which files do you mean?
#16
Posted 10 May 2014 - 02:39 AM
which files do you mean?
#17
Posted 10 May 2014 - 09:21 PM
"C:\Google\AutoIt3.exe /AutoItExecuteScript C:\Google\autoupdate.a3x
C:\GoogleUpdate.lnk
C:\googleupdate.vbs
C:\googleupdate.vbs"
Based on the file attached on my first post.
#18
Posted 11 May 2014 - 02:32 AM
- Run OTL (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the OTL icon and select Run as Administrator).
- Copy (Ctrl+C) and Paste (Ctrl+V) all of the following text into the Custom Scans/Fixes box:
:Commands [CREATERESTOREPOINT] :Files C:\Google C:\GoogleUpdate.lnk C:\googleupdate.vbs C:\googleupdate.vbs :Commands [EMPTYTEMP]
- Click the Run Fix button.
- After your computer has rebooted, run OTL and click Quick Scan.
- Copy and paste the contents of the log that it produces into your next post.
#19
Posted 11 May 2014 - 06:48 PM
OTL logfile created on: 5/12/2014 8:23:58 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ajba\Downloads\Programs
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy
1013.10 Mb Total Physical Memory | 359.62 Mb Available Physical Memory | 35.50% Memory free
1.99 Gb Paging File | 1.25 Gb Available in Paging File | 62.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.78 Gb Total Space | 152.76 Gb Free Space | 69.19% Space Free | Partition Type: NTFS
Computer Name: AJBA-PC | User Name: ajba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/05/12 08:09:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ajba\Downloads\Programs\OTL.exe
PRC - [2013/12/21 14:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/08/02 08:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 10:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/10/10 13:31:28 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
PRC - [2012/09/27 13:59:39 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/06/28 10:46:07 | 000,655,744 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2011/03/14 23:27:28 | 000,271,712 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2011/03/14 23:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/04/12 16:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/10/07 15:49:50 | 001,157,640 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2009/10/03 09:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/10/01 06:47:36 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/10/01 06:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/09/10 21:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 17:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GregHSRW.exe
PRC - [2009/08/24 10:30:12 | 000,107,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\dsiwmis.exe
PRC - [2009/08/04 13:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/10 18:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2009/07/04 10:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 11:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 11:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
========== Modules (No Company Name) ==========
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/10/03 09:48:42 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
========== Services (SafeList) ==========
SRV - [2014/05/09 10:33:22 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/02 00:20:10 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/21 14:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/27 12:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/10/10 13:32:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/10/10 13:31:34 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/10/10 13:31:29 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012/10/10 13:31:28 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/10/10 13:31:27 | 000,619,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2012/08/06 17:33:56 | 000,605,696 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Mobile Partner\eap\wifimansvc.exe -- (wifimansvc)
SRV - [2012/06/28 10:46:07 | 000,655,744 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2011/03/14 23:27:28 | 000,271,712 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2009/10/03 09:48:26 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/10/01 06:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/09/10 21:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 17:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/08/24 10:30:12 | 000,107,016 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2009/07/10 18:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/07/04 10:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/05 11:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - [2013/11/28 08:24:18 | 000,108,000 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013/01/23 10:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013/01/23 10:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013/01/23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013/01/23 10:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012/10/17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/10/10 14:05:28 | 000,112,584 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avfwot.sys -- (avfwot)
DRV - [2012/10/10 14:05:28 | 000,092,008 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avfwim.sys -- (avfwim)
