Good Morning,
I ran both tools. The first run seemed to run OK but windows did reboot on its own, it that normal?
Here are the scans from the FRST tool:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-12-2013 01
Ran by Jim & Lisa (administrator) on SARAL-03 on 22-12-2013 10:17:03
Running from C:\Users\Jim & Lisa\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 10\cbVSCService.exe
() C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Conceiva Pty. Ltd.) C:\Program Files\Conceiva\Mezzmo\MezzmoMediaServer.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 10\Cobian.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Conceiva Pty. Ltd.) C:\Program Files\Conceiva\Mezzmo\Mezzmo.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 10\cbInterface.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7514656 2009-05-22] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-01] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Cobian Backup 10] - C:\Program Files\Cobian Backup 10\Cobian.exe [421376 2010-09-23] (Luis Cobian, CobianSoft)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.)
HKLM\...\Run: [Nero MediaHome 4] - C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2010-10-26] (Nero AG)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-10] (DivX, LLC)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1834240 2013-12-17] (Bitdefender)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Mezzmo] - C:\Program Files\Conceiva\Mezzmo\Mezzmo.exe [12493096 2013-12-04] (Conceiva Pty. Ltd.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-10-23] (Nero AG)
HKCU\...\Run: [Bitdefender Wallet Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [477736 2013-12-17] (Bitdefender)
HKCU\...\Run: [Bitdefender Wallet] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [898512 2013-12-17] (Bitdefender)
HKCU\...\Run: [Bitdefender Wallet Application Agent] - C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [612696 2013-12-17] (Bitdefender)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Jim & Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\abg2lg1s.default
FF Homepage: hxxp://www.google.ca/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Bitdefender.com/PasswordManager;version=17.8 - C:\Program Files\Bitdefender\Bitdefender\pmbxnp.dll (Bitdefender)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\ffpwdman\
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\ffpwdman\
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext
Chrome:
=======
CHR HomePage: hxxp://www.google.ca/
CHR DefaultSearchKeyword: google.ca
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Bitdefender Wallet) - C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.24.0_0
CHR Extension: (Google Search) - C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx
========================== Services (Whitelisted) =================
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [69880 2013-11-27] (Bitdefender)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
R2 cbVSCService; C:\Program Files\Cobian Backup 10\cbVSCService.exe [67584 2010-09-23] (CobianSoft, Luis Cobian)
R2 CLHNServiceForPowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-04-19] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-03-31] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-03-31] (CyberLink)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 Mezzmo; C:\Program Files\Conceiva\Mezzmo\MezzmoMediaServer.exe [4450088 2013-12-04] (Conceiva Pty. Ltd.)
R2 NeroMediaHomeService.4; C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-10-26] (Nero AG)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [81704 2013-07-08] (Bitdefender)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [54424 2013-10-16] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1234792 2013-11-27] (Bitdefender)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [640560 2013-07-19] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [490144 2013-07-19] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [78144 2013-02-22] (BitDefender LLC)
R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [130640 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-11-24] (BitDefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-09-29] (BitDefender LLC)
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [48640 2009-08-05] (Atheros Communications, Inc.)
