[RESOLVED] Blue Screens on XP Part 4 - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 32

Thread: [RESOLVED] Blue Screens on XP Part 4

  1. #16
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,399
    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.



    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.



    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"


    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode


    • Double-click on the Rkill desktop icon to run the tool.
    • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.



    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

  2. #17
    Join Date
    Aug 2016
    Posts
    5

    Blue Screens on XP Part 4

    Dear Broni and others,

    I still don't have permission to reply on the other thread. So here is my Combo Fix log, in 2 parts:

    ComboFix 16-08-10.01 - Jennifer Klausner 08/14/2016 14:39:30.3.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2459 [GMT -4:00]
    Running from: C:\ComboFix.exe
    AV: Ad-Aware Antivirus *Disabled/Outdated* {22CB8761-914A-11CF-B705-00AA0062CBB7}
    FW: Ad-Aware Firewall *Disabled* {9211320F-6C40-4035-BBDE-3C96ED504F33}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\Jennifer Klausner\Local Settings\Application Data[j0004]-[p04].bmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0001.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0002.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0003.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0004.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0015.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0039.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0051.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0072.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0089.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0101.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0118.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0157.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0163.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0197.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0262.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0306.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0341.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0490.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0494.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0579.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0613.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0673.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0763.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0777.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0789.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0802.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0808.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0854.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0889.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0918.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0959.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0961.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL0969.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1034.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1095.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1112.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1205.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1209.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1270.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1299.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1326.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1380.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1395.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1422.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1427.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1447.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1474.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1512.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1514.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1531.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1772.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1780.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1801.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL1984.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2076.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2114.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2144.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2164.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2165.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2205.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2257.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2369.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2388.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2389.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2518.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2545.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2553.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2638.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2645.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2687.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2714.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2746.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2761.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2808.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2812.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2840.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2842.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2843.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2938.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2939.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL2983.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3021.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3094.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3176.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3182.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3307.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3323.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3337.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3345.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3437.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3447.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3483.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3523.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3532.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3583.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3615.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3639.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3698.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3767.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3814.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3902.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3909.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3927.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL3980.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL4004.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL4051.tmp
    c:\documents and settings\Jennifer Klausner\My Documents\~WRL4080.tmp
    c:\program files\Shared
    C:\Windows-KB890830-V5.31.exe
    C:\Windows-KB890830-V5.38.exe
    c:\windows\system32\drivers\1028_DELL_XPS_Dell DXP051 .MRK
    c:\windows\system32\drivers\DELL_XPS_Dell DXP051 .MRK
    .
    .
    ((((((((((((((((((((((((( Files Created from 2016-07-14 to 2016-08-14 )))))))))))))))))))))))))))))))
    .
    .
    2016-08-14 17:47 . 2016-08-14 17:47 -------- d-----w- c:\documents and settings\Jennifer Klausner\Local Settings\Application Data\MFAData
    2016-08-14 17:46 . 2016-08-14 17:47 -------- d-----w- c:\documents and settings\Jennifer Klausner\Local Settings\Application Data\AvgSetupLog
    2016-08-13 03:42 . 2016-08-13 03:42 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
    2016-08-13 03:39 . 2016-08-13 03:39 -------- d-----w- c:\documents and settings\All Users\Application Data\RogueKiller
    2016-08-13 03:32 . 2016-08-13 03:33 21070920 ----a-w- C:\RogueKiller.exe
    2016-08-12 15:39 . 2016-08-12 15:39 1610560 ----a-w- C:\JRT.exe
    2016-08-12 15:21 . 2016-08-12 15:22 -------- d-----w- C:\AdwCleaner
    2016-08-12 15:20 . 2016-08-12 15:20 3712064 ----a-w- C:\adwcleaner_5.201.exe
    2016-08-12 05:03 . 2016-08-14 18:06 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2016-08-12 05:02 . 2016-03-10 18:09 123264 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2016-08-12 05:02 . 2016-03-10 18:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
    2016-08-12 05:02 . 2016-08-12 05:02 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
    2016-08-12 05:00 . 2016-08-12 05:01 22851472 ----a-w- C:\mbam-setup-2.2.1.1043.exe
    2016-08-09 16:06 . 2016-08-09 16:06 -------- d-----w- c:\program files\Dell Support Center
    2016-08-09 06:34 . 2016-08-09 06:55 -------- d-----w- C:\FRST
    2016-08-08 03:56 . 2016-08-08 03:56 -------- d-----w- c:\windows\system32\wbem\Repository
    2016-08-07 20:39 . 2016-08-07 20:39 -------- d-----w- C:\found.000
    2016-07-19 21:59 . 2016-07-19 21:59 -------- d-----w- c:\program files\Common Files\Lavasoft
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2016-07-16 14:33 . 2012-03-31 13:18 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2016-07-16 14:33 . 2011-05-18 21:42 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-12 07:57 . 2011-10-12 07:57 995328 ----a-w- c:\program files\WOT-20110704-en-US.msi
    2010-06-17 02:30 . 2010-06-17 02:30 272384 ----a-w- c:\program files\TFC.exe
    2010-05-11 21:55 . 2010-05-05 11:21 3686521 ----a-r- c:\program files\ComboFix.exe
    2008-01-19 04:36 . 2008-01-19 04:35 12727648 -c--a-w- c:\program files\winzip111.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2016-08-01 21:23 211264 ----a-w- c:\documents and settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2016-08-01 21:23 211264 ----a-w- c:\documents and settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2016-08-01 21:23 211264 ----a-w- c:\documents and settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2016-08-01 21:23 211264 ----a-w- c:\documents and settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2016-08-01 21:23 211264 ----a-w- c:\documents and settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2016-08-01 21:23 211264 ----a-w- c:\documents and settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2016-08-01 21:23 211264 ----a-w- c:\documents and settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2016-08-01 21:23 211264 ----a-w- c:\documents and settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 68856]
    "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
    "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2007-08-30 205480]
    "Spotify Web Helper"="c:\documents and settings\Jennifer Klausner\Application Data\Spotify\SpotifyWebHelper.exe" [2016-01-23 2346096]
    "Akamai NetSession Interface"="c:\documents and settings\Jennifer Klausner\Local Settings\Application Data\Akamai\netsession_win.exe" [2015-09-11 4691384]
    "AmazonMP3DownloaderHelper"="c:\documents and settings\Jennifer Klausner\Local Settings\Application Data\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-05-22 400704]
    "Dropbox Update"="c:\documents and settings\Jennifer Klausner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe" [2015-06-13 134512]
    "Spotify"="c:\documents and settings\Jennifer Klausner\Application Data\Spotify\Spotify.exe" [2016-01-23 8316528]
    "AOL Fast Start"="c:\program files\AOL Desktop 9.8.0\AOL.EXE" [2015-09-08 73584]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-16 7323648]
    "CTHelper"="CTHELPER.EXE" [2006-12-12 19456]
    "CTxfiHlp"="CTXFIHLP.EXE" [2006-12-12 20480]
    "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
    "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2006-05-03 98304]
    "CTDVDDET"="c:\program files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
    "VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 122880]
    "AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 49152]
    "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
    "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2007-08-30 205480]
    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
    "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
    "AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2014-02-06 70760]
    "HostManager"="c:\program files\Common Files\AOL\1169873283\ee\AOLSoftware.exe" [2010-03-08 41800]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-19 421888]
    "PMX Daemon"="ICO.EXE" [2006-06-09 47104]
    "Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2006-02-09 106496]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
    "SMART Floating Tools"="c:\program files\SMART Technologies\Education Software\FloatingTools.exe" [2013-08-22 9221424]
    "SMARTNotification"="c:\program files\SMART Technologies\Education Software\SMARTNotification.exe" [2013-08-23 208688]
    "SMART Tray Tools"="c:\program files\SMART Technologies\Education Software\SMARTTrayIcon.exe" [2013-08-23 754992]
    "sbsdk-server"="c:\program files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe" [2013-08-22 62768]
    "SMART Ink"="c:\program files\SMART Technologies\Education Software\SMARTInk.exe" [2014-02-11 147248]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-09-12 157456]
    "AvgUi"="c:\program files\AVG\Framework\Common\avguirnx.exe" [2016-07-20 186640]
    "AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe" [2016-07-19 8063200]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 68856]
    "AOL Fast Start"="c:\progra~1\AOL9~1.1\AOL.EXE" [2008-06-03 50528]
    .
    c:\documents and settings\Jennifer Klausner\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\documents and settings\Jennifer Klausner\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2016-8-8 23546672]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-6-2 24576]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
    LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2009-8-22 57344]
    Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe /n [2005-5-3 81920]
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
    "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
    "c:\\Program Files\\America Online 9.0\\waol.exe"=
    "c:\\Program Files\\AIM\\aim.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Common Files\\AOL\\1169873283\\ee\\aolsoftware.exe"=
    "c:\\Program Files\\AOL 9.1\\waol.exe"=
    "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
    "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
    "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
    "c:\\Program Files\\AIM7\\aim.exe"=
    "c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
    "c:\\Program Files\\Spotify\\spotify.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Documents and Settings\\Jennifer Klausner\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
    "c:\\Documents and Settings\\Jennifer Klausner\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
    "c:\\Program Files\\SMART Technologies\\Education Software\\UCGui.exe"=
    "c:\\Program Files\\SMART Technologies\\Education Software\\UCService.exe"=
    "c:\\Program Files\\SMART Technologies\\Education Software\\SMARTSNMPAgent.exe"=
    "c:\\Program Files\\AOL Desktop 9.7\\waol.exe"=
    "c:\\Program Files\\AOL Desktop 9.7\\aolbrowser.exe"=
    "c:\\Documents and Settings\\Jennifer Klausner\\Application Data\\Spotify\\Spotify.exe"=
    "c:\\Spotify.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\AOL Desktop 9.8.0\\waol.exe"=
    "c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "12001:UDP"= 12001:UDP:SMART WebServer Handshake Multicast Port
    "1116:TCP"= 1116:TCP:Akamai NetSession Interface
    "5000:UDP"= 5000:UDP:Akamai NetSession Interface
    .
    R2 avgsvc;AVG Service;c:\program files\AVG\Framework\Common\avgsvcx.exe [7/20/2016 2:03 PM 906512]
    R2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [7/18/2016 8:22 PM 664040]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
    S2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\Education Software\UCService.exe [8/22/2013 8:15 PM 810800]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
    S3 vmwvusb;VMware View Generic USB Driver;c:\windows\system32\Drivers\vmwvusb.sys --> c:\windows\system32\Drivers\vmwvusb.sys [?]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - AVGSVC
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2016-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 14:33]
    .
    2016-08-12 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2015-08-27 04:26]
    .
    2016-08-14 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2952040898-4172286553-4130697486-1008Core.job
    - c:\documents and settings\Jennifer Klausner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe [2015-06-13 02:15]
    .
    2016-08-14 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2952040898-4172286553-4130697486-1008UA.job
    - c:\documents and settings\Jennifer Klausner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe [2015-06-13 02:15]
    .
    2016-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 21:05]
    .
    2016-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 21:05]
    .
    2016-08-14 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
    - c:\windows\system32\xp_eos.exe [2014-03-09 01:59]
    .
    2016-04-09 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
    - c:\windows\system32\xp_eos.exe [2014-03-09 01:59]
    .
    2016-08-11 c:\windows\Tasks\PCDDataUploadTask.job
    - c:\program files\Dell\SupportAssist\uaclauncher.exe [2016-08-09 17:39]
    .
    2016-08-13 c:\windows\Tasks\SystemToolsDailyTest.job
    - c:\program files\Dell\SupportAssist\uaclauncher.exe [2016-08-09 17:39]
    .
    .

