Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Unable to delete startup entry [Solved]

Started by xxmaxixx , May 04 2014 12:57 AM

Auto It EXE

This topic is locked

#31
xxmaxixx

Posted 15 May 2014 - 03:12 AM

Member

Topic Starter
Member
108 posts

After enabling from msconfig autoit entries are still present.

#32
Machiavelli

Posted 15 May 2014 - 08:18 AM

GeekU Moderator

GeekU Moderator
4,722 posts

Let them enabled an do this:

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here

Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
When the disclaimer appears, click Yes.
Click Scan to start FRST.
When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

#33
xxmaxixx

Posted 15 May 2014 - 09:56 PM

Member

Topic Starter
Member
108 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-05-2014
Ran by ajba (administrator) on AJBA-PC on 16-05-2014 11:50:21
Running from C:\Users\ajba\Downloads\Programs
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Registration\GregHSRW.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Egis Technology Inc.) C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(PowerISO Computing, Inc.) C:\Program Files\PowerISO\PWRISOVM.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1157640 2009-10-07] (Dritek System Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-09] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [703008 2009-10-01] (Acer Incorporated)
HKLM\...\Run: [EgisTecLiveUpdate] => C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [233472 2009-10-15] (Alps Electric Co., Ltd.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-10-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [Google Update] => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-03-19] (Google Inc.)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3821136 2013-12-16] (Tonec Inc.)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [Mobile Partner] => C:\Program Files\MobileWiFi\MobileWiFi
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-12] (MyCity)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [Windows Update] => C:\Google\Windowsupdate.lnk
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [googleupdate.exe] => "C:\Google\googleupdate.vbs"
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [googleupdate] => "C:\Google\googleupdate.vbs"
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [AdopeUpdate] => C:\Google\GoogleUpdate.lnk
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [AdopeFlash] => C:\Google\AutoIt3.exe /AutoIt3ExecuteScript C:\Google\googleupdate.a3x
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\MountPoints2: {52599e50-4e4d-11e3-8046-705ab63e0fd8} - D:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...94wwk5w4462r119
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...94wwk5w4462r119
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...AW_enSG371SG371
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0749BF79-8F63-494E-98EB-15AC1D8EDA96}: [NameServer]
Tcpip\..\Interfaces\{447E6596-9381-4BAB-A5C7-3C22EC718380}: [NameServer]
Tcpip\..\Interfaces\{8354670C-EEFD-4C27-AD49-683B6C1067B2}: [NameServer]
Tcpip\..\Interfaces\{890BF8CC-A03E-432D-AAC5-CA4845485612}: [NameServer]203.116.1.94 203.116.254.150
Tcpip\..\Interfaces\{E911FC69-4C5B-4B8E-8B55-8C60BE7E584C}: [NameServer]202.65.247.31 202.65.244.32

FireFox:
========
FF ProfilePath: C:\Users\ajba\AppData\Roaming\Mozilla\Firefox\Profiles\woxurmrj.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ajba\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ajba\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Does Amazon Ship to ...? - C:\Users\ajba\AppData\Roaming\Mozilla\Firefox\Profiles\woxurmrj.default\Extensions\[email protected] [2013-03-31]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5 [2013-12-27]
FF HKCU\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5 [2013-12-27]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "sync": {
       "suppress_start": true
   },
   "tabs": {
       "use_vertical_tabs"
CHR DefaultSearchKeyword: google.com.sg
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ajba\AppData\Local\Google\Chrome\Application\30.0.1599.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ajba\AppData\Local\Google\Chrome\Application\30.0.1599.66\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\ajba\AppData\Local\Google\Chrome\Application\30.0.1599.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.250.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U25) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (MicrosoftÂ® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (TVU Web Player for FireFox) - C:\Program Files\TVUPlayer\npTVUAx.dll No File
CHR Plugin: (Windows LiveÂ™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\ajba\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Entanglement) - C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-02-19]
CHR Extension: (Poppit) - C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-02-19]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2013-12-15]
CHR StartMenuInternet: Google Chrome - C:\Users\ajba\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AntiVirFirewallService; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [619472 2012-10-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [375760 2012-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-10-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-10-10] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [727584 2009-10-01] (Acer Incorporated)
R2 Greg_Service; C:\Program Files\Acer\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655744 2012-06-28] ()
S3 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
S3 wifimansvc; C:\Program Files\Mobile Partner\eap\wifimansvc.exe [605696 2012-08-06] ()

