9cb70da879f9} - E:\Windows\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {8d69285f-ed14-11e2-9264-001e101faa49} - E:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {92a3d4bb-63ef-11e2-84fa-9cb70da879f9} - E:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {b71953cf-ed02-11e2-98e7-9cb70da879f9} - E:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {b71953e7-ed02-11e2-98e7-9cb70da879f9} - F:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {d323995a-e093-11e2-ab6b-9cb70da879f9} - E:\AutoRun.exe
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk
ShortcutTarget: bm.lnk -> C:\Users\Acer\AppData\Local\WixMedia\Browsers Monitor\iexplore_monitor.exe (WixMedia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.arabyonline.com/?src=103RDUXX1377239269
URLSearchHook: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
URLSearchHook: HKCU - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
SearchScopes: HKLM-x32 - DefaultScope {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonline.com/search/?q={searchTerms}
SearchScopes: HKLM-x32 - {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonline.com/search/?q={searchTerms}
SearchScopes: HKCU - 651F8C78CFAA4998A7393B3933EBE6C3 URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonline.com/search/?q={searchTerms}
SearchScopes: HKCU - {DD338EAD-E314-4A32-B649-96308072B158} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: FTdownloader V4.0 - {11111111-1111-1111-1111-110311551174} - C:\Program Files (x86)\FTdownloader V4.0\FTdownloader V4.0-bho.dll No File
BHO-x32: GeniusXXBHO Class - {62CE079A-9E67-40B2-A4AB-FD75F6E88B8A} - C:\Program Files (x86)\GeniusXXAddon\GeniusXXIE.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
Toolbar: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{614AD2E6-2093-4556-999A-A6FC93EB3D26}: [NameServer]195.229.241.222 213.42.20.20

FireFox:
========
FF ProfilePath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF NetworkProxy: "no_proxies_on", ""
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Acer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Acer\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Acer\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\user.js
FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\searchplugins\bingp.xml
FF Extension: Lyrics-Pal - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\128 [2013-08-23]
FF Extension: GeniusXX Safe ads - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\addon@geniusinstaller.com [2013-08-23]
FF Extension: Vonteera Safe ads - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\addon@Vonteera.com [2013-08-23]
FF Extension: FT Downloader - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\ftd@ftd.com.xpi [2013-06-26]
FF Extension: Address Bar Search - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-11-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-15]
FF HKCU\...\Firefox\Extensions: [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}] - C:\Program Files (x86)\LyricsPal\128.xpi

Chrome:
=======
CHR HomePage: https://www.google.com/webhp?sourceid=chrome-instant&ion=1&ie=UTF-8&rct=j
CHR StartupUrls: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchKeyword: google.com.ph
CHR Plugin: (Shockwave Flash) - C:\Users\Acer\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Acer\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Acer\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Acer\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojdbdbhbbkpenbmlejjngphokgnp [2014-06-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (uTorrentControl_v2) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda [2013-01-21]
CHR Extension: (AdBlock) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-10]
CHR Extension: (Skype Click to Call) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-28]
CHR Extension: (Google Wallet) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [fckenojfmfijmbkigoajddgondmfhefd] - C:\Program Files (x86)\GeniusXXAddon\GeniusXX-chrome.crx [2013-08-22]
CHR HKCU\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Acer\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojdbdbhbbkpenbmlejjngphokgnp] - C:\Users\Acer\AppData\Local\APN\GoogleCRXs\aaaaojdbdbhbbkpenbmlejjngphokgnp_7.17.2.0.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Acer\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Acer\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [fckenojfmfijmbkigoajddgondmfhefd] - C:\Program Files (x86)\GeniusXXAddon\GeniusXX-chrome.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [lgnbhdnimikkoodkogjlcllngimhlapp] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [pnbbffeddnekkhjmokkhdebbfbibbflc] - C:\Program Files (x86)\LyricsPal\128.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 Etisalat 3G Modem. RunOuc; C:\Program Files (x86)\Etisalat 3G Modem\UpdateDog\ouc.exe [655712 2014-03-04] ()
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-03-12] ()
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-09-21] (Microsoft Corporation) [File not signed]
S2 APNMCP; "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 BBUpdate; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]
S3 EgisTec Ticket Service; "C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe" [X]
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [X]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [X]
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [X]
S2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [X]
S3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [X]
S2 persdwmsrv; "C:\Program Files (x86)\Winreview.ru\Personalization Panel DWM Controller\persdwmsrv.exe" [X]