R3 mf; C:\Windows\System32\DRIVERS\mf.sys [109056 2008-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()
R3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [81408 2006-12-19] (Windows ® Codename Longhorn DDK provider)
R2 ntk_PowerDVD; C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [71664 2011-04-19] (Cyberlink Corp.)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [360376 2013-09-29] (BitDefender S.R.L.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [77296 2011-04-12] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 catchme; \??\C:\Users\JIM&LI~1\AppData\Local\Temp\catchme.sys [x]
S3 GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NTACCESS; \??\G:\NTACCESS.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-22 10:17 - 2013-12-22 10:18 - 00018064 _____ C:\Users\Jim & Lisa\Desktop\FRST.txt
2013-12-22 10:16 - 2013-12-22 10:16 - 00000000 ____D C:\FRST
2013-12-22 10:15 - 2013-12-22 10:15 - 01061231 _____ (Farbar) C:\Users\Jim & Lisa\Desktop\FRST.exe
2013-12-22 10:07 - 2013-12-22 10:07 - 00000296 _____ C:\Windows\system32\spsys.log
2013-12-21 22:16 - 2013-12-21 22:16 - 00012306 _____ C:\ComboFix.txt
2013-12-21 22:00 - 2013-12-21 22:16 - 00000000 ____D C:\Qoobox
2013-12-21 22:00 - 2013-12-21 22:16 - 00000000 ____D C:\ComboFix
2013-12-21 22:00 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-21 22:00 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-21 22:00 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-21 22:00 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-21 22:00 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-21 22:00 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-21 22:00 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-21 22:00 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-21 21:59 - 2013-12-21 22:14 - 00000000 ____D C:\Windows\erdnt
2013-12-21 21:52 - 2013-12-21 21:53 - 05155033 ____R (Swearware) C:\Users\Jim & Lisa\Desktop\ComboFix.exe
2013-12-21 09:20 - 2013-12-21 09:21 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{2917DEBF-570A-4D73-B439-A9392DE868A0}
2013-12-20 19:54 - 2013-12-20 19:54 - 01034531 _____ (Thisisu) C:\Users\Jim & Lisa\Desktop\JRT.exe
2013-12-20 18:40 - 2013-11-14 16:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-20 18:40 - 2013-11-14 15:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-20 18:40 - 2013-11-14 15:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-20 18:40 - 2013-11-14 15:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-20 18:40 - 2013-11-14 15:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-20 18:40 - 2013-11-14 15:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-20 18:40 - 2013-11-14 15:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-20 18:40 - 2013-11-14 15:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-20 18:40 - 2013-11-14 15:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-20 18:40 - 2013-11-14 15:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-20 18:40 - 2013-11-14 15:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-20 18:40 - 2013-11-14 15:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-20 18:40 - 2013-11-14 15:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-20 18:40 - 2013-11-14 15:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-20 18:40 - 2013-11-14 15:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-20 18:40 - 2013-11-14 15:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-20 18:35 - 2013-10-29 19:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-20 18:35 - 2013-10-29 18:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-20 18:35 - 2013-10-29 17:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-20 18:35 - 2013-10-29 17:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-20 18:35 - 2013-10-22 00:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-20 18:35 - 2013-10-10 19:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-20 18:35 - 2013-10-10 19:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-20 18:35 - 2013-10-10 19:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-20 18:35 - 2013-10-10 17:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-20 18:35 - 2013-10-10 17:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-20 18:14 - 2013-12-20 18:14 - 00000000 ____D C:\Windows\ERUNT
