PLEASE HELP!!!! what should I do next? My FRST log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Acer (administrator) on ACER-PC on 20-06-2014 13:19:49
Running from E:\
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)
The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [623520 2011-02-02] (Zbshareware Lab)
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [969104 2013-01-21] (BitTorrent, Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Google Update] => C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-21] (Google Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Acer\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Facebook Update] => C:\Users\Acer\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-03] (Facebook Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {68b07e37-ee33-11e2-aa47-9cb70da879f9} - E:\Windows\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {8d69285f-ed14-11e2-9264-001e101faa49} - E:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {92a3d4bb-63ef-11e2-84fa-9cb70da879f9} - E:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {b71953cf-ed02-11e2-98e7-9cb70da879f9} - E:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {b71953e7-ed02-11e2-98e7-9cb70da879f9} - F:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {d323995a-e093-11e2-ab6b-9cb70da879f9} - E:\AutoRun.exe
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk
ShortcutTarget: bm.lnk -> C:\Users\Acer\AppData\Local\WixMedia\Browsers Monitor\iexplore_monitor.exe (WixMedia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
==================== Internet (Whitelisted) ====================
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.arabyonline.com/?src=103RDUXX1377239269
URLSearchHook: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
URLSearchHook: HKCU - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
SearchScopes: HKLM-x32 - DefaultScope {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonline.com/search/?q={searchTerms}
SearchScopes: HKLM-x32 - {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonline.com/search/?q={searchTerms}
SearchScopes: HKCU - 651F8C78CFAA4998A7393B3933EBE6C3 URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonline.com/search/?q={searchTerms}
SearchScopes: HKCU - {DD338EAD-E314-4A32-B649-96308072B158} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: FTdownloader V4.0 - {11111111-1111-1111-1111-110311551174} - C:\Program Files (x86)\FTdownloader V4.0\FTdownloader V4.0-bho.dll No File
BHO-x32: GeniusXXBHO Class - {62CE079A-9E67-40B2-A4AB-FD75F6E88B8A} - C:\Program Files (x86)\GeniusXXAddon\GeniusXXIE.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
Toolbar: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{614AD2E6-2093-4556-999A-A6FC93EB3D26}: [NameServer]195.229.241.222 213.42.20.20
FireFox:
========
FF ProfilePath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF NetworkProxy: "no_proxies_on", ""
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Acer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Acer\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Acer\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\user.js
FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\searchplugins\bingp.xml
FF Extension: Lyrics-Pal - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\128 [2013-08-23]
FF Extension: GeniusXX Safe ads - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\addon@geniusinstaller.com [2013-08-23]
FF Extension: Vonteera Safe ads - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\addon@Vonteera.com [2013-08-23]
FF Extension: FT Downloader - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\ftd@ftd.com.xpi [2013-06-26]
FF Extension: Address Bar Search - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-11-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-15]
FF HKCU\...\Firefox\Extensions: [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}] - C:\Program Files (x86)\LyricsPal\128.xpi
Chrome:
=======
CHR HomePage: https://www.google.com/webhp?sourceid=chrome-instant&ion=1&ie=UTF-8&rct=j
CHR StartupUrls: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchKeyword: google.com.ph
CHR Plugin: (Shockwave Flash) - C:\Users\Acer\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Acer\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Acer\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Acer\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojdbdbhbbkpenbmlejjngphokgnp [2014-06-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (uTorrentControl_v2) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda [2013-01-21]
CHR Extension: (AdBlock) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-10]
CHR Extension: (Skype Click to Call) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-28]
CHR Extension: (Google Wallet) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [fckenojfmfijmbkigoajddgondmfhefd] - C:\Program Files (x86)\GeniusXXAddon\GeniusXX-chrome.crx [2013-08-22]