==================== Drivers (Whitelisted) ====================

R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [92008 2012-10-10] (Avira GmbH)
R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [112584 2012-10-10] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-09-27] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-09-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2012-09-27] (Avira GmbH)
S3 EUCR; C:\Windows\system32\DRIVERS\EUCR6SK.SYS [103296 2009-11-23] (ENE Technology Inc.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-06-06] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [70016 2012-06-06] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-06-06] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [202752 2012-06-06] (Huawei Technologies Co., Ltd.)
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [18992 2009-06-02] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2009-06-02] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [60976 2009-06-02] (Egis Technology Inc.)
S3 NPF; C:\Windows\System32\drivers\NPF.sys [35088 2012-06-06] (CACE Technologies, Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-15 11:50 - 2014-05-15 11:50 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 11:49 - 2014-05-06 07:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 11:49 - 2014-05-06 07:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 11:49 - 2014-05-06 07:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 11:10 - 2014-04-12 10:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 11:10 - 2014-04-12 10:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 11:10 - 2014-04-12 10:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 11:10 - 2014-04-12 10:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 11:10 - 2014-04-12 10:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 11:10 - 2014-04-12 10:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 11:10 - 2014-04-12 10:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 11:10 - 2014-03-04 17:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-15 11:10 - 2014-03-04 17:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 11:10 - 2014-03-04 17:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 11:10 - 2014-03-04 17:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 11:03 - 2014-03-25 10:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 11:00 - 2014-05-15 11:00 - 00000366 _____ () C:\Users\ajba\Downloads\fixlist(1).txt
2014-05-14 09:08 - 2014-05-14 09:08 - 00000366 _____ () C:\Users\ajba\Downloads\fixlist.txt
2014-05-13 13:14 - 2014-05-13 13:16 - 00028244 _____ () C:\Users\ajba\Desktop\Addition.txt
2014-05-13 13:09 - 2014-05-16 11:50 - 00000000 ____D () C:\FRST
2014-05-13 13:09 - 2014-05-13 13:15 - 00028445 _____ () C:\Users\ajba\Desktop\FRST.txt
2014-05-13 13:06 - 2014-05-13 13:06 - 01056256 _____ (Farbar) C:\Users\ajba\Desktop\FRST.exe
2014-05-13 09:02 - 2014-05-13 09:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 08:11 - 2014-05-12 08:11 - 00000000 ____D () C:\_OTL
2014-05-09 10:30 - 2014-05-09 10:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-09 10:30 - 2014-05-09 10:30 - 00001953 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-09 10:00 - 2014-05-09 10:00 - 00000734 _____ () C:\DelFix.txt
2014-05-08 09:45 - 2014-05-08 09:45 - 00001043 _____ () C:\mbam.txt
2014-05-08 09:04 - 2014-05-14 14:26 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-08 09:04 - 2014-05-08 09:04 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-08 09:04 - 2014-05-08 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-08 09:04 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-08 09:04 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-08 09:03 - 2014-05-08 09:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-08 00:03 - 2014-05-08 00:03 - 00000000 ____D () C:\Windows\ERUNT
2014-05-07 23:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-03 12:03 - 2014-05-03 12:03 - 00002370 _____ () C:\Users\ajba\Desktop\fix.txt
2014-05-03 12:00 - 2014-05-03 12:00 - 00000072 _____ () C:\Users\ajba\Desktop\after.txt
2014-04-18 22:01 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-18 22:01 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 22:01 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 22:01 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 21:59 - 2014-04-18 22:01 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