2013-12-20 18:13 - 2013-12-20 18:13 - 00001980 _____ C:\Users\Jim & Lisa\Desktop\AdwCleaner[R0].txt
2013-12-20 18:06 - 2013-12-20 18:07 - 00000000 ____D C:\AdwCleaner
2013-12-20 18:05 - 2013-12-20 18:05 - 01226750 _____ C:\Users\Jim & Lisa\Desktop\AdwCleaner.exe
2013-12-20 17:55 - 2013-12-20 17:56 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{7BE241F4-B951-443D-BA9F-A80A04B54FD1}
2013-12-20 06:19 - 2013-12-20 06:19 - 00001309 _____ C:\Users\Jim & Lisa\Desktop\aswMBR.zip
2013-12-19 20:28 - 2013-12-19 20:28 - 04101441 _____ C:\Users\Jim & Lisa\Downloads\tdsskiller.zip
2013-12-19 20:25 - 2013-12-20 06:15 - 00003120 _____ C:\Users\Jim & Lisa\Desktop\aswMBR.txt
2013-12-19 20:25 - 2013-12-20 06:15 - 00000512 _____ C:\Users\Jim & Lisa\Desktop\MBR.dat
2013-12-19 20:22 - 2013-12-19 20:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 19:34 - 2013-12-19 19:34 - 04745728 _____ (AVAST Software) C:\Users\Jim & Lisa\Desktop\aswMBR.exe
2013-12-19 19:20 - 2013-12-19 19:20 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{84821C8A-4615-4670-B0B5-4E985B841D2C}
2013-12-19 06:46 - 2013-12-19 06:46 - 00146592 _____ C:\Windows\Minidump\Mini121913-01.dmp
2013-12-19 06:32 - 2013-12-19 06:32 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{0E3933A6-4F61-4D6C-B1F1-89DDC4252AAE}
2013-12-19 06:24 - 2013-12-19 06:24 - 00000000 _____ C:\Users\Jim & Lisa\Desktop\GMER.txt
2013-12-17 17:38 - 2013-12-17 17:38 - 00146592 _____ C:\Windows\Minidump\Mini121713-01.dmp
2013-12-17 17:20 - 2013-12-17 17:20 - 00377856 _____ C:\Users\Jim & Lisa\Desktop\r8o5z4nh.exe
2013-12-17 17:16 - 2013-12-17 17:17 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{94FE63B3-9CB4-4649-A67C-9C0F09FC7869}
2013-12-15 12:15 - 2013-12-15 12:15 - 00054010 ____N C:\Users\Jim & Lisa\Desktop\Extras.Txt
2013-12-15 12:14 - 2013-12-15 12:14 - 00148372 ____N C:\Users\Jim & Lisa\Desktop\OTL.Txt
2013-12-15 11:57 - 2013-12-15 11:57 - 00602112 ____N (OldTimer Tools) C:\Users\Jim & Lisa\Desktop\OTL.exe
2013-12-14 08:34 - 2013-12-14 08:34 - 00000082 ____N C:\Users\Jim & Lisa\Desktop\What the Tech.url
2013-12-12 18:10 - 2013-12-12 18:11 - 00000000 ____D C:\Program Files\GUM89B4.tmp
2013-12-11 17:08 - 2013-12-11 17:08 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{31FB678C-8652-4290-8690-CFCF20EE2FBD}
2013-12-08 09:55 - 2013-12-08 09:55 - 00000104 ____N C:\Users\Jim & Lisa\Desktop\Maytag Puriclean II UKF8001 Filter, UKF8001AXX Only $29.95.url
2013-12-07 12:33 - 2013-12-07 12:34 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{1BE68199-7C00-4213-8248-C347BD5251EC}
2013-11-29 17:58 - 2013-11-29 17:58 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{9BCA35F1-7BC7-4D24-9DBC-125D71F8C01F}
2013-11-29 17:25 - 2013-11-29 17:25 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{3105A3D0-1073-4AF4-996D-AA441D87BE76}
2013-11-24 15:26 - 2013-11-24 15:26 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2013-11-24 15:26 - 2013-10-10 19:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-24 15:26 - 2013-10-10 19:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-24 15:26 - 2013-10-10 17:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-24 15:26 - 2013-10-03 05:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-24 15:26 - 2013-10-03 05:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-24 15:25 - 2013-11-24 15:25 - 00027168 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2013-11-24 15:21 - 2013-11-24 15:21 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{43A0CCAB-1688-4DB4-B987-6FE05FCCF992}
==================== One Month Modified Files and Folders =======
2013-12-22 10:18 - 2013-12-22 10:17 - 00018064 _____ C:\Users\Jim & Lisa\Desktop\FRST.txt
2013-12-22 10:17 - 2008-01-20 18:35 - 01841835 _____ C:\Windows\WindowsUpdate.log
2013-12-22 10:16 - 2013-12-22 10:16 - 00000000 ____D C:\FRST