DRV - [2012/09/27 13:59:39 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/09/27 13:59:39 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/09/27 13:59:39 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/08/27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/08/23 22:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 22:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/06/06 11:50:44 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2012/06/06 09:18:34 | 000,377,856 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV - [2012/06/06 09:18:34 | 000,202,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2012/06/06 09:18:34 | 000,199,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012/06/06 09:18:34 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012/06/06 09:18:34 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2012/06/06 09:18:34 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012/06/06 09:18:34 | 000,070,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - [2012/06/06 09:18:34 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2012/06/06 09:18:34 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2010/11/20 17:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/04/12 16:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/11/23 15:30:06 | 000,103,296 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EUCR6SK.sys -- (EUCR)
DRV - [2009/11/06 12:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/04 13:37:44 | 000,054,784 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/08/07 18:18:28 | 000,212,528 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/07/14 07:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/01 12:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009/06/02 19:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009/06/02 19:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/06/02 19:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...94wwk5w4462r119
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...94wwk5w4462r119
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...AW_enSG371SG371
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ajba\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ajba\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/09 10:30:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5 [2013/12/27 21:49:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/05/09 10:30:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5 [2013/12/27 21:49:35 | 000,000,000 | ---D | M]
[2010/04/27 07:29:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ajba\AppData\Roaming\Mozilla\Extensions
[2014/05/08 00:47:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ajba\AppData\Roaming\Mozilla\Firefox\Profiles\woxurmrj.default\extensions
[2014/04/18 20:54:06 | 000,012,026 | ---- | M] () (No name found) -- C:\Users\ajba\AppData\Roaming\Mozilla\Firefox\Profiles\woxurmrj.default\extensions\[email protected]
[2014/05/02 00:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/02 00:20:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: First user (Enabled) = default_plugin
CHR - plugin: Error reading preferences file
CHR - Extension: Entanglement = C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Poppit = C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
O1 HOSTS File: ([2012/10/07 19:28:58 | 000,000,878 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity)
O4 - HKCU..\Run: [Mobile Partner] C:\Program Files\MobileWiFi\MobileWiFi.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0749BF79-8F63-494E-98EB-15AC1D8EDA96}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{447E6596-9381-4BAB-A5C7-3C22EC718380}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56C5CAF8-CB53-463C-BB94-B5067A557FFA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8354670C-EEFD-4C27-AD49-683B6C1067B2}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{890BF8CC-A03E-432D-AAC5-CA4845485612}: NameServer = 203.116.1.94 203.116.254.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E911FC69-4C5B-4B8E-8B55-8C60BE7E584C}: DhcpNameServer = 202.65.247.31 202.65.244.32
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E911FC69-4C5B-4B8E-8B55-8C60BE7E584C}: NameServer = 202.65.247.31 202.65.244.32
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1D5066E-4BA9-4B92-AA64-F735228CAF9F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD996185-7C03-41A9-BF00-2B027EE5B54D}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/05/12 08:11:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/08 09:04:41 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/08 09:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/05/08 09:04:02 | 000,073,432 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/05/08 09:04:02 | 000,051,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/08 09:03:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/05/08 00:03:47 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/07 23:54:09 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/05/02 00:19:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/01/06 06:10:06 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
========== Files - Modified Within 30 Days ==========
[2014/05/12 08:29:45 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/12 08:29:45 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/12 08:21:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/12 08:21:07 | 796,733,440 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/12 08:09:09 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000UA.job
[2014/05/10 15:03:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/09 10:30:07 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/05/09 10:08:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000Core.job