==================== One Month Modified Files and Folders =======

2014-05-16 11:50 - 2014-05-13 13:09 - 00000000 ____D () C:\FRST
2014-05-16 11:08 - 2011-01-29 07:24 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000UA.job
2014-05-16 11:03 - 2012-04-03 21:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-16 10:40 - 2010-03-02 06:28 - 01669200 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 10:08 - 2011-01-29 07:24 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000Core.job
2014-05-16 09:59 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\rescache
2014-05-16 09:27 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-16 09:22 - 2009-07-14 12:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-16 09:22 - 2009-07-14 12:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-16 08:54 - 2014-03-24 22:25 - 00000000 ____D () C:\ProgramData\MCShield
2014-05-16 08:50 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 08:48 - 2009-07-14 12:39 - 00530184 _____ () C:\Windows\setupact.log
2014-05-15 12:14 - 2010-01-06 05:42 - 00784900 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-15 12:11 - 2013-07-24 05:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 11:51 - 2010-03-21 03:27 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 11:51 - 2010-01-06 06:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 11:50 - 2014-05-15 11:50 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 11:40 - 2012-02-27 05:04 - 00000000 ____D () C:\Users\ajba\AppData\Roaming\DMCache
2014-05-15 11:03 - 2012-04-03 21:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-15 11:03 - 2011-05-17 06:52 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-15 11:00 - 2014-05-15 11:00 - 00000366 _____ () C:\Users\ajba\Downloads\fixlist(1).txt
2014-05-14 14:26 - 2014-05-08 09:04 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-14 10:05 - 2010-01-06 06:41 - 00808346 _____ () C:\Windows\PFRO.log
2014-05-14 09:08 - 2014-05-14 09:08 - 00000366 _____ () C:\Users\ajba\Downloads\fixlist.txt
2014-05-13 17:24 - 2012-05-22 06:30 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-13 13:16 - 2014-05-13 13:14 - 00028244 _____ () C:\Users\ajba\Desktop\Addition.txt
2014-05-13 13:15 - 2014-05-13 13:09 - 00028445 _____ () C:\Users\ajba\Desktop\FRST.txt
2014-05-13 13:06 - 2014-05-13 13:06 - 01056256 _____ (Farbar) C:\Users\ajba\Desktop\FRST.exe
2014-05-13 09:03 - 2014-05-13 09:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 08:11 - 2014-05-12 08:11 - 00000000 ____D () C:\_OTL
2014-05-09 10:32 - 2014-03-09 07:56 - 00000000 ____D () C:\Users\ajba\AppData\Local\Adobe
2014-05-09 10:30 - 2014-05-09 10:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-09 10:30 - 2014-05-09 10:30 - 00001953 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-09 10:29 - 2010-01-06 06:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-09 10:29 - 2010-01-06 06:38 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-09 10:29 - 2010-01-06 06:38 - 00000000 ____D () C:\Program Files\Adobe
2014-05-09 10:00 - 2014-05-09 10:00 - 00000734 _____ () C:\DelFix.txt
2014-05-09 10:00 - 2013-03-24 06:06 - 00000000 ____D () C:\Program Files\Trend Micro
2014-05-08 09:45 - 2014-05-08 09:45 - 00001043 _____ () C:\mbam.txt
2014-05-08 09:14 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-05-08 09:04 - 2014-05-08 09:04 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-08 09:04 - 2014-05-08 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-08 09:04 - 2014-05-08 09:03 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-08 09:04 - 2014-01-12 13:44 - 00000000 ____D () C:\Users\ajba\AppData\Roaming\Malwarebytes
2014-05-08 09:04 - 2014-01-12 13:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-08 09:01 - 2011-01-29 02:12 - 00000000 ____D () C:\Users\ajba\AppData\Local\Windows Live
2014-05-08 00:03 - 2014-05-08 00:03 - 00000000 ____D () C:\Windows\ERUNT
2014-05-06 07:32 - 2014-05-15 11:49 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-15 11:49 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 07:14 - 2014-05-15 11:49 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-03 12:03 - 2014-05-03 12:03 - 00002370 _____ () C:\Users\ajba\Desktop\fix.txt
2014-05-03 12:00 - 2014-05-03 12:00 - 00000072 _____ () C:\Users\ajba\Desktop\after.txt
2014-05-03 08:09 - 2012-02-27 05:04 - 00000000 ____D () C:\Users\ajba\Downloads\Video
2014-05-03 07:30 - 2012-02-27 05:04 - 00000000 ____D () C:\Users\ajba\Downloads\Compressed
2014-04-30 00:23 - 2011-01-29 07:25 - 00002325 _____ () C:\Users\ajba\Desktop\Google Chrome.lnk
2014-04-18 22:01 - 2014-04-18 21:59 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-18 22:01 - 2013-10-31 16:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 22:01 - 2012-05-01 14:27 - 00000000 ____D () C:\Program Files\Java

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-15 11:10] - [2014-03-04 17:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-09 10:22

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:15-05-2014
Ran by ajba at 2014-05-16 11:53:11
Running from C:\Users\ajba\Downloads\Programs
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Acer Crystal Eye webcam (HKLM\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 0.933 - liteon)
Acer ePower Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer Registration (HKLM\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.2.1026 - Acer Incorporated)
Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acer VCM (HKLM\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Connect Add-in (HKCU\...\Adobe Acrobat Connect Add-in) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.5.2002.1110 - Alps Electric)
Amazonia (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.14 - Atheros Communications Inc.)
Avira Internet Security 2012 (HKLM\...\Avira AntiVir Desktop) (Version: 12.1.9.2500 - Avira)
BlueStacks (HKLM\...\{8C4ABA28-6781-410C-A8B1-79288E68E6D2}) (Version: 0.0.0.0 - BlueStacks)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BroadBand on Mobile (HKLM\...\BroadBand on Mobile) (Version: 11.302.09.30.88 - Huawei Technologies Co.,Ltd)
Chicken Invaders 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
Dream Day First Home (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
First Class Flurry (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version: - Oberon Media)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Granny In Paradise (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
Heroes of Hellas (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2230 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
iTunes (HKLM\...\{E05D82D8-FE70-4228-B073-B0C07FE27595}) (Version: 11.1.1.11 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 6.5.0.16339 - Juniper Networks)
Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.1.4.7717 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.7.5 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
Launch Manager (HKLM\...\LManager) (Version: 3.0.07 - Acer Inc.)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM\...\MCShield) (Version: 3.0.5.28 - MyCity)
MediaMonkey 3.1 (HKLM\...\MediaMonkey_is1) (Version: 3.1 - Ventis Media Inc.)
Merriam Websters Spell Jam (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mobile Partner (HKLM\...\Mobile Partner) (Version: 23.009.05.00.203 - Huawei Technologies Co.,Ltd)
MobileWiFi (HKLM\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.11.05.00 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 29.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 29.0.1 (x86 en-GB)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Personalization Panel (HKLM\...\Personalization Panel) (Version: 2.5 - http://winaero.com/)
Playlist Creator 3.6.2 (HKLM\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
PowerISO (HKLM\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5999 - Realtek Semiconductor Corp.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Welcome Center (HKLM\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\755087041320E005CB1E8A67C5C55A260EB81B90) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - ENE (EUCR) USB (11/23/2009 5.89.0.62) (HKLM\...\BBEC16685668EB1D6F3D05051DD7314B66370C9F) (Version: 11/23/2009 5.89.0.62 - ENE)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )

==================== Restore Points =========================

07-05-2014 15:15:34 OTL Restore Point - 5/7/2014 11:15:29 PM
09-05-2014 01:44:47 OTL Restore Point - 5/9/2014 9:44:32 AM
12-05-2014 00:12:35 OTL Restore Point - 5/12/2014 8:12:17 AM
15-05-2014 03:39:32 Windows Update
16-05-2014 00:56:08 Windows Update

==================== Hosts content: ==========================

2009-07-14 10:04 - 2012-10-07 19:28 - 00000878 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {5E92DF9E-1393-4E2D-BEF3-9132F8BBD620} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000UA => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-19] (Google Inc.)
Task: {72028B3A-907A-4C8C-912F-E0330532D49C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {A85929CC-094F-4AFD-A372-9C5F5E54B4D0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000Core => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000Core.job => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000UA.job => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-29 18:41 - 2012-09-27 13:59 - 00398288 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-14 23:27 - 2011-03-14 23:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2013-02-09 15:36 - 2012-06-28 10:46 - 00655744 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2013-02-09 15:36 - 2009-01-10 18:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2013-02-09 15:36 - 2009-06-23 02:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2013-02-09 15:36 - 2010-07-23 12:58 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2013-02-09 15:36 - 2010-02-10 22:10 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2013-02-09 15:36 - 2012-06-28 10:34 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2013-02-09 15:36 - 2010-02-10 22:06 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2009-10-03 09:48 - 2009-10-03 09:48 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-09-10 23:22 - 2010-03-16 02:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-13 09:02 - 2014-05-13 09:02 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2014 09:56:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2014 09:56:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2014 09:56:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2014 09:56:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2014 09:56:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2014 09:55:42 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2014 09:53:39 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (05/16/2014 09:53:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2014 09:52:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/16/2014 09:52:41 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (05/16/2014 08:51:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (05/16/2014 08:51:08 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Mail Protection service terminated with service-specific error %%1.

Error: (05/16/2014 08:50:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobile Partner. OUC service failed to start due to the following error:
%%1053

Error: (05/16/2014 08:50:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Mobile Partner. OUC service to connect.

Error: (05/16/2014 08:50:00 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Audio service hung on starting.

Error: (05/15/2014 11:06:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (05/15/2014 11:06:42 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Mail Protection service terminated with service-specific error %%1.

Error: (05/15/2014 11:05:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobile Partner. OUC service failed to start due to the following error:
%%1053

Error: (05/15/2014 11:05:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Mobile Partner. OUC service to connect.

Error: (05/15/2014 10:52:42 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-02-23 21:11:14.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-04-05 22:00:26.486
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-04-05 21:59:57.108
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-04-05 21:59:12.594
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-04-05 21:47:16.201
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-02-04 20:19:05.657
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-02-04 20:17:20.020
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-02-04 20:17:07.493
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-02-04 20:14:01.044
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-02-04 19:22:55.981
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 1013.1 MB
Available physical RAM: 375.15 MB
Total Pagefile: 2037.1 MB
Available Pagefile: 904.47 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.23 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:220.78 GB) (Free:158.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: DEBA3BBA)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#34
Machiavelli

Posted 16 May 2014 - 05:01 AM

GeekU Moderator

GeekU Moderator
4,722 posts

Hey,

C:\Users\ajba\Downloads\Programs

Please move FRST to your Desktop ...