2013-12-22 10:16 - 2013-02-19 17:18 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-22 10:15 - 2013-12-22 10:15 - 01061231 _____ (Farbar) C:\Users\Jim & Lisa\Desktop\FRST.exe
2013-12-22 10:14 - 2006-11-02 03:33 - 00762374 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-22 10:13 - 2013-02-19 17:18 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-22 10:07 - 2013-12-22 10:07 - 00000296 _____ C:\Windows\system32\spsys.log
2013-12-22 10:07 - 2013-02-22 19:52 - 00000043 _____ C:\Windows\MezzmoMediaServer.INI
2013-12-22 10:07 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-22 10:07 - 2006-11-02 05:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-22 10:07 - 2006-11-02 05:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-22 10:05 - 2006-11-02 06:01 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-22 09:37 - 2013-02-18 19:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-21 22:27 - 2008-01-20 19:47 - 00109554 _____ C:\Windows\PFRO.log
2013-12-21 22:16 - 2013-12-21 22:16 - 00012306 _____ C:\ComboFix.txt
2013-12-21 22:16 - 2013-12-21 22:00 - 00000000 ____D C:\Qoobox
2013-12-21 22:16 - 2013-12-21 22:00 - 00000000 ____D C:\ComboFix
2013-12-21 22:16 - 2006-11-02 04:18 - 00000000 __RHD C:\Users\Default
2013-12-21 22:16 - 2006-11-02 04:18 - 00000000 ___RD C:\Users\Public
2013-12-21 22:14 - 2013-12-21 21:59 - 00000000 ____D C:\Windows\erdnt
2013-12-21 22:13 - 2006-11-02 03:23 - 00000215 _____ C:\Windows\system.ini
2013-12-21 21:53 - 2013-12-21 21:52 - 05155033 ____R (Swearware) C:\Users\Jim & Lisa\Desktop\ComboFix.exe
2013-12-21 16:13 - 2013-03-13 18:03 - 00000000 ____D C:\ThumbsPlus
2013-12-21 15:15 - 2013-02-20 16:21 - 00000000 ____D C:\Program Files\Xnews
2013-12-21 09:21 - 2013-12-21 09:20 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{2917DEBF-570A-4D73-B439-A9392DE868A0}
2013-12-21 09:20 - 2013-04-20 12:20 - 00000000 ____D C:\Users\Jim & Lisa\Tracing
2013-12-20 20:40 - 2013-02-19 20:45 - 00000000 ____D C:\Users\Jim & Lisa\Documents\Outlook Files
2013-12-20 19:58 - 2013-02-20 17:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 19:54 - 2013-12-20 19:54 - 01034531 _____ (Thisisu) C:\Users\Jim & Lisa\Desktop\JRT.exe
2013-12-20 18:55 - 2006-11-02 05:47 - 01734512 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-20 18:51 - 2013-02-18 18:56 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-20 18:49 - 2013-02-19 17:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-20 18:46 - 2013-07-15 17:59 - 00000000 ____D C:\Windows\system32\MRT
2013-12-20 18:42 - 2006-11-02 03:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-20 18:14 - 2013-12-20 18:14 - 00000000 ____D C:\Windows\ERUNT
2013-12-20 18:13 - 2013-12-20 18:13 - 00001980 _____ C:\Users\Jim & Lisa\Desktop\AdwCleaner[R0].txt
2013-12-20 18:07 - 2013-12-20 18:06 - 00000000 ____D C:\AdwCleaner
2013-12-20 18:05 - 2013-12-20 18:05 - 01226750 _____ C:\Users\Jim & Lisa\Desktop\AdwCleaner.exe
2013-12-20 17:56 - 2013-12-20 17:55 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{7BE241F4-B951-443D-BA9F-A80A04B54FD1}
2013-12-20 06:19 - 2013-12-20 06:19 - 00001309 _____ C:\Users\Jim & Lisa\Desktop\aswMBR.zip
2013-12-20 06:15 - 2013-12-19 20:25 - 00003120 _____ C:\Users\Jim & Lisa\Desktop\aswMBR.txt
2013-12-20 06:15 - 2013-12-19 20:25 - 00000512 _____ C:\Users\Jim & Lisa\Desktop\MBR.dat
2013-12-19 20:28 - 2013-12-19 20:28 - 04101441 _____ C:\Users\Jim & Lisa\Downloads\tdsskiller.zip
2013-12-19 20:23 - 2013-12-19 20:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 19:34 - 2013-12-19 19:34 - 04745728 _____ (AVAST Software) C:\Users\Jim & Lisa\Desktop\aswMBR.exe
2013-12-19 19:20 - 2013-12-19 19:20 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{84821C8A-4615-4670-B0B5-4E985B841D2C}
2013-12-19 06:46 - 2013-12-19 06:46 - 00146592 _____ C:\Windows\Minidump\Mini121913-01.dmp
2013-12-19 06:46 - 2013-08-02 16:19 - 282847863 _____ C:\Windows\MEMORY.DMP
2013-12-19 06:46 - 2013-02-23 10:16 - 00000000 ____D C:\Windows\Minidump
2013-12-19 06:33 - 2013-02-18 13:08 - 00000000 ____D C:\Users\Jim & Lisa\Documents\MSWORD