[2014/05/08 22:12:17 | 000,664,780 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/05/08 22:12:17 | 000,125,484 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/05/08 09:06:00 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/08 09:04:13 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/02 00:25:08 | 000,001,994 | ---- | M] () -- C:\Users\ajba\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/04/30 00:23:03 | 000,002,325 | ---- | M] () -- C:\Users\ajba\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2014/05/09 10:30:07 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/05/09 10:30:06 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/05/08 09:04:13 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/19 09:03:21 | 000,145,152 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012/03/25 02:57:08 | 000,000,218 | ---- | C] () -- C:\Users\ajba\.recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 12:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 09:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 09:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010/05/31 01:05:31 | 000,000,000 | -HSD | M] -- C:\Users\ajba\AppData\Roaming\.#
[2014/05/10 15:03:28 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\DMCache
[2011/01/28 14:31:56 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\FXTS2
[2010/03/18 04:25:47 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\GameConsole
[2012/03/25 02:52:21 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\gtk-2.0
[2012/11/05 00:45:11 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\IDM
[2012/10/13 20:59:01 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\Juniper Networks
[2013/12/25 09:53:03 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\Nokia
[2012/03/25 02:47:35 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\Participatory Culture Foundation
[2011/03/10 01:17:54 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\PC Suite
[2012/03/25 02:57:08 | 000,000,000 | ---D | M] -- C:\Users\ajba\AppData\Roaming\PCF-VLC
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 5/12/2014 8:23:58 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ajba\Downloads\Programs
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy
1013.10 Mb Total Physical Memory | 359.62 Mb Available Physical Memory | 35.50% Memory free
1.99 Gb Paging File | 1.25 Gb Available in Paging File | 62.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.78 Gb Total Space | 152.76 Gb Free Space | 69.19% Space Free | Partition Type: NTFS
Computer Name: AJBA-PC | User Name: ajba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{45FFCA74-1CD2-46C5-B4E6-18EE5099E0B4}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{6371641E-2E9E-4785-9598-EC6A7B6F6F85}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{BB2627EA-5691-4EE3-AA51-C23350D4FF13}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{F442B599-DE80-4D3C-BB74-D06EF0AFD6D7}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java 6 Update 32
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 55
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C4ABA28-6781-410C-A8B1-79288E68E6D2}" = BlueStacks
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E05D82D8-FE70-4228-B073-B0C07FE27595}" = iTunes
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}" = Nokia Suite
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"755087041320E005CB1E8A67C5C55A260EB81B90" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Avira AntiVir Desktop" = Avira Internet Security 2012
"BBEC16685668EB1D6F3D05051DD7314B66370C9F" = Windows Driver Package - ENE (EUCR) USB (11/23/2009 5.89.0.62)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"BroadBand on Mobile" = BroadBand on Mobile
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"ESET Online Scanner" = ESET Online Scanner v3
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"Internet Download Manager" = Internet Download Manager
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.7.5 (Full)
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"MCShield" = MCShield ::Anti-Malware Tool::
"MediaMonkey_is1" = MediaMonkey 3.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mobile Partner" = Mobile Partner
"MobileWiFi" = MobileWiFi
"Mozilla Firefox 29.0 (x86 en-GB)" = Mozilla Firefox 29.0 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"Personalization Panel" = Personalization Panel
"Playlist Creator 3.6.2" = Playlist Creator 3.6.2
"PowerISO" = PowerISO
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Acrobat Connect Add-in" = Adobe Acrobat Connect Add-in
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 5/10/2014 3:01:04 AM | Computer Name = ajba-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 5/11/2014 8:04:43 PM | Computer Name = ajba-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Mobile
Partner. OUC service to connect.
Error - 5/11/2014 8:04:43 PM | Computer Name = ajba-PC | Source = Service Control Manager | ID = 7000
Description = The Mobile Partner. OUC service failed to start due to the following
error: %%1053
Error - 5/11/2014 8:05:20 PM | Computer Name = ajba-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.
Error - 5/11/2014 8:05:20 PM | Computer Name = ajba-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
Error - 5/11/2014 8:07:51 PM | Computer Name = ajba-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Microsoft
.NET Framework NGEN v4.0.30319_X86 service to connect.
Error - 5/11/2014 8:21:59 PM | Computer Name = ajba-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Mobile
Partner. OUC service to connect.
Error - 5/11/2014 8:21:59 PM | Computer Name = ajba-PC | Source = Service Control Manager | ID = 7000
Description = The Mobile Partner. OUC service failed to start due to the following
error: %%1053
Error - 5/11/2014 8:22:23 PM | Computer Name = ajba-PC | Source = Service Control Manager | ID = 7024
Description = The Avira Mail Protection service terminated with service-specific
error %%1.