==================== Drivers (Whitelisted) ====================

S1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-11] (Realtek Semiconductor Corporation )
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
S1 cnafqepc; \??\C:\Windows\system32\drivers\cnafqepc.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 MpNWMon; system32\DRIVERS\MpNWMon.sys [X]
S1 mwlPSDFilter; system32\DRIVERS\mwlPSDFilter.sys [X]
S1 mwlPSDNServ; system32\DRIVERS\mwlPSDNServ.sys [X]
S1 mwlPSDVDisk; system32\DRIVERS\mwlPSDVDisk.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-20 13:16 - 2014-06-20 13:19 - 00000000 ____D () C:\FRST
2014-06-20 13:15 - 2014-06-20 13:15 - 00006396 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-06-20 13:13 - 2014-06-20 13:13 - 00266576 _____ () C:\Windows\Minidump\062014-18330-01.dmp
2014-06-20 12:30 - 2014-06-20 12:30 - 00266576 _____ () C:\Windows\Minidump\062014-19312-01.dmp
2014-06-15 01:46 - 2014-06-15 01:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 22:43 - 2014-06-14 22:44 - 00038976 _____ () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph.htm
2014-06-14 22:43 - 2014-06-14 22:44 - 00000000 ____D () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph_files
2014-06-11 19:47 - 2014-05-08 13:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 19:47 - 2014-05-08 13:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 19:47 - 2014-01-09 06:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-11 01:07 - 2014-06-11 01:07 - 00000000 ____D () C:\ProgramData\Intel
2014-06-11 00:38 - 2013-10-02 04:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-11 00:38 - 2013-10-02 04:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-11 00:38 - 2013-10-02 04:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-11 00:38 - 2013-10-02 03:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-11 00:38 - 2013-10-02 03:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-11 00:38 - 2013-10-02 02:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-11 00:33 - 2012-08-23 18:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-11 00:33 - 2012-08-23 18:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-06-11 00:33 - 2012-08-23 18:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-06-11 00:33 - 2012-08-23 15:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-06-11 00:33 - 2012-08-23 14:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-06-11 00:31 - 2013-09-25 05:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-11 00:31 - 2012-05-04 13:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-06-11 00:11 - 2014-06-11 00:12 - 00000000 ____D () C:\Users\Acer\Desktop\NDS Emulator
2014-06-10 23:35 - 2014-06-10 23:45 - 00000000 ____D () C:\Users\Acer\Desktop\villa teresita
2014-06-10 23:20 - 2014-06-10 23:22 - 00000000 ____D () C:\Users\Acer\Desktop\mommy birthday
2014-06-10 23:19 - 2014-06-10 23:20 - 05841248 _____ (Acer Incorporated) C:\Users\Acer\Downloads\Updaterhotfix.exe
2014-06-10 23:17 - 2014-06-10 23:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-10 23:16 - 2014-06-01 17:17 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-10 23:00 - 2014-06-11 23:47 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-10 22:59 - 2014-06-11 23:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-10 22:56 - 2014-05-30 13:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-10 22:56 - 2014-05-30 13:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-10 22:56 - 2014-05-30 12:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-10 22:56 - 2014-05-30 12:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-10 22:56 - 2014-05-30 12:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-10 22:56 - 2014-05-30 12:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-10 22:56 - 2014-05-30 12:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-10 22:56 - 2014-05-30 12:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-10 22:56 - 2014-05-30 12:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-10 22:56 - 2014-05-30 12:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-10 22:56 - 2014-05-30 12:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-10 22:56 - 2014-05-30 12:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-10 22:56 - 2014-05-30 12:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-10 22:56 - 2014-05-30 12:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-10 22:56 - 2014-05-30 12:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-10 22:56 - 2014-05-30 12:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-10 22:56 - 2014-05-30 11:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-10 22:56 - 2014-05-30 11:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-10 22:56 - 2014-05-30 11:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-10 22:56 - 2014-05-30 11:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-10 22:56 - 2014-05-30 11:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-10 22:56 - 2014-05-30 11:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-10 22:56 - 2014-05-30 11:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-10 22:56 - 2014-05-30 11:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-10 22:50 - 2014-04-25 06:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-10 22:50 - 2014-03-26 18:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-10 22:50 - 2014-03-26 18:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-10 22:50 - 2014-03-26 18:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-10 22:50 - 2014-03-26 18:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\Users\Acer\Desktop\New folder
2014-05-31 19:13 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-31 19:12 - 2014-05-31 19:12 - 00006026 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-31 19:12 - 2014-05-31 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-31 19:12 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-31 19:12 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-31 19:12 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-24 01:54 - 2014-05-24 01:54 - 01070624 _____ (Unity Technologies ApS) C:\Users\Acer\Downloads\UnityWebPlayer.exe