CHR HKCU\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Acer\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojdbdbhbbkpenbmlejjngphokgnp] - C:\Users\Acer\AppData\Local\APN\GoogleCRXs\aaaaojdbdbhbbkpenbmlejjngphokgnp_7.17.2.0.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Acer\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Acer\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [fckenojfmfijmbkigoajddgondmfhefd] - C:\Program Files (x86)\GeniusXXAddon\GeniusXX-chrome.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [lgnbhdnimikkoodkogjlcllngimhlapp] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [pnbbffeddnekkhjmokkhdebbfbibbflc] - C:\Program Files (x86)\LyricsPal\128.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 Etisalat 3G Modem. RunOuc; C:\Program Files (x86)\Etisalat 3G Modem\UpdateDog\ouc.exe [655712 2014-03-04] ()
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-03-12] ()
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-09-21] (Microsoft Corporation) [File not signed]
S2 APNMCP; "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 BBUpdate; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]
S3 EgisTec Ticket Service; "C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe" [X]
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [X]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [X]
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [X]
S2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [X]
S3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [X]
S2 persdwmsrv; "C:\Program Files (x86)\Winreview.ru\Personalization Panel DWM Controller\persdwmsrv.exe" [X]
==================== Drivers (Whitelisted) ====================
S1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-11] (Realtek Semiconductor Corporation )
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
S1 cnafqepc; \??\C:\Windows\system32\drivers\cnafqepc.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 MpNWMon; system32\DRIVERS\MpNWMon.sys [X]
S1 mwlPSDFilter; system32\DRIVERS\mwlPSDFilter.sys [X]
S1 mwlPSDNServ; system32\DRIVERS\mwlPSDNServ.sys [X]
S1 mwlPSDVDisk; system32\DRIVERS\mwlPSDVDisk.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-20 13:16 - 2014-06-20 13:19 - 00000000 ____D () C:\FRST
2014-06-20 13:15 - 2014-06-20 13:15 - 00006396 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-06-20 13:13 - 2014-06-20 13:13 - 00266576 _____ () C:\Windows\Minidump\062014-18330-01.dmp
2014-06-20 12:30 - 2014-06-20 12:30 - 00266576 _____ () C:\Windows\Minidump\062014-19312-01.dmp
2014-06-15 01:46 - 2014-06-15 01:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 22:43 - 2014-06-14 22:44 - 00038976 _____ () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph.htm
2014-06-14 22:43 - 2014-06-14 22:44 - 00000000 ____D () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph_files
2014-06-11 19:47 - 2014-05-08 13:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 19:47 - 2014-05-08 13:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 19:47 - 2014-01-09 06:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-11 01:07 - 2014-06-11 01:07 - 00000000 ____D () C:\ProgramData\Intel
2014-06-11 00:38 - 2013-10-02 04:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-11 00:38 - 2013-10-02 04:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-11 00:38 - 2013-10-02 04:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-11 00:38 - 2013-10-02 03:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-11 00:38 - 2013-10-02 03:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-11 00:38 - 2013-10-02 02:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-11 00:33 - 2012-08-23 18:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-11 00:33 - 2012-08-23 18:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-06-11 00:33 - 2012-08-23 18:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-06-11 00:33 - 2012-08-23 15:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-06-11 00:33 - 2012-08-23 14:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-06-11 00:31 - 2013-09-25 05:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-11 00:31 - 2012-05-04 13:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-06-11 00:11 - 2014-06-11 00:12 - 00000000 ____D () C:\Users\Acer\Desktop\NDS Emulator
2014-06-10 23:35 - 2014-06-10 23:45 - 00000000 ____D () C:\Users\Acer\Desktop\villa teresita
2014-06-10 23:20 - 2014-06-10 23:22 - 00000000 ____D () C:\Users\Acer\Desktop\mommy birthday
2014-06-10 23:19 - 2014-06-10 23:20 - 05841248 _____ (Acer Incorporated) C:\Users\Acer\Downloads\Updaterhotfix.exe
2014-06-10 23:17 - 2014-06-10 23:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-10 23:16 - 2014-06-01 17:17 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-10 23:00 - 2014-06-11 23:47 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-10 22:59 - 2014-06-11 23:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-10 22:56 - 2014-05-30 13:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-10 22:56 - 2014-05-30 13:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-10 22:56 - 2014-05-30 12:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-10 22:56 - 2014-05-30 12:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-10 22:56 - 2014-05-30 12:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-10 22:56 - 2014-05-30 12:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-10 