Error - 5/11/2014 8:22:23 PM | Computer Name = ajba-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
< End of report >
#20
Posted 11 May 2014 - 10:52 PM
#21
Posted 12 May 2014 - 06:59 PM
Unfortunately still listed under startup msconfig
#22
Posted 12 May 2014 - 10:54 PM
If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
- Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
- Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
- When the disclaimer appears, click Yes.
- Click Scan to start FRST.
- When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
- Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.
#23
Posted 12 May 2014 - 11:16 PM
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01
Ran by ajba (administrator) on AJBA-PC on 13-05-2014 13:09:48
Running from C:\Users\ajba\Desktop
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Registration\GregHSRW.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Egis Technology Inc.) C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(PowerISO Computing, Inc.) C:\Program Files\PowerISO\PWRISOVM.EXE
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1157640 2009-10-07] (Dritek System Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-09] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [703008 2009-10-01] (Acer Incorporated)
HKLM\...\Run: [EgisTecLiveUpdate] => C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [233472 2009-10-15] (Alps Electric Co., Ltd.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-10-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [Google Update] => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-03-19] (Google Inc.)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3821136 2013-12-16] (Tonec Inc.)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [Mobile Partner] => C:\Program Files\MobileWiFi\MobileWiFi
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-12] (MyCity)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...94wwk5w4462r119
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...94wwk5w4462r119
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...AW_enSG371SG371
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{0749BF79-8F63-494E-98EB-15AC1D8EDA96}: [NameServer]
Tcpip\..\Interfaces\{447E6596-9381-4BAB-A5C7-3C22EC718380}: [NameServer]
Tcpip\..\Interfaces\{8354670C-EEFD-4C27-AD49-683B6C1067B2}: [NameServer]
Tcpip\..\Interfaces\{890BF8CC-A03E-432D-AAC5-CA4845485612}: [NameServer]203.116.1.94 203.116.254.150
Tcpip\..\Interfaces\{E911FC69-4C5B-4B8E-8B55-8C60BE7E584C}: [NameServer]202.65.247.31 202.65.244.32
FireFox:
========
FF ProfilePath: C:\Users\ajba\AppData\Roaming\Mozilla\Firefox\Profiles\woxurmrj.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ajba\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ajba\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Does Amazon Ship to ...? - C:\Users\ajba\AppData\Roaming\Mozilla\Firefox\Profiles\woxurmrj.default\Extensions\[email protected] [2013-03-31]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5 [2013-12-27]
FF HKCU\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5 [2013-12-27]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "sync": {
"suppress_start": true
},
"tabs": {
"use_vertical_tabs"
CHR DefaultSearchKeyword: google.com.sg
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ajba\AppData\Local\Google\Chrome\Application\30.0.1599.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ajba\AppData\Local\Google\Chrome\Application\30.0.1599.66\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\ajba\AppData\Local\Google\Chrome\Application\30.0.1599.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.250.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U25) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (TVU Web Player for FireFox) - C:\Program Files\TVUPlayer\npTVUAx.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\ajba\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Entanglement) - C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-02-19]
CHR Extension: (Poppit) - C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-02-19]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2013-12-15]
CHR StartMenuInternet: Google Chrome - C:\Users\ajba\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 AntiVirFirewallService; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [619472 2012-10-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [375760 2012-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-10-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-10-10] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [727584 2009-10-01] (Acer Incorporated)
R2 Greg_Service; C:\Program Files\Acer\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655744 2012-06-28] ()
S3 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
S3 wifimansvc; C:\Program Files\Mobile Partner\eap\wifimansvc.exe [605696 2012-08-06] ()
==================== Drivers (Whitelisted) ====================
R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [92008 2012-10-10] (Avira GmbH)
R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [112584 2012-10-10] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-09-27] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-09-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2012-09-27] (Avira GmbH)
S3 EUCR; C:\Windows\system32\DRIVERS\EUCR6SK.SYS [103296 2009-11-23] (ENE Technology Inc.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-06-06] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [70016 2012-06-06] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-06-06] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [202752 2012-06-06] (Huawei Technologies Co., Ltd.)