2013-12-19 06:32 - 2013-12-19 06:32 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{0E3933A6-4F61-4D6C-B1F1-89DDC4252AAE}
2013-12-19 06:24 - 2013-12-19 06:24 - 00000000 _____ C:\Users\Jim & Lisa\Desktop\GMER.txt
2013-12-18 00:01 - 2013-08-26 20:33 - 00000680 _____ C:\Users\Jim & Lisa\AppData\Local\d3d9caps.dat
2013-12-17 21:00 - 2013-02-20 17:14 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Roaming\uTorrent
2013-12-17 17:38 - 2013-12-17 17:38 - 00146592 _____ C:\Windows\Minidump\Mini121713-01.dmp
2013-12-17 17:20 - 2013-12-17 17:20 - 00377856 _____ C:\Users\Jim & Lisa\Desktop\r8o5z4nh.exe
2013-12-17 17:17 - 2013-12-17 17:16 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{94FE63B3-9CB4-4649-A67C-9C0F09FC7869}
2013-12-15 12:15 - 2013-12-15 12:15 - 00054010 ____N C:\Users\Jim & Lisa\Desktop\Extras.Txt
2013-12-15 12:14 - 2013-12-15 12:14 - 00148372 ____N C:\Users\Jim & Lisa\Desktop\OTL.Txt
2013-12-15 11:57 - 2013-12-15 11:57 - 00602112 ____N (OldTimer Tools) C:\Users\Jim & Lisa\Desktop\OTL.exe
2013-12-15 11:26 - 2013-02-20 17:41 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\QuickPar
2013-12-15 11:24 - 2013-02-18 19:48 - 00076800 _____ C:\Users\Jim & Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-14 08:34 - 2013-12-14 08:34 - 00000082 ____N C:\Users\Jim & Lisa\Desktop\What the Tech.url
2013-12-12 18:11 - 2013-12-12 18:10 - 00000000 ____D C:\Program Files\GUM89B4.tmp
2013-12-11 18:37 - 2013-02-18 19:18 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 18:37 - 2013-02-18 19:18 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 17:08 - 2013-12-11 17:08 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{31FB678C-8652-4290-8690-CFCF20EE2FBD}
2013-12-08 09:55 - 2013-12-08 09:55 - 00000104 ____N C:\Users\Jim & Lisa\Desktop\Maytag Puriclean II UKF8001 Filter, UKF8001AXX Only $29.95.url
2013-12-07 12:41 - 2013-09-24 17:38 - 00000906 _____ C:\Users\Public\Desktop\Mezzmo.lnk
2013-12-07 12:39 - 2013-02-23 10:44 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\Adobe
2013-12-07 12:34 - 2013-12-07 12:33 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{1BE68199-7C00-4213-8248-C347BD5251EC}
2013-11-29 17:58 - 2013-11-29 17:58 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{9BCA35F1-7BC7-4D24-9DBC-125D71F8C01F}
2013-11-29 17:30 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\NDF
2013-11-29 17:25 - 2013-11-29 17:25 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{3105A3D0-1073-4AF4-996D-AA441D87BE76}
2013-11-28 19:41 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-11-26 18:13 - 2013-02-18 19:19 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Roaming\Adobe
2013-11-24 16:21 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache
2013-11-24 15:26 - 2013-11-24 15:26 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2013-11-24 15:25 - 2013-11-24 15:25 - 00027168 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2013-11-24 15:25 - 2013-09-29 12:12 - 00066832 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2013-11-24 15:21 - 2013-11-24 15:21 - 00000000 ____D C:\Users\Jim & Lisa\AppData\Local\{43A0CCAB-1688-4DB4-B987-6FE05FCCF992}
Some content of TEMP:
====================
C:\Users\Jim & Lisa\AppData\Local\Temp\catchme.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-22 10:20
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-12-2013 01
Ran by Jim & Lisa at 2013-12-22 10:18:35
Running from C:\Users\Jim & Lisa\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Antivirus (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
==================== Installed Programs ======================
µTorrent (Version: 3.3.0.29126)
AC3Filter 2.5b (Version: 2.5b)
Add or Remove Adobe Creative Suite 3 Master Collection (Version: 1.0)
Adobe Acrobat 8 Professional (Version: 8.1.0)
Adobe After Effects CS3 Presets (Version: 8)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS3 (Version: 9)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe InDesign CS3 (Version: 5.0)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Reader X (10.1.8) (Version: 10.1.8)
Adobe Setup (Version: 1.0)
