And this is the FRST.txt log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2013
Ran by Owner (administrator) on BREWER-PC on 26-09-2013 12:43:59
Running from E:\
Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(PCRx.com, LLC) C:\Program Files\24x7Help\App24x7Svc.exe
(COMPANYVERS_NAME) C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(Inbox.com, Inc.) C:\Program Files\Inbox Toolbar\Inbox.exe
(Crawler.com) C:\Program Files\PCPowerSpeed\PCPowerTray.exe
(Crawler.com) C:\Program Files\OnlineVault\OVTray.exe
(MindSpark) C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrchMn.exe
(VER_COMPANY_NAME) C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Inbox.com, Inc.) C:\Program Files\RebateInformer\RebateInf.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.287\SSScheduler.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files\Intuit\QuickBooks 2012\QBW32.EXE
(Crawler, LLC) C:\Program Files\24x7Help\App24x7Help.exe
(PCRx.com, LLC) C:\Program Files\24x7Help\App24x7Hook.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(McAfee, Inc.) C:\Program Files\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\VIRUSS~1\mcvsmap.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Core\mchost.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1261568 2007-05-08] (Analog Devices, Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1646216 2013-01-24] (Ask)
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1278064 2013-03-13] (McAfee, Inc.)
HKLM\...\Run: [InboxToolbar] - C:\Program Files\Inbox Toolbar\Inbox.exe [1708696 2013-02-20] (Inbox.com, Inc.)
HKLM\...\Run: [24x7HELP] - C:\Program Files\24x7Help\App24x7Help.exe [1773648 2013-03-12] (Crawler, LLC)
HKLM\...\Run: [PCPowerSpeed] - C:\Program Files\PCPowerSpeed\PCPowerTray.exe [374880 2013-01-30] (Crawler.com)
HKLM\...\Run: [Online Vault] - C:\Program Files\OnlineVault\OVTray.exe [371808 2013-04-22] (Crawler.com)
HKLM\...\Run: [Intuit SyncManager] - C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [1874264 2011-08-19] (Intuit Inc. All rights reserved.)
HKLM\...\Run: [RegWork] - C:\Program Files\RegWork\RegWork.exe [13780656 2012-12-25] ()
HKLM\...\Run: [MapsGalaxy Search Scope Monitor] - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe [44784 2013-07-16] (MindSpark)
HKLM\...\Run: [MapsGalaxy_39 Browser Plugin Loader] - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe [30096 2013-07-16] (VER_COMPANY_NAME)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [RebateInformer] - C:\PROGRA~1\REBATE~1\REBATE~1.EXE [1006216 2013-07-02] (Inbox.com, Inc.)
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
HKCU\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
MountPoints2: {e9ae00ad-6d4b-11e2-b66a-001d091c6c65} - E:\mri.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://home.tb.ask.c...CFcKZ4Aodjw4AEQ
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x291664E0A801CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://broadband.zoomtown.com
URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
URLSearchHook: (No Name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (MindSpark)
SearchScopes: HKLM - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL =
http://search.tb.ask...r={searchTerms}
SearchScopes: HKCU - {3565FC24-BBA4-4982-9B5D-C22EADEF05F5} URL =
http://websearch.ask...0E-FA8ED1062057
SearchScopes: HKCU - {8C2D655D-0429-465F-866B-3940416A6102} URL =
http://search.yahoo....p={SearchTerms}
SearchScopes: HKCU - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL =
http://search.tb.ask...r={searchTerms}
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL =
http://www2.inbox.co...&iwk=244&lng=en
BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~1\MAPSGA~2\bar\1.bin\39bar.dll (MindSpark)
BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~1\APPGRA~1\APPGRA~1.DLL (Omega Partners Ltd)
BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (MindSpark)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO: No Name - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\PROGRA~1\REBATE~1\RebateI.dll (Inbox.com, Inc.)
BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
Toolbar: HKLM - MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll (MindSpark)
Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU -&Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
Toolbar: HKCU -MapsGalaxy - {364EA597-E728-4CE4-BB4A-ED846EF47970} - C:\Program Files\MapsGalaxy_39\bar\1.bin\39bar.dll (MindSpark)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll (Inbox.com, Inc.)
Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Handler: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\PROGRA~1\REBATE~1\RebateI.dll (Inbox.com, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.200.1
========================== Services (Whitelisted) =================
R2 24x7HelpSvc; C:\Program Files\24x7Help\App24x7Svc.exe [342608 2013-02-17] (PCRx.com, LLC)
R2 MapsGalaxy_39Service; C:\PROGRA~1\MAPSGA~2\bar\1.bin\39barsvc.exe [42504 2013-07-16] (COMPANYVERS_NAME)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.287\McCHSvc.exe [234776 2012-09-11] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [279048 2012-11-16] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [203840 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-02-19] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files\McAfee Online Backup\MOBKbackup.exe [229688 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-08-19] (Intuit Inc.)