    Thanks, Jennifer

  3. #18
    Join Date
    Aug 2016
    Posts
    5
    Dear experts,

    Here is the 2nd part of the ComboFix log:
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Settings,ProxyOverride = *.local;<local>
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    Trusted Zone: dell.com
    TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
    DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-big-island-blends/gamehouseplayer.cab
    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/ghbabeldeluxe/zylomplayer.cab
    DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} - hxxp://167.206.78.84/forms/jinitiator/jinit.exe
    DPF: {E6BB2089-163F-466B-812A-748096614DFD} - hxxp://cainternetsecurity.net/scanner/cascanner.cab
    FF - ProfilePath - c:\documents and settings\Jennifer Klausner\Application Data\Mozilla\Firefox\Profiles\qwso2m83.default-1428637936437\
    .
    - - - - ORPHANS REMOVED - - - -
    .
    BHO-{28FE24D4-50EB-4B48-A416-582B910AFDDE} - (no file)
    HKCU-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
    HKLM-Run-MSKDetectorExe - c:\program files\McAfee\SpamKiller\MSKDetct.exe
    HKLM-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
    HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
    HKLM-Run-hpqSRMon - (no file)
    AddRemove-Coupon Printer for Windows2.0 - c:\program files\Coupons\uninstall.exe
    AddRemove-Dell Game Console - c:\program files\WildTangent\Apps\Dell Game Console\Uninstall.exe
    AddRemove-{F46BF5EA-0B4E-4A41-8C4B-3B127346E30F} - c:\documents and settings\Jennifer Klausner\Local Settings\Application Data\{5EB49894-2D6C-483B-85B1-0477F3F6360C}\NBCDirectInstaller.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2016-08-14 15:01
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_22_0_0_210_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_22_0_0_210_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker6"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    Completion time: 2016-08-14 15:04:20
    ComboFix-quarantined-files.txt 2016-08-14 19:04
    ComboFix2.txt 2010-05-11 22:52
    .
    Pre-Run: 231,012,655,104 bytes free
    Post-Run: 251,390,369,792 bytes free
    .
    - - End Of File - - B1EDD13F747FA3FEBF00D82A40C0B92F
    8F558EB6672622401DA993E1E865C861

    I didn't reinstall AVG yet. Is that necessary, or can Ad-Aware, Spybot, or MBAM take its place, and what additional functions do I need to enable in those programs to do what AVG used to, if so? I did reenable all the functions that I shut off that I could remember, except for AVG.

    Thanks, Jennifer

  4. #19
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,399
    Please stop creating new topics.

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.


    • Double click to run it.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

  5. #20
    Join Date
    Oct 2005
    Posts
    26
    Dear Broni,

    Here are my FRST logs, in 2 pages:
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-08-2016
    Ran by Jennifer Klausner (administrator) on JENDESKTOP (15-08-2016 22:45:15)
    Running from C:\
    Loaded Profiles: Jennifer Klausner (Available Profiles: Julius Klausner & Dorothy Klausner & Jennifer Klausner & Michelle Klausner & Administrator)
    Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
    Internet Explorer Version 8 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
    (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
    (SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe
    (America Online, Inc.) C:\WINDOWS\wanmpsvc.exe
    (Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
    (Creative Technology Ltd) C:\WINDOWS\system32\CtHelper.exe
    (Creative Technology Ltd) C:\WINDOWS\system32\Ctxfihlp.exe
    (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    () C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.exe
    (Creative Technology Ltd) C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
    (Creative Technology Ltd.) C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    (Creative Technology Ltd) C:\WINDOWS\system32\CTxfispi.exe
    (Sonic Solutions) C:\WINDOWS\system32\DLA\DLACTRLW.EXE
    (AOL Inc.) C:\Program Files\Common Files\AOL\1169873283\ee\aolsoftware.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    (Primax Electronics Ltd.) C:\WINDOWS\system32\ico.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    (Corel, Inc.) C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
    (SMART Technologies ULC) C:\Program Files\SMART Technologies\Education Software\FloatingTools.exe
    (SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTNotification.exe
    (SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTTrayIcon.exe
    (SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
    (Gteko Ltd.) C:\Program Files\DellSupport\DSAgnt.exe
    (Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    (Spotify Ltd) C:\Documents and Settings\Jennifer Klausner\Application Data\Spotify\SpotifyWebHelper.exe
    (Akamai Technologies, Inc.) C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Akamai\netsession_win.exe
    () C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
    (Joyent, Inc) C:\Program Files\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Akamai Technologies, Inc.) C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Akamai\netsession_win.exe
    (BVRP Software) C:\Program Files\Digital Line Detect\DLG.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    (Matsu****a Electric Industrial Co., Ltd.) C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    (Dropbox, Inc.) C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\Dropbox.exe
    (SMART Technologies) C:\Program Files\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
    (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    (Spotify Ltd) C:\Documents and Settings\Jennifer Klausner\Application Data\Spotify\Spotify.exe
    (Spotify Ltd) C:\Documents and Settings\Jennifer Klausner\Application Data\Spotify\SpotifyCrashService.exe
    (Spotify Ltd) C:\Documents and Settings\Jennifer Klausner\Application Data\Spotify\Spotify.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
    (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wisptis.exe
    (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
    (AOL Inc.) C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
    (AOL Inc.) C:\Program Files\AOL Desktop 9.8.0\waol.exe
    (AOL Inc.) C:\Program Files\AOL Desktop 9.8.0\shellmon.exe
    (AOL Inc.) C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
    (AOL Inc.) C:\Program Files\Common Files\AOL\1169873283\ee\aolupdates.exe
    (AOL Inc.) C:\Program Files\AOL Desktop 9.8.0\AOLBrowser\aolbrowser.exe
    (AOL Inc.) C:\Program Files\AOL Desktop 9.8.0\AOLBrowser\AolBrowserTab.exe
    (AOL Inc.) C:\Program Files\AOL Desktop 9.8.0\AOLBrowser\AolBrowserTab.exe
    (AOL Inc.) C:\Program Files\AOL Desktop 9.8.0\AOLBrowser\AolBrowserTab.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\CTHELPER.EXE [19456 2006-12-12] (Creative Technology Ltd)
    HKLM\...\Run: [CTxfiHlp] => C:\WINDOWS\system32\CTXFIHLP.EXE [20480 2006-12-12] (Creative Technology Ltd)
    HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-07-06] (Intel Corporation)
    HKLM\...\Run: [DMXLauncher] => C:\Program Files\Dell\Media Experience\DMXLauncher.exe [98304 2006-05-03] ()
    HKLM\...\Run: [CTDVDDET] => C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)
    HKLM\...\Run: [VolPanel] => C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe [122880 2005-10-14] (Creative Technology Ltd)
    HKLM\...\Run: [AudioDrvEmulator] => C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [49152 2005-11-04] (Creative Technology Ltd.)
    HKLM\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
    HKLM\...\Run: [ISUSPM Startup] => c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [205480 2007-08-30] (Macrovision Corporation)
    HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [79136 2008-10-24] (Macrovision Corporation)
    HKLM\...\Run: [DLA] => C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940 2005-09-08] (Sonic Solutions)
    HKLM\...\Run: [AOLDialer] => C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [70760 2014-02-06] (AOL Inc.)
    HKLM\...\Run: [HostManager] => C:\Program Files\Common Files\AOL\1169873283\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
    HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
    HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2012-04-18] (Apple Inc.)
    HKLM\...\Run: [PMX Daemon] => C:\WINDOWS\system32\ICO.EXE [47104 2006-06-09] (Primax Electronics Ltd.)
    HKLM\...\Run: [Corel Photo Downloader] => C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [106496 2006-02-09] (Corel, Inc.)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM\...\Run: [SMART Floating Tools] => C:\Program Files\SMART Technologies\Education Software\FloatingTools.exe [9221424 2013-08-22] (SMART Technologies ULC)
    HKLM\...\Run: [SMARTNotification] => C:\Program Files\SMART Technologies\Education Software\SMARTNotification.exe [208688 2013-08-22] (SMART Technologies)
    HKLM\...\Run: [SMART Tray Tools] => C:\Program Files\SMART Technologies\Education Software\SMARTTrayIcon.exe [754992 2013-08-22] (SMART Technologies)
    HKLM\...\Run: [sbsdk-server] => C:\Program Files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62768 2013-08-22] (SMART Technologies)
    HKLM\...\Run: [SMART Ink] => C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe [147248 2014-02-11] (SMART Technologies)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
    HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [8063200 2016-07-18] ()
    HKLM\...\Policies\Explorer: [NoCDBurning] 0
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-06-24] (Google Inc.)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [DellSupport] => C:\Program Files\DellSupport\DSAgnt.exe [460784 2007-03-15] (Gteko Ltd.)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [205480 2007-08-30] (Macrovision Corporation)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [Spotify Web Helper] => C:\Documents and Settings\Jennifer Klausner\Application Data\Spotify\SpotifyWebHelper.exe [2346096 2016-01-23] (Spotify Ltd)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [Akamai NetSession Interface] => C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [AmazonMP3DownloaderHelper] => C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [Dropbox Update] => C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [Spotify] => C:\Documents and Settings\Jennifer Klausner\Application Data\Spotify\Spotify.exe [8316528 2016-01-23] (Spotify Ltd)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Run: [AOL Fast Start] => C:\Program Files\AOL Desktop 9.8.0\AOL.EXE [73584 2015-09-08] (AOL Inc.)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssflwbox.scr [393216 2008-04-13] (Microsoft Corporation)
    HKU\S-1-5-18\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-06-24] (Google Inc.)
    HKU\S-1-5-18\...\Run: [AOL Fast Start] => C:\Program Files\AOL 9.1\aol.exe [50528 2008-06-03] (AOL, LLC.)
    ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk [2013-01-26]
    ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012-03-28]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk [2009-08-22]
    ShortcutTarget: LUMIX Simple Viewer.lnk -> C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe (Matsu****a Electric Industrial Co., Ltd.)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk [2006-06-02]
    ShortcutTarget: Service Manager.lnk -> C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
    Startup: C:\Documents and Settings\Jennifer Klausner\Start Menu\Programs\Startup\Dropbox.lnk [2016-07-11]
    ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{0927C98D-4C4E-4754-8D08-5D727E0A3D84}: [DhcpNameServer] 75.75.75.75 75.75.76.76

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    URLSearchHook: HKLM - AOL Messaging Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
    URLSearchHook: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008 - AOL Messaging Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
    BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
    BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06] (Hewlett-Packard Co.)
    BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
    BHO: No Name -> {28FE24D4-50EB-4B48-A416-582B910AFDDE} -> No File
    BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
    BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
    BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-09-08] (Sonic Solutions)
    BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files\SMART Technologies\Education Software\NotebookPlugin.dll [2013-08-22] (SMART Technologies ULC.)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-28] (Oracle Corporation)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
    BHO: AOL Messaging Toolbar Loader -> {b0cda128-b425-4eef-a174-61a11ac5dbf8} -> C:\Program Files\AIM Toolbar\aimtb.dll [2011-01-14] (AOL Inc.)
    BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2012-08-02] ()
    BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> c:\Program Files\BAE\BAE.dll [2006-02-22] (Dell Inc.)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-28] (Oracle Corporation)
    BHO: No Name -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> No File
    BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06] (Hewlett-Packard Co.)
    Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2012-08-02] ()
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
    Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
    Toolbar: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
    Toolbar: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2012-08-02] ()
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} hxxp://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.87.cab
    DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
    DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} hxxp://aolsvc.aol.com/onlinegames/free-trial-big-island-blends/gamehouseplayer.cab
    DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://zone.msn.com/bingame/chnz/default/mjolauncher.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C}
    DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://aolsvc.aol.com/onlinegames/ghbabeldeluxe/zylomplayer.cab
    DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} hxxp://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab
    DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} hxxp://167.206.78.84/forms/jinitiator/jinit.exe
    DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
    DPF: {E6BB2089-163F-466B-812A-748096614DFD} hxxp://cainternetsecurity.net/scanner/cascanner.cab
    DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} hxxp://zone.msn.com/bingame/swet/default/Sweetopia.1.0.0.46.cab
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
    Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2012-08-02] ()

