My computer keeps shutting down when I'm using it.

ComboFix 14-03-19.01 - Jeremy 03/19/2014 14:33:04.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2613 [GMT -4:00]
Running from: c:\users\Jeremy\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_llmfehnfojojfamjjijjciopbjimcffa_0
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_llmfehnfojojfamjjijjciopbjimcffa_0\23
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_llmfehnfojojfamjjijjciopbjimcffa_0\24
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\background.html
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\crossriderManifest.json
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\manifest.xml
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins.json
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\1_base.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\17_jQuery.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\182_openUrl.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\183_tabsWrapper.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\21_debug.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\22_resources.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\28_initializer.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\47_resources_background.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\5_notifications.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\64_appApiMessage.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\7_hooks.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\72_appApiValidation.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\9_search_engine_hook.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\userCode\background.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\extensionData\userCode\extension.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\icons\actions\1.png
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\icons\icon128.png
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\icons\icon16.png
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\icons\icon48.png
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\api\chrome.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\api\cookie.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\api\message.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\api\pageAction.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\api\pageActionBG.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\background.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\app_api.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\bg_app_api.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\consts.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\cookie_store.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\crossriderAPI.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\delegate.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\events.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\extensionDataStore.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\installer.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\logFile.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\logging.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\onBGDocumentLoad.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\popupResource\newPopup.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\popupResource\popup.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\reports.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\storageWrapper.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\updateManager.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\util.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\lib\xhr.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\js\main.js
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\manifest.json
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\popup.html
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa\1.26.70_0\version.json
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llmfehnfojojfamjjijjciopbjimcffa_0.localstorage-journal
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llmfehnfojojfamjjijjciopbjimcffa_0.localstorage
c:\users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Jeremy\AppData\Local\Temp\{8862ACC6-38CC-48AA-B4DC-9125EE98F461}\{98404919-33EC-42EA-A9FA-44A06B399B14}\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\convenience.dll
c:\users\Sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D2C74833-B155-49F7-9F08-5F3806E2D84F}.xps
c:\users\Sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D924AFFF-E742-45F2-914C-723CBF13C6CD}.xps
.
.
((((((((((((((((((((((((( Files Created from 2014-02-19 to 2014-03-19 )))))))))))))))))))))))))))))))
.
.
2014-03-19 18:46 . 2014-03-19 18:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-19 18:46 . 2014-03-19 18:46 -------- d-----w- c:\users\Sara\AppData\Local\temp
2014-03-19 18:46 . 2014-03-19 18:46 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-03-18 19:36 . 2014-03-18 19:36 -------- d-----w- c:\program files (x86)\ESET
2014-03-17 19:08 . 2014-03-17 20:16 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-03-17 02:36 . 2014-03-18 23:26 -------- d-----w- c:\program files (x86)\SpeedFan
2014-03-17 00:52 . 2014-03-17 00:52 -------- d-----w- c:\users\Jeremy\AppData\Roaming\Oracle
2014-03-16 18:42 . 2013-12-19 01:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-16 16:55 . 2014-03-16 16:55 -------- d-----w- c:\windows\ERUNT
2014-03-16 16:50 . 2014-03-16 16:50 -------- d-----w- c:\users\Jeremy\AppData\Roaming\Avira
2014-03-16 16:49 . 2013-12-09 15:37 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-03-16 16:49 . 2013-12-09 15:37 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-03-16 16:49 . 2013-12-09 15:37 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-03-16 16:49 . 2013-12-09 15:37 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-03-16 16:49 . 2014-03-16 16:49 -------- d-----w- c:\programdata\Avira
2014-03-16 16:49 . 2014-03-16 16:49 -------- d-----w- c:\program files (x86)\Avira
2014-03-16 16:40 . 2014-03-19 10:55 -------- d-----w- c:\users\Jeremy\AppData\Local\GCC
2014-03-16 16:40 . 2014-03-19 10:55 -------- d-----w- c:\users\Jeremy\AppData\Local\3783
2014-03-16 14:08 . 2014-03-16 14:11 -------- d-----w- C:\AdwCleaner
2014-03-14 13:09 . 2014-03-14 13:09 5777288 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-03-14 11:27 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-14 11:27 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-03-14 11:27 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-03-14 11:27 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-03-14 11:26 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D3C56C0-F56C-4370-8421-6F237D740F0F}\mpengine.dll
2014-02-25 18:28 . 2014-02-25 18:28 -------- d-----w- c:\windows\Migration
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-18 16:39 . 2011-07-08 11:19 90015360 ----a-w- c:\windows\system32\MRT.exe
2014-03-14 13:09 . 2012-05-02 11:49 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-14 13:09 . 2011-07-11 12:51 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-24 23:09 . 2014-02-13 14:11 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-12-24 22:48 . 2014-02-13 14:11 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-12-21 09:53 . 2014-02-14 14:42 548864 ----a-w- c:\windows\system32\vbscript.dll
2013-12-21 08:56 . 2014-02-14 14:42 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-22 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-03-17 689744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jeremy\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
3;2 taisregispinger;taisregispinger;c:\program files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe;c:\program files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys;c:\windows\SYSNATIVE\drivers\EUBKMON.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys;c:\windows\SYSNATIVE\drivers\EuFdDisk.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 EaseUS Agent;EaseUS Agent Service;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [x]
S2 Guard Agent;Guard Agent Service;c:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [x]
S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 21:39 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-02 13:10]
.
2014-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-28 01:36]
.
2014-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-28 01:36]
.
2014-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4048983874-3147870858-1501911587-1002Core.job
- c:\users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-23 12:49]
.
2014-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4048983874-3147870858-1501911587-1002UA.job
- c:\users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-23 12:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jeremy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 20:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 20:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 20:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 20:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 20:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 20:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Clip selection - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Convert link target to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: New Note - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.1
DPF: {357A8DEC-0CAC-4D8D-9869-C2C356B844F7} - hxxp://twinoakslandscape.lorexddns.net/RSVideoOcx.cab
FF - ProfilePath - c:\users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\dhnicim3.default\
FF - ExtSQL: 2014-03-16 12:39; {6e2a11d1-1853-4cd5-8568-23bab0f50bdb}; c:\program files (x86)\Re-markit-soft\157.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run- - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
AddRemove-Consumer Input Installer - c:\program files (x86)\Consumer Input\CIuninstall.exe
AddRemove-{F25146ED-8C9C-4D92-B26D-7B40AE34EA66}_is1 - c:\program files (x86)\Shop To Win\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-03-19 14:50:29
ComboFix-quarantined-files.txt 2014-03-19 18:50
.
Pre-Run: 339,121,324,032 bytes free
Post-Run: 340,946,182,144 bytes free
.
- - End Of File - - E3B3023E5F62DFA2FAE976ACDFF96A74

Ok, could you please give me an update on your computer? Did Speedfan find any abnormal temps?

Things seem to be better. How would I know if the temps were abnormal? I haven't seen any messages from speedfan.

it just shut down again...

How would I know if the temps were abnormal? I haven't seen any messages from speedfan. .

Speedfan should highlight any abnormal temperatures with, I believe, flames. We need to check those temps.

in that case,yes!

(blue arrow pointing down) HD0: 26 C
(flame) Temp1: 74C
(flame) Core 0: 75C
(flame) Core1: 63C

jeremypc wrote:

in that case,yes!

(blue arrow pointing down) HD0: 26 C
(flame) Temp1: 74C
(flame) Core 0: 75C
(flame) Core1: 63C

That's what is shutting down your computer. It's running too hot. Perhaps the fan(s) have stopped working. It will continue to do this until the heating problem is resolved.

fan is definitely working, I can hear it. maybe it's not working as well as it should..

jeremypc wrote:

fan is definitely working, I can hear it. maybe it's not working as well as it should..

That's possible or it could be dusty inside.

I researched it a little. seems toshibas are known for getting dirty/clogged inside. shop-vac-ed it and temps came down to around 50C...still some flame symbols...but much cooler. may need to take it apart to clean more thoroughly. I think all else is fixed now. thanks for you help!!!!