Step 1: FRST Fix

Please download the attached fixlist.txt file and save it to the same location as FRST

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST.exe/FRST64.exe and press the Fix button just once and wait
If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

Step 2: FRST Scan

Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
Click Scan to start FRST.
When FRST finishes scanning, a log, FRST.txt, will open.
Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

Attached Files

fixlist.txt 705bytes 211 downloads

#35
xxmaxixx

Posted 16 May 2014 - 10:26 AM

Member

Topic Starter
Member
108 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:15-05-2014
Ran by ajba at 2014-05-17 00:26:04 Run:3
Running from C:\Users\ajba\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [Windows Update] => C:\Google\Windowsupdate.lnk
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [googleupdate.exe] => "C:\Google\googleupdate.vbs"
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [googleupdate] => "C:\Google\googleupdate.vbs"
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [AdopeUpdate] => C:\Google\GoogleUpdate.lnk
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [AdopeFlash] => C:\Google\AutoIt3.exe /AutoIt3ExecuteScript C:\Google\googleupdate.a3x
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\MountPoints2: {52599e50-4e4d-11e3-8046-705ab63e0fd8} - D:\AutoRun.exe
C:\Google
*****************

HKU\S-1-5-21-2795788979-175850703-175300515-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update => Value deleted successfully.
HKU\S-1-5-21-2795788979-175850703-175300515-1000\Software\Microsoft\Windows\CurrentVersion\Run\\googleupdate.exe => Value deleted successfully.
HKU\S-1-5-21-2795788979-175850703-175300515-1000\Software\Microsoft\Windows\CurrentVersion\Run\\googleupdate => Value deleted successfully.
HKU\S-1-5-21-2795788979-175850703-175300515-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdopeUpdate => Value deleted successfully.
HKU\S-1-5-21-2795788979-175850703-175300515-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdopeFlash => Value deleted successfully.
HKU\S-1-5-21-2795788979-175850703-175300515-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52599e50-4e4d-11e3-8046-705ab63e0fd8} => Key deleted successfully.
HKCR\CLSID\{52599e50-4e4d-11e3-8046-705ab63e0fd8} => Key not found.
"C:\Google" => File/Directory not found.

==== End of Fixlog ====

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-05-2014
Ran by ajba (administrator) on AJBA-PC on 17-05-2014 00:27:18
Running from C:\Users\ajba\Desktop
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Registration\GregHSRW.exe
() C:\ProgramData\DatacardService\HWDeviceService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Egis Technology Inc.) C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(PowerISO Computing, Inc.) C:\Program Files\PowerISO\PWRISOVM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1157640 2009-10-07] (Dritek System Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-09] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [703008 2009-10-01] (Acer Incorporated)
HKLM\...\Run: [EgisTecLiveUpdate] => C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [233472 2009-10-15] (Alps Electric Co., Ltd.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-10-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [Google Update] => C:\Users\ajba\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-03-19] (Google Inc.)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3821136 2013-12-16] (Tonec Inc.)
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [Mobile Partner] => C:\Program Files\MobileWiFi\MobileWiFi
HKU\S-1-5-21-2795788979-175850703-175300515-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-12] (MyCity)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...94wwk5w4462r119
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...94wwk5w4462r119
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...AW_enSG371SG371
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0749BF79-8F63-494E-98EB-15AC1D8EDA96}: [NameServer]
Tcpip\..\Interfaces\{447E6596-9381-4BAB-A5C7-3C22EC718380}: [NameServer]
Tcpip\..\Interfaces\{8354670C-EEFD-4C27-AD49-683B6C1067B2}: [NameServer]
Tcpip\..\Interfaces\{890BF8CC-A03E-432D-AAC5-CA4845485612}: [NameServer]203.116.1.94 203.116.254.150
Tcpip\..\Interfaces\{E911FC69-4C5B-4B8E-8B55-8C60BE7E584C}: [NameServer]202.65.247.31 202.65.244.32