22:56 - 2014-05-30 12:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-10 22:56 - 2014-05-30 12:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-10 22:56 - 2014-05-30 12:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-10 22:56 - 2014-05-30 12:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-10 22:56 - 2014-05-30 12:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-10 22:56 - 2014-05-30 12:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-10 22:56 - 2014-05-30 12:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-10 22:56 - 2014-05-30 12:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-10 22:56 - 2014-05-30 12:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-10 22:56 - 2014-05-30 12:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-10 22:56 - 2014-05-30 11:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-10 22:56 - 2014-05-30 11:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-10 22:56 - 2014-05-30 11:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-10 22:56 - 2014-05-30 11:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-10 22:56 - 2014-05-30 11:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-10 22:56 - 2014-05-30 11:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-10 22:56 - 2014-05-30 11:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-10 22:56 - 2014-05-30 11:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-10 22:50 - 2014-04-25 06:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-10 22:50 - 2014-03-26 18:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-10 22:50 - 2014-03-26 18:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-10 22:50 - 2014-03-26 18:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-10 22:50 - 2014-03-26 18:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\Users\Acer\Desktop\New folder
2014-05-31 19:13 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-31 19:12 - 2014-05-31 19:12 - 00006026 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-31 19:12 - 2014-05-31 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-31 19:12 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-31 19:12 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-31 19:12 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-24 01:54 - 2014-05-24 01:54 - 01070624 _____ (Unity Technologies ApS) C:\Users\Acer\Downloads\UnityWebPlayer.exe
==================== One Month Modified Files and Folders =======
2014-06-21 00:52 - 2009-07-14 07:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-20 13:19 - 2014-06-20 13:16 - 00000000 ____D () C:\FRST
2014-06-20 13:15 - 2014-06-20 13:15 - 00006396 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-06-20 13:13 - 2014-06-20 13:13 - 00266576 _____ () C:\Windows\Minidump\062014-18330-01.dmp
2014-06-20 13:13 - 2014-01-28 20:29 - 169046360 _____ () C:\Windows\MEMORY.DMP
2014-06-20 13:13 - 2014-01-28 20:29 - 00000000 ____D () C:\Windows\Minidump
2014-06-20 12:45 - 2013-01-21 00:48 - 01177128 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 12:30 - 2014-06-20 12:30 - 00266576 _____ () C:\Windows\Minidump\062014-19312-01.dmp
2014-06-20 01:36 - 2013-01-21 01:58 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\uTorrent
2014-06-20 01:26 - 2013-01-21 03:07 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Skype
2014-06-20 01:10 - 2013-02-11 18:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 00:38 - 2013-01-21 03:20 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000UA.job
2014-06-19 23:31 - 2014-05-03 23:26 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000UA.job
2014-06-19 23:31 - 2014-05-03 23:26 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000Core.job
2014-06-19 18:38 - 2013-01-21 03:20 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000Core.job
2014-06-19 17:45 - 2009-07-14 08:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-19 17:45 - 2009-07-14 08:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-19 17:41 - 2009-07-14 09:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-19 17:36 - 2013-01-21 07:43 - 00000000 ____D () C:\ProgramData\clear.fi
2014-06-19 17:35 - 2013-08-23 09:28 - 00000362 _____ () C:\Windows\Tasks\Lyrics-Pal Update.job
2014-06-19 17:35 - 2009-07-14 09:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-19 17:35 - 2009-07-14 08:51 - 00162389 _____ () C:\Windows\setupact.log
2014-06-16 12:58 - 2013-01-21 01:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-15 01:47 - 2014-06-15 01:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 22:44 - 2014-06-14 22:43 - 00038976 _____ () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph.htm
2014-06-14 22:44 - 2014-06-14 22:43 - 00000000 ____D () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph_files
2014-06-12 00:08 - 2013-08-08 09:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 00:08 - 2011-10-14 17:18 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 23:47 - 2014-06-10 23:00 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-11 23:47 - 2014-06-10 22:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-11 23:47 - 2013-01-21 02:23 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-11 23:47 - 2013-01-21 02:22 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-11 12:43 - 2013-01-21 01:55 - 00002325 _____ () C:\Users\Acer\Desktop\Google Chrome.lnk
2014-06-11 01:07 - 2014-06-11 01:07 - 00000000 ____D () C:\ProgramData\Intel
2014-06-11 01:07 - 2009-07-14 07:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-11 00:38 - 2011-10-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-11 00:12 - 2014-06-11 00:11 - 00000000 ____D () C:\Users\Acer\Desktop\NDS Emulator
2014-06-10 23:45 - 2014-06-10 23:35 - 00000000 ____D () C:\Users\Acer\Desktop\villa teresita
2014-06-10 23:22 - 2014-06-10 23:20 - 00000000 ____D () C:\Users\Acer\Desktop\mommy birthday
2014-06-10 23:20 - 2014-06-10 23:19 - 05841248 _____ (Acer Incorporated) C:\Users\Acer\Downloads\Updaterhotfix.exe
2014-06-10 23:20 - 2014-06-10 23:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-10 23:16 - 2013-01-21 00:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 23:15 - 2013-01-21 00:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-10 23:14 - 2014-05-13 20:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\Users\Acer\Desktop\New folder
2014-06-01 17:17 - 2014-06-10 23:16 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-31 23:21 - 2010-11-21 07:47 - 00170238 _____ () C:\Windows\PFRO.log
2014-05-31 19:58 - 2013-01-21 00:58 - 00000000 ____D () C:\ProgramData\Temp
2014-05-31 19:12 - 2014-05-31 19:12 - 00006026 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-31 19:12 - 2014-05-31 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-31 19:12 - 2013-01-21 02:25 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-30 13:18 - 2014-06-10 22:56 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 13:02 - 2014-06-10 22:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 12:44 - 2014-06-10 22:56 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 12:43 - 2014-06-10 22:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 12:42 - 2014-06-10 22:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 12:38 - 2014-06-10 22:56 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 12:34 - 2014-06-10 22:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 12:33 - 2014-06-10 22:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 12:30 - 2014-06-10 22:56 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 12:28 - 2014-06-10 22:56 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 12:27 - 2014-06-10 22:56 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 12:16 - 2014-06-10 22:56 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 12:10 - 2014-06-10 22:56 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 12:06 - 2014-06-10 22:56 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 12:04 - 2014-06-10 22:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 12:02 - 2014-06-10 22:56 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 11:56 - 2014-06-10 22:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 11:54 - 2014-06-10 22:56 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 11:50 - 2014-06-10 22:56 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 11:49 - 2014-06-10 22:56 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 11:40 - 2014-06-10 22:56 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 11:21 - 2014-06-10 22:56 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 11:15 - 2014-06-10 22:56 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 11:13 - 2014-06-10 22:56 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-24 01:54 - 2014-05-24 01:54 - 01070624 _____ (Unity Technologies ApS) C:\Users\Acer\Downloads\UnityWebPlayer.exe
Some content of TEMP:
====================
C:\Users\Acer\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Acer\AppData\Local\Temp\BabylonTB.exe
C:\Users\Acer\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Acer\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Acer\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Acer\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Acer\AppData\Local\Temp\ISSetup.dll
C:\Users\Acer\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Acer\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Acer\AppData\Local\Temp\LyricsPal_1060-8101_v122.exe
C:\Users\Acer\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Acer\AppData\Local\Temp\OWS_somoto.exe
C:\Users\Acer\AppData\Local\Temp\ResetDevice.exe
C:\Users\Acer\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Acer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Acer\AppData\Local\Temp\tbedrs.dll
C:\Users\Acer\AppData\Local\Temp\TB_3217.exe
C:\Users\Acer\AppData\Local\Temp\uninst1.exe
C:\Users\Acer\AppData\Local\Temp\Uninstall.exe
C:\Users\Acer\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Acer\AppData\Local\Temp\uttFD77.tmp.exe
C:\Users\Acer\AppData\Local\Temp\_Setup.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-03-30 19:53
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Acer (administrator) on ACER-PC on 20-06-2014 13:19:49
Running from E:\
Platform: Windows 7 Home Basic Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (minimal)
The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [623520 2011-02-02] (Zbshareware Lab)