Adobe SING CS3 (Version: 0.1)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe Video Profiles (Version: 1.0)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP DVA Panels CS3 (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Advertising Center (Version: 0.0.0.2)
AHV content for Acrobat and Flash (Version: 1)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (Version: 1.0.0.45)
ATI Catalyst Install Manager (Version: 3.0.691.0)
Auslogics Duplicate File Finder (Version: 2.5)
AviSynth 2.5
Bing Desktop (Version: 1.3.174.0)
Bitdefender Total Security (Version: 17.16.0.729)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Full Existing (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Full New (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Light (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Previews Common (Version: 2008.0820.2135.36847)
Catalyst Control Center Graphics Previews Vista (Version: 2008.0820.2135.36847)
Catalyst Control Center HydraVision Full (Version: 2008.0820.2135.36847)
Catalyst Control Center InstallProxy (Version: 2008.0820.2135.36847)
CCC Help English (Version: 2008.0820.2134.36847)
ccc-core-static (Version: 2008.0820.2135.36847)
ccc-utility (Version: 2008.0820.2135.36847)
Cobian Backup 10
Combined Community Codec Pack 2013-03-02 (Version: 2013.03.02.0)
Cool & Quiet
CyberLink PowerDVD 11 (Version: 11.0.1620.51)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup (Version: 2.6.1.87)
Elevated Installer (Version: 2.3.14.0)
EPSON Printer Software
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Forté Agent (Version: 5.00)
Free Mp3 Wma Converter V 1.7.3
Garmin Communicator Plugin (Version: 4.0.4)
Garmin Express (Version: 2.3.14.0)
Garmin Express Tray (Version: 2.3.14.0)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
HandBrake 0.9.8 (Version: 0.9.8)
iTunes (Version: 11.1.0.126)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Light Image Resizer 4.1.0.6 (Version: 4.1.0.6)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Mezzmo (HKCU Version: 3.4.4.0)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MosChip Multi-IO Controller
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 (Version: 8.10.127)
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero MediaHome 4 (Version: 4.5.9.2)
Nero MediaHome 4 Help (Version: 4.5.5.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero PhotoShow Express 5 (Version: 5.0)
neroxml (Version: 1.0.0)
PDF Settings (Version: 1.0)
Quicken 2008 (Version: 17.1.3.7)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.5859)
Remote Control USB Driver (Version: 2.3.2.317)
Rename It 3.0
Safari (Version: 5.34.57.2)
Segoe UI (Version: 15.4.2271.0615)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skins (Version: 2008.0820.2135.36847)
SmartSound Quicktracks Plugin (Version: 3.0.2.7)
SnagIt 8 (Version: 8.2.3)
System Requirements Lab for Intel (Version: 4.5.13.0)
ThumbsPlus version 7 SP2 (Version: 7.0 SP2)
Ulead VideoStudio 10 (Version: 10.0)
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VCRedistSetup (Version: 1.0.0)
VLC media player 2.0.3 (Version: 2.0.3)
Winamp (Version: 5.52 )
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
WinZip 11.1 (Version: 11.1.7466)
World of Warcraft FREE Trial (Version: 1.00.0000)
==================== Restore Points =========================
07-12-2013 04:00:28 Scheduled Checkpoint
08-12-2013 07:00:05 Scheduled Checkpoint
12-12-2013 04:37:03 Scheduled Checkpoint
13-12-2013 07:00:01 Scheduled Checkpoint
14-12-2013 07:00:02 Scheduled Checkpoint
15-12-2013 07:00:02 Scheduled Checkpoint
15-12-2013 19:04:05 OTL Restore Point - 12/15/2013 12:04:05 PM
18-12-2013 01:44:35 Scheduled Checkpoint
19-12-2013 14:24:10 Scheduled Checkpoint
20-12-2013 07:00:02 Scheduled Checkpoint
21-12-2013 01:35:51 Windows Update
21-12-2013 16:57:44 Scheduled Checkpoint
22-12-2013 06:08:50 Scheduled Checkpoint
==================== Hosts content: ==========================