    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\Jennifer Klausner\Application Data\Mozilla\Firefox\Profiles\qwso2m83.default-1428637936437
    FF DefaultSearchEngine.US: Google
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
    FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.)
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
    FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2009-09-02] (GARMIN Corp.)
    FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-09-28] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
    FF Plugin: @movenetworks.com/Quantum Media Player -> C:\Documents and Settings\Jennifer Klausner\Application Data\Move Networks\plugins\npqmp071505000010.dll [2009-10-21] (Move Networks)
    FF Plugin: @nbc.com/DirectPlayer -> C:\Program Files\NBC Direct\npDirectPlayerMozilla.dll [No File]
    FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2952040898-4172286553-4130697486-1008: @movenetworks.com/Quantum Media Player -> C:\Documents and Settings\Jennifer Klausner\Application Data\Move Networks\plugins\npqmp071505000010.dll [2009-10-21] (Move Networks)
    FF Extension: WOT - C:\Documents and Settings\Jennifer Klausner\Application Data\Mozilla\Firefox\Profiles\qwso2m83.default-1428637936437\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-11]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-02-02] [not signed]
    FF HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Firefox\Extensions: [moveplayer@movenetworks.com] - C:\Documents and Settings\Jennifer Klausner\Application Data\Move Networks
    FF Extension: Move Media Player - C:\Documents and Settings\Jennifer Klausner\Application Data\Move Networks [2009-10-21] [not signed]

    Chrome:
    =======
    CHR Profile: C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Google\Chrome\User Data\Default

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [46184 2014-02-06] (AOL Inc.)
    R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [906512 2016-07-20] (AVG Technologies CZ, s.r.o.)
    R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [86606 2005-06-02] (Canon Inc.) [File not signed]
    R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-12] (Creative Technology Ltd) [File not signed]
    S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
    S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1074480 2013-10-30] (Flexera Software LLC)
    R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
    R2 IAANTMon; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [90112 2006-07-06] (Intel Corporation) [File not signed]
    R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-09-28] (Oracle Corporation)
    R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [664040 2016-07-18] ()
    R2 MSSQL$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe [9150464 2005-05-04] (Microsoft Corporation) [File not signed]
    S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [73728 2005-05-03] (Microsoft Corporation) [File not signed]
    R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
    S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel(R) Corporation) [File not signed]
    R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 SMART Board Service; C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe [1937200 2013-08-22] (SMART Technologies)
    S2 SMART Display Controller; C:\Program Files\SMART Technologies\Education Software\UCService.exe [810800 2013-08-22] (SMART Technologies)
    S3 SQLAgent$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE [323584 2005-05-03] (Microsoft Corporation) [File not signed]
    R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.) [File not signed]

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
    S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [340704 2005-07-13] (Creative Technology Ltd)
    R2 DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [25628 2005-09-08] (Sonic Solutions) [File not signed]
    R1 DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [5628 2005-08-25] (Sonic Solutions) [File not signed]
    R2 DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2496 2005-09-08] (Sonic Solutions) [File not signed]
    R2 DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [86524 2005-09-08] (Sonic Solutions) [File not signed]
    R2 DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [14684 2005-09-08] (Sonic Solutions) [File not signed]
    R2 DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [6364 2005-09-08] (Sonic Solutions) [File not signed]
    R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-08-25] (Sonic Solutions) [File not signed]
    R2 DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [94332 2005-09-08] (Sonic Solutions) [File not signed]
    R2 DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [87036 2005-09-08] (Sonic Solutions) [File not signed]
    R0 DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [89264 2005-09-12] (Sonic Solutions) [File not signed]
    R2 DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [40544 2005-08-12] (Sonic Solutions) [File not signed]
    R3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) [File not signed]
    S3 grmnusb; C:\WINDOWS\System32\drivers\grmnusb.sys [8320 2007-03-08] (GARMIN Corp.)
    R3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-10-30] (HP)
    R3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-10-30] (HP)
    R3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-10-30] (HP)
    R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [36624 2006-10-18] (Sonic Solutions) [File not signed]
    U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [24688 2016-08-12] ()
    S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [428832 2016-04-28] (BitDefender S.R.L.)
    S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2014-07-28] (Apple, Inc.) [File not signed]
    R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
    S3 bvrp_pci; no ImagePath
    S3 catchme; \??\C:\DOCUME~1\JENNIF~1\LOCALS~1\Temp\catchme.sys [X]
    S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
    S0 Lbd; system32\DRIVERS\Lbd.sys [X]
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
    S3 vmwvusb; System32\Drivers\vmwvusb.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-08-15 16:27 - 2016-08-15 17:31 - 00000090 _____ C:\WINDOWS\bi_group.ini
    2016-08-14 15:04 - 2016-08-15 00:36 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
    2016-08-14 15:04 - 2016-08-14 15:04 - 00027774 _____ C:\ComboFix.txt
    2016-08-14 15:04 - 2016-08-14 15:04 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
    2016-08-14 15:04 - 2016-08-14 15:04 - 00000000 ____D C:\Documents and Settings\Michelle Klausner\Local Settings\temp
    2016-08-14 15:04 - 2016-08-14 15:04 - 00000000 ____D C:\Documents and Settings\Julius Klausner\Local Settings\temp
    2016-08-14 15:04 - 2016-08-14 15:04 - 00000000 ____D C:\Documents and Settings\Dorothy Klausner\Local Settings\temp
    2016-08-14 15:04 - 2016-08-14 15:04 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
    2016-08-14 14:34 - 2011-06-26 02:45 - 00256000 _____ C:\WINDOWS\PEV.exe
    2016-08-14 14:34 - 2010-11-07 13:20 - 00208896 _____ C:\WINDOWS\MBR.exe
    2016-08-14 14:34 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
    2016-08-14 14:34 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
    2016-08-14 14:34 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
    2016-08-14 14:34 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
    2016-08-14 14:34 - 2000-08-30 20:00 - 00098816 _____ C:\WINDOWS\sed.exe
    2016-08-14 14:34 - 2000-08-30 20:00 - 00080412 _____ C:\WINDOWS\grep.exe
    2016-08-14 14:34 - 2000-08-30 20:00 - 00068096 _____ C:\WINDOWS\zip.exe
    2016-08-14 14:30 - 2016-08-14 15:04 - 00000000 ____D C:\Qoobox
    2016-08-14 13:47 - 2016-08-14 13:47 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\MFAData
    2016-08-14 13:46 - 2016-08-14 13:47 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\AvgSetupLog
    2016-08-14 13:46 - 2016-08-14 13:46 - 05658919 ____R (Swearware) C:\ComboFix.exe
    2016-08-12 23:42 - 2016-08-12 23:42 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
    2016-08-12 23:39 - 2016-08-12 23:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\RogueKiller
    2016-08-12 23:32 - 2016-08-12 23:33 - 21070920 _____ C:\RogueKiller.exe
    2016-08-12 11:46 - 2016-08-12 11:46 - 00006015 _____ C:\Documents and Settings\Jennifer Klausner\Desktop\JRT.txt
    2016-08-12 11:39 - 2016-08-12 11:39 - 01610560 _____ (Malwarebytes) C:\JRT.exe
    2016-08-12 11:21 - 2016-08-12 11:22 - 00000000 ____D C:\AdwCleaner
    2016-08-12 11:20 - 2016-08-12 11:20 - 03712064 _____ C:\adwcleaner_5.201.exe
    2016-08-12 11:17 - 2016-08-12 11:17 - 00002306 _____ C:\Documents and Settings\Jennifer Klausner\Desktop\MBAM Log 1.txt
    2016-08-12 10:37 - 2016-08-12 10:37 - 00001252 _____ C:\avenger.txt
    2016-08-12 01:03 - 2016-08-14 21:56 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-08-12 01:02 - 2016-08-12 01:02 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    2016-08-12 01:02 - 2016-08-12 01:02 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2016-08-12 01:02 - 2016-08-12 01:02 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
    2016-08-12 01:02 - 2016-03-10 14:09 - 00123264 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2016-08-12 01:02 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2016-08-12 01:00 - 2016-08-12 01:01 - 22851472 _____ (Malwarebytes ) C:\mbam-setup-2.2.1.1043.exe
    2016-08-09 12:06 - 2016-08-09 12:06 - 00000000 ____D C:\Program Files\Dell Support Center
    2016-08-09 02:36 - 2016-08-09 02:42 - 00069349 _____ C:\Addition.txt
    2016-08-09 02:34 - 2016-08-15 22:46 - 00032152 _____ C:\FRST.txt
    2016-08-09 02:34 - 2016-08-15 22:45 - 00000000 ____D C:\FRST
    2016-08-09 02:33 - 2016-08-09 02:33 - 01743872 _____ (Farbar) C:\FRST.exe
    2016-08-09 02:32 - 2016-08-09 02:32 - 02393600 _____ (Farbar) C:\FRST64.exe
    2016-08-08 16:05 - 2016-08-08 16:05 - 00090112 _____ C:\WINDOWS\Minidump\Mini080816-05.dmp
    2016-08-08 15:29 - 2016-08-08 15:29 - 00090112 _____ C:\WINDOWS\Minidump\Mini080816-04.dmp
    2016-08-08 14:14 - 2016-08-08 14:14 - 00090112 _____ C:\WINDOWS\Minidump\Mini080816-03.dmp
    2016-08-08 13:36 - 2016-08-08 13:36 - 00090112 _____ C:\WINDOWS\Minidump\Mini080816-02.dmp
    2016-08-08 11:16 - 2016-08-08 11:15 - 00090112 _____ C:\WINDOWS\Minidump\Mini080816-01.dmp
    2016-08-08 00:28 - 2016-08-08 00:28 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Start Menu\Programs\Dropbox
    2016-08-07 23:52 - 2016-08-07 23:52 - 00106496 _____ C:\WINDOWS\Minidump\Mini080716-05.dmp
    2016-08-07 23:49 - 2016-08-07 23:49 - 00106496 _____ C:\WINDOWS\Minidump\Mini080716-04.dmp
    2016-08-07 23:40 - 2016-08-07 23:39 - 00106496 _____ C:\WINDOWS\Minidump\Mini080716-03.dmp
    2016-08-07 22:13 - 2016-08-07 22:12 - 00106496 _____ C:\WINDOWS\Minidump\Mini080716-02.dmp
    2016-08-07 17:29 - 2016-08-07 23:55 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Start Menu\Programs\Dropbox(2)
    2016-08-07 17:12 - 2016-08-07 17:12 - 00106496 _____ C:\WINDOWS\Minidump\Mini080716-01.dmp
    2016-08-07 16:39 - 2016-08-07 16:39 - 00000000 ____D C:\found.000
    2016-07-21 13:52 - 2016-08-15 16:21 - 00000502 _____ C:\WINDOWS\Tasks\SystemToolsDailyTest.job
    2016-07-21 13:52 - 2016-08-11 01:34 - 00000478 _____ C:\WINDOWS\Tasks\PCDDataUploadTask.job
    2016-07-19 18:03 - 2016-08-14 21:28 - 00002051 _____ C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
    2016-07-19 18:03 - 2016-07-19 18:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
    2016-07-19 17:59 - 2016-07-19 17:59 - 00000000 ____D C:\Program Files\Common Files\Lavasoft