FireFox:
========
FF ProfilePath: C:\Users\ajba\AppData\Roaming\Mozilla\Firefox\Profiles\woxurmrj.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ajba\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ajba\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Does Amazon Ship to ...? - C:\Users\ajba\AppData\Roaming\Mozilla\Firefox\Profiles\woxurmrj.default\Extensions\[email protected] [2013-03-31]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5 [2013-12-27]
FF HKCU\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\ajba\AppData\Roaming\IDM\idmmzcc5 [2013-12-27]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "sync": {
       "suppress_start": true
   },
   "tabs": {
       "use_vertical_tabs"
CHR DefaultSearchKeyword: google.com.sg
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ajba\AppData\Local\Google\Chrome\Application\30.0.1599.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ajba\AppData\Local\Google\Chrome\Application\30.0.1599.66\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\ajba\AppData\Local\Google\Chrome\Application\30.0.1599.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.250.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U25) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (MicrosoftÂ® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (TVU Web Player for FireFox) - C:\Program Files\TVUPlayer\npTVUAx.dll No File
CHR Plugin: (Windows LiveÂ™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\ajba\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Entanglement) - C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-02-19]
CHR Extension: (Poppit) - C:\Users\ajba\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-02-19]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2013-12-15]
CHR StartMenuInternet: Google Chrome - C:\Users\ajba\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AntiVirFirewallService; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [619472 2012-10-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [375760 2012-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-10-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-10-10] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [727584 2009-10-01] (Acer Incorporated)
R2 Greg_Service; C:\Program Files\Acer\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated)
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655744 2012-06-28] ()
S3 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
S3 wifimansvc; C:\Program Files\Mobile Partner\eap\wifimansvc.exe [605696 2012-08-06] ()

==================== Drivers (Whitelisted) ====================

R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [92008 2012-10-10] (Avira GmbH)
R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [112584 2012-10-10] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83392 2012-09-27] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137928 2012-09-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36000 2012-09-27] (Avira GmbH)
S3 EUCR; C:\Windows\system32\DRIVERS\EUCR6SK.SYS [103296 2009-11-23] (ENE Technology Inc.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-06-06] (Huawei Technologies Co., Ltd.)
S3 huawei_cdcecm; C:\Windows\System32\DRIVERS\ew_jucdcecm.sys [70016 2012-06-06] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-06-06] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [202752 2012-06-06] (Huawei Technologies Co., Ltd.)
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [18992 2009-06-02] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2009-06-02] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [60976 2009-06-02] (Egis Technology Inc.)
S3 NPF; C:\Windows\System32\drivers\NPF.sys [35088 2012-06-06] (CACE Technologies, Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-17 00:16 - 2014-05-17 00:16 - 00000000 ____D () C:\Users\ajba\Desktop\FRST-OlderVersion
2014-05-15 11:50 - 2014-05-15 11:50 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 11:49 - 2014-05-06 07:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 11:49 - 2014-05-06 07:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 11:49 - 2014-05-06 07:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 11:10 - 2014-04-12 10:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 11:10 - 2014-04-12 10:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 11:10 - 2014-04-12 10:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 11:10 - 2014-04-12 10:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 11:10 - 2014-04-12 10:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 11:10 - 2014-04-12 10:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 11:10 - 2014-04-12 10:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 11:10 - 2014-03-04 17:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-15 11:10 - 2014-03-04 17:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 11:10 - 2014-03-04 17:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 11:10 - 2014-03-04 17:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 11:10 - 2014-03-04 17:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 11:03 - 2014-03-25 10:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 11:00 - 2014-05-15 11:00 - 00000366 _____ () C:\Users\ajba\Downloads\fixlist(1).txt
2014-05-14 09:08 - 2014-05-14 09:08 - 00000366 _____ () C:\Users\ajba\Downloads\fixlist.txt
2014-05-13 13:14 - 2014-05-13 13:16 - 00028244 _____ () C:\Users\ajba\Desktop\Addition.txt
2014-05-13 13:09 - 2014-05-17 00:27 - 00017889 _____ () C:\Users\ajba\Desktop\FRST.txt
2014-05-13 13:09 - 2014-05-17 00:27 - 00000000 ____D () C:\FRST
2014-05-13 13:06 - 2014-05-17 00:16 - 01056768 _____ (Farbar) C:\Users\ajba\Desktop\FRST.exe
2014-05-13 09:02 - 2014-05-13 09:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 08:11 - 2014-05-12 08:11 - 00000000 ____D () C:\_OTL
2014-05-09 10:30 - 2014-05-09 10:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-09 10:30 - 2014-05-09 10:30 - 00001953 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-09 10:00 - 2014-05-09 10:00 - 00000734 _____ () C:\DelFix.txt
2014-05-08 09:45 - 2014-05-08 09:45 - 00001043 _____ () C:\mbam.txt
2014-05-08 09:04 - 2014-05-14 14:26 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-08 09:04 - 2014-05-08 09:04 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-08 09:04 - 2014-05-08 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-08 09:04 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-08 09:04 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-08 09:03 - 2014-05-08 09:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-08 00:03 - 2014-05-08 00:03 - 00000000 ____D () C:\Windows\ERUNT
2014-05-07 23:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-03 12:03 - 2014-05-03 12:03 - 00002370 _____ () C:\Users\ajba\Desktop\fix.txt
2014-05-03 12:00 - 2014-05-03 12:00 - 00000072 _____ () C:\Users\ajba\Desktop\after.txt
2014-04-18 22:01 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-18 22:01 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 22:01 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 22:01 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 21:59 - 2014-04-18 22:01 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