==================== One Month Modified Files and Folders =======

2014-06-21 00:52 - 2009-07-14 07:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-20 13:19 - 2014-06-20 13:16 - 00000000 ____D () C:\FRST
2014-06-20 13:15 - 2014-06-20 13:15 - 00006396 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-06-20 13:13 - 2014-06-20 13:13 - 00266576 _____ () C:\Windows\Minidump\062014-18330-01.dmp
2014-06-20 13:13 - 2014-01-28 20:29 - 169046360 _____ () C:\Windows\MEMORY.DMP
2014-06-20 13:13 - 2014-01-28 20:29 - 00000000 ____D () C:\Windows\Minidump
2014-06-20 12:45 - 2013-01-21 00:48 - 01177128 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 12:30 - 2014-06-20 12:30 - 00266576 _____ () C:\Windows\Minidump\062014-19312-01.dmp
2014-06-20 01:36 - 2013-01-21 01:58 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\uTorrent
2014-06-20 01:26 - 2013-01-21 03:07 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Skype
2014-06-20 01:10 - 2013-02-11 18:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 00:38 - 2013-01-21 03:20 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000UA.job
2014-06-19 23:31 - 2014-05-03 23:26 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000UA.job
2014-06-19 23:31 - 2014-05-03 23:26 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000Core.job
2014-06-19 18:38 - 2013-01-21 03:20 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000Core.job
2014-06-19 17:45 - 2009-07-14 08:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-19 17:45 - 2009-07-14 08:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-19 17:41 - 2009-07-14 09:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-19 17:36 - 2013-01-21 07:43 - 00000000 ____D () C:\ProgramData\clear.fi
2014-06-19 17:35 - 2013-08-23 09:28 - 00000362 _____ () C:\Windows\Tasks\Lyrics-Pal Update.job
2014-06-19 17:35 - 2009-07-14 09:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-19 17:35 - 2009-07-14 08:51 - 00162389 _____ () C:\Windows\setupact.log
2014-06-16 12:58 - 2013-01-21 01:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-15 01:47 - 2014-06-15 01:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 22:44 - 2014-06-14 22:43 - 00038976 _____ () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph.htm
2014-06-14 22:44 - 2014-06-14 22:43 - 00000000 ____D () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph_files
2014-06-12 00:08 - 2013-08-08 09:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 00:08 - 2011-10-14 17:18 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 23:47 - 2014-06-10 23:00 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-11 23:47 - 2014-06-10 22:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-11 23:47 - 2013-01-21 02:23 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-11 23:47 - 2013-01-21 02:22 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-11 12:43 - 2013-01-21 01:55 - 00002325 _____ () C:\Users\Acer\Desktop\Google Chrome.lnk
2014-06-11 01:07 - 2014-06-11 01:07 - 00000000 ____D () C:\ProgramData\Intel
2014-06-11 01:07 - 2009-07-14 07:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-11 00:38 - 2011-10-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-11 00:12 - 2014-06-11 00:11 - 00000000 ____D () C:\Users\Acer\Desktop\NDS Emulator
2014-06-10 23:45 - 2014-06-10 23:35 - 00000000 ____D () C:\Users\Acer\Desktop\villa teresita
2014-06-10 23:22 - 2014-06-10 23:20 - 00000000 ____D () C:\Users\Acer\Desktop\mommy birthday
2014-06-10 23:20 - 2014-06-10 23:19 - 05841248 _____ (Acer Incorporated) C:\Users\Acer\Downloads\Updaterhotfix.exe
2014-06-10 23:20 - 2014-06-10 23:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-10 23:16 - 2013-01-21 00:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 23:15 - 2013-01-21 00:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-10 23:14 - 2014-05-13 20:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\Users\Acer\Desktop\New folder