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [969104 2013-01-21] (BitTorrent, Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Google Update] => C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-21] (Google Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [BackgroundContainerV2] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Acer\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\Run: [Facebook Update] => C:\Users\Acer\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-03] (Facebook Inc.)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {68b07e37-ee33-11e2-aa47-9cb70da879f9} - E:\Windows\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {8d69285f-ed14-11e2-9264-001e101faa49} - E:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {92a3d4bb-63ef-11e2-84fa-9cb70da879f9} - E:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {b71953cf-ed02-11e2-98e7-9cb70da879f9} - E:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {b71953e7-ed02-11e2-98e7-9cb70da879f9} - F:\AutoRun.exe
HKU\S-1-5-21-887504587-1155301818-3627518366-1000\...\MountPoints2: {d323995a-e093-11e2-ab6b-9cb70da879f9} - E:\AutoRun.exe
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bm.lnk
ShortcutTarget: bm.lnk -> C:\Users\Acer\AppData\Local\WixMedia\Browsers Monitor\iexplore_monitor.exe (WixMedia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
==================== Internet (Whitelisted) ====================
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.arabyonline.com/?src=103RDUXX1377239269
URLSearchHook: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
URLSearchHook: HKCU - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
SearchScopes: HKLM-x32 - DefaultScope {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonline.com/search/?q={searchTerms}
SearchScopes: HKLM-x32 - {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonline.com/search/?q={searchTerms}
SearchScopes: HKCU - 651F8C78CFAA4998A7393B3933EBE6C3 URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} URL = http://www.arabyonline.com/search/?q={searchTerms}
SearchScopes: HKCU - {DD338EAD-E314-4A32-B649-96308072B158} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: FTdownloader V4.0 - {11111111-1111-1111-1111-110311551174} - C:\Program Files (x86)\FTdownloader V4.0\FTdownloader V4.0-bho.dll No File
BHO-x32: GeniusXXBHO Class - {62CE079A-9E67-40B2-A4AB-FD75F6E88B8A} - C:\Program Files (x86)\GeniusXXAddon\GeniusXXIE.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
Toolbar: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Users\Acer\AppData\LocalLow\uTorrentControl_v2\prxtbuTo2.dll (ClientConnect Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{614AD2E6-2093-4556-999A-A6FC93EB3D26}: [NameServer]195.229.241.222 213.42.20.20
FireFox:
========
FF ProfilePath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF NetworkProxy: "no_proxies_on", ""
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Acer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Acer\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Acer\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\user.js
FF SearchPlugin: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\searchplugins\bingp.xml
FF Extension: Lyrics-Pal - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\128 [2013-08-23]
FF Extension: GeniusXX Safe ads - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\addon@geniusinstaller.com [2013-08-23]
FF Extension: Vonteera Safe ads - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\addon@Vonteera.com [2013-08-23]
FF Extension: FT Downloader - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\ftd@ftd.com.xpi [2013-06-26]
FF Extension: Address Bar Search - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\ol5pw457.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-11-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-15]
FF HKCU\...\Firefox\Extensions: [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}] - C:\Program Files (x86)\LyricsPal\128.xpi
Chrome:
=======
CHR HomePage: https://www.google.com/webhp?sourceid=chrome-instant&ion=1&ie=UTF-8&rct=j
CHR StartupUrls: "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP"
CHR DefaultSearchKeyword: google.com.ph
CHR Plugin: (Shockwave Flash) - C:\Users\Acer\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Acer\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Acer\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Acer\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Ask Toolbar) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojdbdbhbbkpenbmlejjngphokgnp [2014-06-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (uTorrentControl_v2) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda [2013-01-21]
CHR Extension: (AdBlock) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-10]
CHR Extension: (Skype Click to Call) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-28]
CHR Extension: (Google Wallet) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [fckenojfmfijmbkigoajddgondmfhefd] - C:\Program Files (x86)\GeniusXXAddon\GeniusXX-chrome.crx [2013-08-22]