==================== One Month Modified Files and Folders =======

2014-05-17 00:29 - 2014-05-13 13:09 - 00017889 _____ () C:\Users\ajba\Desktop\FRST.txt
2014-05-17 00:27 - 2014-05-13 13:09 - 00000000 ____D () C:\FRST
2014-05-17 00:21 - 2009-07-14 12:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-17 00:21 - 2009-07-14 12:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-17 00:16 - 2014-05-17 00:16 - 00000000 ____D () C:\Users\ajba\Desktop\FRST-OlderVersion
2014-05-17 00:16 - 2014-05-13 13:06 - 01056768 _____ (Farbar) C:\Users\ajba\Desktop\FRST.exe
2014-05-17 00:16 - 2010-03-02 06:28 - 01677992 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 00:14 - 2014-03-24 22:25 - 00000000 ____D () C:\ProgramData\MCShield
2014-05-17 00:12 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 00:12 - 2009-07-14 12:39 - 00530240 _____ () C:\Windows\setupact.log
2014-05-16 12:00 - 2012-02-27 05:04 - 00000000 ____D () C:\Users\ajba\AppData\Roaming\DMCache
2014-05-16 11:08 - 2011-01-29 07:24 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000UA.job
2014-05-16 11:03 - 2012-04-03 21:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-16 10:08 - 2011-01-29 07:24 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2795788979-175850703-175300515-1000Core.job
2014-05-16 09:59 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\rescache
2014-05-16 09:27 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-15 12:14 - 2010-01-06 05:42 - 00784900 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-15 12:11 - 2013-07-24 05:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 11:51 - 2010-03-21 03:27 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 11:51 - 2010-01-06 06:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 11:50 - 2014-05-15 11:50 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-15 11:03 - 2012-04-03 21:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-15 11:03 - 2011-05-17 06:52 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-15 11:00 - 2014-05-15 11:00 - 00000366 _____ () C:\Users\ajba\Downloads\fixlist(1).txt
2014-05-14 14:26 - 2014-05-08 09:04 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-14 10:05 - 2010-01-06 06:41 - 00808346 _____ () C:\Windows\PFRO.log
2014-05-14 09:08 - 2014-05-14 09:08 - 00000366 _____ () C:\Users\ajba\Downloads\fixlist.txt
2014-05-13 17:24 - 2012-05-22 06:30 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-13 13:16 - 2014-05-13 13:14 - 00028244 _____ () C:\Users\ajba\Desktop\Addition.txt
2014-05-13 09:03 - 2014-05-13 09:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 08:11 - 2014-05-12 08:11 - 00000000 ____D () C:\_OTL
2014-05-09 10:32 - 2014-03-09 07:56 - 00000000 ____D () C:\Users\ajba\AppData\Local\Adobe
2014-05-09 10:30 - 2014-05-09 10:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-09 10:30 - 2014-05-09 10:30 - 00001953 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-05-09 10:29 - 2010-01-06 06:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-09 10:29 - 2010-01-06 06:38 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-09 10:29 - 2010-01-06 06:38 - 00000000 ____D () C:\Program Files\Adobe
2014-05-09 10:00 - 2014-05-09 10:00 - 00000734 _____ () C:\DelFix.txt
2014-05-09 10:00 - 2013-03-24 06:06 - 00000000 ____D () C:\Program Files\Trend Micro
2014-05-08 09:45 - 2014-05-08 09:45 - 00001043 _____ () C:\mbam.txt
2014-05-08 09:14 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-05-08 09:04 - 2014-05-08 09:04 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-08 09:04 - 2014-05-08 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-08 09:04 - 2014-05-08 09:03 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-08 09:04 - 2014-01-12 13:44 - 00000000 ____D () C:\Users\ajba\AppData\Roaming\Malwarebytes
2014-05-08 09:04 - 2014-01-12 13:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-08 09:01 - 2011-01-29 02:12 - 00000000 ____D () C:\Users\ajba\AppData\Local\Windows Live
2014-05-08 00:03 - 2014-05-08 00:03 - 00000000 ____D () C:\Windows\ERUNT
2014-05-06 07:32 - 2014-05-15 11:49 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-15 11:49 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 07:14 - 2014-05-15 11:49 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-03 12:03 - 2014-05-03 12:03 - 00002370 _____ () C:\Users\ajba\Desktop\fix.txt
2014-05-03 12:00 - 2014-05-03 12:00 - 00000072 _____ () C:\Users\ajba\Desktop\after.txt
2014-05-03 08:09 - 2012-02-27 05:04 - 00000000 ____D () C:\Users\ajba\Downloads\Video
2014-05-03 07:30 - 2012-02-27 05:04 - 00000000 ____D () C:\Users\ajba\Downloads\Compressed
2014-04-30 00:23 - 2011-01-29 07:25 - 00002325 _____ () C:\Users\ajba\Desktop\Google Chrome.lnk
2014-04-18 22:01 - 2014-04-18 21:59 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-18 22:01 - 2013-10-31 16:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 22:01 - 2012-05-01 14:27 - 00000000 ____D () C:\Program Files\Java