2014-06-01 17:17 - 2014-06-10 23:16 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-31 23:21 - 2010-11-21 07:47 - 00170238 _____ () C:\Windows\PFRO.log
2014-05-31 19:58 - 2013-01-21 00:58 - 00000000 ____D () C:\ProgramData\Temp
2014-05-31 19:12 - 2014-05-31 19:12 - 00006026 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-31 19:12 - 2014-05-31 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-31 19:12 - 2013-01-21 02:25 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-30 13:18 - 2014-06-10 22:56 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 13:02 - 2014-06-10 22:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 12:44 - 2014-06-10 22:56 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 12:43 - 2014-06-10 22:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 12:42 - 2014-06-10 22:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 12:38 - 2014-06-10 22:56 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 12:34 - 2014-06-10 22:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 12:33 - 2014-06-10 22:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 12:30 - 2014-06-10 22:56 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 12:28 - 2014-06-10 22:56 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 12:27 - 2014-06-10 22:56 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 12:16 - 2014-06-10 22:56 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 12:10 - 2014-06-10 22:56 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 12:06 - 2014-06-10 22:56 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 12:04 - 2014-06-10 22:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 12:02 - 2014-06-10 22:56 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 11:56 - 2014-06-10 22:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 11:54 - 2014-06-10 22:56 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 11:50 - 2014-06-10 22:56 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 11:49 - 2014-06-10 22:56 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 11:40 - 2014-06-10 22:56 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 11:21 - 2014-06-10 22:56 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 11:15 - 2014-06-10 22:56 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 11:13 - 2014-06-10 22:56 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-24 01:54 - 2014-05-24 01:54 - 01070624 _____ (Unity Technologies ApS) C:\Users\Acer\Downloads\UnityWebPlayer.exe

Some content of TEMP:
====================
C:\Users\Acer\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Acer\AppData\Local\Temp\BabylonTB.exe
C:\Users\Acer\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Acer\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Acer\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Acer\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Acer\AppData\Local\Temp\ISSetup.dll
C:\Users\Acer\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Acer\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Acer\AppData\Local\Temp\LyricsPal_1060-8101_v122.exe
C:\Users\Acer\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Acer\AppData\Local\Temp\OWS_somoto.exe
C:\Users\Acer\AppData\Local\Temp\ResetDevice.exe
C:\Users\Acer\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Acer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Acer\AppData\Local\Temp\tbedrs.dll
C:\Users\Acer\AppData\Local\Temp\TB_3217.exe
C:\Users\Acer\AppData\Local\Temp\uninst1.exe
C:\Users\Acer\AppData\Local\Temp\Uninstall.exe
C:\Users\Acer\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Acer\AppData\Local\Temp\uttFD77.tmp.exe
C:\Users\Acer\AppData\Local\Temp\_Setup.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-03-30 19:53

==================== End Of Log ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===============================

You're not saying what your computer issues are.
 
Status
Not open for further replies.
Back