2006-11-02 03:23 - 2013-12-21 22:13 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {87460A4C-F2BE-4DDE-BA20-2E5A1B49FD94} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {9697EC25-9A4A-4553-B910-A5F96DA8120F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CA23424D-13FC-4DC5-AC3E-F1507CB3BA78} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {FEF5903C-059B-49F0-897D-AF4E86EB09FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-04-20 01:21 - 2011-04-20 01:21 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-11-29 14:59 - 2012-11-29 14:59 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2010-07-04 14:32 - 2010-07-04 14:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-09-29 12:12 - 2013-06-19 11:44 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2013-08-28 17:25 - 2013-08-28 17:25 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-29 12:12 - 2013-09-29 12:45 - 00095088 _____ () C:\Program Files\Bitdefender\Bitdefender\bdmetrics.dll
2010-11-24 18:11 - 2010-11-24 18:11 - 00062464 _____ () C:\Program Files\Conceiva\Mezzmo\HS_REGEX.dll
2012-08-13 18:36 - 2012-08-13 18:36 - 00477696 _____ () C:\Program Files\Conceiva\Mezzmo\tag.dll
2012-04-03 19:08 - 2012-04-03 19:08 - 00839680 _____ () C:\Program Files\Conceiva\Mezzmo\LIBEAY32.dll
2012-04-03 19:08 - 2012-04-03 19:08 - 00159744 _____ () C:\Program Files\Conceiva\Mezzmo\SSLEAY32.dll
2013-03-18 18:42 - 2013-03-18 18:42 - 00061440 _____ () C:\Program Files\Conceiva\Mezzmo\extension-functions.dll
2013-03-18 14:55 - 2013-03-18 14:55 - 07341056 _____ () C:\Program Files\Conceiva\Mezzmo\avcodec-54.dll
2013-03-18 14:55 - 2013-03-18 14:55 - 00222208 _____ () C:\Program Files\Conceiva\Mezzmo\avutil-52.dll
2013-03-18 14:55 - 2013-03-18 14:55 - 01504256 _____ () C:\Program Files\Conceiva\Mezzmo\avformat-54.dll
2013-03-18 14:55 - 2013-03-18 14:55 - 00123904 _____ () C:\Program Files\Conceiva\Mezzmo\avdevice-54.dll
2013-03-18 14:55 - 2013-03-18 14:55 - 00429568 _____ () C:\Program Files\Conceiva\Mezzmo\avfilter-3.dll
2013-03-18 14:55 - 2013-03-18 14:55 - 00119296 _____ () C:\Program Files\Conceiva\Mezzmo\swresample-0.dll
2013-03-18 14:55 - 2013-03-18 14:55 - 00360448 _____ () C:\Program Files\Conceiva\Mezzmo\swscale-2.dll
2013-02-18 19:00 - 2013-02-18 19:00 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2013-12-06 19:13 - 2013-12-03 19:48 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-06 19:13 - 2013-12-03 19:48 - 00399312 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-06 19:13 - 2013-12-03 19:47 - 01619408 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-06 19:13 - 2013-12-03 19:47 - 00702416 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-06 19:13 - 2013-12-03 19:47 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Jim & Lisa\Desktop\ComboFix.exe:BDU
AlternateDataStreams: C:\Users\Jim & Lisa\Desktop\FRST.exe:BDU
AlternateDataStreams: C:\Users\Jim & Lisa\Desktop\JRT.exe:BDU
AlternateDataStreams: C:\Users\Jim & Lisa\Desktop\OTL.exe:BDU
AlternateDataStreams: C:\Users\Jim & Lisa\Desktop\r8o5z4nh.exe:BDU
AlternateDataStreams: C:\Users\Jim & Lisa\Downloads\CommunicatorPlugin_401.exe:BDU
AlternateDataStreams: C:\Users\Jim & Lisa\Downloads\CommunicatorPlugin_404.exe:BDU
AlternateDataStreams: C:\Users\Jim & Lisa\Downloads\CyberLink_PowerDVD_Downloader.exe:BDU
AlternateDataStreams: C:\Users\Jim & Lisa\Downloads\GarminExpress.exe:BDU
AlternateDataStreams: C:\Users\Jim & Lisa\Downloads\GarminMapUpdater.exe:BDU
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/22/2013 10:08:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2013 10:29:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2013 10:16:31 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP01> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (12/21/2013 10:16:02 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP01> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (12/21/2013 10:14:16 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP00> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (12/21/2013 10:09:56 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP4700> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (12/21/2013 10:09:24 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP3300> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (12/21/2013 10:05:57 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP0301> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (12/21/2013 10:05:57 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\TEMP0300> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (12/21/2013 10:05:57 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\COMBOFIX\SOFTAV03> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (12/22/2013 10:07:33 AM) (Source: Print) (User: NT AUTHORITY)