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{9a662039-ac21-56da-a4d9-a465d89b88f6}\ \...\???\{9a662039-ac21-56da-a4d9-a465d89b88f6}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
==================== Drivers (Whitelisted) ====================
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-02-19] (McAfee, Inc.)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [146872 2012-04-20] (McAfee, Inc.)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [64832 2012-09-14] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133416 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [235264 2013-02-19] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [363080 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [565888 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [92632 2013-02-19] (McAfee, Inc.)
R1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [210608 2013-02-19] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [54776 2010-04-13] (Mozy, Inc.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
U3 mfeavfk01; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-26 12:43 - 2013-09-26 12:43 - 00000795 _____ C:\Windows\setupact.log
2013-09-26 12:43 - 2013-09-26 12:43 - 00000000 ____D C:\FRST
2013-09-26 12:43 - 2013-09-26 12:43 - 00000000 _____ C:\Windows\setuperr.log
2013-09-24 16:31 - 2013-09-24 16:31 - 00152576 _____ C:\Users\Owner\Desktop\khphone list.xls
2013-09-18 19:04 - 2013-07-31 06:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-18 19:04 - 2013-07-31 06:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-18 19:04 - 2013-07-31 06:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-18 19:04 - 2013-07-31 05:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-18 19:04 - 2013-07-31 05:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-18 19:04 - 2013-07-31 05:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-18 19:04 - 2013-07-31 05:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-18 19:04 - 2013-07-31 05:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-18 19:04 - 2013-07-31 05:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-18 19:04 - 2013-07-31 05:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-18 19:04 - 2013-07-31 05:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-18 19:04 - 2013-07-31 05:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-18 19:04 - 2013-07-31 05:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-18 19:04 - 2013-07-31 05:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-18 19:04 - 2013-07-31 05:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-18 19:04 - 2013-07-31 05:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-18 03:00 - 2013-09-18 03:01 - 00000000 ____D C:\c70df3d1364b32f65251fb52e695db7c
2013-09-17 20:55 - 2013-07-16 00:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-17 20:54 - 2013-08-07 21:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-30 14:31 - 2013-08-02 00:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
==================== One Month Modified Files and Folders =======
2013-09-26 12:43 - 2013-09-26 12:43 - 00000795 _____ C:\Windows\setupact.log
2013-09-26 12:43 - 2013-09-26 12:43 - 00000000 ____D C:\FRST
2013-09-26 12:43 - 2013-09-26 12:43 - 00000000 _____ C:\Windows\setuperr.log
2013-09-26 12:33 - 2006-11-02 08:52 - 01994382 _____ C:\Windows\WindowsUpdate.log
2013-09-26 12:33 - 2006-11-02 08:47 - 00003648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-26 12:33 - 2006-11-02 08:47 - 00003648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-26 11:57 - 2013-02-02 11:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-24 16:38 - 2013-02-13 21:53 - 00001735 _____ C:\Users\Public\Desktop\McAfee Total Protection.lnk
2013-09-24 16:34 - 2013-02-13 21:19 - 00002627 _____ C:\Users\Owner\Desktop\Microsoft Office Word 2007.lnk
2013-09-24 16:33 - 2006-11-02 09:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-24 16:32 - 2006-11-02 09:01 - 00032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-24 16:31 - 2013-09-24 16:31 - 00152576 _____ C:\Users\Owner\Desktop\khphone list.xls
2013-09-24 15:04 - 2013-02-23 13:02 - 00000000 ____D C:\Program Files\RebateInformer
2013-09-23 12:14 - 2013-02-13 21:11 - 00000000 ____D C:\Users\Owner\Documents\Condo - 2012
2013-09-23 11:56 - 2013-02-13 21:19 - 00002585 _____ C:\Users\Owner\Desktop\Microsoft Office Excel 2007.lnk
2013-09-18 19:10 - 2006-11-02 08:47 - 00279512 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-18 19:05 - 2013-02-04 20:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-18 03:01 - 2013-09-18 03:00 - 00000000 ____D C:\c70df3d1364b32f65251fb52e695db7c
2013-09-18 03:01 - 2013-08-18 12:22 - 00000000 ____D C:\Windows\system32\MRT
2013-09-18 03:01 - 2006-11-02 06:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-09-17 20:41 - 2013-02-13 21:50 - 00000000 ____D C:\Program Files\McAfee
Files to move or delete:
====================
ZeroAccess:
C:\Users\Owner\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
LastRegBack: 2013-09-26 04:47
==================== End Of Log ============================