CHR HKCU\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Acer\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - C:\ProgramData\AskPartnerNetwork\Toolbar\CME-V7\CRX\ToolbarCR.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojdbdbhbbkpenbmlejjngphokgnp] - C:\Users\Acer\AppData\Local\APN\GoogleCRXs\aaaaojdbdbhbbkpenbmlejjngphokgnp_7.17.2.0.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\Acer\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx [2013-01-21]
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\Acer\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [fckenojfmfijmbkigoajddgondmfhefd] - C:\Program Files (x86)\GeniusXXAddon\GeniusXX-chrome.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [lgnbhdnimikkoodkogjlcllngimhlapp] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [pnbbffeddnekkhjmokkhdebbfbibbflc] - C:\Program Files (x86)\LyricsPal\128.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 Etisalat 3G Modem. RunOuc; C:\Program Files (x86)\Etisalat 3G Modem\UpdateDog\ouc.exe [655712 2014-03-04] ()
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-03-12] ()
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-09-21] (Microsoft Corporation) [File not signed]
S2 APNMCP; "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 BBUpdate; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]
S3 EgisTec Ticket Service; "C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe" [X]
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [X]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [X]
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [X]
S2 MsMpSvc; "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe" [X]
S3 NisSrv; "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe" [X]
S2 persdwmsrv; "C:\Program Files (x86)\Winreview.ru\Personalization Panel DWM Controller\persdwmsrv.exe" [X]
==================== Drivers (Whitelisted) ====================
S1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-11] (Realtek Semiconductor Corporation )
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
S1 cnafqepc; \??\C:\Windows\system32\drivers\cnafqepc.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 MpNWMon; system32\DRIVERS\MpNWMon.sys [X]
S1 mwlPSDFilter; system32\DRIVERS\mwlPSDFilter.sys [X]
S1 mwlPSDNServ; system32\DRIVERS\mwlPSDNServ.sys [X]
S1 mwlPSDVDisk; system32\DRIVERS\mwlPSDVDisk.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-20 13:16 - 2014-06-20 13:19 - 00000000 ____D () C:\FRST
2014-06-20 13:15 - 2014-06-20 13:15 - 00006396 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-06-20 13:13 - 2014-06-20 13:13 - 00266576 _____ () C:\Windows\Minidump\062014-18330-01.dmp
2014-06-20 12:30 - 2014-06-20 12:30 - 00266576 _____ () C:\Windows\Minidump\062014-19312-01.dmp
2014-06-15 01:46 - 2014-06-15 01:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 22:43 - 2014-06-14 22:44 - 00038976 _____ () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph.htm
2014-06-14 22:43 - 2014-06-14 22:44 - 00000000 ____D () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph_files
2014-06-11 19:47 - 2014-05-08 13:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 19:47 - 2014-05-08 13:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 19:47 - 2014-01-09 06:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-11 01:07 - 2014-06-11 01:07 - 00000000 ____D () C:\ProgramData\Intel
2014-06-11 00:38 - 2013-10-02 04:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-11 00:38 - 2013-10-02 04:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-11 00:38 - 2013-10-02 04:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-11 00:38 - 2013-10-02 03:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-11 00:38 - 2013-10-02 03:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-11 00:38 - 2013-10-02 02:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-11 00:33 - 2012-08-23 18:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-11 00:33 - 2012-08-23 18:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-06-11 00:33 - 2012-08-23 18:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-06-11 00:33 - 2012-08-23 15:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-06-11 00:33 - 2012-08-23 14:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-06-11 00:31 - 2013-09-25 05:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-11 00:31 - 2012-05-04 13:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-06-11 00:11 - 2014-06-11 00:12 - 00000000 ____D () C:\Users\Acer\Desktop\NDS Emulator
2014-06-10 23:35 - 2014-06-10 23:45 - 00000000 ____D () C:\Users\Acer\Desktop\villa teresita
2014-06-10 23:20 - 2014-06-10 23:22 - 00000000 ____D () C:\Users\Acer\Desktop\mommy birthday
2014-06-10 23:19 - 2014-06-10 23:20 - 05841248 _____ (Acer Incorporated) C:\Users\Acer\Downloads\Updaterhotfix.exe
2014-06-10 23:17 - 2014-06-10 23:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-10 23:16 - 2014-06-01 17:17 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-10 23:00 - 2014-06-11 23:47 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-10 22:59 - 2014-06-11 23:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-10 22:56 - 2014-05-30 13:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-10 22:56 - 2014-05-30 13:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-10 22:56 - 2014-05-30 12:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-10 22:56 - 2014-05-30 12:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-10 22:56 - 2014-05-30 12:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-10 22:56 - 2014-05-30 12:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-10 22:56 - 2014-05-30 12:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-10 22:56 - 2014-05-30 12:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-10 22:56 - 2014-05-30 12:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-10 22:56 - 2014-05-30 12:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-10 22:56 - 2014-05-30 12:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-10 22:56 - 2014-05-30 12:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-10 22:56 - 2014-05-30 12:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-10 22:56 - 2014-05-30 12:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-10 22:56 - 2014-05-30 12:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-10 22:56 - 2014-05-30 12:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-10 22:56 - 2014-05-30 11:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-10 22:56 - 2014-05-30 11:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-10 22:56 - 2014-05-30 11:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-10 22:56 - 2014-05-30 11:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-10 22:56 - 2014-05-30 11:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-10 22:56 - 2014-05-30 11:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-10 22:56 - 2014-05-30 11:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-10 22:56 - 2014-05-30 11:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-10 22:50 - 2014-04-25 06:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-10 22:50 - 2014-03-26 18:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-10 22:50 - 2014-03-26 18:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-10 22:50 - 2014-03-26 18:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-10 22:50 - 2014-03-26 18:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\Users\Acer\Desktop\New folder
2014-05-31 19:13 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-31 19:12 - 2014-05-31 19:12 - 00006026 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-31 19:12 - 2014-05-31 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-31 19:12 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-31 19:12 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-31 19:12 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-24 01:54 - 2014-05-24 01:54 - 01070624 _____ (Unity Technologies ApS) C:\Users\Acer\Downloads\UnityWebPlayer.exe
==================== One Month Modified Files and Folders =======
2014-06-21 00:52 - 2009-07-14 07:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-20 13:19 - 2014-06-20 13:16 - 00000000 ____D () C:\FRST
2014-06-20 13:15 - 2014-06-20 13:15 - 00006396 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-06-20 13:13 - 2014-06-20 13:13 - 00266576 _____ () C:\Windows\Minidump\062014-18330-01.dmp
2014-06-20 13:13 - 2014-01-28 20:29 - 169046360 _____ () C:\Windows\MEMORY.DMP
2014-06-20 13:13 - 2014-01-28 20:29 - 00000000 ____D () C:\Windows\Minidump
2014-06-20 12:45 - 2013-01-21 00:48 - 01177128 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 12:30 - 2014-06-20 12:30 - 00266576 _____ () C:\Windows\Minidump\062014-19312-01.dmp
2014-06-20 01:36 - 2013-01-21 01:58 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\uTorrent
2014-06-20 01:26 - 2013-01-21 03:07 - 00000000 ____D () C:\Users\Acer\AppData\Roaming\Skype
2014-06-20 01:10 - 2013-02-11 18:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 00:38 - 2013-01-21 03:20 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000UA.job
2014-06-19 23:31 - 2014-05-03 23:26 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000UA.job
2014-06-19 23:31 - 2014-05-03 23:26 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000Core.job
2014-06-19 18:38 - 2013-01-21 03:20 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-887504587-1155301818-3627518366-1000Core.job
2014-06-19 17:45 - 2009-07-14 08:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-19 17:45 - 2009-07-14 08:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-19 17:41 - 2009-07-14 09:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-19 17:36 - 2013-01-21 07:43 - 00000000 ____D () C:\ProgramData\clear.fi
2014-06-19 17:35 - 2013-08-23 09:28 - 00000362 _____ () C:\Windows\Tasks\Lyrics-Pal Update.job
2014-06-19 17:35 - 2009-07-14 09:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-19 17:35 - 2009-07-14 08:51 - 00162389 _____ () C:\Windows\setupact.log
2014-06-16 12:58 - 2013-01-21 01:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-15 01:47 - 2014-06-15 01:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 22:44 - 2014-06-14 22:43 - 00038976 _____ () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph.htm
2014-06-14 22:44 - 2014-06-14 22:43 - 00000000 ____D () C:\Users\Acer\Downloads\Ab Rocket Sports & Recreation for sale Cebu AyosDito.ph_files
2014-06-12 00:08 - 2013-08-08 09:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-12 00:08 - 2011-10-14 17:18 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 23:47 - 2014-06-10 23:00 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-11 23:47 - 2014-06-10 22:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-11 23:47 - 2013-01-21 02:23 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-11 23:47 - 2013-01-21 02:22 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-11 12:43 - 2013-01-21 01:55 - 00002325 _____ () C:\Users\Acer\Desktop\Google Chrome.lnk
2014-06-11 01:07 - 2014-06-11 01:07 - 00000000 ____D () C:\ProgramData\Intel
2014-06-11 01:07 - 2009-07-14 07:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-11 00:38 - 2011-10-14 16:31 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-11 00:12 - 2014-06-11 00:11 - 00000000 ____D () C:\Users\Acer\Desktop\NDS Emulator
2014-06-10 23:45 - 2014-06-10 23:35 - 00000000 ____D () C:\Users\Acer\Desktop\villa teresita
2014-06-10 23:22 - 2014-06-10 23:20 - 00000000 ____D () C:\Users\Acer\Desktop\mommy birthday
2014-06-10 23:20 - 2014-06-10 23:19 - 05841248 _____ (Acer Incorporated) C:\Users\Acer\Downloads\Updaterhotfix.exe
2014-06-10 23:20 - 2014-06-10 23:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-10 23:16 - 2013-01-21 00:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-10 23:15 - 2013-01-21 00:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-10 23:14 - 2014-05-13 20:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\Users\Acer\Desktop\New folder
2014-06-01 17:17 - 2014-06-10 23:16 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-31 23:21 - 2010-11-21 07:47 - 00170238 _____ () C:\Windows\PFRO.log
2014-05-31 19:58 - 2013-01-21 00:58 - 00000000 ____D () C:\ProgramData\Temp
2014-05-31 19:12 - 2014-05-31 19:12 - 00006026 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-05-31 19:12 - 2014-05-31 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-31 19:12 - 2013-01-21 02:25 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-30 13:18 - 2014-06-10 22:56 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 13:02 - 2014-06-10 22:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 12:44 - 2014-06-10 22:56 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 12:43 - 2014-06-10 22:56 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 12:42 - 2014-06-10 22:56 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 12:38 - 2014-06-10 22:56 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 12:34 - 2014-06-10 22:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 12:33 - 2014-06-10 22:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 12:30 - 2014-06-10 22:56 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 12:28 - 2014-06-10 22:56 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 12:27 - 2014-06-10 22:56 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 12:16 - 2014-06-10 22:56 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 12:10 - 2014-06-10 22:56 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 12:06 - 2014-06-10 22:56 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 12:04 - 2014-06-10 22:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 12:02 - 2014-06-10 22:56 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 11:56 - 2014-06-10 22:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 11:54 - 2014-06-10 22:56 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 11:50 - 2014-06-10 22:56 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 11:49 - 2014-06-10 22:56 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 11:40 - 2014-06-10 22:56 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 11:21 - 2014-06-10 22:56 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 11:15 - 2014-06-10 22:56 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 11:13 - 2014-06-10 22:56 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-24 01:54 - 2014-05-24 01:54 - 01070624 _____ (Unity Technologies ApS) C:\Users\Acer\Downloads\UnityWebPlayer.exe
Some content of TEMP:
====================
C:\Users\Acer\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Acer\AppData\Local\Temp\BabylonTB.exe
C:\Users\Acer\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Acer\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Acer\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Acer\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Acer\AppData\Local\Temp\ISSetup.dll
C:\Users\Acer\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Acer\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Acer\AppData\Local\Temp\LyricsPal_1060-8101_v122.exe
C:\Users\Acer\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Acer\AppData\Local\Temp\OWS_somoto.exe
C:\Users\Acer\AppData\Local\Temp\ResetDevice.exe
C:\Users\Acer\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Acer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Acer\AppData\Local\Temp\tbedrs.dll
C:\Users\Acer\AppData\Local\Temp\TB_3217.exe
C:\Users\Acer\AppData\Local\Temp\uninst1.exe
C:\Users\Acer\AppData\Local\Temp\Uninstall.exe
C:\Users\Acer\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Acer\AppData\Local\Temp\uttFD77.tmp.exe
C:\Users\Acer\AppData\Local\Temp\_Setup.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-03-30 19:53
==================== End Of Log ============================