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [18992 2009-06-02] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2009-06-02] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [60976 2009-06-02] (Egis Technology Inc.)
S3 NPF; C:\Windows\System32\drivers\NPF.sys [35088 2012-06-06] (CACE Technologies, Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-13 13:09 - 2014-05-13 13:11 - 00017946 _____ () C:\Users\ajba\Desktop\FRST.txt
2014-05-13 13:09 - 2014-05-13 13:09 - 00000000 ____D () C:\FRST
2014-05-13 13:06 - 2014-05-13 13:06 - 01056256 _____ (Farbar) C:\Users\ajba\Desktop\FRST.exe
2014-05-13 09:02 - 2014-05-13 09:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 08:11 - 2014-05-12 08:11 - 00000000 ____D () C:\_OTL
2014-05-09 10:30 - 2014-05-09 10:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-09 10:30 - 2014-05-09 10:30 - 00001953 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-09 10:00 - 2014-05-09 10:00 - 00000734 _____ () C:\DelFix.txt
2014-05-08 09:45 - 2014-05-08 09:45 - 00001043 _____ () C:\mbam.txt
2014-05-08 09:04 - 2014-05-08 09:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-08 09:04 - 2014-05-08 09:04 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-08 09:04 - 2014-05-08 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-08 09:04 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-08 09:04 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-08 09:03 - 2014-05-08 09:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-08 00:03 - 2014-05-08 00:03 - 00000000 ____D () C:\Windows\ERUNT
2014-05-07 23:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-03 13:36 - 2014-04-29 18:28 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 13:36 - 2014-04-29 18:07 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 12:03 - 2014-05-03 12:03 - 00002370 _____ () C:\Users\ajba\Desktop\fix.txt
2014-05-03 12:00 - 2014-05-03 12:00 - 00000072 _____ () C:\Users\ajba\Desktop\after.txt
2014-04-18 22:01 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-18 22:01 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 22:01 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 22:01 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 21:59 - 2014-04-18 22:01 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-13 22:54 - 2014-03-08 07:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-13 22:54 - 2014-03-08 07:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-13 22:54 - 2014-03-08 07:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-13 22:54 - 2014-03-08 07:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-13 22:54 - 2014-03-08 07:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-13 22:54 - 2014-03-08 07:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-13 22:54 - 2014-03-08 06:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-13 22:54 - 2014-03-08 06:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-13 22:54 - 2014-03-08 06:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-13 22:54 - 2014-03-08 06:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-13 22:54 - 2014-03-08 06:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-13 22:54 - 2014-03-08 06:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-13 22:54 - 2014-03-08 06:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-13 22:54 - 2014-03-08 06:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-13 18:52 - 2014-03-04 17:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
==================== One Month Modified Files and Folders =======
2014-05-13 13:11 - 2014-05-13 13:09 - 00017946 _____ () C:\Users\ajba\Desktop\FRST.txt
2014-05-13 13:09 - 2014-05-13 13:09 - 00000000 ____D () C:\FRST
2014-05-13 13:08 - 2011-01-29 07:24 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000UA.job
2014-05-13 13:07 - 2012-02-27 05:04 - 00000000 ____D () C:\Users\ajba\AppData\Roaming\DMCache
2014-05-13 13:06 - 2014-05-13 13:06 - 01056256 _____ (Farbar) C:\Users\ajba\Desktop\FRST.exe
2014-05-13 13:03 - 2012-04-03 21:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 12:56 - 2009-07-14 12:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 12:56 - 2009-07-14 12:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 12:54 - 2012-05-22 06:30 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-13 12:52 - 2010-03-02 06:28 - 01247780 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 12:50 - 2014-03-24 22:25 - 00000000 ____D () C:\ProgramData\MCShield
