Jump to content

Getting an update video player on Mozilla


Recommended Posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Setzer (administrator) on SCOTT-PC on 26-06-2014 16:57:31
Running from C:\Users\Setzer\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: "https://www.facebook.com/", "hxxp://www.24hourcampfire.com/ubbthreads/ubbthreads.php/forum_summary", "hxxp://www.asrealasitgets.net/forums/ubbthreads.php?ubb=cfrm", "hxxp://mauldroppers.com/?styleid=8"
CHR NewTab: "chrome-extension://amfclgbdpgndipgoegfpkkgobahigbcl/redirect.html"
CHR Extension: (YouTube) - C:\Users\Setzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-25]
CHR Extension: (Google Search) - C:\Users\Setzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-25]
CHR Extension: (RealDownloader) - C:\Users\Setzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-08-25]
CHR Extension: (Google Wallet) - C:\Users\Setzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR Extension: (Gmail) - C:\Users\Setzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx [2013-08-14]

==================== Services (Whitelisted) =================

S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [1025352 2011-07-26] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-25] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-25] (globalUpdate) [File not signed]
R2 lxcz_device; C:\Windows\system32\lxczcoms.exe [566192 2007-04-19] ( )
R2 lxcz_device; C:\Windows\SysWOW64\lxczcoms.exe [537520 2007-04-19] ( )
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Realtek87B; C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-04-19] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-04-19] (Secunia)
R2 SwiCardDetectSvc; C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [315760 2011-04-08] (Sierra Wireless, Inc.)
R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1813528 2014-06-23] (AVG Secure Search)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-04-15] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-23] (AVG Technologies)
R3 easytether; C:\Windows\System32\DRIVERS\easytthr.sys [20752 2011-05-22] (Mobile Stream)
S3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [933376 2009-03-04] (Ralink Technology, Corp.)
S3 swiwdmbus; C:\Windows\System32\DRIVERS\swiwdmbusx64.sys [102656 2010-06-21] (Sierra Wireless Inc.)
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [240640 2010-06-21] (Sierra Wireless Inc.)
S3 SWUMXA3; C:\Windows\System32\DRIVERS\swumxa3.sys [210944 2010-06-21] (Sierra Wireless Inc.)
R3 ASWMBR; \??\C:\Users\Setzer\AppData\Local\Temp\aswMBR.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-26 16:57 - 2014-06-26 16:58 - 00028183 _____ () C:\Users\Setzer\Downloads\FRST.txt
2014-06-26 16:57 - 2014-06-26 16:57 - 00000000 ____D () C:\FRST
2014-06-26 16:56 - 2014-06-26 16:57 - 02082816 _____ (Farbar) C:\Users\Setzer\Downloads\FRST64.exe
2014-06-26 16:35 - 2014-06-26 16:35 - 00000000 ___RD () C:\Users\Setzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2014-06-26 07:16 - 2014-06-26 07:59 - 00228063 _____ () C:\Users\Marmee\Desktop\avgrep.txt
2014-06-26 07:08 - 2014-06-26 07:08 - 01390880 _____ () C:\Users\Setzer\Downloads\Player_Setup(1).exe
2014-06-26 07:07 - 2014-06-26 07:07 - 01390880 _____ () C:\Users\Setzer\Downloads\Player_Setup.exe
2014-06-25 11:53 - 2014-06-26 12:18 - 00000000 ___RD () C:\Users\Marmee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2014-06-25 10:09 - 2014-06-26 12:18 - 00000000 ____D () C:\Users\Setzer\AppData\Local\com
2014-06-25 08:21 - 2014-06-26 16:35 - 00001502 _____ () C:\Windows\Tasks\f7171c92-4f0d-4b1b-9174-dc57592e165b-5_user.job
2014-06-25 08:20 - 2014-06-26 16:35 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-25 08:20 - 2014-06-26 14:25 - 00000904 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-25 08:20 - 2014-06-25 08:20 - 00003902 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-25 08:20 - 2014-06-25 08:20 - 00003648 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-25 08:20 - 2014-06-25 08:20 - 00000000 ____D () C:\Users\Setzer\AppData\Local\globalUpdate
2014-06-25 08:20 - 2014-06-25 08:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-25 08:18 - 2014-06-25 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREE_SOFTTODAY
2014-06-19 16:17 - 2014-06-19 16:17 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-06-17 22:34 - 2014-06-26 12:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 09:33 - 2014-06-17 09:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-16 22:44 - 2014-06-16 22:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-13 11:37 - 2014-06-13 11:37 - 01057176 _____ (Adobe) C:\Users\Marmee\Downloads\install_flashplayer14x32_mssa_aaa_aih(1).exe
2014-06-13 11:36 - 2014-06-13 11:36 - 01057176 _____ (Adobe) C:\Users\Marmee\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe
2014-06-10 07:24 - 2014-06-10 07:24 - 00608816 _____ () C:\Users\Setzer\Downloads\MediaPlayerClassicInstaller.exe

==================== One Month Modified Files and Folders =======

2014-06-26 16:58 - 2014-06-26 16:57 - 00028183 _____ () C:\Users\Setzer\Downloads\FRST.txt
2014-06-26 16:57 - 2014-06-26 16:57 - 00000000 ____D () C:\FRST
2014-06-26 16:57 - 2014-06-26 16:56 - 02082816 _____ (Farbar) C:\Users\Setzer\Downloads\FRST64.exe
2014-06-26 16:50 - 2012-09-01 08:44 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-26 16:42 - 2009-07-13 23:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-26 16:42 - 2009-07-13 23:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-26 16:41 - 2012-03-29 04:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-26 16:39 - 2011-08-29 12:31 - 01731660 _____ () C:\Windows\WindowsUpdate.log
2014-06-26 16:35 - 2014-06-26 16:35 - 00000000 ___RD () C:\Users\Setzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2014-06-26 16:35 - 2014-06-25 08:21 - 00001502 _____ () C:\Windows\Tasks\f7171c92-4f0d-4b1b-9174-dc57592e165b-5_user.job
2014-06-26 16:35 - 2014-06-25 08:20 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-26 16:35 - 2012-09-01 08:44 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 16:34 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-26 16:34 - 2009-07-13 23:51 - 00197338 _____ () C:\Windows\setupact.log
2014-06-26 15:19 - 2012-03-29 04:10 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 15:19 - 2012-03-29 04:10 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-26 15:19 - 2011-09-19 19:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 14:25 - 2014-06-25 08:20 - 00000904 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-26 12:18 - 2014-06-25 11:53 - 00000000 ___RD () C:\Users\Marmee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2014-06-26 12:18 - 2014-06-25 10:09 - 00000000 ____D () C:\Users\Setzer\AppData\Local\com
2014-06-26 12:18 - 2014-06-17 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-26 12:18 - 2014-05-09 22:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-06-26 12:18 - 2014-04-27 18:54 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-06-26 12:18 - 2014-03-08 19:40 - 00000000 ____D () C:\Users\Marmee\AppData\Roaming\Roxio
2014-06-26 12:18 - 2014-03-08 19:39 - 00000000 ____D () C:\Users\Marmee
2014-06-26 12:18 - 2014-02-17 18:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-26 12:18 - 2013-08-25 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-26 12:18 - 2013-08-25 14:32 - 00000000 ____D () C:\ProgramData\Real
2014-06-26 12:18 - 2013-05-10 17:39 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-06-26 12:18 - 2012-01-14 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.1
2014-06-26 12:18 - 2011-12-01 21:34 - 00000000 ____D () C:\Users\DefaultAppPool
2014-06-26 12:18 - 2011-08-29 12:19 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-26 12:18 - 2011-08-29 10:45 - 00000000 ____D () C:\Users\Setzer\AppData\Roaming\Roxio
2014-06-26 12:18 - 2011-08-29 10:38 - 00000000 ____D () C:\Users\Setzer
2014-06-26 12:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-06-26 12:17 - 2011-11-07 20:30 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-26 12:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-26 12:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-06-26 10:05 - 2014-05-26 09:06 - 00000000 __RSD () C:\Users\Marmee\Documents\My Stationery
2014-06-26 07:59 - 2014-06-26 07:16 - 00228063 _____ () C:\Users\Marmee\Desktop\avgrep.txt
2014-06-26 07:16 - 2014-03-08 19:40 - 00000000 ____D () C:\Users\Marmee\AppData\Local\Avg2013
2014-06-26 07:08 - 2014-06-26 07:08 - 01390880 _____ () C:\Users\Setzer\Downloads\Player_Setup(1).exe
2014-06-26 07:07 - 2014-06-26 07:07 - 01390880 _____ () C:\Users\Setzer\Downloads\Player_Setup.exe
2014-06-26 06:53 - 2014-03-07 21:43 - 00000000 ____D () C:\Users\Setzer\AppData\Roaming\Skype
2014-06-26 06:52 - 2009-10-29 15:25 - 00137766 _____ () C:\Windows\PFRO.log
2014-06-25 18:18 - 2014-03-08 21:48 - 00000000 ____D () C:\Users\Marmee\AppData\Roaming\Skype
2014-06-25 09:03 - 2011-09-01 10:18 - 00888016 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-25 09:03 - 2009-07-14 00:13 - 00888016 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-25 08:20 - 2014-06-25 08:20 - 00003902 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-06-25 08:20 - 2014-06-25 08:20 - 00003648 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-06-25 08:20 - 2014-06-25 08:20 - 00000000 ____D () C:\Users\Setzer\AppData\Local\globalUpdate
2014-06-25 08:20 - 2014-06-25 08:20 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-06-25 08:18 - 2014-06-25 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREE_SOFTTODAY
2014-06-25 08:16 - 2013-07-30 04:24 - 00000000 _____ () C:\END
2014-06-23 10:26 - 2012-06-12 04:27 - 00000000 ____D () C:\Users\Setzer\AppData\Local\AVG Secure Search
2014-06-23 06:25 - 2013-05-21 12:55 - 00003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2014-06-23 06:23 - 2012-09-05 18:02 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-06-19 22:45 - 2012-09-01 08:44 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 22:45 - 2012-09-01 08:44 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 16:17 - 2014-06-19 16:17 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-06-19 16:17 - 2011-10-15 07:00 - 00000000 ____D () C:\Users\Setzer\AppData\Roaming\Foxit Software
2014-06-17 09:33 - 2014-06-17 09:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-17 09:33 - 2012-11-01 21:57 - 00000972 _____ () C:\Users\Public\Desktop\AVG 2013.lnk
2014-06-16 23:48 - 2014-03-08 19:40 - 00000000 ____D () C:\Users\Marmee\AppData\Roaming\Apple Computer
2014-06-16 22:44 - 2014-06-16 22:44 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-16 22:42 - 2014-05-26 08:50 - 00000000 ____D () C:\Users\Marmee\AppData\Local\Apple Computer
2014-06-13 11:37 - 2014-06-13 11:37 - 01057176 _____ (Adobe) C:\Users\Marmee\Downloads\install_flashplayer14x32_mssa_aaa_aih(1).exe
2014-06-13 11:36 - 2014-06-13 11:36 - 01057176 _____ (Adobe) C:\Users\Marmee\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe
2014-06-12 14:50 - 2013-08-25 14:43 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 07:24 - 2014-06-10 07:24 - 00608816 _____ () C:\Users\Setzer\Downloads\MediaPlayerClassicInstaller.exe
2014-05-30 18:33 - 2011-10-30 09:51 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-05-30 18:33 - 2009-07-14 00:08 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Marmee\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Setzer\AppData\Local\Temp\6_Offer_18.exe
C:\Users\Setzer\AppData\Local\Temp\doxillionsetup.exe
C:\Users\Setzer\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Setzer\AppData\Local\Temp\i4jdel0.exe
C:\Users\Setzer\AppData\Local\Temp\install_flashplayer11x64_mssa_aih.exe
C:\Users\Setzer\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Setzer\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Setzer\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Setzer\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Setzer\AppData\Local\Temp\lowproc.exe
C:\Users\Setzer\AppData\Local\Temp\mp3el.exe
C:\Users\Setzer\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Setzer\AppData\Local\Temp\stubhelper.dll
C:\Users\Setzer\AppData\Local\Temp\USB_308.exe
C:\Users\Setzer\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Setzer\AppData\Local\Temp\_is9A2D.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-19 10:20

==================== End Of Log ============================

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by Setzer at 2014-06-26 16:59:51
Running from C:\Users\Setzer\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
AMD USB Filter Driver (x32 Version: 1.0.11.86 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AT&T Communication Manager (HKLM-x32\...\{6F52B533-03ED-4077-A382-BB8DA663FDAE}) (Version: 9.0.262.7 - SmartCom)
ATI Catalyst Install Manager (HKLM\...\{A8DDE3ED-9B6A-F806-32AF-EC53A836A04F}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3485 - AVG Technologies)
AVG 2013 (Version: 13.0.3485 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3955 - AVG Technologies) Hidden
AVG PC Tuneup 2011 (HKLM-x32\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.26 - AVG)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.7.644 - AVG Technologies)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Best Buy pc app (HKCU\...\e55b814e55744b76) (Version: 3.2.605.2 - Best Buy)
Best Buy pc app (Version: 3.2.2.1 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.2.1 - Best Buy) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Bullzip PDF Printer 7.2.0.1313 (HKLM\...\Bullzip PDF Printer_is1) (Version: 7.2.0.1313 - Bullzip)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help English (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help French (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help German (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0729.2226.38498 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
ccc-utility64 (Version: 2009.0729.2227.38498 - ATI) Hidden
CED Millennium Data Collector (HKLM-x32\...\CED Millennium Data Collector) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.9.0 - Conexant)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3402 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.3402 - CyberLink Corp.) Hidden
DBPix20 (HKLM-x32\...\DBPix) (Version:  - )
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version:  - NCH Software)
DriverTuner 3.0.1.0 (HKLM\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.0.0.1 - LionSea SoftWare)
EasyTether (HKLM\...\{A3FAE73B-4474-4A1D-A343-2FE248F05265}) (Version: 1.1.14 - Mobile Stream)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Gateway Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Gateway Incorporated)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3006 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.6.0730 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Gateway Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript Lite 8.70 (HKLM-x32\...\GPL Ghostscript Lite_is1) (Version:  - )
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.56 - Conexant Systems)
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{883B114D-BD3E-498F-9DAD-5E4A8E1C43BA}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Gateway Incorporated)
IQS (HKCU\...\9e46a38555f545b0) (Version: 1.0.149.0 - IQS)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000FF}) (Version: 7.0.0 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Gateway)
Lexmark 1200 Series (HKLM\...\Lexmark 1200 Series) (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2000 Disc 2 (HKLM-x32\...\{00040409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Access Runtime (English) 2007 (HKLM-x32\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1049 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Streets & Trips 2009 (HKLM-x32\...\{C82185E8-C27B-4EF4-2009-4444BC2C2B6D}) (Version: 16.0.18.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
Quicken 2011 (HKLM-x32\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Ralink Wireless LAN (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.0.8.0 - Ralink)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - )
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Reloaders Reference v9.3x74r (HKLM-x32\...\Reloaders Reference v9.3x74r) (Version:  - )
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.2 - Roxio)
Roxio Burn (x32 Version: 1.2.0 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Secunia PSI (2.0.0.3003) (HKLM-x32\...\Secunia PSI) (Version:  - )
Sierra Wireless Card Detection Service (x32 Version: 1.0.2991.2   - Sierra Wireless Inc) Hidden
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version:  - NCH Software)
thinkorswim (HKLM-x32\...\thinkorswim) (Version:  - thinkorswim, Inc)
Video Web Camera (HKLM-x32\...\{6D9021DC-CF1B-4148-8C80-6D8E8A8A33EB}) (Version: 0.5.29.1 - SuYin)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3009 - Gateway Incorporated)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

20-05-2014 23:18:13 Scheduled Checkpoint
29-05-2014 14:03:07 Scheduled Checkpoint
05-06-2014 18:30:55 Scheduled Checkpoint
13-06-2014 15:16:52 Scheduled Checkpoint
21-06-2014 17:50:20 Scheduled Checkpoint
26-06-2014 14:32:50 Restore Operation

==================== Hosts content: ==========================

2009-07-13 21:34 - 2011-09-16 10:44 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1015483C-0C8E-4D7E-95AA-0DB88A6D321C} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {34EB70E1-8ABD-44A3-8676-60505A44AA2E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-25] (globalUpdate) <==== ATTENTION
Task: {4D0A3037-DCA1-4A26-A40A-7D5E1DBA8D82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {51DC27AA-26FD-4461-868B-509C8605945B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6BED9A6F-10F0-4EC6-AB74-88762AF097D7} - System32\Tasks\{FBAA3658-4D07-44EF-82EA-2EB7D3BF6287} => C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\ReStart.exe [2009-04-20] (Realtek)
Task: {73021E82-5BB5-471A-8E10-94DAF4D71924} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-01] (Google Inc.)
Task: {AF4D71BA-5B97-40DD-B428-C8F12E883DBF} - System32\Tasks\f7171c92-4f0d-4b1b-9174-dc57592e165b-5_user => C:\Program Files (x86)\video MediaPlayer\f7171c92-4f0d-4b1b-9174-dc57592e165b-5.exe
Task: {B3E2EE45-988C-41B6-AD51-FC91D853D7EA} - System32\Tasks\{ECF00823-F71B-4D15-9331-8FA9B3F39615} => Firefox.exe
Task: {C09EC3D7-904D-4ABD-86F2-41C329A8190B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CF2253BA-8726-4287-B424-9361B15A2CD6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-26] (Adobe Systems Incorporated)
Task: {D10B740B-5241-46C0-BC3F-737CF44949F7} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Gateway\Gateway Recovery Management\NotificationCenter\Notification.exe [2009-10-01] (Acer)
Task: {E8C3CFDB-02CF-45C8-AC8C-9B3966EB658B} - System32\Tasks\{9D8619AB-5ACD-4101-BC1C-3805C0C7FB20} => C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\ReStart.exe [2009-04-20] (Realtek)
Task: {F4B56975-D5BA-42C4-8673-198F3BB58EB3} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-25] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\f7171c92-4f0d-4b1b-9174-dc57592e165b-5_user.job => C:\Program Files (x86)\video MediaPlayer\f7171c92-4f0d-4b1b-9174-dc57592e165b-5.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-06-23 06:25 - 2014-06-23 06:23 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
2013-04-05 12:58 - 2013-04-05 12:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2011-08-29 10:54 - 2009-12-16 14:16 - 00206208 _____ () C:\Windows\PLFSetI.exe
2009-08-03 11:05 - 2009-08-03 11:05 - 00498160 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2013-05-10 17:39 - 2014-06-23 06:23 - 02571288 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2009-05-13 10:44 - 2009-05-13 10:44 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-08-29 10:48 - 2011-08-29 10:48 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-02-02 20:33 - 2009-02-02 20:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll
2008-09-28 20:55 - 2008-09-28 20:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\ACE.dll
2012-11-07 19:07 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\EnumDevLib.dll
2014-06-23 06:25 - 2014-06-23 06:23 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
2011-08-29 10:54 - 2009-12-18 09:27 - 00632056 _____ () C:\Program Files (x86)\VideoWebCamera\Image.dll
2011-08-29 10:54 - 2009-12-18 09:27 - 00046328 _____ () C:\Program Files (x86)\VideoWebCamera\sy_Utility.dll
2011-08-29 10:54 - 2009-12-18 09:27 - 00038136 _____ () C:\Program Files (x86)\VideoWebCamera\VWC_ENG.dll
2014-06-17 22:34 - 2014-06-18 09:18 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-23 06:27 - 2014-06-23 06:27 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2014 04:09:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 6.3.0.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 90c

Start Time: 01cf917a7a662646

Termination Time: 90

Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report Id:

Error: (06/26/2014 03:42:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 8.0.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15c4

Start Time: 01cf917a945d0da9

Termination Time: 63

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: 4fa0bfc0-fd72-11e3-a6b3-00262d8ef651

Error: (06/26/2014 03:09:09 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Scheduled Checkpoint). Additional information: 0x80070005.

Error: (06/26/2014 00:01:30 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Scheduled Checkpoint). Additional information: 0x80070005.

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2014 10:51:12 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/26/2014 04:34:12 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (06/26/2014 04:34:03 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (06/26/2014 04:34:03 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (06/26/2014 04:10:31 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (06/26/2014 00:19:46 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (06/26/2014 00:19:19 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (06/26/2014 00:19:19 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (06/26/2014 00:12:06 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (06/26/2014 10:07:01 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (06/26/2014 10:06:42 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================
Error: (06/26/2014 04:09:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.3.0.10590c01cf917a7a66264690C:\Program Files (x86)\Skype\Phone\Skype.exe

Error: (06/26/2014 03:42:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.7601.1751415c401cf917a945d0da963C:\Program Files (x86)\Internet Explorer\iexplore.exe4fa0bfc0-fd72-11e3-a6b3-00262d8ef651

Error: (06/26/2014 03:09:09 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Scheduled Checkpoint0x80070005

Error: (06/26/2014 00:01:30 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Scheduled Checkpoint0x80070005

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe

Error: (06/26/2014 10:51:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe

Error: (06/26/2014 10:51:12 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8


CodeIntegrity Errors:
===================================
  Date: 2014-03-08 10:01:01.530
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_c03ca3001653c1ef\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-08 10:01:01.296
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_c03ca3001653c1ef\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-08 10:01:01.062
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22436_none_c03ca3001653c1ef\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-08 10:01:00.734
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-08 10:01:00.500
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-08 10:01:00.266
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-08 10:00:59.938
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-08 10:00:59.704
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-08 10:00:59.486
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22379_none_c014624816718091\appidapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-08 10:00:59.127
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 74%
Total physical RAM: 3838.36 MB
Available physical RAM: 972.53 MB
Total Pagefile: 7674.91 MB
Available Pagefile: 4394.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:453.94 GB) (Free:315.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 2EE82EE7)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Hello rajela

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
Link to post
Share on other sites

  • Staff

Greetings

I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools

Gringo

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.