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-15 11:10] - [2014-03-04 17:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-09 10:22

==================== End Of Log ============================

Edited by xxmaxixx, 16 May 2014 - 07:32 PM.

#36
Machiavelli

Posted 16 May 2014 - 11:30 AM

GeekU Moderator

GeekU Moderator
4,722 posts

I will wait for the log of step 2.

#37
xxmaxixx

Posted 16 May 2014 - 08:49 PM

Member

Topic Starter
Member
108 posts

Seems like the issue has be resolved. No more of such files listed :yeah:

#38
Machiavelli

Posted 17 May 2014 - 03:29 AM

GeekU Moderator

GeekU Moderator
4,722 posts

Hello,
in my opinion your PC is clean.

We need to remove the tools we've used during cleaning your machine

Download Delfix from here and run it (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the Delfix icon and select Run as Administrator).
Ensure Remove disinfection tools is ticked
Also tick:
- Create registry backup
- Purge system restore
Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

Exercise common sense

Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to look before you leap. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully and look at the file extensions to make sure that you know what you're getting. Using peer-to-peer file sharing programs or downloading cracks and keygens is something else to avoid - the files you will be downloading are infected in the vast majority of cases, and the benefits simply aren't worth the risk to your computer.

Keep up on Windows updates

Along with keeping all of the security programs that you choose to use updated, it is also important to keep up on system updates from Microsoft, as these patch critical security vulnerabilities and help to keep you safe. Typically the windows update icon will appear in your taskbar when new updates are available, whenever you see it you should open the menu up and install the updates that are available. Although it may be an annoyance, that little bit of extra time it takes to stay updated is very well worth it instead of getting infected from an exploit and having to clean your PC again.

Slow computer?

If your computer begins to slow down again in the future for no particular reason, your first step should not be to come back to the malware forum. As your computer ages and is used, its parts wear, files and programs accumulate, and its performance speed can decrease. To restore your computer's performance to its best possible level, follow the steps in this guide written by tech expert Artellos.

Keep Safe! :thumbsup:

#39
xxmaxixx

Posted 17 May 2014 - 06:00 AM

Member

Topic Starter
Member
108 posts

# DelFix v10.7 - Logfile created 17/05/2014 at 19:56:02
# Updated 27/04/2014 by Xplode
# Username : ajba - AJBA-PC
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\Users\ajba\Desktop\FRST-OlderVersion
Deleted : C:\Users\ajba\Desktop\Addition.txt
Deleted : C:\Users\ajba\Desktop\Fixlog.txt
Deleted : C:\Users\ajba\Desktop\FRST.exe
Deleted : C:\Users\ajba\Desktop\FRST.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #192 [OTL Restore Point - 5/7/2014 11:15:29 PM | 05/07/2014 15:15:34]
Deleted : RP #193 [OTL Restore Point - 5/9/2014 9:44:32 AM | 05/09/2014 01:44:47]
Deleted : RP #194 [OTL Restore Point - 5/12/2014 8:12:17 AM | 05/12/2014 00:12:35]
Deleted : RP #195 [Windows Update | 05/15/2014 03:39:32]
Deleted : RP #196 [Windows Update | 05/16/2014 00:56:08]

New restore point created !

########## - EOF - ##########

#40
Machiavelli

Posted 17 May 2014 - 08:48 AM

GeekU Moderator

GeekU Moderator
4,722 posts

OK, I will close the topic as solved then.

#41
Machiavelli

Posted 17 May 2014 - 08:48 AM

GeekU Moderator

GeekU Moderator
4,722 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.