[Faithsa]

My pc keeps randomly rebooting itself. It's done it several times this evening and a couple times the last couple days. I did a malware scan and deleted all the pup. files. I wasn't sure what to do with the PUM. files (3) but they are in the quarantine list. Ran the scan again and it showed no infections. And then it rebooted itself randomly again. Help?? Also I'm getting the message in the pic upon start up and have no clue why.



Thanks,
Sabrina

[Advertisements]

Hi and welcome back to Geeks to Go.

If you have anything iTunes related presently installed, follow the advice here and let myself know the outcome. In the event you do not have anything iTunes related installed merely inform myself and we will investigate further, thank you.

[Dakeyras]

Hi and welcome back to Geeks to Go.

If you have anything iTunes related presently installed, follow the advice here and let myself know the outcome. In the event you do not have anything iTunes related installed merely inform myself and we will investigate further, thank you.

[Faithsa]

I actually reinstalled iTunes last night because it wasn't working and my iPod wigged put so the error msg went away but it still rebooted itself once after that.?

[Dakeyras]

Hi.

I actually reinstalled iTunes last night because it wasn't working and my iPod wigged put so the error msg went away

Fair play.

it still rebooted itself once after that.?

Has your machine rebooted again unexpectantly since ?

[Faithsa]

I turned it off last night when I was done and have kept it off most of the time since I posted because it at one point went into a cycle of reboot and while it was rebooting, rebooted again. It happened 3-4 times so I shut it down so it hopefully wouldn't get stuck. I've had it on for about an hour now and it hasn't yet but I've also not been doing anything on it.

[Dakeyras]

Hi.

I turned it off last night when I was done and have kept it off most of the time since I posted because it at one point went into a cycle of reboot and while it was rebooting, rebooted again. It happened 3-4 times so I shut it down so it hopefully wouldn't get stuck.

Acknowledged.

I've had it on for about an hour now and it hasn't yet but I've also not been doing anything on it.

OK by all means do use your machine and in the event the same problem occurs again merely carry out the below for myself and we will then go from there, thank you.

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 32-Bit to your Desktop.

• Double-click on FRST.exe to start FRST >> follow the prompt/click on Yes
• Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
• Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
• At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
• There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.

[Dakeyras]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

[Dakeyras]

Topic re-opened per OP's request...

[Faithsa]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-03-2014
Ran by Owner at 2014-03-01 15:13:38
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

3 Days - Amulet Secret (HKLM\...\BFG-3 Days - Amulet Secret) (Version: - )
3 Days: Zoo Mystery (HKLM\...\BFG-3 Days - Zoo Mystery) (Version: - )
Adobe Acrobat 6.0 Professional (HKLM\...\{AC76BA86-1033-0000-7760-000000000001}) (Version:

006.000.000 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 9.0.45.0 - Adobe Systems

Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 -

Adobe Systems Incorporated)
Adventure Chronicles: The Search for Lost Treasure (HKLM\...\BFG-Adventure Chronicles - The

Search for Lost Treasure) (Version: - )
Alice's Magical Mahjong (HKLM\...\BFG-Alice's Magical Mahjong) (Version: - )
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services

LLC)
AntiLogger SDK version 1.6.6.247 (HKLM\...\{4D46DE30-49FE-4043-99F7-D7E8C06175E0}_is1) (Version:

1.6.6.247 - Zemana Ltd.)
Apple Application Support (HKLM\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple

Inc.)
Apple Mobile Device Support (HKLM\...\{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}) (Version: 7.1.0.32

- Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 -

Apple Inc.)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
AVSDK5 (Version: 5.2.9 - Authentium, Inc) Hidden
Be Richest! (HKLM\...\BFG-Be Richest!) (Version: - )
Be Richest! Strategy Guide (HKLM\...\BFG-Be Richest! Strategy Guide) (Version: - )
Big Fish Games: Game Manager (HKLM\...\BFGC) (Version: 3.0.1.60 - )
Bob the Builder - Can Do Zoo (HKLM\...\BFG-Bob the Builder - Can Do Zoo) (Version: - )
Bob the Builder: Can Do Carnival (HKLM\...\BFG-Bob the Builder - Can Do Carnival) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brain Training for Dummies (HKLM\...\BFG-Brain Training for Dummies) (Version: - )
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - )
Canon MP560 series MP Drivers

(HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - )
Canon MP560 series User Registration (HKLM\...\Canon MP560 series User Registration) (Version: -

)
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
CardRecovery 6.10 (HKLM\...\{88D68A69-D247-466B-90DD-575F6BE16230}_is1) (Version: - WinRecovery

Software)
Cars2_MissionImpossible_Screensaver (HKLM\...\Cars2_MissionImpossible_Screensaver) (Version: - )
Christmas Stories: Nutcracker Collector's Edition (HKLM\...\BFG-Christmas Stories - Nutcracker

Collector's Edition) (Version: - )
Christmas Tales: Fellina's Journey (HKLM\...\BFG-Christmas Tales - Fellina's Journey) (Version:

- )
Christmas Wonderland (HKLM\...\BFG-Christmas Wonderland) (Version: - )
Christmas Wonderland 2 (HKLM\...\BFG-Christmas Wonderland 2) (Version: - )
Christmasville (HKLM\...\BFG-Christmasville) (Version: - )
Civilization III (HKLM\...\InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}) (Version:

1.00.0000 - 2K Games)
Civilization III (Version: 1.00.0000 - 2K Games) Hidden
Clutter (HKLM\...\BFG-Clutter) (Version: - )
Clutter II: He Said, She Said (HKLM\...\BFG-Clutter II - He Said She Said) (Version: - )
Constant Guard Protection Suite (HKLM\...\ID Vault) (Version: 1.13.820.2 - Comcast)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 -

Coupons.com Incorporated) <==== ATTENTION
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D9CCC2EB-F15B-4459-838D-09DE0B

D5754F}) (Version: - Microsoft)
Dell Printer Software (HKLM\...\{105F3CE5-FE55-408E-BF30-E78F85BA0B12}) (Version: 1.00.000 - Dell

Inc.)
Diego Dinosaur Rescue (HKLM\...\BFG-Diego Dinosaur Rescue) (Version: - )
Diego`s Dinosaur Adventure (HKLM\...\BFG-Diego`s Dinosaur Adventure) (Version: - )
Diego`s Safari Adventure (HKLM\...\BFG-Diego`s Safari Adventure) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
Elevated Installer (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FairPoint DSL Security Improvement Upgrade (HKLM\...\FairPoint DSL Security Improvement