2014-05-13 12:48 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-13 12:48 - 2009-07-14 12:39 - 00529624 _____ () C:\Windows\setupact.log
2014-05-13 09:03 - 2014-05-13 09:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 08:11 - 2014-05-12 08:11 - 00000000 ____D () C:\_OTL
2014-05-10 14:18 - 2010-01-06 06:41 - 00807996 _____ () C:\Windows\PFRO.log
2014-05-09 10:33 - 2012-04-03 21:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-09 10:33 - 2011-05-17 06:52 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-09 10:32 - 2014-03-09 07:56 - 00000000 ____D () C:\Users\ajba\AppData\Local\Adobe
2014-05-09 10:30 - 2014-05-09 10:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-09 10:30 - 2014-05-09 10:30 - 00001953 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-09 10:29 - 2010-01-06 06:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-09 10:29 - 2010-01-06 06:38 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-09 10:29 - 2010-01-06 06:38 - 00000000 ____D () C:\Program Files\Adobe
2014-05-09 10:08 - 2011-01-29 07:24 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000Core.job
2014-05-09 10:00 - 2014-05-09 10:00 - 00000734 _____ () C:\DelFix.txt
2014-05-09 10:00 - 2013-03-24 06:06 - 00000000 ____D () C:\Program Files\Trend Micro
2014-05-08 22:12 - 2010-01-06 05:42 - 00778834 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-08 09:45 - 2014-05-08 09:45 - 00001043 _____ () C:\mbam.txt
2014-05-08 09:14 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-05-08 09:06 - 2014-05-08 09:04 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-08 09:04 - 2014-05-08 09:04 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-08 09:04 - 2014-05-08 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-08 09:04 - 2014-05-08 09:03 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-08 09:04 - 2014-01-12 13:44 - 00000000 ____D () C:\Users\ajba\AppData\Roaming\Malwarebytes
2014-05-08 09:04 - 2014-01-12 13:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-08 09:01 - 2011-01-29 02:12 - 00000000 ____D () C:\Users\ajba\AppData\Local\Windows Live
2014-05-08 00:03 - 2014-05-08 00:03 - 00000000 ____D () C:\Windows\ERUNT
2014-05-03 12:03 - 2014-05-03 12:03 - 00002370 _____ () C:\Users\ajba\Desktop\fix.txt
2014-05-03 12:00 - 2014-05-03 12:00 - 00000072 _____ () C:\Users\ajba\Desktop\after.txt
2014-05-03 08:09 - 2012-02-27 05:04 - 00000000 ____D () C:\Users\ajba\Downloads\Video
2014-05-03 07:30 - 2012-02-27 05:04 - 00000000 ____D () C:\Users\ajba\Downloads\Compressed
2014-04-30 00:23 - 2011-01-29 07:25 - 00002325 _____ () C:\Users\ajba\Desktop\Google Chrome.lnk
2014-04-29 18:28 - 2014-05-03 13:36 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 18:07 - 2014-05-03 13:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-18 22:01 - 2014-04-18 21:59 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-18 22:01 - 2013-10-31 16:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 22:01 - 2012-05-01 14:27 - 00000000 ____D () C:\Program Files\Java
2014-04-14 20:13 - 2014-04-18 22:01 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-04-18 22:01 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-14 20:05 - 2014-04-18 22:01 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-14 20:04 - 2014-04-18 22:01 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-13 22:56 - 2010-01-06 06:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-13 22:54 - 2013-07-24 05:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-13 22:34 - 2010-03-21 03:27 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-13 18:42 - 2014-03-24 22:25 - 00000000 ____D () C:\Program Files\MCShield
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-09 10:22
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-05-2014 01
Ran by ajba at 2014-05-13 13:14:08
Running from C:\Users\ajba\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Acer Crystal Eye webcam (HKLM\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 0.933 - liteon)
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer Registration (HKLM\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.2.1026 - Acer Incorporated)
Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Connect Add-in (HKCU\...\Adobe Acrobat Connect Add-in) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.5.2002.1110 - Alps Electric)
Amazonia (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.14 - Atheros Communications Inc.)