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-08-15 22:46 - 2010-05-11 18:52 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Local Settings\temp
    2016-08-15 22:42 - 2010-02-02 20:34 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-08-15 22:42 - 2010-02-02 20:34 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-08-15 22:33 - 2012-03-31 09:18 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-08-15 22:26 - 2015-06-12 22:15 - 00001036 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2952040898-4172286553-4130697486-1008UA.job
    2016-08-15 22:09 - 2011-08-17 21:40 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Application Data\Spotify
    2016-08-15 21:20 - 2006-06-18 22:46 - 00000000 ___RD C:\Documents and Settings\Jennifer Klausner\My Documents
    2016-08-15 17:29 - 2010-09-28 21:52 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
    2016-08-15 16:29 - 2013-01-26 14:57 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Application Data\PCDr
    2016-08-15 14:42 - 2004-08-11 18:20 - 00032508 _____ C:\WINDOWS\SchedLgU.Txt
    2016-08-15 11:59 - 2011-08-17 21:40 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Spotify
    2016-08-14 23:26 - 2015-06-12 22:15 - 00000984 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2952040898-4172286553-4130697486-1008Core.job
    2016-08-14 21:39 - 2012-08-07 01:42 - 00000000 ___RD C:\Documents and Settings\Jennifer Klausner\My Documents\Dropbox
    2016-08-14 21:35 - 2006-06-02 15:31 - 00043522 _____ C:\WINDOWS\system32\nvapps.xml
    2016-08-14 21:35 - 2004-08-11 18:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
    2016-08-14 21:34 - 2014-03-09 21:07 - 00000246 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
    2016-08-14 21:28 - 2006-06-02 15:31 - 00003484 _____ C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt
    2016-08-14 21:27 - 2004-08-11 18:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-08-14 16:12 - 2013-10-16 19:16 - 00458752 _____ C:\WINDOWS\system32\config\SMART Pr.evt
    2016-08-14 16:12 - 2013-01-26 16:41 - 00064980 _____ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000004-00001102-00000005-10031102}.rfx
    2016-08-14 16:12 - 2013-01-26 16:41 - 00054788 _____ C:\WINDOWS\system32\BMXStateBkp-{00000005-00000000-00000004-00001102-00000005-10031102}.rfx
    2016-08-14 16:12 - 2013-01-26 16:41 - 00054788 _____ C:\WINDOWS\system32\BMXState-{00000005-00000000-00000004-00001102-00000005-10031102}.rfx
    2016-08-14 16:12 - 2013-01-26 16:41 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
    2016-08-14 16:12 - 2013-01-26 16:41 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
    2016-08-14 16:12 - 2012-12-08 15:58 - 00282770 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
    2016-08-14 16:12 - 2006-06-18 22:46 - 00000278 ___SH C:\Documents and Settings\Jennifer Klausner\ntuser.ini
    2016-08-14 15:01 - 2004-08-11 18:00 - 00000227 _____ C:\WINDOWS\system.ini
    2016-08-14 14:30 - 2010-05-05 07:22 - 00000000 ____D C:\WINDOWS\ERDNT
    2016-08-14 14:08 - 2015-12-16 07:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
    2016-08-14 14:08 - 2013-10-19 20:58 - 00339264 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2016-08-14 13:50 - 2004-08-11 18:02 - 00000000 ___HD C:\WINDOWS\inf
    2016-08-13 14:23 - 2006-06-18 22:46 - 00000000 ___RD C:\Documents and Settings\Jennifer Klausner\My Documents\My Music
    2016-08-13 01:09 - 2007-08-20 18:29 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Application Data\Yahoo!
    2016-08-12 11:24 - 2006-06-18 22:46 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner
    2016-08-12 10:52 - 2007-01-17 00:00 - 19227152 _____ C:\VETlog.txt
    2016-08-12 10:52 - 2007-01-17 00:00 - 00082779 _____ C:\VETlog.dmp
    2016-08-11 21:09 - 2011-06-04 04:54 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2016-08-09 12:06 - 2006-06-02 15:44 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Dell
    2016-08-08 17:38 - 2006-06-20 13:57 - 141983760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-08-08 16:05 - 2008-01-16 05:19 - 00000000 ____D C:\WINDOWS\Minidump
    2016-08-08 00:28 - 2012-08-07 01:39 - 00000000 ____D C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox
    2016-08-08 00:13 - 2015-12-16 07:41 - 00000617 _____ C:\Documents and Settings\All Users\Desktop\AVG.lnk
    2016-08-08 00:13 - 2015-12-16 07:41 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG Zen
    2016-08-07 23:56 - 2006-06-20 13:55 - 00000000 ____D C:\Documents and Settings\Dorothy Klausner
    2016-08-07 23:56 - 2006-06-19 10:38 - 00000000 ____D C:\Documents and Settings\Michelle Klausner
    2016-08-07 23:56 - 2006-06-18 15:20 - 00000000 ____D C:\Documents and Settings\Julius Klausner
    2016-08-07 23:56 - 2004-08-11 18:20 - 00000000 __SHD C:\Documents and Settings\NetworkService
    2016-08-07 23:56 - 2004-08-11 18:20 - 00000000 __SHD C:\Documents and Settings\LocalService
    2016-08-07 23:56 - 2004-08-11 18:20 - 00000000 ____D C:\Documents and Settings\Administrator
    2016-08-07 23:56 - 2004-08-11 18:11 - 00000000 ____D C:\WINDOWS\Registration
    2016-08-07 23:54 - 2004-08-11 18:20 - 00000178 __SHC C:\Documents and Settings\Administrator\ntuser.ini
    2016-08-07 23:53 - 2010-05-05 01:00 - 00254702 _____ C:\WINDOWS\ntbtlog.txt
    2016-07-21 13:49 - 2013-01-26 15:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PCDr
    2016-07-16 10:33 - 2012-03-31 09:18 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2016-07-16 10:33 - 2011-05-18 17:42 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl

    ==================== Files in the root of some directories =======

    2010-05-05 07:21 - 2010-05-11 17:55 - 3686521 ____R () C:\Program Files\ComboFix.exe
    2010-05-05 00:37 - 2010-05-05 00:37 - 0284915 _____ () C:\Program Files\gmer.zip
    2010-05-07 01:02 - 2010-05-07 01:02 - 0000511 _____ () C:\Program Files\Printflush-1.3 Printer Help.zip
    2010-05-08 11:34 - 2010-05-08 11:34 - 0000668 _____ () C:\Program Files\ResetTeaTimer.zip
    2010-06-16 22:25 - 2010-06-16 22:25 - 0976273 _____ () C:\Program Files\tempCleaner_3.0.4.exe.zip
    2010-06-16 22:21 - 2010-06-16 22:21 - 0080014 _____ () C:\Program Files\TFC-Temp-File-Cleaner-OldTimer-file187.html
    2010-06-16 22:30 - 2010-06-16 22:30 - 0272384 _____ (OldTimer Tools) C:\Program Files\TFC.exe
    2008-01-19 02:15 - 2008-01-19 02:15 - 31332844 ____C () C:\Program Files\Three Dog Night- live at the Forum 1.rar
    2008-01-19 02:22 - 2008-01-19 02:22 - 58369340 ____C () C:\Program Files\Three Dog Night- live at the Forum 2.rar
    2008-01-19 02:12 - 2008-01-19 02:12 - 0000138 ____C () C:\Program Files\Three Dog Night- live at the Forum.rar
    2008-01-19 00:35 - 2008-01-19 00:36 - 12727648 ____C () C:\Program Files\winzip111.exe
    2011-10-12 03:57 - 2011-10-12 03:57 - 0995328 _____ () C:\Program Files\WOT-20110704-en-US.msi
    2008-02-14 22:06 - 2012-11-09 23:24 - 0007680 ____C () C:\Documents and Settings\Jennifer Klausner\Application Data\dvd.bmk
    2007-10-25 06:36 - 2007-10-25 06:36 - 0002219 ____C () C:\Documents and Settings\Jennifer Klausner\Application Data\evpro32.prf
    2008-02-03 04:08 - 2014-07-27 12:48 - 0006144 ____C () C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2006-06-18 22:46 - 2007-10-07 15:52 - 0000140 ____N () C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\fusioncache.dat
    2010-04-19 19:57 - 2010-04-19 19:57 - 0000036 _____ () C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\housecall.guid.cache
    2012-03-28 17:56 - 2012-03-28 18:16 - 0000753 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log

    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    ==================== End of FRST.txt ============================