Description: The print spooler failed to share printer HP LaserJet 2100 PCL6 with shared resource name HP LaserJet 2100 PCL6. Error 2114. The printer cannot be used by others on the network.
Error: (12/22/2013 10:05:06 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (12/21/2013 10:34:06 PM) (Source: Service Control Manager) (User: )
Description: Windows Update
Error: (12/21/2013 10:25:56 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (12/21/2013 10:13:31 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart
Error: (12/21/2013 10:06:35 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart
Error: (12/21/2013 10:02:30 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart
Error: (12/21/2013 09:15:46 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
Error: (12/21/2013 09:15:46 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
Error: (12/21/2013 09:15:13 AM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068
Microsoft Office Sessions:
=========================
Error: (12/22/2013 10:08:44 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2013 10:29:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2013 10:16:31 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\COMBOFIX\TEMP01
Error: (12/21/2013 10:16:02 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\COMBOFIX\TEMP01
Error: (12/21/2013 10:14:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\COMBOFIX\TEMP00
Error: (12/21/2013 10:09:56 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\COMBOFIX\TEMP4700
Error: (12/21/2013 10:09:24 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\COMBOFIX\TEMP3300
Error: (12/21/2013 10:05:57 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\COMBOFIX\TEMP0301
Error: (12/21/2013 10:05:57 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\COMBOFIX\TEMP0300
Error: (12/21/2013 10:05:57 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\COMBOFIX\SOFTAV03
CodeIntegrity Errors:
===================================
Date: 2013-02-18 22:22:43.916
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-02-18 22:22:43.822
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-02-18 22:22:43.775
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-02-18 22:22:43.729
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-02-18 22:22:43.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 3326.12 MB
Available physical RAM: 1598 MB
Total Pagefile: 6877.25 MB
Available Pagefile: 4726.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.68 MB
==================== Drives ================================
Drive c: (DRIVE_C) (Fixed) (Total:465.76 GB) (Free:162.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Media) (Fixed) (Total:149.05 GB) (Free:72.45 GB) NTFS
Drive e: (BackupDrive) (Fixed) (Total:1863.01 GB) (Free:1209.81 GB) NTFS
Drive f: (Movies) (Fixed) (Total:1863.01 GB) (Free:1247.88 GB) NTFS
Drive i: (FreeAgent Drive) (Fixed) (Total:232.88 GB) (Free:141.61 GB) NTFS
Drive j: (TRANSCEND) (Removable) (Total:3.73 GB) (Free:3.69 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: EA278AC9)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 829A50E9)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: C0C80B8D)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 085BD047)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 233 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 6 (Size: 4 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)
==================== End Of Log ============================