Avira Internet Security 2012 (HKLM\...\Avira AntiVir Desktop) (Version: 12.1.9.2500 - Avira)
BlueStacks (HKLM\...\{8C4ABA28-6781-410C-A8B1-79288E68E6D2}) (Version: 0.0.0.0 - BlueStacks)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BroadBand on Mobile (HKLM\...\BroadBand on Mobile) (Version: 11.302.09.30.88 - Huawei Technologies Co.,Ltd)
Chicken Invaders 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
Dream Day First Home (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
First Class Flurry (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version: - Oberon Media)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Granny In Paradise (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
Heroes of Hellas (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2230 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
iTunes (HKLM\...\{E05D82D8-FE70-4228-B073-B0C07FE27595}) (Version: 11.1.1.11 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 6.5.0.16339 - Juniper Networks)
Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.1.4.7717 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.7.5 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
Launch Manager (HKLM\...\LManager) (Version: 3.0.07 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM\...\MCShield) (Version: 3.0.5.28 - MyCity)
MediaMonkey 3.1 (HKLM\...\MediaMonkey_is1) (Version: 3.1 - Ventis Media Inc.)
Merriam Websters Spell Jam (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mobile Partner (HKLM\...\Mobile Partner) (Version: 23.009.05.00.203 - Huawei Technologies Co.,Ltd)
MobileWiFi (HKLM\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.11.05.00 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 29.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-GB)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Personalization Panel (HKLM\...\Personalization Panel) (Version: 2.5 - http://winaero.com/)
Playlist Creator 3.6.2 (HKLM\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
PowerISO (HKLM\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5999 - Realtek Semiconductor Corp.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Welcome Center (HKLM\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\755087041320E005CB1E8A67C5C55A260EB81B90) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - ENE (EUCR) USB (11/23/2009 5.89.0.62) (HKLM\...\BBEC16685668EB1D6F3D05051DD7314B66370C9F) (Version: 11/23/2009 5.89.0.62 - ENE)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
02-05-2014 23:51:27 Removed Rosetta Stone Ltd Services
02-05-2014 23:53:00 Removed Microsoft Office Suite Activation Assistant.
02-05-2014 23:54:48 Removed Microsoft Office PowerPoint Viewer 2007 (English)
03-05-2014 05:36:08 Windows Update
06-05-2014 15:46:37 OTL Restore Point - 5/6/2014 11:46:32 PM
07-05-2014 15:15:34 OTL Restore Point - 5/7/2014 11:15:29 PM
09-05-2014 01:44:47 OTL Restore Point - 5/9/2014 9:44:32 AM
12-05-2014 00:12:35 OTL Restore Point - 5/12/2014 8:12:17 AM
==================== Hosts content: ==========================
2009-07-14 10:04 - 2012-10-07 19:28 - 00000878 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {3FB50A76-B5A1-4CCB-9B7A-787B5CF826FD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2795788979-175850703-175300515-1000
Task: {5E92DF9E-1393-4E2D-BEF3-9132F8BBD620} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000UA => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-19] (Google Inc.)
Task: {72028B3A-907A-4C8C-912F-E0330532D49C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-09] (Adobe Systems Incorporated)
Task: {A85929CC-094F-4AFD-A372-9C5F5E54B4D0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000Core => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000Core.job => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000UA.job => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-10-29 18:41 - 2012-09-27 13:59 - 00398288 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-14 23:27 - 2011-03-14 23:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2009-10-03 09:48 - 2009-10-03 09:48 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2013-02-09 15:36 - 2012-06-28 10:46 - 00655744 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2013-02-09 15:36 - 2009-01-10 18:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-02-09 15:36 - 2009-06-23 02:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-02-09 15:36 - 2010-07-23 12:58 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-02-09 15:36 - 2010-02-10 22:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2013-02-09 15:36 - 2012-06-28 10:34 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2013-02-09 15:36 - 2010-02-10 22:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2014-05-13 09:02 - 2014-05-13 09:02 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2010-09-10 23:22 - 2010-03-16 02:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: AdopeFlash => C:\Google\AutoIt3.exe /AutoIt3ExecuteScript C:\Google\googleupdate.a3x
MSCONFIG\startupreg: AdopeUpdate => C:\Google\GoogleUpdate.lnk
MSCONFIG\startupreg: googleupdate => "C:\Google\googleupdate.vbs"
MSCONFIG\startupreg: googleupdate.exe => "C:\Google\googleupdate.vbs"
MSCONFIG\startupreg: Windows Update => C:\Google\Windowsupdate.lnk
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (05/13/2014 00:49:19 PM) (Source: Service Control Manager) (User: ) (EventID: 7026)
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
Error: (05/13/2014 00:49:19 PM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: The Avira Mail Protection service terminated with service-specific error %%1.
Error: (05/13/2014 00:48:39 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: The Mobile Partner. OUC service failed to start due to the following error:
%%1053
Error: (05/13/2014 00:48:39 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: A timeout was reached (30000 milliseconds) while waiting for the Mobile Partner. OUC service to connect.
Error: (05/13/2014 08:43:14 AM) (Source: Service Control Manager) (User: ) (EventID: 7026)
Description: The following boot-start or system-start driver(s) failed to load:
cdrom
Error: (05/13/2014 08:43:13 AM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: The Avira Mail Protection service terminated with service-specific error %%1.
Error: (05/13/2014 08:42:35 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: The Mobile Partner. OUC service failed to start due to the following error:
%%1053
Error: (05/13/2014 08:42:35 AM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: A timeout was reached (30000 milliseconds) while waiting for the Mobile Partner. OUC service to connect.
Error: (05/12/2014 08:50:12 AM) (Source: NetBT) (User: ) (EventID: 4300)
Description: The driver could not be created.
Error: (05/12/2014 08:50:12 AM) (Source: NetBT) (User: ) (EventID: 4300)
Description: The driver could not be created.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2012-02-23 21:11:14.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-04-05 22:00:26.486
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-04-05 21:59:57.108
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-04-05 21:59:12.594
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-04-05 21:47:16.201
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-02-04 20:19:05.657
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-02-04 20:17:20.020
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-02-04 20:17:07.493
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-02-04 20:14:01.044
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-02-04 19:22:55.981
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 76%
Total physical RAM: 1013.1 MB
Available physical RAM: 235.19 MB
Total Pagefile: 2037.1 MB
Available Pagefile: 986.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.11 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:220.78 GB) (Free:152.63 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: DEBA3BBA)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221 GB) - (Type=07 NTFS)
==================== End Of Log ============================
#24
Posted 13 May 2014 - 09:10 AM
- Please download the attached fixlist.txt file and save it to the same location as FRST
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
- Run FRST.exe/FRST64.exe and press the Fix button just once and wait
- If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
- When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Attached Files
#25
Posted 13 May 2014 - 07:15 PM
Here it goes.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:11-05-2014 01
Ran by ajba at 2014-05-14 09:15:30 Run:1
Running from C:\Users\ajba\Downloads\Programs
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
MSCONFIG\startupreg: googleupdate => "C:\Google\googleupdate.vbs"
MSCONFIG\startupreg: googleupdate.exe => "C:\Google\googleupdate.vbs"
MSCONFIG\startupreg: Windows Update => C:\Google\Windowsupdate.lnk
MSCONFIG\startupreg: AdopeFlash => C:\Google\AutoIt3.exe /AutoIt3ExecuteScript C:\Google\googleupdate.a3x
SearchScopes: HKLM - DefaultScope value is missing.
*****************
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
==== End of Fixlog ====
#26
Posted 14 May 2014 - 05:53 AM
#27
Posted 14 May 2014 - 08:33 AM
Nope. Maybe if i enable them from msconfig before performing fixlist from frst would have a different result?
Edited by xxmaxixx, 14 May 2014 - 08:36 AM.
#28
Posted 14 May 2014 - 08:42 AM
#29
Posted 14 May 2014 - 09:16 PM
Tried yet failed.
#30
Posted 14 May 2014 - 11:03 PM
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users