    Thanks, Jennifer

  6. #21
    Join Date
    Oct 2005
    Posts
    26
    Dear Broni,

    Here is the Additional FRST log, over 2 different pages:
    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-08-2016
    Ran by Jennifer Klausner (2016-08-15 22:47:19)
    Running from C:\
    Microsoft Windows XP Professional Service Pack 3 (X86) (2006-06-18 19:20:14)
    Boot Mode: Normal
    ==========================================================
    ==================== Accounts: =============================
    Administrator (S-1-5-21-2952040898-4172286553-4130697486-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
    Dorothy Klausner (S-1-5-21-2952040898-4172286553-4130697486-1007 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Dorothy Klausner
    Guest (S-1-5-21-2952040898-4172286553-4130697486-501 - Limited - Enabled)
    HelpAssistant (S-1-5-21-2952040898-4172286553-4130697486-1005 - Limited - Disabled)
    Jennifer Klausner (S-1-5-21-2952040898-4172286553-4130697486-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Jennifer Klausner
    Julius Klausner (S-1-5-21-2952040898-4172286553-4130697486-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Julius Klausner
    Michelle Klausner (S-1-5-21-2952040898-4172286553-4130697486-1009 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Michelle Klausner
    SUPPORT_388945a0 (S-1-5-21-2952040898-4172286553-4130697486-1002 - Limited - Disabled)
    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: Ad-Aware Antivirus (Disabled - Out of date) {22CB8761-914A-11CF-B705-00AA0062CBB7}
    FW: Ad-Aware Firewall (Disabled) {9211320F-6C40-4035-BBDE-3C96ED504F33}
    ==================== Installed Programs ======================
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
    32 bit Windows Card Reader Driver (HKLM\...\{CE6DEE87-1C87-42ED-A108-7369BFE9076F}) (Version: 1.1.0.0 - TEAC)
    Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Ad-Aware Antivirus (HKLM\...\{3F5DFA1C-DAD9-49F7-B40D-DE40559C439F}_AdAwareUpdater) (Version: 11.12.945.9202 - Lavasoft)
    AdAwareInstaller (Version: 11.12.945.9202 - Lavasoft) Hidden
    AdAwareUpdater (Version: 11.12.945.9202 - Lavasoft) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
    Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
    Adobe Shockwave Player (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)
    AGEIA PhysX v6.11.13 (HKLM\...\{C09377D8-DB6A-42B9-9EBE-A670D0ABDB4F}) (Version: 6.11.13 - AGEIA Technologies, Inc.)
    AIM 7 (HKLM\...\AIM_7) (Version: - )
    Akamai NetSession Interface (HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Akamai) (Version: - Akamai Technologies, Inc)
    Amazon MP3 Downloader 1.0.18 (HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
    AntimalwareEngine (Version: 3.0.129.0 - Lavasoft) Hidden
    AOL Coach Version 1.0(Build:20040229.1 en) (HKLM\...\AOLCoach) (Version: - )
    AOL Instant Messenger (HKLM\...\AOL Instant Messenger) (Version: - )
    AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - AOL Inc.)
    AOLIcon (Version: 1.00.0000 - Dell) Hidden
    Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{A75CA58D-DB9C-4D14-9428-E0C7B0F623DC}) (Version: 9.0.0.26 - Apple Inc.)
    Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    Ashampoo Burning Studio Elements 10.0.9 (HKLM\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
    AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies)
    AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    C4400 (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    C4400_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    Camera Access Library (Version: 8.0.0.21 - Canon) Hidden
    Camera Support Core Library (Version: 7.3.0.4 - Canon) Hidden
    Camera Window DS (Version: 5.3.1 - Canon) Hidden
    Camera Window DVC (Version: 5.4.4 - Canon) Hidden
    Camera Window DVC (Version: 6.0 - Canon) Hidden
    Camera Window MC (Version: 6.0 - Canon) Hidden
    Canon Camera Access Library (HKLM\...\InstallShield_{901F8ED7-13E8-43EF-B738-2FE89B0588EB}) (Version: 8.0.0.21 - Canon)
    Canon Camera Support Core Library (HKLM\...\InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon)
    Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM\...\InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}) (Version: 5.4.4 - Canon)
    Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\InstallShield_{50E25180-3BDC-4B6D-80A2-3F1F0C9CF39D}) (Version: 6.0 - Canon)
    Canon Camera Window DSLR 5 for ZoomBrowser EX (HKLM\...\InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7}) (Version: 5.3.1 - Canon)
    Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\InstallShield_{6C3A75A6-9A90-44A3-A703-82AC1EA6A85D}) (Version: 6.0 - Canon)
    Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\InstallShield_{4DBBF091-FACD-422C-B43C-786335BD5398}) (Version: 2.1.0.20 - Canon)
    Canon PhotoRecord (HKLM\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra)
    Canon RAW Image Task for ZoomBrowser EX (HKLM\...\InstallShield_{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}) (Version: 2.2 - Canon)
    Canon Utilities PhotoStitch 3.1 (HKLM\...\InstallShield_{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}) (Version: 3.1.16 - Canon)
    Canon ZoomBrowser EX (E) (HKLM\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 5.05.0000 - Canon)
    Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
    CinepPlayer 30 Update (HKLM\...\{C41F4616-44B6-4E8D-BFC7-4267862A2CE1}) (Version: - )
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation)
    Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version: - )
    Copy (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    Corel Photo Album 6 (HKLM\...\{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.33 - Corel, Inc.)
    Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
    CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Dell CinePlayer (HKLM\...\{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}) (Version: 3.0 - Dell)
    Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version: - )
    Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
    Dell Media Experience (HKLM\...\{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}) (Version: 3.1 - Dell)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6817.133 - Dell)
    Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
    DellSupport (HKLM\...\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
    Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
    DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
    Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
    DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
    DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Documentation & Support Launcher (HKLM\...\{B0DF58A2-40DF-4465-AA56-38623EC9938C}) (Version: 1.00.0000 - Dell Inc.)
    Dropbox (HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
    EASEUS Data Recovery Wizard Free Edition 5.0.1 (HKLM\...\EASEUS Data Recovery Wizard Free Edition 5.0.1_is1) (Version: - EASEUS)
    EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
    ELIcon (Version: 1.00.0000 - Dell) Hidden
    eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
    Games, Music, & Photos Launcher (HKLM\...\{B6884A07-0305-47AE-9969-8F26FADC17DE}) (Version: 1.00.0000 - Dell Inc.)
    Garmin Communicator Plugin (HKLM\...\{EFF87108-C9D0-43F1-BEE1-28DA87778F1A}) (Version: 2.8.2 - Garmin Ltd or its subsidiaries)
    Garmin USB Drivers (HKLM\...\{B1102A25-3AA3-446B-AA0F-A699B07A02FD}) (Version: 1.0.0.0 - Garmin Ltd or its subsidiaries)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
    GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
    Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
    High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
    HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
    HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
    HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3 (HKLM\...\{FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8}) (Version: 10.0 - HP)
    HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
    HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
    HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
    HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)
    HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
    HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
    Intel(R) PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
    Intel(R) PROSet for Wired Connections (HKLM\...\{4CEA6811-DFAD-4892-828D-49941FE3B779}) (Version: 9.30.0000 - Dell)
    iTunes (HKLM\...\{868B9974-4F23-494D-B6BC-4FAB92B2755D}) (Version: 12.1.3.6 - Apple Inc.)
    Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.230 - Sun Microsystems, Inc.)
    Java(TM) 6 Update 3 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)
    LUMIX Simple Viewer (HKLM\...\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}) (Version: 0.99.0000 - Panasonic)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    MCU (Version: 1.00.0000 - Dell) Hidden
    MetaFrame Presentation Server Web Client for Win32 (HKLM\...\MetaFrame Presentation Server Web Client for Win32) (Version: - )
    Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
    Microsoft Office Outlook 2003 with Business Contact Manager Update (HKLM\...\{BA68600E-96D9-4E92-80F2-26B9681B5A63}) (Version: 2.0.4013.0 - Microsoft Corporation)
    Microsoft Office Small Business Edition 2003 (HKLM\...\{91CA0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
    Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
    Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ) (HKLM\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.2039 - Microsoft Corporation)
    Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.31117 - Microsoft Corporation)
    Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
    Mouse Suite for Desktop Computers (HKLM\...\{448E2D77-E504-4221-B2C2-93646B344729}) (Version: 1.00.0000 - Dell)
    Move Media Player (HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Move Media Player) (Version: - Move Networks)
    MovieEdit Task (Version: 2.1.0.20 - Canon) Hidden
    Mozilla Firefox 47.0 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
    MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
    MyScript HWR (Spanish) (HKLM\...\{EDAC6E0D-F93B-4B80-9377-F57D3BB5E6B1}) (Version: 4.4.5.1 - SMART Technologies ULC)
    NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.12 - BVRP Software, Inc)
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
    OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
    Oracle JInitiator 1.3.1.28 (HKLM\...\{CAFECAFE-0013-0001-0128-ABCDEFABCDEF}) (Version: - )
    PanoStandAlone (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    PassAlong Software (HKLM\...\{AC4732F4-665D-4E6B-8E50-74D6B6FBE5A9}) (Version: 2.2.04 - PassAlong Music Store)
    PhotoStitch (Version: 3.1.16 - Canon) Hidden
    PS_AIO_03_C4400_ProductContext (Version: 100.0.215.000 - Hewlett-Packard) Hidden
    PS_AIO_03_C4400_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    PS_AIO_03_C4400_Software_Min (Version: 100.0.213.000 - Hewlett-Packard) Hidden
    PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
    QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
    RAW Image Task 2.2 (Version: 2.2 - Canon) Hidden
    Roxio DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 5.2.0 - Roxio)
    Roxio MyDVD LE (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.6 - Roxio)
    Roxio RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.4 - Roxio)
    Roxio RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.4 - Roxio)
    Roxio RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.4 - Roxio)
    Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)
    Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
    Search Assist (HKLM\...\{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}) (Version: 1.00.0000 - Dell)
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
    SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4600.0 - SigmaTel)
    SMART Common Files (HKLM\...\{BBA07B40-F7C6-44F7-BF08-767F8835685F}) (Version: 11.4.188.0 - SMART Technologies ULC)
    SMART Ink (HKLM\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.723.0 - SMART Technologies ULC)
    SMART Notebook (HKLM\...\{E57F6C8B-E159-477E-93BF-764759747BC4}) (Version: 11.3.857.0 - SMART Technologies ULC)
    SMART Product Drivers (HKLM\...\{589B09F5-0768-4BE9-B8C0-DD253E6B3643}) (Version: 11.3.533.0 - SMART Technologies ULC)
    SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden
    SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden
    Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
    Sonic Advanced Decoder (HKLM\...\{46C73DE4-E96D-4F7C-8371-F28052183B12}) (Version: - )
    Sound Blaster X-Fi (HKLM\...\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}) (Version: 1.0 - )
    Spotify (HKLM\...\Spotify) (Version: 0.5.2 - )
    Spotify (HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    Spybot - Search & Destroy 1.5.2.20 (HKLM\...\Spybot - Search & Destroy_is1) (Version: - Safer Networking Ltd.)
    Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden
    Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
    URL Assistant (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
    VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
    Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Walmart MP3 Music Downloads (HKLM\...\Walmart MP3 Music Downloads) (Version: 1.4.0.9 - Walmart.com)
    WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
    WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) (HKLM\...\45A7283175C62FAC673F913C1F532C5361F97841) (Version: 03/08/2007 2.2.1.0 - Garmin)
    Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0059.1 - Microsoft Corporation)
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
    Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
    Windows PowerShell(TM) 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
    Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
    WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
    WinZip 11.2 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}) (Version: 11.3.8261 - WinZip Computing, S.L. )
    WOT for Internet Explorer (HKLM\...\{DB0BB9FA-1B60-4036-8E29-3D56D8085256}) (Version: 10.3.3.0 - WOT Services Oy)
    WOT for Internet Explorer (HKLM\...\{DCAEC601-735C-41AE-B84F-D792F09FB7D1}) (Version: 12.8.2.0 - WOT Services Oy)
    ==================== Custom CLSID (Whitelisted): ==========================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\DropboxExt.38.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Move Networks\plugins\npqmp071505000010.dll (Move Networks)
    CustomCLSID: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> C:\Documents and Settings\Jennifer Klausner\Application Data\Move Networks\plugins\npqmp071505000010.dll (Move Networks)

  7. #22
    Join Date
    Oct 2005
    Posts
    26
    Additional log Pt 2:

    ==================== Scheduled Tasks (Whitelisted) =============
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2952040898-4172286553-4130697486-1008Core.job => C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2952040898-4172286553-4130697486-1008UA.job => C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\PCDDataUploadTask.job => C:\Program Files\Dell\SupportAssist\uaclauncher.exe
    Task: C:\WINDOWS\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell\SupportAssist\uaclauncher.exe
    ==================== Shortcuts =============================
    (The entries could be listed to be restored or removed.)
    Shortcut: C:\Documents and Settings\Jennifer Klausner\NetHood\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.com
    ==================== Loaded Modules (Whitelisted) ==============
    2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2016-07-18 20:22 - 2016-07-18 20:22 - 00664040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
    2016-07-18 20:25 - 2016-07-18 20:25 - 00026880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_system-vc140-mt-1_61.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00055560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_date_time-vc140-mt-1_61.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00122632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_filesystem-vc140-mt-1_61.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 08996600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareServiceKernel.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 02454224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\RCF.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00670976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_regex-vc140-mt-1_61.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00099072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_thread-vc140-mt-1_61.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00035584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_chrono-vc140-mt-1_61.dll
    2016-07-18 20:24 - 2016-07-18 20:24 - 00772336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareActivation.dll
    2016-07-18 20:24 - 2016-07-18 20:24 - 00490752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareApplicationUpdater.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00668912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareGamingMode.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00090856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareReset.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00109280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTime.dll
    2016-07-18 20:24 - 2016-07-18 20:24 - 00829184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareDefinitionsUpdater.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00721168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareDefinitionsUpdaterScheduler.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00862960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareIgnoreList.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00210672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareQuarantine.dll
    2016-07-18 20:24 - 2016-07-18 20:24 - 01295104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAntiMalwareEngine.dll
    2016-07-18 20:24 - 2016-07-18 20:24 - 00179968 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAntiRootkitEngine.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00903416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareScannerHistory.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 01074408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareScanner.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00035584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_timer-vc140-mt-1_61.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00806648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareScannerScheduler.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00948992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareRealTimeProtection.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 02242808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareIncompatibles.dll
    2016-07-18 20:24 - 2016-07-18 20:24 - 01205480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAntiSpam.dll
    2016-07-18 20:24 - 2016-07-18 20:24 - 01157360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAntiPhishing.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 02655480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareParentalControl.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 02807544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareWebProtection.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 01044728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareEmailProtection.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00055048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_iostreams-vc140-mt-1_61.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 01513728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareNetworkProtection.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00829672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwarePromo.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00373480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareFeedback.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 02424576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareThreatWorkAlliance.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 01044200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwarePinCode.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00831208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareNotice.dll
    2016-07-18 20:24 - 2016-07-18 20:24 - 01270000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAvcEngine.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00915728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareRealTimeProtectionHistory.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00424176 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareStatistics.dll
    2013-01-26 16:38 - 2005-11-08 21:30 - 00003072 _____ () C:\WINDOWS\CTXFIRES.DLL
    2005-11-01 04:12 - 2006-05-03 03:12 - 00098304 _____ () C:\Program Files\Dell\Media Experience\DMXLauncher.exe
    2016-07-18 20:25 - 2016-07-18 20:25 - 08063200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe
    2016-07-18 20:25 - 2016-07-18 20:25 - 00403712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_locale-vc140-mt-1_61.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 01888488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\HtmlFramework.dll
    2016-07-18 20:25 - 2016-07-18 20:25 - 00869624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTrayDefaultSkin.dll
    2015-12-16 07:32 - 2016-04-07 22:40 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll
    2013-05-22 14:17 - 2013-05-22 14:17 - 00400704 _____ () C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
    2013-08-22 19:43 - 2013-08-22 19:43 - 00272688 _____ () C:\Program Files\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
    2013-08-22 19:44 - 2013-08-22 19:44 - 00039216 _____ () C:\Program Files\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
    2013-08-22 19:44 - 2013-08-22 19:44 - 00053040 _____ () C:\Program Files\SMART Technologies\Education Software\sbsdk-server\node_modules\SWR.node
    2013-08-22 19:44 - 2013-08-22 19:44 - 00057648 _____ () C:\Program Files\SMART Technologies\Education Software\sbsdk-server\node_modules\MWR.node
    2013-08-22 19:44 - 2013-08-22 19:44 - 00014848 _____ () C:\Program Files\SMART Technologies\Education Software\sbsdk-server\node_modules\SessionNotification.node
    2016-08-08 00:28 - 2016-06-29 22:25 - 00035792 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\_multiprocessing.pyd
    2016-08-08 00:28 - 2016-06-29 22:25 - 00145864 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\pyexpat.pyd
    2016-08-08 00:28 - 2016-06-29 22:26 - 00019408 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\faulthandler.pyd
    2016-08-08 00:28 - 2016-06-29 22:25 - 00116688 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\pywintypes27.dll
    2016-08-08 00:28 - 2016-06-29 22:25 - 00100296 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\_ctypes.pyd
    2016-08-08 00:28 - 2016-06-29 22:25 - 00018888 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\select.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00019760 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\tornado.speedups.pyd
    2016-08-08 00:28 - 2016-06-29 22:25 - 00694224 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\unicodedata.pyd
    2016-08-08 00:28 - 2016-08-01 17:26 - 00020816 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
    2016-08-08 00:28 - 2016-06-29 22:26 - 00123856 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\_cffi_backend.pyd
    2016-08-08 00:28 - 2016-08-01 17:26 - 01682760 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
    2016-08-08 00:28 - 2016-08-01 17:26 - 00020808 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00021312 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00052024 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\psutil._psutil_windows.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00038696 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\fastpath.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00105928 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32api.pyd
    2016-08-08 00:28 - 2016-06-29 22:25 - 00392144 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\pythoncom27.dll
    2016-08-08 00:28 - 2016-06-29 22:27 - 00020936 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\mmapfile.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00024528 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32event.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00114640 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32security.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00381752 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32com.shell.shell.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00124880 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32file.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00025424 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00024016 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32clipboard.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00175560 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32gui.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00030160 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32pipe.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00043472 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32process.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00048592 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32service.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00026456 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00057808 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32evtlog.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00024016 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32profile.pyd
    2016-08-08 00:28 - 2016-08-01 17:26 - 00246592 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\breakpad.client.windows.handler.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00028616 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32ts.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00020800 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00019776 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00020800 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
    2016-08-08 00:28 - 2016-06-29 22:25 - 00144848 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\_elementtree.pyd
    2016-08-08 00:28 - 2016-06-29 22:26 - 00241104 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\_jpegtran.pyd
    2016-08-08 00:28 - 2016-08-01 17:26 - 00020280 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\cpuid.compiled._cpuid.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00023376 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00350152 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winxpgui.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00022352 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00024392 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
    2016-08-08 00:28 - 2016-06-29 22:28 - 00036296 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\librsync.dll
    2016-08-08 00:28 - 2016-08-01 17:27 - 00084280 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\dropbox_sqlite_ext.dll
    2016-08-08 00:28 - 2016-08-01 17:27 - 01826096 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\PyQt5.QtCore.pyd
    2016-08-08 00:28 - 2016-06-29 22:26 - 00083912 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\sip.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 03929392 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\PyQt5.QtWidgets.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 01972016 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\PyQt5.QtGui.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00531248 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\PyQt5.QtNetwork.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00132912 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\PyQt5.QtWebKit.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00224056 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00207672 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\PyQt5.QtPrintSupport.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00020288 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winffi.user32._winffi_user32.pyd
    2016-08-08 00:28 - 2016-06-29 22:27 - 00060880 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\win32print.pyd
    2016-08-08 00:28 - 2016-08-01 17:27 - 00024904 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
    2015-04-03 02:11 - 2016-01-23 17:21 - 50679920 _____ () C:\Documents and Settings\Jennifer Klausner\Application Data\Spotify\libcef.dll
    2004-08-11 18:00 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
    2016-07-12 14:33 - 2016-07-12 14:33 - 19483328 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll
    2016-08-09 12:05 - 2016-08-01 15:35 - 00115448 _____ () C:\Program Files\Dell\SupportAssist\libCSharpCommonCS.dll
    2016-08-09 12:05 - 2016-08-01 15:35 - 00557816 _____ () C:\Program Files\Dell\SupportAssist\libAsapiCSharp.dll
    2015-09-08 17:35 - 2015-09-08 17:35 - 00048640 _____ () C:\Program Files\AOL Desktop 9.8.0\zlib.dll
    2015-09-08 17:35 - 2015-09-08 17:35 - 21151232 _____ () C:\Program Files\AOL Desktop 9.8.0\libcef.dll
    2015-09-08 17:35 - 2015-09-08 17:35 - 00648704 _____ () C:\Program Files\AOL Desktop 9.8.0\libglesv2.dll
    2015-09-08 17:35 - 2015-09-08 17:35 - 00122880 _____ () C:\Program Files\AOL Desktop 9.8.0\libegl.dll
    2015-09-08 17:35 - 2015-09-08 17:35 - 00094208 _____ () C:\Program Files\AOL Desktop 9.8.0\Components\Tier2Svc.dll
    2015-09-08 17:35 - 2015-09-08 17:35 - 00060928 _____ () C:\Program Files\AOL Desktop 9.8.0\Components\DataSvcs.dll
    2004-08-11 18:00 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
    2004-08-11 18:00 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
    2015-08-05 12:45 - 2015-08-05 12:45 - 41503232 _____ () C:\Program Files\AOL Desktop 9.8.0\AOLBrowser\libcef.dll
    2015-08-05 12:45 - 2015-08-05 12:45 - 09581568 _____ () C:\Program Files\AOL Desktop 9.8.0\AOLBrowser\pdf.dll
    ==================== Alternate Data Streams (Whitelisted) =========
    (If an entry is included in the fixlist, only the ADS will be removed.)
    ==================== Safe Mode (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11 => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LavasoftAdAwareService11 => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
    ==================== Association (Whitelisted) ===============
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
    ==================== Internet Explorer trusted/restricted ===============
    (If an entry is included in the fixlist, it will be removed from the registry.)
    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1-extreme.biz -> www.1-extreme.biz
    IE restricted site: HKU\.DEFAULT\...\1001-search.info -> www.1001-search.info
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
    IE restricted site: HKU\.DEFAULT\...\132.com -> www.132.com
    IE restricted site: HKU\.DEFAULT\...\136136.net -> down.136136.net
    IE restricted site: HKU\.DEFAULT\...\139mm.com -> www.139mm.com