Upgrade_is1) (Version: - FairPoint)
Family Feud: Battle of the Sexes (HKLM\...\BFG-Family Feud - Battle of the Sexes) (Version: - )
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Gardenscapes: Mansion Makeover™ (HKLM\...\BFG-Gardenscapes - Mansion Makeover) (Version: - )
Garmin Express (HKLM\...\{6f60b921-2ae3-43fe-a6fb-ad849bd91451}) (Version: 2.3.16.0 - Garmin Ltd

or its subsidiaries)
Garmin Express (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
Go Diego Go Ultimate Rescue League (HKLM\...\BFG-Go Diego Go Ultimate Rescue League) (Version: -

)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
I SPY: Treasure Hunt (HKLM\...\BFG-I SPY - Treasure Hunt) (Version: - )
I SPY™ Fun House (HKLM\...\BFG-I SPY™ Fun House) (Version: - )
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.20001.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 0.0.0.0000 - Intel

Corporation)
Intel® Network Connections 15.3.68.0 (HKLM\...\{D5558268-0050-4B95-AD5E-426960E1EFE1})

(Version: 15.3.68.0 - Intel)
iTunes (HKLM\...\{C4780F70-8F21-4F0C-95FE-32FF3E2F9247}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: - )
LeapFrog Connect (HKLM\...\UPCShell) (Version: 5.2.4.18506 - LeapFrog)
LeapFrog Connect (Version: 5.2.4.18506 - LeapFrog) Hidden
LeapFrog LeapPad Explorer Plugin (Version: 5.2.1.18456 - LeapFrog) Hidden
LeapFrog MyOwnStoryTimePad Plugin (Version: 5.1.26.18340 - LeapFrog) Hidden
LeapFrog Tag Junior Plugin (Version: 5.1.26.18340 - LeapFrog) Hidden
Lightning Storm (HKLM\...\{B2B7CAD5-6032-416A-9049-1E9C2721CBF6}) (Version: 1.0.2 - W3i, LLC)
Living Marine Aquarium 2 Animated Wallpaper (HKLM\...\{3B8811DB-64BA-4F9A-8E0F-481D5583F1E5})

(Version: 1.0.0 - W3i, LLC)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Macromedia Flash Player 8 (HKLM\...\{6815FCDD-401D-481E-BA88-31B4754C2B46}) (Version: 8.0.22.0 -

Macromedia)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version:

1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 1 (HKLM\...\{B508B3F1-A24A-32C0-B310-85786919EF28})

(Version: 2.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 1 (HKLM\...\{2BA00471-0328-3743-93BD-FA813353A783})

(Version: 3.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile)

(Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 -

Microsoft Corporation)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version: - Microsoft Corporation)

Hidden
Microsoft Office 2010 Service Pack 1 (SP1)

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA1

09EDDE}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)

Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft

Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)

Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)

Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)

Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)

Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)

Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)

Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 -

Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)

Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)

Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft

Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 -

Microsoft Corporation)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000 - Microsoft

Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft

Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2})

(Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

(HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

(HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

(HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft

Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

(HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft

Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

(HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Monopoly &reg; (HKLM\...\BFG-Monopoly) (Version: - )
Mozilla Firefox 26.0 (x86 en-US) (HKLM\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 -

Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
NewFreeScreensaver nfsFirePlace3D (HKLM\...\Fire Place 3D New Free Screensaver_is1) (Version: -

)
NewFreeScreensaver nfsUnderWater18 (HKLM\...\Under Water 18 New Free Screensaver_is1) (Version:

- )
Nick Jr. Bingo (HKLM\...\BFG-Nick Jr. Bingo) (Version: - )
OpenOffice 4.0.1 (HKLM\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache

Software Foundation)
PandoraRecovery (Remove Only) (HKLM\...\PandoraRecovery) (Version: - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Railroad Tycoon 3 (HKLM\...\{DE29025A-091F-4998-AD2D-24C84421190F}) (Version: 1.0 - )
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rhapsody Cloud Sync (HKLM\...\com.Rhapsody.RhapsodyCloudSync) (Version: 1.2.15 - Rhapsody

International Inc)
Rhapsody Cloud Sync (Version: 1.2.15 - Rhapsody International Inc) Hidden
Risk™ (HKLM\...\BFG-Risk) (Version: - )
SanDiskSecureAccess_Manager.exe (HKCU\...\@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe)

(Version: 1.1.19755 - Gemalto N.V.)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Sid Meier's Civilization 4 Complete (HKLM\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version:

1.74 - Firaxis Games)
Sid Meier's Civilization IV Colonization (HKLM\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0})

(Version: 1.00 - Firaxis Games)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 -

Skype Technologies S.A.)
Skype™ 6.13 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype

Technologies S.A.)
Stamps.com (HKLM\...\Stamps.com) (Version: - Stamps.com, Inc.)
Stamps.com (Version: 10.1.0.2427 - Stamps.com, Inc.) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM\...\{F7FC9307-374E-4017-8E9D-DE1154780480}) (Version:

4.1.66.0 - Husdawg, LLC)
Tales of Lagoona: Orphans of the Ocean (HKLM\...\BFG-Tales of Lagoona - Orphans of the Ocean)

(Version: - )
The Game of Life &reg; (HKLM\...\BFG-The Game of Life) (Version: - )
The Price is Right 2010 (HKLM\...\BFG-The Price is Right 2010) (Version: - )
TopArcadeHits (HKCU\...\{C1C3E833-420E-4D78-9BA7-86AEBB272384}) (Version: - TopArcadeHits)
Treasure Seekers: The Time Has Come (HKLM\...\BFG-Treasure Seekers - The Time Has Come) (Version:

- )
Ultimate Dominoes (HKLM\...\BFG-Ultimate Dominoes) (Version: - )
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211)

(HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211) (Version: 1 - Microsoft Corporation)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3D1F379C-AA64-4823-90A4-A8DDD4

B48C21}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065)

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258

D2B3F8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092)

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E523

85A21F}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{48E1B6C2-7299-4F3F-AA63-42F0AC

E55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

(HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{17E7B9AB-2DD2-457D-8D8E-CD14AC

A973FE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

(HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{15058154-469F-4794-ACD5-94F842

0F9B80}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

(HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{995A7832-B512-46D5-87C9-2D71FB

541435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C8694FF0-8203-483B-A07A-2BC404

33167D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

(HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{73E67A3A-8D61-44EF-90C2-1697C3

DBE668}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{28FAC187-7C0E-413A-B90A-76F19D

0FBF30}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{147E3669-1EA6-454C-B53E-A2BE51

D8E520}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458)

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401B

C87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AF

FB9FA6}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BEBC2484-290C-46AD-9834-6DAD1F

A80273}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

(HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{9865DC3A-2898-48D9-B96A-463975

71C934}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{29E94638-D92F-4C40-BDA1-FEDCC9

2F478D}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector (KB2583935)

(HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EDF9874C-9E37-4110-9FC3-094247

E114DF}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector (KB2583935)

(HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{64FDCC43-8AD0-46F0-BF53-0CC27D

816202}) (Version: - Microsoft)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft

Corporation)
Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft

Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)

(HKLM\...\LeapPadExplorerPlugin) (Version: - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog MyOwnStoryTimePad Plugin)

(HKLM\...\MyOwnStoryTimePadPlugin) (Version: 5.1.26.18340 - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)

(HKLM\...\TagJuniorPlugin) (Version: - LeapFrog)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WeatherBug (HKLM\...\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}) (Version: 7.0.0.11 - Earth Networks,

Inc.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Where's Waldo: The Fantastic Journey (HKLM\...\BFG-Where's Waldo - The Fantastic Journey)

(Version: - )
WhiteSmoke New V.13 Toolbar for IE (HKLM\...\IECT3317127) (Version: 6.17.0.33 - WhiteSmoke New

V.13)
Winbond Desktop SI/O with Consumer IR support (HKLM\...\{B5336D19-B526-47CC-8F56-67DF30FECC70})

(Version: 7.65.1006 - Winbond Electronics Corporation)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)

(HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

(HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft

Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version:

5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version:

14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Winter Train 3D Screensaver 1.2.0 (HKLM\...\Winter Train 3D Screensaver_is1) (Version: -

3DSignal)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
Yahoo! Detect (HKLM\...\YTdetect) (Version: - )

==================== Restore Points =========================

02-12-2013 00:42:11 System Checkpoint
03-12-2013 04:01:07 System Checkpoint
04-12-2013 06:16:55 System Checkpoint
05-12-2013 06:27:00 System Checkpoint
06-12-2013 08:26:30 System Checkpoint
07-12-2013 10:25:33 System Checkpoint
08-12-2013 12:12:26 System Checkpoint
09-12-2013 14:21:52 System Checkpoint
10-12-2013 16:08:51 System Checkpoint
11-12-2013 16:10:08 System Checkpoint
12-12-2013 16:20:33 System Checkpoint
13-12-2013 16:51:03 System Checkpoint
14-12-2013 18:32:50 System Checkpoint
15-12-2013 22:01:11 System Checkpoint
16-12-2013 23:14:52 System Checkpoint
17-12-2013 23:40:14 System Checkpoint
19-12-2013 01:11:20 System Checkpoint
20-12-2013 02:59:26 System Checkpoint
21-12-2013 04:35:18 System Checkpoint
23-12-2013 14:41:01 System Checkpoint
24-12-2013 16:28:40 System Checkpoint
25-12-2013 16:37:31 System Checkpoint
29-12-2013 14:26:43 System Checkpoint
30-12-2013 15:56:55 System Checkpoint
31-12-2013 16:06:30 System Checkpoint
01-01-2014 18:06:30 System Checkpoint
02-01-2014 20:28:17 System Checkpoint
03-01-2014 21:54:30 System Checkpoint
04-01-2014 22:06:31 System Checkpoint
06-01-2014 01:40:32 System Checkpoint
07-01-2014 02:07:33 System Checkpoint
08-01-2014 02:23:15 System Checkpoint
09-01-2014 03:55:45 System Checkpoint
10-01-2014 04:06:39 System Checkpoint
11-01-2014 04:30:01 System Checkpoint
12-01-2014 05:54:39 System Checkpoint
13-01-2014 07:18:27 System Checkpoint
14-01-2014 15:45:01 System Checkpoint
15-01-2014 18:45:39 System Checkpoint
16-01-2014 18:47:14 System Checkpoint
17-01-2014 18:52:15 System Checkpoint
18-01-2014 20:51:44 System Checkpoint
19-01-2014 20:54:22 System Checkpoint
20-01-2014 22:39:47 System Checkpoint
21-01-2014 23:21:18 System Checkpoint
22-01-2014 15:22:06 Removed Java 7 Update 45
22-01-2014 15:22:42 Installed Java 7 Update 51
23-01-2014 17:04:00 System Checkpoint
24-01-2014 17:05:06 System Checkpoint
25-01-2014 14:53:45 OTL Restore Point - 1/25/2014 9:53:41 AM
26-01-2014 15:53:46 System Checkpoint
27-01-2014 19:37:50 System Checkpoint
28-01-2014 22:14:08 System Checkpoint
30-01-2014 00:42:18 System Checkpoint
31-01-2014 01:31:28 System Checkpoint
31-01-2014 14:34:29 OTL Restore Point - 1/31/2014 9:34:24 AM
01-02-2014 15:51:43 System Checkpoint
02-02-2014 16:05:26 System Checkpoint
03-02-2014 16:50:35 System Checkpoint
04-02-2014 16:57:46 System Checkpoint
05-02-2014 22:14:40 System Checkpoint
07-02-2014 00:56:20 System Checkpoint
08-02-2014 01:51:49 System Checkpoint
08-02-2014 02:17:24 avast! antivirus system restore point
09-02-2014 03:31:18 System Checkpoint
10-02-2014 03:42:33 System Checkpoint
11-02-2014 05:33:43 System Checkpoint
12-02-2014 05:43:17 System Checkpoint
13-02-2014 07:43:16 System Checkpoint
14-02-2014 09:23:30 System Checkpoint
15-02-2014 11:19:00 System Checkpoint
17-02-2014 19:00:36 System Checkpoint
18-02-2014 20:00:47 System Checkpoint
19-02-2014 21:21:39 System Checkpoint
21-02-2014 23:31:15 System Checkpoint
24-02-2014 03:56:48 Installed iTunes
25-02-2014 04:36:11 System Checkpoint
26-02-2014 05:45:31 System Checkpoint
27-02-2014 07:45:29 System Checkpoint
28-02-2014 07:57:29 System Checkpoint
01-03-2014 16:47:22 System Checkpoint

==================== Hosts content: ==========================

2008-04-14 07:00 - 2013-10-30 11:05 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>

C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software

Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST

Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program

Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program

Files\Google\Update\GoogleUpdate.exe
Task:

C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1482476501-412668190-1417001333-1003.job

=> C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task:

C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1482476501-412668190-1417001333-1003.

job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1482476501-412668190-1417001333-1003.job =>

C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1482476501-412668190-1417001333-1003.job

=> C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Loaded Modules (whitelisted) =============

2014-03-01 14:50 - 2014-03-01 13:29 - 02186240 _____ () C:\Program Files\AVAST

Software\Avast\defs\14030102\algo.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files\Common Files\Microsoft

Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft

Office\Office14\1033\GrooveIntlResource.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple

Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple

Application Support\libxml2.dll
2010-07-27 09:34 - 2009-02-10 02:01 - 00116104 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program

Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-11-17 09:18 - 2013-11-17 09:18 - 19336120 _____ () C:\Program Files\AVAST

Software\Avast\libcef.dll
2012-02-14 18:05 - 2012-02-14 18:37 - 11796096 _____ () C:\Documents and

Settings\Owner\Application Data\SanDisk\My Vaults\dmBackup.dll
2014-02-21 18:01 - 2014-02-19 20:02 - 00051016 _____ () C:\Program

Files\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2008-04-14 07:00 - 2008-04-14 07:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 07:00 - 2008-04-14 07:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2008-04-14 07:00 - 2010-02-05 13:27 - 01291776 _____ () C:\WINDOWS\system32\quartz.dll
2014-03-01 15:09 - 2014-03-01 15:09 - 00041984 _____ () C:\Documents and Settings\Owner\Local

Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprv2kyk.dll
2013-10-18 18:55 - 2013-10-18 18:55 - 25100288 _____ () C:\Documents and

Settings\Owner\Application Data\Dropbox\bin\libcef.dll
2014-02-21 18:01 - 2014-02-19 20:03 - 04060488 _____ () C:\Program

Files\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-21 18:01 - 2014-02-19 20:03 - 00394568 _____ () C:\Program

Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-21 18:01 - 2014-02-19 20:02 - 01647432 _____ () C:\Program

Files\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-21 18:01 - 2014-02-19 20:03 - 13632840 _____ () C:\Program

Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
2014-01-13 09:25 - 2014-01-13 09:25 - 04591616 _____ () C:\Documents and Settings\Owner\Local

Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll
2014-01-13 09:25 - 2014-01-13 09:25 - 00112128 _____ () C:\Documents and Settings\Owner\Local

Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat

Assistant.lnk => C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Owner^Start

Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\WINDOWS\pss\OpenOffice.org 3.2.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application

Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DLPSP => "C:\Program Files\Dell Printers\Additional Color Laser

Software\Status Monitor\DLPSP.EXE"
MSCONFIG\startupreg: DLQLU => "C:\Program Files\Dell Printers\Additional Color Laser

Software\Launcher\DLQLU.EXE" /S
MSCONFIG\startupreg: DLUPDR => "C:\Program Files\Dell Printers\Additional Color Laser

Software\Updater\DLUPDR.EXE"
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: HotKeysCmds => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Monitor => "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: My Web Search Bar Search Scope Monitor =>

"C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
MSCONFIG\startupreg: MyWebSearch Email Plugin => C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft

Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: Persistence => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java

Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"

-osboot
MSCONFIG\startupreg: VideoDownloadConverter Search Scope Monitor =>

"C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: VideoDownloadConverter_4z Browser Plugin Loader =>

C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate

Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the

Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2014 09:08:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24455610

Error: (03/01/2014 09:08:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24455610

Error: (03/01/2014 09:08:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/21/2014 05:46:44 PM) (Source: Microsoft Office 14) (User: )
Description: Microsoft Outlook: Accepted Safe Mode action : Outlook has detected a problem with

the existing NormalEmail.dotm. Would you like to create a new NormalEmail.dotm?.
Accepted Safe Mode action : Microsoft Outlook.

Error: (02/04/2014 00:30:17 PM) (Source: MsiInstaller) (User: OWNER-5F64AFAA0)
Description: Product: Apple Mobile Device Support -- Error 1920. Service 'Apple Mobile Device'

(Apple Mobile Device) failed to start. Verify that you have sufficient privileges to start

system services.

Error: (02/04/2014 00:18:20 PM) (Source: MsiInstaller) (User: OWNER-5F64AFAA0)
Description: Product: Apple Mobile Device Support -- Error 1920. Service 'Apple Mobile Device'

(Apple Mobile Device) failed to start. Verify that you have sufficient privileges to start

system services.

Error: (01/22/2014 10:15:22 AM) (Source: Garmin Core Update Service) (User: )
Description: Service cannot be started. The service process could not connect to the service

controller

Error: (01/14/2014 09:32:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30772203

Error: (01/14/2014 09:32:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30772203

Error: (01/14/2014 09:32:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/01/2014 09:45:51 AM) (Source: Print) (User: OWNER-5F64AFAA0)
Description: The document Wrap Your Baby - Front Wrap Cross Carry owned by Owner failed to print

on printer Canon MP560 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes:

31097844. Number of bytes printed: 15822424. Total number of pages in the document: 5. Number of

pages printed: 0. Client machine: \\OWNER-5F64AFAA0. Win32 error code returned by the print

processor: Wrap Your Baby - Front Wrap Cross Carry0. Wrap Your Baby - Front Wrap Cross Carry1

Error: (03/01/2014 09:41:17 AM) (Source: Print) (User: OWNER-5F64AFAA0)
Description: The document Wrap Your Baby - Front Wrap Cross Carry owned by Owner failed to print

on printer Canon MP560 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes:

31916032. Number of bytes printed: 15822520. Total number of pages in the document: 5. Number of

pages printed: 0. Client machine: \\OWNER-5F64AFAA0. Win32 error code returned by the print

processor: Wrap Your Baby - Front Wrap Cross Carry0. Wrap Your Baby - Front Wrap Cross Carry1

Error: (02/19/2014 09:33:25 PM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific

error 2147500037 (0x80004005).

Error: (02/19/2014 08:27:42 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (02/19/2014 08:27:38 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (02/19/2014 08:27:34 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (02/19/2014 08:27:31 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (02/19/2014 08:27:26 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (02/19/2014 08:27:26 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (02/19/2014 08:08:25 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D


Microsoft Office Sessions:
=========================
Error: (03/01/2014 09:08:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 24455610

Error: (03/01/2014 09:08:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 24455610

Error: (03/01/2014 09:08:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/21/2014 05:46:44 PM) (Source: Microsoft Office 14)(User: )
Description: Microsoft OutlookOutlook has detected a problem with the existing NormalEmail.dotm.

Would you like to create a new NormalEmail.dotm?

Error: (02/04/2014 00:30:17 PM) (Source: MsiInstaller)(User: OWNER-5F64AFAA0)
Description: Product: Apple Mobile Device Support -- Error 1920. Service 'Apple Mobile Device'

(Apple Mobile Device) failed to start. Verify that you have sufficient privileges to start

system services.(NULL)(NULL)(NULL)

Error: (02/04/2014 00:18:20 PM) (Source: MsiInstaller)(User: OWNER-5F64AFAA0)
Description: Product: Apple Mobile Device Support -- Error 1920. Service 'Apple Mobile Device'

(Apple Mobile Device) failed to start. Verify that you have sufficient privileges to start

system services.(NULL)(NULL)(NULL)

Error: (01/22/2014 10:15:22 AM) (Source: Garmin Core Update Service)(User: )
Description: Service cannot be started. The service process could not connect to the service

controller

Error: (01/14/2014 09:32:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30772203

Error: (01/14/2014 09:32:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30772203

Error: (01/14/2014 09:32:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info ===========================

Percentage of memory in use: 82%
Total physical RAM: 2284.54 MB
Available physical RAM: 408 MB
Total Pagefile: 4414.18 MB
Available Pagefile: 2390.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.5 GB) (Free:730.8 GB) NTFS ==>[Drive with boot components (Windows

XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: B12F98FC)

Partition: GPT Partition Type.

==================== End Of Log ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-03-2014
Ran by Owner (administrator) on OWNER-5F64AFAA0 on 01-03-2014 15:12:43
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version:

http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version:

http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device

Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status

Monitor\DLSDBNT.EXE
(Microsoft Corporation) c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update

Service\Garmin.Cartography.MapUpdate.CoreService.exe
() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Authentium, Inc) C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
(Dell Inc.) C:\Program Files\Dell Printers\Additional Color Laser Software\Status

Monitor\DLPWDNT.EXE
(Authentium, Inc) C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
(Authentium, Inc) C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
(White Sky, Inc.) C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(RealNetworks, Inc.) C:\program files\real\realplayer\update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Gemalto N.V.) C:\Documents and Settings\Owner\Application

Data\SanDisk\SanDiskSecureAccess_Manager.exe
(AWS Convergence Technologies, Inc.) C:\Program Files\AWS\WeatherBug\Weather.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(FileHippo.com) C:\Program Files\FileHippo.com\UpdateChecker.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
(Dropbox, Inc.) C:\Documents and Settings\Owner\Application Data\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application

Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple

Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904

2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] - C:\program files\real\realplayer\update\realsched.exe [295512

2013-11-15] (RealNetworks, Inc.)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096

2014-02-07] (AVAST Software)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31]

(Logitech, Inc.)
HKLM\...\Run: [Monitor] - C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [106496

2013-11-27] (LeapFrog Enterprises, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe

[254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-06]

(Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech,

Inc.)
HKU\.DEFAULT\...\Run: [SearchProtect] - C:\WINDOWS\system32\config\systemprofile\Application

Data\SearchProtect\bin\cltmng.exe
HKU\S-1-5-21-1482476501-412668190-1417001333-1003\...\Run: [SanDiskSecureAccess_Manager.exe] -

C:\Documents and Settings\Owner\Application Data\SanDisk\SanDiskSecureAccess_Manager.exe

[30705792 2012-12-23] (Gemalto N.V.)
HKU\S-1-5-21-1482476501-412668190-1417001333-1003\...\Run: [Weather] - C:\Program

Files\AWS\WeatherBug\Weather.exe [1653760 2012-11-20] (AWS Convergence Technologies, Inc.)
HKU\S-1-5-21-1482476501-412668190-1417001333-1003\...\Run:

[E2A6CA641BD771C06D3776C293639FEB79099F12._service_run] - C:\Program

Files\Google\Chrome\Application\chrome.exe [859464 2014-02-19] (Google Inc.)
HKU\S-1-5-21-1482476501-412668190-1417001333-1003\...\Run: [FileHippo.com] - C:\Program

Files\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-1482476501-412668190-1417001333-1003\...\Run: [msnmsgr] - C:\Program Files\Windows

Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-1482476501-412668190-1417001333-1003\...\Run: [GarminExpressTrayApp] - C:\Program

Files\Garmin\Express Tray\ExpressTray.exe [1095000 2013-11-08] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1482476501-412668190-1417001333-1003\...\Run: [Skype] - C:\Program

Files\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

(Adobe Systems Inc.)
Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Owner\Application

Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =

http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =

0xB4433B2FDBDDCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {B156CE15-8648-4CE0-8E98-2A424CE71429} URL =

http://us.yhs.search...web_chrome_us

={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -

{3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program

Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program

Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST

Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program

Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program

Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program

Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program

Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program

Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program

Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program

Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} -

C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll

(Microsoft Corporation)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program

Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {DD662A0C-12FE-4B38-BA53-247F7EC82F46} - No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program

Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}

http://update.micros...ab?127948511001

5
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}

http://download.eset...lineScanner.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

http://java.sun.com/...indows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F}

http://content.syste...el_4.1.66.0.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows

Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows

Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program

Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common

Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Application

Data\Mozilla\Firefox\Profiles\0zyzye2a.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google

Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program

Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program

Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft

Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

(Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

(Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program

files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All

Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

(RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All

Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

(RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All

Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

(RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program

files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All

Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program

Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program

Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe

Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3

Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll (Catalina

Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe

Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll

(RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple

Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple

Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple

Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple

Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple

Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

(RealPlayer)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
FF Extension: foof - C:\Documents and Settings\Owner\Application

Data\Mozilla\Firefox\Profiles\0zyzye2a.default\Extensions\[email protected] [2010-09-28]
FF Extension: XFINITY Constant Guard Protection Suite - C:\Documents and

Settings\Owner\Application

Data\Mozilla\Firefox\Profiles\0zyzye2a.default\Extensions\[email protected] [2013-11-13]
FF Extension: Garmin Communicator - C:\Documents and Settings\Owner\Application

Data\Mozilla\Firefox\Profiles\0zyzye2a.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

[2013-11-22]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Documents and Settings\Owner\Application

Data\Mozilla\Firefox\Profiles\0zyzye2a.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.

xpi [2013-01-04]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla

Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-22]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla

Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-22]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program

Files\AVG\AVG10\Toolbar\Firefox\[email protected]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and

Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-15]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and

Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

[2013-11-17]

Chrome:
=======
CHR HomePage: https://mail.google....0/?shva=1#inbox
CHR Plugin: (Shockwave Flash) - C:\Program

Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program

Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program

Files\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No

File
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program

Files\Mozilla Firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla

Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla

Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla

Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

(Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

(Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

(Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

(Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

(Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

No File
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla

Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft

Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media

Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft

Corporation)
CHR Plugin: (RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) ) -

C:\Documents and Settings\All Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

(RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and

Settings\All Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

(RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) -

C:\Documents and Settings\All Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

(RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\Documents and Settings\All Users\Application

Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (npAPI Plugin) - C:\Documents and Settings\Owner\Local Settings\Application

Data\TNT2\2.0.0.1378\npTNT2.dll No File
CHR Plugin: (npAPI Ghost Plugin) - C:\Documents and Settings\Owner\Local Settings\Application

Data\TNT2\2.0.0.1378\npTNT2ghost.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft

Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft

Corporation)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files\Amazon\MP3

Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

(Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No

File
CHR Plugin: (Java™ Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

(Oracle Corporation)
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll No

File
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program

Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll No

File
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\WINDOWS\system32\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

No File
CHR Extension: (Google Docs) - C:\Documents and Settings\Owner\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-12]
CHR Extension: (Google Drive) - C:\Documents and Settings\Owner\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-12]
CHR Extension: (YouTube) - C:\Documents and Settings\Owner\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-12]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\Owner\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-11]
CHR Extension: (Google Search) - C:\Documents and Settings\Owner\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-12]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Owner\Local

Settings\Application Data\Google\Chrome\User

Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-17]
CHR Extension: (JavaScript Popup Blocker) - C:\Documents and Settings\Owner\Local

Settings\Application Data\Google\Chrome\User

Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol [2013-07-25]
CHR Extension: (RealDownloader) - C:\Documents and Settings\Owner\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-01-12]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Owner\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-27]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Owner\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-18]
CHR Extension: (Gmail) - C:\Documents and Settings\Owner\Local Settings\Application

Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-12]
CHR HKLM\...\Chrome\Extension: [ghpojlibcpogojejobfihneicgooekmg] - C:\Documents and

Settings\Owner\Local Settings\Application Data\TidyNetwork.com\tidy.crx [2013-01-12]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST

Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-17]
CHR HKLM\...\Chrome\Extension: [hgeaklkciolgbejekedbdphhbjbiaamp] - C:\Documents and

Settings\Owner\Local Settings\Application Data\CRE\hgeaklkciolgbejekedbdphhbjbiaamp.crx

[2013-11-17]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All

Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

[2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program

Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKCU\...\Chrome\Extension: [hgeaklkciolgbejekedbdphhbjbiaamp] - C:\Documents and

Settings\Owner\Local Settings\Application Data\CRE\hgeaklkciolgbejekedbdphhbjbiaamp.crx

[2013-10-09]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-07] (AVAST

Software)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update

Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-11-08] (Garmin Ltd or its

subsidiaries)
R2 IDVaultSvc; C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe [40512 2013-08-20]

(White Sky, Inc.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-01-22] (Oracle

Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [227232

2010-01-15] (McAfee, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program

Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 vseamps; C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [117288 2010-04-08]

(Authentium, Inc)
R2 vsedsps; C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [117288 2010-04-08]

(Authentium, Inc)
R2 vseqrts; C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [154152 2010-04-08]

(Authentium, Inc)

==================== Drivers (Whitelisted) ====================

S3 ADM8511; C:\WINDOWS\System32\DRIVERS\NET8511.SYS [24424 2001-04-09] (ADMtek)
R1 AntiLog32; C:\WINDOWS\system32\drivers\AntiLog32.sys [80104 2013-09-17] (Zemana Ltd.)
R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-07] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-02-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2013-11-17] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-02-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-02-07] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-02-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-01-12] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] ()
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG)
S3 FlyUsb; C:\WINDOWS\System32\DRIVERS\FlyUsb.sys [18560 2011-08-05] (LeapFrog)
S3 jbridgep; C:\Documents and Settings\Owner\Local Settings\Temp\jbridgep.sys [15872 2008-06-20]

()
R3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt32.sys [24520 2013-07-24] (Zemana Ltd.)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2013-05-23] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2013-05-23] (Logitech, Inc.)
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28312 2013-05-23] (Logitech, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1550613 2009-03-12] (IDT, Inc.)
S3 AVGIDSShim; system32\DRIVERS\AVGIDSShim.Sys [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL;

========================== Drivers MD5 =======================

C:\WINDOWS\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\WINDOWS\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\WINDOWS\System32\DRIVERS\NET8511.SYS D3FD36C3DAB82CD4C85A4BD9A6538A6B
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\system32\drivers\AntiLog32.sys 24FEFE259CB4C645DE39AA5EFA1E9DBF
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\system32\Drivers\aswKbd.sys E2FEE0486D68BF85355D3EDA1A24FF68
C:\WINDOWS\system32\drivers\aswMonFlt.sys 7021F01CCAC1538CCF9AE004723AF033
C:\WINDOWS\system32\drivers\aswRdr.sys 98C18C78B0C3E7EFBDDA7BD0C35F5903
C:\WINDOWS\system32\Drivers\aswRvrt.sys F385467DF95D0A73775CB3B076B8B969
C:\WINDOWS\system32\drivers\aswSnx.sys 8CD8710457FCC1CDE88CBFA3AA119B92
C:\WINDOWS\system32\drivers\aswSP.sys C1F95C9481F46B96E23A276639C55AC9
C:\WINDOWS\system32\drivers\aswTdi.sys E6390554DCB2A730702188547267093C
C:\WINDOWS\system32\Drivers\aswVmm.sys 1B0662514A68C3A42E60D240C5ABEF28
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys FDC06E2ADA8C468EBB161624E03976CF
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\Program Files\SystemRequirementsLab\cpudrv.sys D01F685F8B4598D144B0CCE9FF95D8D5
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\WINDOWS\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\System32\DRIVERS\e1e5132.sys 6DE32A9123EF60F9D423E9163AF0E305
C:\WINDOWS\System32\Drivers\ElbyCDIO.sys 44996A2ADDD2DB7454F2CA40B67D8941
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\WINDOWS\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\System32\DRIVERS\FlyUsb.sys 8EFA9BFC940D9EB9348D9DAFB839FE25
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\system32\Drivers\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\WINDOWS\System32\DRIVERS\igxpmp32.sys C5DB546F9028CD00E64335091860D8F3
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\Documents and Settings\Owner\Local Settings\Temp\jbridgep.sys 5012F080FCCF701E2CD6B045AC7814D9
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\WINDOWS\System32\DRIVERS\kbdhid.sys 9EF487A186DEA361AA06913A75B3FA99
C:\WINDOWS\System32\DRIVERS\KeyCrypt32.sys 58BB73856EC211AC5DDB9FC902D16C3D
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\System32\Drivers\LBeepKE.sys CF9F4EFDF34FA5BF96FA2AB8F2255CE8
C:\WINDOWS\System32\Drivers\LEqdUsb.Sys 59CED2543392EB10B2E8FEAE87A5D248
C:\WINDOWS\System32\Drivers\LHidEqd.Sys 26163F0F1C2636AE3FFF7C54600204A5
C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys 74EA099C3D9DAD3A657BD89ED4A81C6D
C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys E9D42CDD5BD22BE28247B77953735650
C:\WINDOWS\System32\Drivers\LUsbFilt.Sys 3A7A37B972E4F487C7D6963B53684710
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\WINDOWS\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\WINDOWS\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\drivers\MSTEE.sys D5059366B361F0E1124753447AF08AA2
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys AC31B352CE5E92704056D409834BEB74
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\NdisIP.sys ABD7629CF2796250F315C1DD0B6CF7A0
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 9282BD12DFB069D3889EB3FCC1000A9B
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\system32\Drivers\Parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\WINDOWS\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\WINDOWS\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\WINDOWS\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys FC105DD312ED64EB66BFF111E8EC6EAC
C:\WINDOWS\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\WINDOWS\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\SLIP.sys 1FFC44D6787EC1EA9A2B1440A90FA5C1
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\drivers\sthda.sys 228519217A88C2F6B0CF8C022E6D669C
C:\WINDOWS\System32\DRIVERS\StreamIP.sys A9F9FD0212E572B84EDB9EB661F6BC04
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\Drivers\usbaapl.sys 6E421CCC57059B0186C6259CA3B6DFC9
C:\WINDOWS\System32\drivers\usbaudio.sys E919708DB44ED8543A7C017953148330
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8
C:\WINDOWS\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\usbscan.sys A0B8CF9DEB1184FBDD20784A58FA75D4
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\Drivers\usbvideo.sys 63BBFCA7F390F4C49ED4B96BFB1633E0
C:\WINDOWS\System32\DRIVERS\VClone.sys 94D73B62E458FB56C9CE60AA96D914F9
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\Drivers\wdf01000.sys D918617B46457B9AC28027722E30F647
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS 233CDD1C06942115802EB7CE6669E099
C:\WINDOWS\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\WINDOWS\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-01 15:11 - 2014-03-01 15:12 - 00000000 ____D () C:\FRST
2014-02-23 23:02 - 2014-02-23 23:02 - 00001542 _____ () C:\Documents and Settings\All

Users\Desktop\iTunes.lnk
2014-02-23 23:02 - 2014-02-23 23:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start

Menu\Programs\iTunes
2014-02-23 23:01 - 2014-02-23 23:02 - 00000000 ____D () C:\Program Files\iTunes
2014-02-23 23:01 - 2014-02-23 23:02 - 00000000 ____D () C:\Documents and Settings\All

Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-23 23:01 - 2014-02-23 23:01 - 00000000 ____D () C:\Program Files\iPod
2014-02-19 19:05 - 2014-02-19 19:05 - 00001878 _____ () C:\Documents and Settings\All

Users\Desktop\Skype.lnk
2014-02-19 19:05 - 2014-02-19 19:05 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-19 19:05 - 2014-02-19 19:05 - 00000000 ____D () C:\Documents and Settings\Owner\Local

Settings\Application Data\Skype
2014-02-19 19:05 - 2014-02-19 19:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start

Menu\Programs\Skype
2014-02-04 22:58 - 2014-02-04 23:10 - 00000000 ____D () C:\Documents and Settings\Owner\My

Documents\2013 TAXES

==================== One Month Modified Files and Folders =======

2014-03-01 15:12 - 2014-03-01 15:11 - 00000000 ____D () C:\FRST
2014-03-01 15:09 - 2014-01-07 00:24 - 00000000 ___RD () C:\Documents and Settings\Owner\My

Documents\Dropbox
2014-03-01 15:09 - 2014-01-07 00:19 - 00000000 ____D () C:\Documents and

Settings\Owner\Application Data\Dropbox
2014-03-01 15:09 - 2010-08-15 14:30 - 00000000 ____D () C:\Documents and

Settings\Owner\Application Data\Skype
2014-03-01 15:08 - 2013-11-17 18:28 - 00000000 ____D () C:\Documents and Settings\Owner\Tracing
2014-03-01 15:08 - 2012-11-18 14:33 - 00000278 _____ ()

C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1482476501-412668190-1417001333-1003.job
2014-03-01 15:07 - 2013-12-01 19:14 - 00000278 _____ ()

C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1482476501-412668190-1417001333-1003.job
2014-03-01 15:07 - 2013-11-17 09:19 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency

Update.job
2014-03-01 15:07 - 2012-12-21 22:59 - 00000286 _____ ()

C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1482476501-412668190-1417001333-1003.

job
2014-03-01 15:07 - 2012-01-06 18:56 - 00000880 _____ ()

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-01 15:07 - 2010-07-18 14:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-01 15:07 - 2010-07-18 06:35 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-01 15:07 - 2010-07-18 06:35 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-03-01 15:07 - 2008-04-14 07:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-01 14:57 - 2012-01-06 18:56 - 00000884 _____ ()

C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-01 14:15 - 2013-12-11 03:27 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player

Updater.job
2014-03-01 11:33 - 2010-07-18 14:27 - 00032460 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-01 10:54 - 2013-01-07 01:14 - 00184910 _____ () C:\WINDOWS\setupapi.log
2014-03-01 09:38 - 2010-07-27 09:35 - 00000000 ____D () C:\Documents and Settings\All

Users\Application Data\CanonIJPLM
2014-02-28 22:53 - 2012-11-18 14:33 - 00000286 _____ ()

C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1482476501-412668190-1417001333-1003.job
2014-02-25 21:43 - 2010-07-18 14:23 - 01794433 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-25 12:13 - 2010-10-22 10:57 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-02-24 01:06 - 2014-01-12 21:59 - 00336656 _____ () C:\Documents and

Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-02-24 01:06 - 2012-06-29 12:52 - 02431538 _____ () C:\Documents and

Settings\LocalService\Local Settings\Application

Data\WPFFontCache_v0400-S-1-5-21-1482476501-412668190-1417001333-1003-0.dat
2014-02-24 01:06 - 2012-06-29 12:52 - 00332162 _____ () C:\Documents and

Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-02-24 01:06 - 2010-07-18 14:32 - 00000178 ___SH () C:\Documents and

Settings\Owner\ntuser.ini
2014-02-23 23:21 - 2010-12-07 21:53 - 00000000 ____D () C:\Documents and Settings\Owner\My

Documents\Outlook Files
2014-02-23 23:02 - 2014-02-23 23:02 - 00001542 _____ () C:\Documents and Settings\All

Users\Desktop\iTunes.lnk
2014-02-23 23:02 - 2014-02-23 23:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start

Menu\Programs\iTunes
2014-02-23 23:02 - 2014-02-23 23:01 - 00000000 ____D () C:\Program Files\iTunes
2014-02-23 23:02 - 2014-02-23 23:01 - 00000000 ____D () C:\Documents and Settings\All

Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-23 23:01 - 2014-02-23 23:01 - 00000000 ____D () C:\Program Files\iPod
2014-02-23 23:01 - 2010-10-22 10:21 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-21 18:15 - 2013-12-11 03:27 - 00692616 _____ (Adobe Systems Incorporated)

C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-21 18:15 - 2013-12-11 03:27 - 00071048 _____ (Adobe Systems Incorporated)

C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-21 18:01 - 2013-01-12 10:14 - 00001813 _____ () C:\Documents and Settings\All

Users\Desktop\Google Chrome.lnk
2014-02-19 19:05 - 2014-02-19 19:05 - 00001878 _____ () C:\Documents and Settings\All