    IE restricted site: HKU\.DEFAULT\...\163ns.com -> ert0003.e76.163ns.com
    IE restricted site: HKU\.DEFAULT\...\17-plus.com -> 17-plus.com
    IE restricted site: HKU\.DEFAULT\...\171203.com -> 171203.com
    IE restricted site: HKU\.DEFAULT\...\1800searchonline.com -> www.1800searchonline.com
    There are 4221 more sites.
    IE restricted site: HKU\S-1-5-19\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-19\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-19\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-19\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-19\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-19\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-19\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-19\...\1-extreme.biz -> www.1-extreme.biz
    IE restricted site: HKU\S-1-5-19\...\1001-search.info -> www.1001-search.info
    IE restricted site: HKU\S-1-5-19\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-19\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-19\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-19\...\123topsearch.com -> www.123topsearch.com
    IE restricted site: HKU\S-1-5-19\...\132.com -> www.132.com
    IE restricted site: HKU\S-1-5-19\...\136136.net -> down.136136.net
    IE restricted site: HKU\S-1-5-19\...\139mm.com -> www.139mm.com
    IE restricted site: HKU\S-1-5-19\...\163ns.com -> ert0003.e76.163ns.com
    IE restricted site: HKU\S-1-5-19\...\17-plus.com -> 17-plus.com
    IE restricted site: HKU\S-1-5-19\...\171203.com -> 171203.com
    IE restricted site: HKU\S-1-5-19\...\1800searchonline.com -> www.1800searchonline.com
    There are 4221 more sites.
    IE restricted site: HKU\S-1-5-20\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-20\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-20\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-20\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-20\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-20\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-20\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-20\...\1-extreme.biz -> www.1-extreme.biz
    IE restricted site: HKU\S-1-5-20\...\1001-search.info -> www.1001-search.info
    IE restricted site: HKU\S-1-5-20\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-20\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-20\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-20\...\123topsearch.com -> www.123topsearch.com
    IE restricted site: HKU\S-1-5-20\...\132.com -> www.132.com
    IE restricted site: HKU\S-1-5-20\...\136136.net -> down.136136.net
    IE restricted site: HKU\S-1-5-20\...\139mm.com -> www.139mm.com
    IE restricted site: HKU\S-1-5-20\...\163ns.com -> ert0003.e76.163ns.com
    IE restricted site: HKU\S-1-5-20\...\17-plus.com -> 17-plus.com
    IE restricted site: HKU\S-1-5-20\...\171203.com -> 171203.com
    IE restricted site: HKU\S-1-5-20\...\1800searchonline.com -> www.1800searchonline.com
    There are 4221 more sites.
    IE trusted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\dell.com -> dell.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\1-extreme.biz -> www.1-extreme.biz
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\1001-search.info -> www.1001-search.info
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\123topsearch.com -> www.123topsearch.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\132.com -> www.132.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\136136.net -> down.136136.net
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\139mm.com -> www.139mm.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\163ns.com -> ert0003.e76.163ns.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\17-plus.com -> 17-plus.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\171203.com -> 171203.com
    IE restricted site: HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\...\1800searchonline.com -> www.1800searchonline.com
    There are 4219 more sites.
    ==================== Hosts content: ===============================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2004-08-11 18:00 - 2016-08-14 15:01 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ==================== Other Areas ============================
    (Currently there is no automatic fix for this section.)
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    DNS Servers: 75.75.75.75 - 75.75.76.76
    Windows Firewall is enabled.
    ==================== MSCONFIG/TASK MANAGER disabled items ==
    (Currently there is no automatic fix for this section.)
    ==================== FirewallRules (Whitelisted) ===============
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] => Enabled:AOL
    DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe] => Enabled:AOL
    DomainProfile\AuthorizedApplications: [C:\Program Files\America Online 9.0\waol.exe] => Enabled:America Online 9.0
    StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] => Enabled:AOL
    StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe] => Enabled:AOL
    StandardProfile\AuthorizedApplications: [C:\Program Files\America Online 9.0\waol.exe] => Enabled:America Online 9.0
    StandardProfile\AuthorizedApplications: [C:\Program Files\AIM\aim.exe] => Enabled:AOL Instant Messenger
    StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\1169873283\ee\aolsoftware.exe] => Enabled:AOL Shared Components
    StandardProfile\AuthorizedApplications: [C:\Program Files\AOL 9.1\waol.exe] => Enabled:AOL
    StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe] => Enabled:AOL TopSpeed
    StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\Loader\aolload.exe] => Enabled:AOL Loader
    StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\System Information\sinf.exe] => Enabled:AOL System Information
    StandardProfile\AuthorizedApplications: [C:\Program Files\AIM7\aim.exe] => Enabled:AIM
    StandardProfile\AuthorizedApplications: [C:\Program Files\AOL Desktop 9.6\waol.exe] => Enabled:AOL Desktop 9.6
    StandardProfile\AuthorizedApplications: [C:\Program Files\Spotify\spotify.exe] => Enabled:Spotify
    StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
    StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
    StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Jennifer Klausner\Application Data\Dropbox\bin\Dropbox.exe] => Enabledropbox
    StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\Akamai\netsession_win.exe] => Enabled:Akamai NetSession Client
    StandardProfile\AuthorizedApplications: [C:\Program Files\SMART Technologies\Education Software\UCGui.exe] => Enabled:SMART Universal Controller Interface
    StandardProfile\AuthorizedApplications: [C:\Program Files\SMART Technologies\Education Software\UCService.exe] => Enabled:SMART Display Controller Service
    StandardProfile\AuthorizedApplications: [C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe] => Enabled:SMART SNMP Agent
    StandardProfile\AuthorizedApplications: [C:\Program Files\AOL Desktop 9.7\waol.exe] => Enabled:AOL
    StandardProfile\AuthorizedApplications: [C:\Program Files\AOL Desktop 9.7\aolbrowser.exe] => Enabled:AOL Browser
    StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Jennifer Klausner\Application Data\Spotify\Spotify.exe] => Enabled:Spotify
    StandardProfile\AuthorizedApplications: [C:\Spotify.exe] => Disabled:Spotify
    StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
    StandardProfile\AuthorizedApplications: [C:\Program Files\AOL Desktop 9.8.0\waol.exe] => Enabled:AOL
    StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
    DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
    DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
    DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
    DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
    StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007
    StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
    StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
    StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
    StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
    StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
    StandardProfile\GloballyOpenPorts: [3389:TCP] => Enabled:@xpsp2res.dll,-22009
    StandardProfile\GloballyOpenPorts: [12001:UDP] => Enabled:SMART WebServer Handshake Multicast Port
    ==================== Restore Points =========================
    18-05-2016 01:13:35 System Checkpoint
    19-05-2016 03:41:09 System Checkpoint
    20-05-2016 19:04:52 System Checkpoint
    22-05-2016 12:50:02 System Checkpoint
    24-05-2016 00:44:48 System Checkpoint
    25-05-2016 21:37:07 System Checkpoint
    27-05-2016 16:11:18 System Checkpoint
    28-05-2016 22:09:47 System Checkpoint
    30-05-2016 12:32:13 System Checkpoint
    31-05-2016 17:27:03 System Checkpoint
    01-06-2016 18:03:18 System Checkpoint
    02-06-2016 18:59:10 System Checkpoint
    03-06-2016 20:59:28 System Checkpoint
    07-06-2016 00:51:31 System Checkpoint
    08-06-2016 01:03:10 System Checkpoint
    09-06-2016 18:38:08 System Checkpoint
    11-06-2016 11:51:02 System Checkpoint
    12-06-2016 19:16:56 System Checkpoint
    13-06-2016 16:42:22 AA11
    14-06-2016 22:18:44 System Checkpoint
    15-06-2016 19:20:57 AA11
    17-06-2016 01:31:55 System Checkpoint
    18-06-2016 12:48:57 System Checkpoint
    19-06-2016 13:14:06 System Checkpoint
    22-06-2016 19:23:08 System Checkpoint
    23-06-2016 21:57:33 System Checkpoint
    24-06-2016 22:45:13 System Checkpoint
    26-06-2016 10:09:00 System Checkpoint
    27-06-2016 11:55:58 System Checkpoint
    29-06-2016 18:25:37 System Checkpoint
    30-06-2016 18:53:07 System Checkpoint
    02-07-2016 20:33:22 System Checkpoint
    06-07-2016 10:21:47 System Checkpoint
    07-07-2016 11:57:23 System Checkpoint
    09-07-2016 17:49:23 System Checkpoint
    11-07-2016 13:02:45 System Checkpoint
    12-07-2016 13:04:57 System Checkpoint
    13-07-2016 20:27:57 System Checkpoint
    16-07-2016 11:37:15 System Checkpoint
    17-07-2016 17:28:08 System Checkpoint
    19-07-2016 11:33:57 System Checkpoint
    19-07-2016 17:57:52 AA11
    21-07-2016 14:04:06 System Checkpoint
    22-07-2016 14:05:24 System Checkpoint
    23-07-2016 15:32:10 System Checkpoint
    27-07-2016 18:04:26 System Checkpoint
    28-07-2016 22:19:39 System Checkpoint
    29-07-2016 23:06:08 System Checkpoint
    07-08-2016 18:08:09 System Checkpoint
    07-08-2016 23:54:56 Restore Operation
    08-08-2016 00:12:04 Removed VMware View Client.
    09-08-2016 00:39:51 System Checkpoint
    10-08-2016 01:20:18 System Checkpoint
    11-08-2016 01:53:00 System Checkpoint
    12-08-2016 04:17:06 System Checkpoint
    12-08-2016 11:42:02 JRT Pre-Junkware Removal
    13-08-2016 12:26:48 System Checkpoint
    14-08-2016 13:48:52 Removed AVG
    14-08-2016 13:50:43 Removed AVG 2016
    15-08-2016 18:04:40 System Checkpoint
    ==================== Faulty Device Manager Devices =============
    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (08/15/2016 10:06:31 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application aolbrowser.exe, version 0.7.42.1, faulting module unknown, version 0.0.0.0, fault address 0x08126678.
    Processing media-specific event for [aolbrowser.exe!ws!]
    Error: (08/15/2016 10:05:41 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application aolbrowser.exe, version 0.7.42.1, faulting module msctfime.ime, version 5.1.2600.5512, fault address 0x00006f2e.
    Processing media-specific event for [aolbrowser.exe!ws!]
    Error: (08/15/2016 10:03:09 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application aolbrowser.exe, version 0.7.42.1, faulting module msctfime.ime, version 5.1.2600.5512, fault address 0x00006f2e.
    Processing media-specific event for [aolbrowser.exe!ws!]
    Error: (08/15/2016 09:59:51 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application aolbrowser.exe, version 0.7.42.1, faulting module unknown, version 0.0.0.0, fault address 0x072a4a28.
    Processing media-specific event for [aolbrowser.exe!ws!]
    Error: (08/15/2016 09:57:54 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application aolbrowser.exe, version 0.7.42.1, faulting module unknown, version 0.0.0.0, fault address 0x07d66dc8.
    Processing media-specific event for [aolbrowser.exe!ws!]
    Error: (08/15/2016 09:56:18 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application aolbrowser.exe, version 0.7.42.1, faulting module unknown, version 0.0.0.0, fault address 0x079309c8.
    Processing media-specific event for [aolbrowser.exe!ws!]
    Error: (08/15/2016 09:53:50 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application aolbrowser.exe, version 0.7.42.1, faulting module unknown, version 0.0.0.0, fault address 0x05b4cff0.
    Processing media-specific event for [aolbrowser.exe!ws!]
    Error: (08/14/2016 02:33:45 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 47.0.0.5999, faulting module mozglue.dll, version 47.0.0.5999, fault address 0x0000f3ad.
    Processing media-specific event for [plugin-container.exe!ws!]
    Error: (08/14/2016 02:33:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application firefox.exe, version 47.0.0.5999, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
    Error: (08/13/2016 05:15:42 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application aolbrowser.exe, version 0.7.42.1, faulting module unknown, version 0.0.0.0, fault address 0x08398698.
    Processing media-specific event for [aolbrowser.exe!ws!]
    System errors:
    =============
    Error: (08/15/2016 12:53:21 AM) (Source: Print) (EventID: 6161) (User: JENDESKTOP)
    Description: The document Gmail - Labcorp - Appointment Confirmation Details owned by Jennifer Klausner failed to print on printer HP Photosmart C4400 series. Data type: NT EMF 1.008. Size of the spool file in bytes: 458752. Number of bytes printed: 458752. Total number of pages in the document: 1. Number of pages printed: 3. Client machine: \\JENDESKTOP. Win32 error code returned by the print processor: Gmail - Labcorp - Appointment Confirmation Details0. Gmail - Labcorp - Appointment Confirmation Details1
    Error: (08/15/2016 12:52:27 AM) (Source: Print) (EventID: 6161) (User: JENDESKTOP)
    Description: The document LabCorp: Patient Appointment Scheduling owned by Jennifer Klausner failed to print on printer HP Photosmart C4400 series. Data type: NT EMF 1.008. Size of the spool file in bytes: 196608. Number of bytes printed: 196608. Total number of pages in the document: 1. Number of pages printed: 3. Client machine: \\JENDESKTOP. Win32 error code returned by the print processor: LabCorp: Patient Appointment Scheduling0. LabCorp: Patient Appointment Scheduling1
    Error: (08/14/2016 09:30:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    Lbd
    Error: (08/14/2016 09:30:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The HP CUE DeviceDiscovery Service service hung on starting.
    Error: (08/14/2016 04:02:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The iPod Service service failed to start due to the following error:
    %%1053 = The service did not respond to the start or control request in a timely fashion.
    Error: (08/14/2016 04:02:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
    Error: (08/14/2016 04:02:51 PM) (Source: DCOM) (EventID: 10005) (User: JENDESKTOP)
    Description: DCOM got error "%%1053 = The service did not respond to the start or control request in a timely fashion." attempting to start the service iPod Service with arguments ""
    in order to run the server:
    {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
    Error: (08/14/2016 04:01:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    Lbd
    Error: (08/14/2016 04:01:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The HP CUE DeviceDiscovery Service service hung on starting.
    Error: (08/14/2016 02:11:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    Lbd
    ==================== Memory info ===========================
    Processor: Intel(R) Pentium(R) D CPU 3.20GHz
    Percentage of memory in use: 50%
    Total physical RAM: 3582.09 MB
    Available physical RAM: 1764.82 MB
    Total Virtual: 5463.78 MB
    Available Virtual: 2491.62 MB
    ==================== Drives ================================
    Drive c: () (Fixed) (Total:461.64 GB) (Free:234.15 GB) NTFS ==>[drive with boot components (Windows XP)]
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 41AB2316)
    Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
    Partition 2: (Active) - (Size=461.6 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=4.1 GB) - (Type=DB)
    ==================== End of Addition.txt ============================