Users\Desktop\Skype.lnk
2014-02-19 19:05 - 2014-02-19 19:05 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-02-19 19:05 - 2014-02-19 19:05 - 00000000 ____D () C:\Documents and Settings\Owner\Local

Settings\Application Data\Skype
2014-02-19 19:05 - 2014-02-19 19:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start

Menu\Programs\Skype
2014-02-19 19:05 - 2010-08-15 14:30 - 00000000 ___RD () C:\Program Files\Skype
2014-02-19 19:05 - 2010-08-15 14:30 - 00000000 ____D () C:\Documents and Settings\All

Users\Application Data\Skype
2014-02-13 22:28 - 2012-12-23 08:17 - 00000000 ____D () C:\Documents and Settings\Owner\Local

Settings\Application Data\WeatherBug
2014-02-07 21:18 - 2013-11-17 09:19 - 00001733 _____ () C:\Documents and Settings\All

Users\Desktop\avast! Free Antivirus.lnk
2014-02-07 21:18 - 2013-11-17 09:18 - 00067824 _____ (AVAST Software)

C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-02-07 21:17 - 2013-11-17 09:18 - 00775952 _____ (AVAST Software)

C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-02-07 21:17 - 2013-11-17 09:18 - 00410784 _____ (AVAST Software)

C:\WINDOWS\system32\Drivers\aswSP.sys
2014-02-07 21:17 - 2013-11-17 09:18 - 00057672 _____ (AVAST Software)

C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-02-07 21:17 - 2013-11-17 09:18 - 00054832 _____ (AVAST Software)

C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-02-07 21:17 - 2013-11-17 09:18 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-02-07 21:17 - 2013-01-12 10:12 - 00270240 _____ (AVAST Software)

C:\WINDOWS\system32\aswBoot.exe
2014-02-04 23:10 - 2014-02-04 22:58 - 00000000 ____D () C:\Documents and Settings\Owner\My

Documents\2013 TAXES
2014-02-04 12:15 - 2010-10-22 10:21 - 00000000 ____D () C:\Documents and Settings\All

Users\Application Data\Apple
2014-02-03 11:05 - 2013-03-30 08:42 - 00000000 ____D () C:\Documents and

Settings\Owner\Application Data\Stamps.com Internet Postage
2014-02-03 11:05 - 2013-03-30 08:36 - 00000036 ____H () C:\WINDOWS\system32\f9t.dat
2014-01-31 09:47 - 2010-10-22 11:08 - 00075992 _____ () C:\Documents and Settings\Owner\Local

Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-31 09:44 - 2010-07-18 06:30 - 00297256 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-31 09:43 - 2010-11-15 13:21 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt

Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\CmdLineExt03.dll
C:\Documents and Settings\Owner\Local

Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprv2kyk.dll
C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Owner\Local Settings\Temp\SIntf16.dll
C:\Documents and Settings\Owner\Local Settings\Temp\SIntf32.dll
C:\Documents and Settings\Owner\Local Settings\Temp\SIntfNT.dll


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

[Dakeyras]

Hi.

Are you aware your Anti-Vrius appears to be disabled and or did you do this yourself ? Either way please enable(if able).

Now the format of the logs is making it somewhat difficult for myself to review correctly and we will also re-enable all items disabled via the System Configuration Utility(MSConfig). Then in turn address those as using the aforementioned System Configuration Utility can at times actually worsen a situation rather than remedy anything.

Just take your time with the below and all should go well, in the event you have any problems merely stop what you are doing and inform myself straight away please.

Enable disabled items with SCU

• Click on Start >> Run... and type in msconfig then click on OK.
• Once the GUI(graphical user interface) for the System Configuration Utility has loaded:-

Click on the Services tab and select Enable All
Now click on the Startup tab and select Enable All

• Now click on Apply >> Close >> Restart

Note: Ensure you do allow your machine to reboot.

Wordwrap Check:

• Click on Start >> All Programs >> Accessories >> Notepad
• Click on Format ensure that Wordwrap is unchecked.
• If it isn't, uncheck it.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

• Please go here and download the installer forERUNT.
• ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
• Double click on erunt-setup.exe to Install ERUNT by following the prompts.
• Use the default install settings but say no to the portion that asks you to add ERUNT to the Start-Up folder.
• Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
• Choose a location for the backup. Note: the default location is C:\WINDOWS\ERDNT which is acceptable.
• Make sure that at least the first two check boxes are selected.
• Click on OK
• Then click on YES to create the folder.

Note: If it is necessary to restore the registry, open the backup folder and start ERDNT.exe

StartUpLite:

Please download this small application from here and save to your desktop.

• Double-click on startuplite-setup-1.07e.exe to launch the application.
• Select all options(unnecessary system start-ups) you would like removed(apart from your Anti-Virus software) and click on Continue

Scan with AdwCleaner:

Please download adwcleaner from here and save to your desktop.

Alternate downloads are here or here.

• Double-click on adwcleaner.exe to launch the application.
• Now click on the Scan tab >> once the scan is complete click on the Clean tab and follow the prompts.
• Allow the system to reboot. You will then be presented with the report. Copy & Paste this report into your next reply.

Note: The log can also be located at C: >> AdwCleaner >> AdwCleaner[S0].txt

Next:

Let myself know when completed the above and if any problems encountered. Also post the requested AdwCleaner log and we will then go from there, thank you.

[Faithsa]

As far as I can tell Avast is running so I'm not sure how it's disabled??

I did the first step and it seemed everything was already enabled but to make sure I clicked disable and then enable then ok, just to make certain. It then rebooted and then rebooted all by itself twice. It gave me a message about the start up settings being changed the first time which I told to go away. Then the second time it rebooted all by itself it popped up with the Run As menu. It is currently staying on (for the moment so I'll try step 2.

Also of note, it started rebooting itself yesterday when my husband was playing Railroad tycoon and then again twice when I was watching a youtube video.

[Faithsa]

I unchecked wraparound in notepad. Then just as I clicked to download the next thing, my Pc started a reboot cycle where its not even finishingbooting before it shuts down again. Trying to catch it at shut down to unplug for a bit to try and stop the cycle.

[Faithsa]

I've gotten all the way to the adwcleaner and it seems to be stuck at pending...

[Dakeyras]

Hi.

If the need carry out the remaining steps with your machine running in the Safe Mode with Networking mode.

Also download the attached msconfig.bat(see below) after completing the AdwCleaner scan to your desktop.



Double click on msconfig.bat to run it, a command window will appear and a notepad file called regkey.txt also. Please post the contents of regkey.txt in your next reply also.

[Faithsa]

ok, what do I do about adwcleaner seemingly stuck. close and try again?