    Thanks, Jennifer

  8. #23
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,399
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
    Attached Files Attached Files

  9. #24
    Join Date
    Oct 2005
    Posts
    26
    Dear Broni,

    Here is the resulting log:
    Fix result of Farbar Recovery Scan Tool (x86) Version: 09-08-2016
    Ran by Jennifer Klausner (2016-08-17 14:11:40) Run:1
    Running from C:\
    Loaded Profiles: Jennifer Klausner (Available Profiles: Julius Klausner & Dorothy Klausner & Jennifer Klausner & Michelle Klausner & Administrator)
    Boot Mode: Normal

    ==============================================

    fixlist content:
    *****************
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
    BHO: No Name -> {28FE24D4-50EB-4B48-A416-582B910AFDDE} -> No File
    BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
    BHO: No Name -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> No File
    FF Plugin: @nbc.com/DirectPlayer -> C:\Program Files\NBC Direct\npDirectPlayerMozilla.dll [No File]
    FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
    S3 bvrp_pci; no ImagePath
    S3 catchme; \??\C:\DOCUME~1\JENNIF~1\LOCALS~1\Temp\catchme.sys [X]
    S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
    S0 Lbd; system32\DRIVERS\Lbd.sys [X]
    S3 vmwvusb; System32\Drivers\vmwvusb.sys [X]
    2010-05-05 07:21 - 2010-05-11 17:55 - 3686521 ____R () C:\Program Files\ComboFix.exe
    2010-05-05 00:37 - 2010-05-05 00:37 - 0284915 _____ () C:\Program Files\gmer.zip
    2010-05-07 01:02 - 2010-05-07 01:02 - 0000511 _____ () C:\Program Files\Printflush-1.3 Printer Help.zip
    2010-05-08 11:34 - 2010-05-08 11:34 - 0000668 _____ () C:\Program Files\ResetTeaTimer.zip
    2010-06-16 22:25 - 2010-06-16 22:25 - 0976273 _____ () C:\Program Files\tempCleaner_3.0.4.exe.zip
    2010-06-16 22:21 - 2010-06-16 22:21 - 0080014 _____ () C:\Program Files\TFC-Temp-File-Cleaner-OldTimer-file187.html
    2010-06-16 22:30 - 2010-06-16 22:30 - 0272384 _____ (OldTimer Tools) C:\Program Files\TFC.exe
    2008-01-19 02:15 - 2008-01-19 02:15 - 31332844 ____C () C:\Program Files\Three Dog Night- live at the Forum 1.rar
    2008-01-19 02:22 - 2008-01-19 02:22 - 58369340 ____C () C:\Program Files\Three Dog Night- live at the Forum 2.rar
    2008-01-19 02:12 - 2008-01-19 02:12 - 0000138 ____C () C:\Program Files\Three Dog Night- live at the Forum.rar
    2008-01-19 00:35 - 2008-01-19 00:36 - 12727648 ____C () C:\Program Files\winzip111.exe
    2011-10-12 03:57 - 2011-10-12 03:57 - 0995328 _____ () C:\Program Files\WOT-20110704-en-US.msi
    2008-02-14 22:06 - 2012-11-09 23:24 - 0007680 ____C () C:\Documents and Settings\Jennifer Klausner\Application Data\dvd.bmk
    2007-10-25 06:36 - 2007-10-25 06:36 - 0002219 ____C () C:\Documents and Settings\Jennifer Klausner\Application Data\evpro32.prf
    2008-02-03 04:08 - 2014-07-27 12:48 - 0006144 ____C () C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2006-06-18 22:46 - 2007-10-07 15:52 - 0000140 ____N () C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\fusioncache.dat
    2010-04-19 19:57 - 2010-04-19 19:57 - 0000036 _____ () C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\housecall.guid.cache
    2012-03-28 17:56 - 2012-03-28 18:16 - 0000753 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log


    *****************

    "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
    "HKU\S-1-5-21-2952040898-4172286553-4130697486-1008\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => key removed successfully.
    HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28FE24D4-50EB-4B48-A416-582B910AFDDE}" => key removed successfully.
    HKCR\CLSID\{28FE24D4-50EB-4B48-A416-582B910AFDDE} => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => key removed successfully.
    HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => key not found.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}" => key removed successfully.
    HKCR\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} => key not found.
    "HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer" => key removed successfully.
    "HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully.
    bvrp_pci => service removed successfully.
    catchme => service removed successfully.
    Lavasoft Kernexplorer => service removed successfully.
    Lbd => service removed successfully.
    vmwvusb => service removed successfully.
    C:\Program Files\ComboFix.exe => moved successfully
    C:\Program Files\gmer.zip => moved successfully
    C:\Program Files\Printflush-1.3 Printer Help.zip => moved successfully
    C:\Program Files\ResetTeaTimer.zip => moved successfully
    C:\Program Files\tempCleaner_3.0.4.exe.zip => moved successfully
    C:\Program Files\TFC-Temp-File-Cleaner-OldTimer-file187.html => moved successfully
    C:\Program Files\TFC.exe => moved successfully
    C:\Program Files\Three Dog Night- live at the Forum 1.rar => moved successfully
    C:\Program Files\Three Dog Night- live at the Forum 2.rar => moved successfully
    C:\Program Files\Three Dog Night- live at the Forum.rar => moved successfully
    C:\Program Files\winzip111.exe => moved successfully
    C:\Program Files\WOT-20110704-en-US.msi => moved successfully
    C:\Documents and Settings\Jennifer Klausner\Application Data\dvd.bmk => moved successfully
    C:\Documents and Settings\Jennifer Klausner\Application Data\evpro32.prf => moved successfully
    C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
    C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\fusioncache.dat => moved successfully
    C:\Documents and Settings\Jennifer Klausner\Local Settings\Application Data\housecall.guid.cache => moved successfully
    C:\Documents and Settings\All Users\Application Data\hpzinstall.log => moved successfully

    ==== End of Fixlog 14:11:44 ====

    Thanks,
    Jennifer

  10. #25
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,399
    Last scans...

    Download Security Check from here or here and save it to your Desktop.

    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



    NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
    NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
    NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


    Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services



    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.


    Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.




    Download Sophos Free Virus Removal Tool and save it to your desktop.

    • Double click the icon and select Run
    • Click Next
    • Select I accept the terms in this license agreement, then click Next twice
    • Click Install
    • Click Finish to launch the program
    • Once the virus database has been updated click Start Scanning
    • If any threats are found click Details, then View log file... (bottom left hand corner)
    • Copy and paste the results in your reply
    • Close the Notepad document, close the Threat Details screen, then click Start cleanup
    • Click Exit to close the program

  11. #26
    Join Date
    Oct 2005
    Posts
    26
    Dear Broni,

    Here are my results. Security Check log:
    Results of screen317's Security Check version 1.014 --- 12/23/15
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Ad-Aware Antivirus
    Antivirus out of date! (On Access scanning disabled!)
    `````````Anti-malware/Other Utilities Check:`````````
    Out of date Spybot installed!
    Ad-Aware
    Spybot - Search & Destroy 1.5.2.20
    Spybot - Search & Destroy
    Java(TM) 6 Update 23
    Java(TM) 6 Update 3
    Java version 32-bit out of Date!
    Adobe Flash Player 22.0.0.209
    Adobe Reader XI
    Mozilla Firefox (47.0)
    ````````Process Check: objlist.exe by Laurent````````
    Ad-Aware AAWService.exe is disabled!
    Ad-Aware AAWTray.exe is disabled!
    Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.12.945.9202\AdAwareService.exe
    Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.12.945.9202\AdAwareTray.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 10%
    ````````````````````End of Log``````````````````````

    FSS log:
    Farbar Service Scanner Version: 27-01-2016
    Ran by Jennifer Klausner (administrator) on 17-08-2016 at 23:11:04
    Running from "C:\"
    Microsoft Windows XP Professional Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Policy:
    ========================


    Security Center:
    ============


    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    Other Services:
    ==============


    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\afd.sys => File is digitally signed
    C:\WINDOWS\system32\Drivers\netbt.sys => File is digitally signed
    C:\WINDOWS\system32\Drivers\tcpip.sys => File is digitally signed
    C:\WINDOWS\system32\Drivers\ipsec.sys => File is digitally signed
    C:\WINDOWS\system32\dnsrslvr.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\ipnathlp.dll => File is digitally signed
    C:\WINDOWS\system32\netman.dll => File is digitally signed
    C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
    C:\WINDOWS\system32\srsvc.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\sr.sys => File is digitally signed
    C:\WINDOWS\system32\wscsvc.dll => File is digitally signed
    C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
    C:\WINDOWS\system32\wuauserv.dll => File is digitally signed
    C:\WINDOWS\system32\qmgr.dll => File is digitally signed
    C:\WINDOWS\system32\es.dll => File is digitally signed
    C:\WINDOWS\system32\cryptsvc.dll => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed

    Extra List:
    =======
    Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
    0x080000000400000001000000020000000300000008000000050000000600000007000000
    IpSec Tag value is correct.

    **** End of log ****

    Ran TFC without a problem.
    Subsequently, when I ran SFVRT, it declared my computer clean. 0 threats found.

    When we get to the stage where my computer is declared clean by you, I'm curious to know if I should reinstall AVG, and if not, does something I'm running work just as well? And finally, do you have any recommendations for anti.... software to prevent problems on both this computer while I still back up my music files, and on any new Windows desktop or laptop that I'd get? And, on a side note, if I want a free extracting/unzipping software, such as WinZip, what do you recommend?

    But most importantly, let's finish the current issues on this machine. Thanks for all your help so far.
    Jennifer

  12. #27
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,399
    I'd definitely drop Adaware and go for Avast or Comodo. They're both free.
    WinZip is fine.

    Update your Java version here: http://www.java.com/en/download/manual.jsp
    Alternate download: http://www.filehippo.com/search?q=java

    Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
    Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

    =================================

    Your computer is clean

    1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
    This is a very crucial step so make sure you don't skip it.
    Download DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

    Double-click Delfix.exe to start the tool.
    Make sure the following items are checked:

    • Activate UAC (optional; some users prefer to keep it off)
    • Remove disinfection tools
    • Create registry backup
    • Purge System Restore
    • Reset system settings


    Now click "Run" and wait patiently.
    Once finished a logfile will be created. You don't have to attach it to your next reply.

    2. Make sure Windows Updates are current.

    3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    4. Check if your browser plugins are up to date.
    Firefox - https://www.mozilla.org/en-US/plugincheck/
    other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

    11. Read:
    How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
    Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tuto...r-safe-online/
    About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/foru.../#entry3187642

    12. Please, let me know, how your computer is doing.

  13. #28
    Join Date
    Oct 2005
    Posts
    26
    Hi Broni,

    Thank you for all the advice. I'm almost done with your list of final steps. One question/issue: I downloaded Secunia PSI and am trying to run it unsuccessfully. The icon has a message telling me that "I have programs that require manual updates". So when I then try to launch the already-downloaded program, either by double clicking the icon on the quick start menu from the lower right corner, or the icon in the regular Start menu, Secunia's program window opens for one moment, and then disappears. I even redownloaded the program with the same result. What else do I need to do to access this program correctly? Thanks in advance for your suggestions.

    Jennifer
    Last edited by Nif1025; August 24th, 2016 at 02:39 PM.

  14. #29
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,399

  15. #30
    Join Date
    Oct 2005
    Posts
    26
    Dear Broni,
    Thank you for all your advice. I did fix the Secunia PSI issue with your help above. However, I got one Blue Screen of Death with the STOP message again. Between the last time I posted and the blue screen, the only changes were me following your steps post-clean computer. I uninstalled the programs you said to, I ran the Secunia scan and updated some programs through that, uninstalled 1-2 programs that Secunia seemed to show were unnecessary/discontinued/I have a newer version, and I did a bunch of Windows updates. The Secunia, though working, is in a stalled state because when I run it now, it shows 2 programs as in progress of updating, Adobe Reader XI 11.x, and Apple Itunes 12.x, but they are always shown as a gray, hourglass, downloading update icon and their update never finishes, no matter how long Secunia runs while my computer's on. It also shows some icons I can manually "click to update", but I thought I'd take care of the unending update icons first.

    I haven't downloaded all the preventative software that you suggested yet, but I did dl Avast and only made the changes you see above. Any suggestions? Do I need to post on the Secunia PSI software's own board to fix that issue? Let me know if there's more I should do so that blue screens don't come back so soon.

    Thank you, Jennifer

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •