Jump to content

Recommended Posts

Hello DrDaddyBob! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please download Malwarebytes Anti-Rootkit from here
  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
Link to post
Share on other sites

Borislav,

 

Sorry for the delay. I was away from the computer most of yesterday.

Sorry about attaching the logs instead of pasteing them--it seemed more efficient.

I downloaded and ran mbar a couple of weeks ago. It didn't find anything. Also a full scan by AVG found only a few tracking cookies, again a couple of weeks ago.

Here are the logs:

 

============================================

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.51.2
Run by robertg at 10:38:13 on 2014-02-02
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3318.1347 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Intel\IDU\awServ.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\WINDOWS\sttray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\MSTMON_S.EXE
C:\Program Files\Intel\IDU\iptray.exe
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Roxio 2010\5.0\CPMonitor.exe
C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\VxBlockServer.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\NETGEAR\A6200\A6200.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\Panasonic\HD Writer AE 1\HDWriterAutoStart.exe
C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
C:\Program Files\BOINC\boinc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\NETGEAR\A6200\WifiService.exe
C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\WINDOWS\System32\alg.exe
D:\Dropbox\Dropbox\bin\food.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
C:\Program Files\BOINC\projects\einstein.phys.uwm.edu\einstein_S6CasA_1.05_windows_intelx86__SSE2.exe
C:\Program Files\BOINC\projects\www.worldcommunitygrid.org\wcgrid_mcm1_7.28_windows_intelx86
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uWindow Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet


BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [simpleSYN.NET] "c:\program files\creativbox.net\simplesyn 2.1\CBN.SimpleSYN.NET.exe"
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
uRun: [GarminExpressTrayApp] "c:\program files\garmin\express tray\ExpressTray.exe"
uRun: [AVG-Secure-Search-Update_1213b] c:\documents and settings\robertg\application data\avg 1213b campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=2ce54bd6aca547d2ad172162e13b2af3-ecdf247514800bc69afff5825a45025ca2122c48 /CMPID=1213b
uRun: [AVG-Secure-Search-Update_0214c] c:\documents and settings\robertg\application data\avg 0214c campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=2ce54bd6aca547d2ad172162e13b2af3-ecdf247514800bc69afff5825a45025ca2122c48 /CMPID=0214c
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\12.0\sharedcom\RoxWatchTray12.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [sSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [sigmatelSysTrayApp] sttray.exe
mRun: [PinnacleDriverCheck] c:\windows\system32\PSDrvCheck.exe -CheckReg
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [KONICA MINOLTA magicolor 2400W STD] c:\windows\system32\MSTMON_S.EXE STARTUP
mRun: [ipTray.exe] "c:\program files\intel\idu\iptray.exe"
mRun: [intelAudioStudio] "c:\program files\intel audio studio\IntelAudioStudio.exe" TRAY
mRun: [indexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [dvd43] c:\program files\dvd43\dvd43_tray.exe
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [brMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [CPMonitor] "c:\program files\roxio 2010\5.0\CPMonitor.exe"
mRun: [Desktop Disc Tool] "c:\program files\roxio 2010\roxio burn\RoxioBurnLauncher.exe"
mRun: [uSBToolTip] c:\progra~1\pinnacle\shared~1\programs\usbtip\USBTip.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [bDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Display] c:\program files\apc\powerchute personal edition\DataCollectionLauncher.exe
mRun: [TrueImageMonitor.exe] "c:\program files\acronis\trueimagehome\TrueImageMonitor.exe"
mRun: [AcronisTibMounterMonitor] c:\program files\common files\acronis\tibmounter\TibMounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [userFaultCheck] c:\windows\system32\dumprep 0 -u
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [GENIE] c:\program files\netgear\a6200\A6200.exe -s
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WD Quick View] c:\program files\western digital\wd quick view\WDDMStatus.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\robertg\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\robertg\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\powerchute personal edition\Display.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\boincm~1.lnk - c:\program files\boinc\boincmgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hdwrit~1.lnk - c:\program files\panasonic\hd writer ae 1\HDWriterAutoStart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\photof~1.lnk - c:\program files\common files\panasonic\photofunstudio autostart\AutoStartupService.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\photof~2.lnk - c:\program files\common files\panasonic\photofunstudio autostart\AutoStartupService.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wg111v~1.lnk - c:\program files\netgear\wg111v2 configuration utility\RtlWake.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\ssv.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: cinemanow.com
Trusted Zone: cinemanow.com
Trusted Zone: intuit.com
Trusted Zone: qflix.com
Trusted Zone: roxio.com
Trusted Zone: turbotax.com














TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2D4867AA-9797-4DBB-AE2B-8AFC35A7FC6B} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\robertg\application data\mozilla\firefox\profiles\r58a8jok.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.msn.com/|http://weather.msn.com/local.aspx?wealocations=wc:USUT0195&q=Park+City%2c+UT&setunit=F|http://www.google.com/|https://www.google.com/calendar/render?tab=wc|http://twitter.com/|http://nasatweet.com/wiki/Main_Page|http://finance.yahoo.com/charts?s=%5EDJI#symbol=^dji;range=1d;compare=^ixic+^gspc;indicator=volume;charttype=line;crosshair=on;ohlcvalues=0;logscale=on;source=;
FF - plugin: c:\documents and settings\robertg\application data\mozilla\firefox\profiles\r58a8jok.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-10-24 147768]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448]
R0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\drivers\fltsrv.sys [2012-11-4 81184]
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [2009-10-11 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [2009-10-11 15856]
R0 tib;Acronis TIB Manager;c:\windows\system32\drivers\tib.sys [2013-4-13 736192]
R0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\drivers\tib_mounter.sys [2012-11-4 130488]
R0 vididr;Acronis Virtual Disk;c:\windows\system32\drivers\vididr.sys [2012-11-4 116000]
R0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\drivers\vidsflt.sys [2012-11-4 85280]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-5 120600]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-4 209176]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-17 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-10-31 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848]
R1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [2010-3-31 244608]
R1 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2013-5-10 35088]
R1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [2009-10-11 25584]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\roxio\backontrack\disaster recovery\SaibSVC.exe [2009-6-2 457200]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\adobe\elements 9 organizer\PhotoshopElementsFileAgent.exe [2010-9-6 169408]
R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2012-11-4 3783672]
R2 APC Data Service;APC Data Service;c:\program files\apc\powerchute personal edition\dataserv.exe [2012-1-24 21880]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]
R2 AWService;Admin Works Agent X8;c:\program files\intel\idu\awServ.exe [2006-8-18 67072]
R2 CinemaNow Service;CinemaNow Service;c:\program files\cinemanow\cinemanow media manager\CinemaNowSvc.exe [2009-6-23 127352]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2006-9-26 66048]
R2 FXNSp50;FXNSp50 NDIS Protocol Driver;c:\windows\system32\drivers\FXNSp50.sys [2013-5-10 17664]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\garmin\core update service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-9-19 250200]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2013-6-28 14624]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-11 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-3-25 701512]
R2 PenCommService;Livescribe Pulse Smartpen Service;c:\program files\common files\livescribe\pencomm\PenCommService.exe [2011-10-27 470528]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files\common files\acronis\syncagent\syncagentsrv.exe [2013-3-20 7084672]
R2 WDDriveService;WD Drive Manager;c:\program files\western digital\wd drive manager\WDDriveService.exe [2013-8-14 270704]
R2 WNDA6200;NETGEAR A6200 Service;c:\program files\netgear\a6200\WifiService.exe [2013-9-10 29984]
R3 A6200;NETGEAR A6200 WiFi Adapter Driver;c:\windows\system32\drivers\BCMWLHIGH5.SYS [2013-5-10 2259968]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2012-11-4 234752]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-3-25 22856]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S0 Shadow;Shadow; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\roxio creator 2009\digital home 11\RoxioUpnpService11.exe [2008-8-13 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxLiveShare11.exe [2008-8-13 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxWatch11.exe [2008-8-13 170480]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\common files\roxio shared\12.0\sharedcom\RoxWatch12.exe [2009-7-24 219632]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 PulseUsb;Livescribe Smartpen USB Driver;c:\windows\system32\drivers\PulseUsb.sys [2011-3-21 20480]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\roxio creator 2009\digital home 11\RoxioUPnPRenderer11.exe [2008-8-13 313840]
S3 RoxMediaDB11;RoxMediaDB11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxMediaDB11.exe [2009-3-3 1122304]
S3 RoxMediaDB12;RoxMediaDB12;c:\program files\common files\roxio shared\12.0\sharedcom\RoxMediaDB12.exe [2009-7-24 1116656]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2006-9-26 272128]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2010-10-8 100560]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\vboxnetflt.sys --> c:\windows\system32\drivers\VBoxNetFlt.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-28 14336]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-4-3 44896]
S4 RsFx0151;RsFx0151 Driver;c:\windows\system32\drivers\RsFx0151.sys [2011-6-17 240736]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10_50.sqlexpress\mssql\binn\SQLAGENT.EXE [2011-6-17 370016]
.
=============== Created Last 30 ================
.
2014-01-24 21:31:14    107224    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-24 21:31:14    --------    d-----w-    c:\documents and settings\all users\application data\Malwarebytes' Anti-Malware (portable)
2014-01-24 21:15:51    52312    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-01-15 14:07:20    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-01-11 09:07:40    --------    d-----w-    c:\documents and settings\robertg\application data\AVG2014
2014-01-11 09:06:57    --------    d-----w-    c:\documents and settings\robertg\application data\TuneUp Software
2014-01-11 09:04:52    --------    d--h--w-    C:\$AVG
2014-01-11 09:04:52    --------    d-----w-    c:\documents and settings\all users\application data\AVG2014
2014-01-11 09:04:07    --------    d-----w-    c:\program files\AVG
2014-01-11 09:01:34    --------    d--h--w-    c:\documents and settings\all users\application data\Common Files
2014-01-11 09:01:34    --------    d-----w-    c:\documents and settings\robertg\local settings\application data\MFAData
2014-01-11 09:01:34    --------    d-----w-    c:\documents and settings\robertg\local settings\application data\Avg2014
2014-01-11 09:01:34    --------    d-----w-    c:\documents and settings\all users\application data\MFAData
2014-01-10 14:04:27    7760024    ----a-w-    c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{21dcc514-e4b3-4f28-acbe-dddbdb865f76}\mpengine.dll
2014-01-06 19:23:36    4558848    ----a-w-    c:\windows\system32\GPhotos.scr
.
==================== Find3M  ====================
.
2014-01-22 14:07:24    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-22 14:07:24    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-11-27 20:21:06    40960    ------w-    c:\windows\system32\drivers\ndproxy.sys
2013-11-19 10:33:38    230048    ------w-    c:\windows\system32\MpSigStub.exe
2013-11-13 02:59:42    150528    ------w-    c:\windows\system32\imagehlp.dll
2013-11-07 05:38:51    591360    ----a-w-    c:\windows\system32\rpcrt4.dll
2013-11-06 04:50:48    120600    ----a-w-    c:\windows\system32\drivers\avgdiskx.sys
2013-11-06 01:03:31    7168    ----a-w-    c:\windows\system32\xpsp4res.dll
2013-11-05 04:57:30    209176    ----a-w-    c:\windows\system32\drivers\avgidsdriverx.sys
.
=================== ROOTKIT  ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: Intel___ rev.1.0. -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
kernel: MBR read successfully
_asm { ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL; ADD [bX+SI], AL;  }
user != kernel MBR !!!
sectors 625137616 (+193): user != kernel
.
============= FINISH: 10:44:51.59 ===============

====================================================

attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 9/25/2006 6:44:03 PM
System Uptime: 2/2/2014 6:39:51 AM (4 hours ago)
.
Motherboard: Intel Corporation |  | DG965WH
Processor: Intel® Core2 CPU          6700  @ 2.66GHz |  | 2664/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 298 GiB total, 107.724 GiB free.
D: is FIXED (NTFS) - 596 GiB total, 536.775 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® 82566DC Gigabit Network Connection
Device ID: PCI\VEN_8086&DEV_104B&SUBSYS_00018086&REV_02\3&61AAA01&0&C8
Manufacturer: Intel
Name: Intel® 82566DC Gigabit Network Connection
PNP Device ID: PCI\VEN_8086&DEV_104B&SUBSYS_00018086&REV_02\3&61AAA01&0&C8
Service: e1express
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\AWY0001\4&12686F5B&0
Manufacturer:
Name:
PNP Device ID: ACPI\AWY0001\4&12686F5B&0
Service:
.
Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
Description: CD-ROM Drive
Device ID: SCSI\CDROM&VEN_ROXIO&PROD_DVD-ROM_EMULATOR&REV_2.00\1&2AFD7D61&1&000
Manufacturer: (Standard CD-ROM drives)
Name: ROXIO DVD-ROM EMULATOR SCSI CdRom Device
PNP Device ID: SCSI\CDROM&VEN_ROXIO&PROD_DVD-ROM_EMULATOR&REV_2.00\1&2AFD7D61&1&000
Service: cdrom
.
==== System Restore Points ===================
.
RP1516: 11/3/2013 9:43:00 AM - System Checkpoint
RP1517: 11/4/2013 9:58:02 AM - System Checkpoint
RP1518: 11/5/2013 7:03:42 AM - Software Distribution Service 3.0
RP1519: 11/6/2013 10:16:45 AM - System Checkpoint
RP1520: 11/7/2013 10:50:23 AM - System Checkpoint
RP1521: 11/8/2013 7:10:04 AM - Software Distribution Service 3.0
RP1522: 11/9/2013 11:24:22 AM - System Checkpoint
RP1523: 11/10/2013 1:51:30 PM - System Checkpoint
RP1524: 11/12/2013 6:59:38 AM - Software Distribution Service 3.0
RP1525: 11/13/2013 5:23:46 PM - System Checkpoint
RP1526: 11/13/2013 9:08:06 PM - Software Distribution Service 3.0
RP1527: 11/15/2013 8:16:05 AM - Software Distribution Service 3.0
RP1528: 11/23/2013 9:50:38 PM - Software Distribution Service 3.0
RP1529: 11/26/2013 7:14:10 AM - Software Distribution Service 3.0
RP1530: 11/27/2013 11:28:20 AM - System Checkpoint
RP1531: 11/29/2013 8:03:25 AM - Software Distribution Service 3.0
RP1532: 12/3/2013 6:56:17 AM - Software Distribution Service 3.0
RP1533: 12/4/2013 9:51:26 AM - System Checkpoint
RP1534: 12/5/2013 12:53:12 PM - System Checkpoint
RP1535: 12/6/2013 6:58:53 AM - Software Distribution Service 3.0
RP1536: 12/7/2013 1:07:11 PM - System Checkpoint
RP1537: 12/8/2013 2:45:07 PM - System Checkpoint
RP1538: 12/9/2013 4:49:34 PM - System Checkpoint
RP1539: 12/9/2013 11:00:14 PM - Installed TurboTax 2013 wrapper
RP1540: 12/9/2013 11:09:53 PM - Installed TurboTax 2013 wutiper
RP1541: 12/9/2013 11:10:04 PM - Installed TurboTax 2013 wcaiper
RP1542: 12/10/2013 6:59:04 AM - Software Distribution Service 3.0
RP1543: 12/11/2013 7:11:46 AM - Software Distribution Service 3.0
RP1544: 12/13/2013 6:58:00 AM - Software Distribution Service 3.0
RP1545: 12/14/2013 4:32:12 PM - System Checkpoint
RP1546: 12/16/2013 2:00:11 PM - System Checkpoint
RP1547: 12/17/2013 6:58:39 AM - Software Distribution Service 3.0
RP1548: 12/20/2013 7:23:18 AM - Software Distribution Service 3.0
RP1549: 12/23/2013 3:44:16 PM - System Checkpoint
RP1550: 12/24/2013 7:11:13 AM - Software Distribution Service 3.0
RP1551: 12/25/2013 1:10:58 PM - System Checkpoint
RP1552: 12/26/2013 5:54:42 PM - System Checkpoint
RP1553: 12/27/2013 8:15:00 AM - Software Distribution Service 3.0
RP1554: 12/28/2013 3:14:05 PM - System Checkpoint
RP1555: 12/31/2013 6:57:30 AM - Software Distribution Service 3.0
RP1556: 1/3/2014 6:57:03 AM - Software Distribution Service 3.0
RP1557: 1/5/2014 3:11:09 PM - System Checkpoint
RP1558: 1/7/2014 7:04:20 AM - Software Distribution Service 3.0
RP1559: 1/8/2014 8:17:42 PM - System Checkpoint
RP1560: 1/10/2014 7:04:20 AM - Software Distribution Service 3.0
RP1561: 1/11/2014 2:04:06 AM - Installed AVG 2014
RP1562: 1/11/2014 2:04:31 AM - Installed AVG 2014
RP1563: 1/12/2014 1:19:42 PM - System Checkpoint
RP1564: 1/14/2014 8:54:46 AM - Software Distribution Service 3.0
RP1565: 1/15/2014 7:06:36 AM - Installed Java 7 Update 51
RP1566: 1/15/2014 7:08:51 AM - Software Distribution Service 3.0
RP1567: 1/16/2014 9:51:47 AM - System Checkpoint
RP1568: 1/18/2014 4:36:44 PM - System Checkpoint
RP1569: 1/21/2014 3:47:35 PM - System Checkpoint
RP1570: 1/24/2014 9:49:23 AM - System Checkpoint
RP1571: 1/26/2014 11:03:59 AM - System Checkpoint
RP1572: 1/27/2014 1:14:54 PM - System Checkpoint
RP1573: 1/29/2014 5:22:57 PM - System Checkpoint
RP1574: 1/31/2014 3:48:16 PM - System Checkpoint
.
==== Installed Programs ======================
.
1Click DVD Copy 5.7.9.0
Adobe AIR
Adobe Community Help
Adobe Flash Player 12 Plugin
Adobe Photoshop Elements 9
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 9
Adobe Reader XI (11.0.06)
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
Anywhere PE Viewer 0.1.7
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2014
Beyond Compare 3.3.8
BOINC
Bonjour
Bonjour Print Services
Brother MFL-Pro Suite
Bulk Rename Utility 2.7.1.2
Canon PowerShot SX50 HS Camera User Guide
CDBurnerXP
CinemaNow Media Manager
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
CyberLink PowerDVD
DirectX 9 Runtime
Dropbox
DVD43 v4.5.0
DVDFab Decrypter 3.0.2.0
Elements 9 Organizer
Elements STI Installer
Elevated Installer
EMC 11 Content
Family Lawyer 2002
Garmin Express
Garmin Express Tray
Garmin TOPO U.S. 2008
Google Drive
Google Earth Plug-in
Google Talk (remove only)
Google Update Helper
Google+ Auto Backup
HD Writer AE 1.0 for HDC
Hi-Def Suite
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB958655-v2)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Product Detection
HQuote
Install Intel Desktop Utilities
Intel Audio Studio 2.0
Intel® Desktop Utilities
Intel® Graphics Media Accelerator Driver
Intel® IPP Run-Time Installer 5.2 for Windows* on IA-32
Intel® Management Engine Interface
Intel® Matrix Storage Manager
Intel® PRO Network Connections
InterVideo WinDVD
iTunes
Java 7 Update 51
Java Auto Updater
Java SE Runtime Environment 6 Update 1
jZip
KONICA MINOLTA magicolor 2400W
LightZone 3.7
Livescribe Connect
Livescribe Desktop
LUMIX Simple Viewer
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended Beta 2
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Corporation
Microsoft FrontPage Client - English
Microsoft IntelliPoint 7.0
Microsoft IntelliType Pro 7.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Books Online (English) (September 2007)
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition Books Online
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 SP1 Design Tools English
Microsoft SQL Server Compact 3.5 SP2 Beta English
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework 2.0 Core Components (x86) ENU
Microsoft Sync Framework 2.0 Provider Services (x86) ENU
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft Visual Studio .NET Professional 2003 - English
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSDN Library for Visual Studio .NET 2003
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
NETGEAR A6200 Genie
OGA Notifier 2.0.0048.0
Olympus DSS Player
OptiPix™
PaperPort Image Printer
PhatNotes for Windows
PhoneBrowse 1.7.0
PhoneClean 1.7.0
PHOTOfunSTUDIO 5.2 HD Edition
PHOTOfunSTUDIO 9.2 AE
Picasa 3
Pinnacle Hollywood FX for Studio
Pinnacle Studio 14
Pinnacle Studio Ultimate Plugins
Pinnacle Video Driver
plusdeck2
PowerChute Personal Edition 3.0.2
QuickTime
Red Giant ToonIt Studio
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Burn Manager
Roxio Burn Manager CDB
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio Creator 2010 Content
Roxio Creator 2010 Pro
Roxio Disaster Recovery
Roxio File Backup
Roxio PhotoShow
Roxio Update Manager
Roxio Venue
Roxio Video Capture USB
Roxio Video Capture USB Driver
ScanSoft PaperPort 11
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2124261)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2290570)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975254)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Segoe UI
Service Pack 1 for SQL Server 2008 R2 (KB2528583)
SigmaTel Audio
SILKYPIX Developer Studio 3.1 SE
Skype Toolbars
Skype™ 5.10
SmartDraw 3.0
SmartSound Quicktracks for Premiere Elements 9.0
SmartSound Quicktracks Plugin
SmartSound Sonicfire Pro 5
Sony Player Plug-in for Windows Media Player
SQL Server 2008 R2 Management Objects
SQL Server 2008 R2 SP1 Common Files
SQL Server 2008 R2 SP1 Database Engine Services
SQL Server 2008 R2 SP1 Database Engine Shared
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
Studio 9
Studio 9.4 Patch
SyncToy 2.1 (x86)
TOPO! 4
True Image 2013
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2008 wutiper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2009 wutiper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2010 wutiper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2011 wutiper
TurboTax 2012
TurboTax 2012 wcaiper
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
TurboTax 2012 wutiper
TurboTax 2013
TurboTax 2013 wcaiper
TurboTax 2013 WinPerFedFormset
TurboTax 2013 WinPerReleaseEngine
TurboTax 2013 WinPerTaxSupport
TurboTax 2013 wrapper
TurboTax 2013 wutiper
TurboTax Deluxe 2005
TurboTax Deluxe 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2005
TurboTax ItsDeductible 2006
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
ViewSonic Monitor Drivers
Visual Studio .NET Professional 2003 - English
Visual Studio 2012 x86 Redistributables
Visual Studio.NET Baseline - English
WD Quick View
WebFldrs XP
WexTech AnswerWorks
WG111v2 Configuration Utility
Windows 7 Upgrade Advisor
Windows Defender
Windows Defender Signatures
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Mobile® Device Handbook
Windows XP Service Pack 3
WinZip 14.5
Zoner Photo Studio 12
.
==== Event Viewer Messages From Past Week ========
.
1/31/2014 6:19:19 AM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 11 service to connect.
1/29/2014 8:21:42 AM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Livescribe Pulse Smartpen Service service to connect.
1/29/2014 8:21:42 AM, error: Service Control Manager [7000]  - The Livescribe Pulse Smartpen Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/28/2014 4:18:52 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 12 service to connect.
1/27/2014 6:51:54 AM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Garmin Core Update Service service to connect.
1/27/2014 6:51:54 AM, error: Service Control Manager [7000]  - The Garmin Core Update Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/26/2014 6:48:12 AM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Roxio Upnp Server 11 service to connect.
.
==== End Of File ===========================

=============================================

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.01.24.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
 :: TRANTOR [administrator]

1/24/2014 2:31:29 PM
mbar-log-2014-01-24 (14-31-29).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 415183
Time elapsed: 1 hour(s), 35 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

ok. Just a couple of points, in case you can pass it on.

1. This machine has never done a program restart properly, it gets to the "windows is shutting down" screen and stops there--never turns off, never restarts. I have to manually restart from there. This can't be the only machine in the world with that problem :-). The instructions should cover this case.

2. After it restarts, that's when the message to not start any programs until ComboFix finishes shows, but at that point, you have just restarted--all the startup stuff is going to run. The instructions should say that is ok.

 

Anyway, here is the log:

 

ComboFix 14-02-05.02 - robertg 02/06/2014   9:24.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3318.2393 [GMT -7:00]
Running from: c:\documents and settings\robertg\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\robertg\ResourceReader.dll
c:\documents and settings\robertg\WINDOWS
c:\windows\system32\Cache
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-06 to 2014-02-06  )))))))))))))))))))))))))))))))
.
.
2014-02-05 02:49 . 2014-02-05 02:49    --------    d-----w-    c:\program files\iPod
2014-02-05 02:49 . 2014-02-05 02:50    --------    d-----w-    c:\program files\iTunes
2014-02-05 02:49 . 2014-02-05 02:50    --------    d-----w-    c:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-24 21:31 . 2014-01-24 23:07    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-24 21:31 . 2014-01-24 21:31    107224    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-24 21:15 . 2014-01-24 21:30    52312    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-01-15 14:07 . 2013-12-19 04:10    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-01-11 09:07 . 2014-01-11 09:07    --------    d-----w-    c:\documents and settings\robertg\Application Data\AVG2014
2014-01-11 09:07 . 2014-01-11 09:07    --------    d-----w-    c:\windows\system32\config\systemprofile\Application Data\AVG2014
2014-01-11 09:06 . 2014-01-11 09:06    --------    d-----w-    c:\documents and settings\robertg\Application Data\TuneUp Software
2014-01-11 09:04 . 2014-01-11 09:07    --------    d-----w-    c:\documents and settings\All Users\Application Data\AVG2014
2014-01-11 09:04 . 2014-01-11 09:04    --------    d-----w-    C:\$AVG
2014-01-11 09:04 . 2014-01-11 09:04    --------    d-----w-    c:\program files\AVG
2014-01-11 09:01 . 2014-02-06 01:09    --------    d-----w-    c:\documents and settings\All Users\Application Data\MFAData
2014-01-11 09:01 . 2014-01-11 10:16    --------    d-----w-    c:\documents and settings\robertg\Local Settings\Application Data\Avg2014
2014-01-11 09:01 . 2014-01-11 09:01    --------    d--h--w-    c:\documents and settings\All Users\Application Data\Common Files
2014-01-11 09:01 . 2014-01-11 09:01    --------    d-----w-    c:\documents and settings\robertg\Local Settings\Application Data\MFAData
2014-01-10 14:04 . 2013-12-04 02:57    7760024    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{21DCC514-E4B3-4F28-ACBE-DDDBDB865F76}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 14:11 . 2012-12-24 15:30    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 14:11 . 2012-12-24 15:30    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-01-06 19:23 . 2014-01-06 19:23    4558848    ----a-w-    c:\windows\system32\GPhotos.scr
2013-12-04 02:57 . 2006-09-28 03:05    7760024    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-11-27 20:21 . 2006-02-28 12:00    40960    ------w-    c:\windows\system32\drivers\ndproxy.sys
2013-11-19 10:33 . 2009-10-03 12:24    230048    ------w-    c:\windows\system32\MpSigStub.exe
2013-11-13 02:59 . 2006-02-28 12:00    150528    ------w-    c:\windows\system32\imagehlp.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-03-28 04:36    2661104    ----a-w-    c:\program files\Acronis\TrueImageHome\tishell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-03-28 04:36    2661104    ----a-w-    c:\program files\Acronis\TrueImageHome\tishell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-03-28 04:36    2661104    ----a-w-    c:\program files\Acronis\TrueImageHome\tishell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\documents and settings\robertg\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\documents and settings\robertg\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\documents and settings\robertg\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09    131248    ----a-w-    c:\documents and settings\robertg\Application Data\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 22:47    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 22:47    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 22:47    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 22:47    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 22:47    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 22:47    579024    ----a-w-    c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2013-09-19 1093976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe" [2009-07-24 240112]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"SigmatelSysTrayApp"="sttray.exe" [2008-04-11 413696]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-06-23 81920]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-30 30248]
"KONICA MINOLTA magicolor 2400W STD"="c:\windows\system32\MSTMON_S.EXE" [2004-09-28 184320]
"ipTray.exe"="c:\program files\Intel\IDU\iptray.exe" [2006-09-11 2205696]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-06-07 9129984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-30 46632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-06-23 98304]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-05-11 151552]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-06-23 86016]
"dvd43"="c:\program files\dvd43\dvd43_tray.exe" [2009-10-07 827904]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-11-08 65536]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-02 630784]
"CPMonitor"="c:\program files\Roxio 2010\5.0\CPMonitor.exe" [2009-07-21 84464]
"Desktop Disc Tool"="c:\program files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-23 494064]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-03-02 119152]
"VX3000"="c:\windows\vVX3000.exe" [2010-03-02 762736]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-09-04 75048]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2009-04-17 87336]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2009-04-17 62760]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-05-21 1501064]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2013-03-28 6365920]
"AcronisTibMounterMonitor"="c:\program files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-10 1103424]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-02-15 412480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"GENIE"="c:\program files\NETGEAR\A6200\A6200.exe" [2013-02-18 348888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"WD Quick View"="c:\program files\Western Digital\WD Quick View\WDDMStatus.exe" [2013-08-14 5537136]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-01-20 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\robertg\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\robertg\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files\APC\PowerChute Personal Edition\Display.exe [2012-1-24 271736]
BOINC Manager.lnk - c:\program files\BOINC\boincmgr.exe /s [2007-8-23 4141056]
HD Writer AE 1.0.lnk - c:\program files\Panasonic\HD Writer AE 1\HDWriterAutoStart.exe [2009-12-20 193880]
PHOTOfunSTUDIO 5.2 HD Edition.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe -e "c:\program files\Panasonic\PHOTOfunSTUDIO 5.2 HD\PHOTOfunSTUDIO.exe" [2011-5-30 168064]
PHOTOfunSTUDIO 9.2 AE.lnk - c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe -e "c:\program files\Panasonic\PHOTOfunSTUDIO 9.2 AE\PHOTOfunSTUDIO.exe" [2011-5-30 168064]
WG111v2 Smart Wizard Wireless Setting.lnk - c:\program files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe [2006-9-26 745472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Roxio 2010\\Venue\\Venue.exe"=
"c:\\Program Files\\CinemaNow\\CinemaNow Media Manager\\CinemaNowShell.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\umi.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeEnC2.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeTray.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\robertg\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Acronis\\SyncAgent\\syncagentsrv.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgemcx.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [10/24/2013 10:28 PM 147768]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [10/31/2013 10:30 PM 222520]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [9/10/2013 12:43 AM 27448]
R0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\drivers\fltsrv.sys [11/4/2012 11:22 PM 81184]
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [10/11/2009 9:38 AM 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [10/11/2009 9:38 AM 15856]
R0 tib;Acronis TIB Manager;c:\windows\system32\drivers\tib.sys [4/13/2013 3:13 PM 736192]
R0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\drivers\tib_mounter.sys [11/4/2012 11:22 PM 130488]
R0 vididr;Acronis Virtual Disk;c:\windows\system32\drivers\vididr.sys [11/4/2012 11:22 PM 116000]
R0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\drivers\vidsflt.sys [11/4/2012 11:22 PM 85280]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [11/5/2013 9:50 PM 120600]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [11/4/2013 9:57 PM 209176]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [9/17/2013 12:57 AM 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [10/31/2013 11:00 PM 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [8/1/2013 4:08 PM 193848]
R1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [3/31/2010 8:03 PM 244608]
R1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [10/11/2009 9:38 AM 25584]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [6/2/2009 6:05 PM 457200]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [9/6/2010 1:19 AM 169408]
R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [11/4/2012 11:23 PM 3783672]
R2 APC Data Service;APC Data Service;c:\program files\APC\PowerChute Personal Edition\dataserv.exe [1/24/2012 4:21 PM 21880]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [11/11/2013 10:02 PM 3478544]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [9/24/2013 1:33 AM 348008]
R2 CinemaNow Service;CinemaNow Service;c:\program files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [6/23/2009 4:40 PM 127352]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [9/26/2006 7:56 PM 66048]
R2 FXNSp50;FXNSp50 NDIS Protocol Driver;c:\windows\system32\drivers\FXNSp50.sys [5/10/2013 7:16 AM 17664]
R2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [9/19/2013 7:46 AM 250200]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [6/28/2013 5:48 PM 14624]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [10/11/2012 5:56 PM 418376]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/25/2010 5:47 PM 701512]
R2 PenCommService;Livescribe Pulse Smartpen Service;c:\program files\Common Files\Livescribe\PenComm\PenCommService.exe [10/27/2011 4:56 PM 470528]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [3/20/2013 6:28 PM 7084672]
R2 WDDriveService;WD Drive Manager;c:\program files\Western Digital\WD Drive Manager\WDDriveService.exe [8/14/2013 6:57 AM 270704]
R2 WNDA6200;NETGEAR A6200 Service;c:\program files\NETGEAR\A6200\WifiService.exe [9/10/2013 4:15 PM 29984]
R3 A6200;NETGEAR A6200 WiFi Adapter Driver;c:\windows\system32\drivers\BCMWLHIGH5.SYS [5/10/2013 7:13 AM 2259968]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [11/4/2012 11:23 PM 234752]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/25/2010 5:47 PM 22856]
S0 Shadow;Shadow; [x]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [8/13/2008 11:25 PM 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [8/13/2008 11:24 PM 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [8/13/2008 11:24 PM 170480]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [7/24/2009 7:33 AM 219632]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 12:28 PM 160944]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 6:19 PM 13592]
S3 Pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\Pcouffin.sys --> c:\windows\system32\Drivers\Pcouffin.sys [?]
S3 PulseUsb;Livescribe Smartpen USB Driver;c:\windows\system32\drivers\PulseUsb.sys [3/21/2011 7:44 PM 20480]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [8/13/2008 11:25 PM 313840]
S3 RoxMediaDB11;RoxMediaDB11;c:\program files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [3/3/2009 7:58 PM 1122304]
S3 RoxMediaDB12;RoxMediaDB12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [7/24/2009 7:33 AM 1116656]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [9/26/2006 7:56 PM 272128]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [10/8/2010 2:57 PM 100560]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [4/3/2010 10:56 AM 44896]
S4 RsFx0151;RsFx0151 Driver;c:\windows\system32\drivers\RsFx0151.sys [6/17/2011 8:28 PM 240736]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [6/17/2011 9:19 PM 370016]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc    REG_MULTI_SZ       p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-06 c:\windows\Tasks\AdobeAAMUpdater-1.0-TRANTOR-robertg.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-07-29 07:25]
.
2014-02-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
.
2014-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 00:13]
.
2014-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 00:13]
.
2010-03-08 c:\windows\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job
- c:\program files\Microsoft LifeCam\LifeExp.exe [2010-03-02 02:37]
.
.
------- Supplementary Scan -------
.

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Trusted Zone: cinemanow.com
Trusted Zone: intuit.com
Trusted Zone: qflix.com
Trusted Zone: roxio.com
Trusted Zone: sonic.com\redirect
Trusted Zone: sonic.com\redirect2
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\robertg\Application Data\Mozilla\Firefox\Profiles\r58a8jok.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.msn.com/|http://weather.msn.com/local.aspx?wealocations=wc:USUT0195&q=Park+City%2c+UT&setunit=F|http://www.google.com/|https://www.google.com/calendar/render?tab=wc|http://twitter.com/|http://nasatweet.com/wiki/Main_Page|http://finance.yahoo.com/charts?s=%5EDJI#symbol=^dji;range=1d;compare=^ixic+^gspc;indicator=volume;charttype=line;crosshair=on;ohlcvalues=0;logscale=on;source=;
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-SimpleSYN.NET - c:\program files\creativbox.net\SimpleSYN 2.1\CBN.SimpleSYN.NET.exe
HKCU-Run-AVG-Secure-Search-Update_1213b - c:\documents and settings\robertg\Application Data\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe
HKCU-Run-AVG-Secure-Search-Update_0214c - c:\documents and settings\robertg\Application Data\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe
HKLM-Run-SysTrayApp - c:\program files\IDT\WDM\sttray.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-06 09:45
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: Intel___ rev.1.0. -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 625137616 (+193): user != kernel
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-527237240-606747145-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(5700)
c:\windows\system32\WININET.dll
c:\program files\Acronis\TrueImageHome\tishell.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\documents and settings\robertg\Application Data\Dropbox\bin\DropboxExt.22.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\program files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\APC\PowerChute Personal Edition\mainserv.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Intel\IDU\awServ.exe
c:\windows\system32\bgsvcgen.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Olympus\DeviceDetector\DM1Service.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\sttray.exe
c:\program files\Brother\ControlCenter3\brccMCtl.exe
c:\windows\system32\VxBlockServer.exe
c:\program files\Microsoft IntelliPoint\dpupdchk.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\BOINC\boincmgr.exe
c:\program files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
c:\documents and settings\robertg\Application Data\Dropbox\bin\Dropbox.exe
c:\program files\APC\PowerChute Personal Edition\apcsystray.exe
c:\program files\BOINC\boinc.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\program files\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.48_windows_intelx86.exe
c:\program files\BOINC\projects\einstein.phys.uwm.edu\hsgamma_FGRP3_1.09_windows_intelx86.exe
.
**************************************************************************
.
Completion time: 2014-02-06  09:51:16 - machine was rebooted
ComboFix-quarantined-files.txt  2014-02-06 16:51
.
Pre-Run: 115,455,950,848 bytes free
Post-Run: 135,060,951,040 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 8B7C670A96A843150DF7A805C783F7F3
5FB38429D5D77768867C76DCBDB35194
 

Link to post
Share on other sites

Thanks for letting me know!

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-02-2014
Ran by robertg (administrator) on TRANTOR on 06-02-2014 16:34:04
Running from C:\Documents and Settings\robertg\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
() C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(OSA Technologies Inc., An Avocent Company) C:\Program Files\Intel\IDU\awServ.exe
(B.H.A Corporation) C:\WINDOWS\system32\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(IDT, Inc.) C:\WINDOWS\sttray.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) C:\WINDOWS\system32\MSTMON_S.EXE
(OSA Technologies Inc., An Avocent Company) C:\Program Files\Intel\IDU\iptray.exe
(Intel Corporation) C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
() C:\Program Files\dvd43\DVD43_Tray.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
() C:\Program Files\Roxio 2010\5.0\CPMonitor.exe
() C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\vVX3000.exe
(cyberlink) C:\Program Files\CyberLink\Shared Files\brs.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Sonic Solutions) C:\WINDOWS\system32\VxBlockServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Google) C:\Program Files\Google\Google Talk\googletalk.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Acronis) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(NETGEAR,Inc.) C:\Program Files\NETGEAR\A6200\A6200.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Livescribe) C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(Panasonic Corporation) C:\Program Files\Panasonic\HD Writer AE 1\HDWriterAutoStart.exe
(Panasonic Corporation) C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
() C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\Program Files\NETGEAR\A6200\WifiService.exe
(Schneider Electric) C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(TODO: <Company name>) D:\Dropbox\Dropbox\bin\food.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\projects\setiathome.berkeley.edu\setiathome_7.00_windows_intelx86.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [255528 2007-02-01] (Nuance Communications, Inc.)
HKLM\...\Run: [RoxWatchTray] - C:\Program Files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe [240112 2009-07-24] (Sonic Solutions)
HKLM\...\Run: [sSBkgdUpdate] - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [sigmatelSysTrayApp] - C:\WINDOWS\sttray.exe [413696 2008-04-10] (IDT, Inc.)
HKLM\...\Run: [PinnacleDriverCheck] - C:\WINDOWS\system32\PSDrvCheck.exe [406016 2004-03-10] ()
HKLM\...\Run: [PaperPort PTD] - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [30248 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [KONICA MINOLTA magicolor 2400W STD] - C:\WINDOWS\system32\MSTMON_S.EXE [184320 2004-09-27] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Run: [ipTray.exe] - C:\Program Files\Intel\IDU\iptray.exe [2205696 2006-09-11] (OSA Technologies Inc., An Avocent Company)
HKLM\...\Run: [intelAudioStudio] - C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [9129984 2006-06-07] (Intel Corporation)
HKLM\...\Run: [indexSearch] - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [iAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-05-11] (Intel Corporation)
HKLM\...\Run: [dvd43] - C:\Program Files\dvd43\dvd43_tray.exe [827904 2009-10-06] ()
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2006-11-07] (Brother Industries, Ltd.)
HKLM\...\Run: [brMfcWnd] - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [630784 2007-03-02] (Brother Industries, Ltd.)
HKLM\...\Run: [CPMonitor] - C:\Program Files\Roxio 2010\5.0\CPMonitor.exe [84464 2009-07-21] ()
HKLM\...\Run: [Desktop Disc Tool] - C:\Program Files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe [494064 2009-06-23] ()
HKLM\...\Run: [uSBToolTip] - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-03-01] (Microsoft Corporation)
HKLM\...\Run: [VX3000] - C:\WINDOWS\vVX3000.exe [762736 2010-03-01] (Microsoft Corporation)
HKLM\...\Run: [bDRegion] - C:\Program Files\Cyberlink\Shared Files\brs.exe [75048 2009-09-04] (cyberlink)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [87336 2009-04-16] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [62760 2009-04-16] ()
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1501064 2009-05-21] (Microsoft Corporation)
HKLM\...\Run: [intelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1468296 2009-05-26] (Microsoft Corporation)
HKLM\...\Run: [googletalk] - C:\Program Files\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [6365920 2013-03-27] (Acronis)
HKLM\...\Run: [AcronisTibMounterMonitor] - C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103424 2013-01-10] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [412480 2013-02-15] (Acronis)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [GENIE] - C:\Program Files\NETGEAR\A6200\A6200.exe [348888 2013-02-18] (NETGEAR,Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [WD Quick View] - C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\.DEFAULT\...\Policies\Explorer: [CDRAutoRun] 0
HKU\S-1-5-21-527237240-606747145-839522115-1003\...\Run: [GoogleDriveSync] - C:\Program Files\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKU\S-1-5-21-527237240-606747145-839522115-1003\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\APC UPS Status.lnk
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BOINC Manager.lnk
ShortcutTarget: BOINC Manager.lnk -> C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HD Writer AE 1.0.lnk
ShortcutTarget: HD Writer AE 1.0.lnk -> C:\Program Files\Panasonic\HD Writer AE 1\HDWriterAutoStart.exe (Panasonic Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.2 HD Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 5.2 HD Edition.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.2 AE.lnk
ShortcutTarget: PHOTOfunSTUDIO 9.2 AE.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WG111v2 Smart Wizard Wireless Setting.lnk
ShortcutTarget: WG111v2 Smart Wizard Wireless Setting.lnk -> C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe ()
Startup: C:\Documents and Settings\robertg\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\robertg\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
SearchScopes: HKLM - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKCU - DefaultScope {7A814A2E-A9B3-4BA4-9229-B52BFCDEF1E9} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {7A814A2E-A9B3-4BA4-9229-B52BFCDEF1E9} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB
DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} http://asp.mathxl.com/wizmodules/testgen/installers/TestGenXInstall.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-6u1-windows-i586-jc.cab
DPF: {95D88B35-A521-472B-A182-BB1A98356421} http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} http://asp.mathxl.com/books/_Players/MathPlayer.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 05 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
Winsock: Catalog5 06 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\robertg\Application Data\Mozilla\Firefox\Profiles\r58a8jok.default
FF Homepage: hxxp://my.msn.com/|hxxp://weather.msn.com/local.aspx?wealocations=wc:USUT0195&q=Park+City%2c+UT&setunit=F|hxxp://www.google.com/|https://www.google.com/calendar/render?tab=wc|hxxp://twitter.com/|hxxp://nasatweet.com/wiki/Main_Page|hxxp://finance.yahoo.com/charts?s=%5EDJI#symbol=^dji;range=1d;compare=^ixic+^gspc;indicator=volume;charttype=line;crosshair=on;ohlcvalues=0;logscale=on;source=;
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Garmin Communicator - C:\Documents and Settings\robertg\Application Data\Mozilla\Firefox\Profiles\r58a8jok.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\

========================== Services (Whitelisted) =================

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-11] (Microsoft Corporation)
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [457200 2009-06-02] ()
R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [830376 2013-02-15] (Acronis)
R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-06] (Adobe Systems Incorporated)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3783672 2013-04-13] (Acronis)
R2 APC Data Service; C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 AWService; C:\Program Files\Intel\IDU\awServ.exe [67072 2006-08-18] (OSA Technologies Inc., An Avocent Company)
R2 bgsvcgen; C:\WINDOWS\system32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 DM1Service; C:\Program Files\Olympus\DeviceDetector\DM1Service.exe [69632 2006-10-10] (OLYMPUS IMAGING CORP.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSFtpsvc; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 p2pgasvc; C:\WINDOWS\system32\p2pgasvc.dll [105472 2008-04-13] (Microsoft Corporation)
S3 Roxio UPnP Renderer 11; C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [313840 2008-08-13] (Sonic Solutions)
S2 Roxio Upnp Server 11; C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe [367088 2008-08-13] (Sonic Solutions)
S2 RoxLiveShare11; C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [309744 2008-08-13] (Sonic Solutions)
S3 RoxMediaDB11; C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [1122304 2009-01-09] (Sonic Solutions)
S2 RoxWatch11; C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [170480 2008-08-13] (Sonic Solutions)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
S2 STacSV; C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe [212992 2008-04-10] (IDT, Inc.)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7084672 2013-03-20] (Acronis)
R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-13] (Microsoft Corporation)
R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WNDA6200; C:\Program Files\NETGEAR\A6200\WifiService.exe [29984 2012-09-24] ()
S3 Roxio UPnP Renderer 9; "C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe" [X]
S2 Roxio Upnp Server 9; "C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe" [X]
S2 RoxLiveShare9; "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]
S3 stllssvr; "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R3 A6200; C:\WINDOWS\System32\DRIVERS\bcmwlhigh5.sys [2259968 2013-02-28] (Broadcom Corporation)
R3 ASAPIW2k; C:\WINDOWS\System32\drivers\ASAPIW2k.sys [11264 2004-03-10] (Pinnacle Systems GmbH)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
R1 c2scsi; C:\WINDOWS\system32\Drivers\c2scsi.sys [244608 2007-08-30] (Sonic Solutions)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cdrbsdrv; C:\WINDOWS\system32\Drivers\cdrbsdrv.sys [33408 2006-02-20] (B.H.A Corporation)
R2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [41984 2005-03-13] (DeviceGuys, Inc.)
R3 dvd43llh; C:\WINDOWS\System32\DRIVERS\dvd43llh.sys [18816 2009-10-11] (RIF)
R2 EAPPkt; C:\WINDOWS\System32\DRIVERS\EAPPkt.sys [66048 2005-04-01] (Windows ® 2000 DDK provider)
R2 FXNSp50; C:\WINDOWS\System32\Drivers\FXNSp50.sys [17664 2004-10-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 IPFilter; C:\WINDOWS\System32\DRIVERS\IPFilter.sys [11136 2002-04-11] (Microsoft Corporation)
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 osaio; C:\WINDOWS\system32\drivers\osaio.sys [7296 2005-06-30] (OSA Technologies, An Avocent Company)
S3 OVT511Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [167816 2001-09-18] (OmniVision Technologies, Inc.)
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [45744 2011-10-04] (Rovi Corporation)
S4 RsFx0151; C:\WINDOWS\System32\DRIVERS\RsFx0151.sys [240736 2011-06-17] (Microsoft Corporation)
S3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\wg111v2.sys [272128 2007-12-26] (NETGEAR Inc.)
S4 RxFilter; C:\WINDOWS\System32\DRIVERS\RxFilter.sys [57328 2008-08-11] (Sonic Solutions)
R3 sfng32; C:\WINDOWS\System32\drivers\sfng32.sys [41728 2005-12-02] (Sonic Focus, Inc)
R3 SMBios; C:\WINDOWS\System32\DRIVERS\SMBios.sys [36484 2003-11-03] (Intel Corporation)
R3 smbusp; C:\WINDOWS\System32\DRIVERS\intelsmb.sys [22272 2006-08-30] (Intel Corporation)
S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [7168 2009-11-12] ()
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1177032 2006-05-25] (SigmaTel, Inc.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [888640 2013-04-13] (Acronis International GmbH)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [736192 2013-04-13] (Acronis International GmbH)
R0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [130488 2013-04-13] (Acronis)
S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA.sys [572280 2009-06-19] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM.sys [533752 2009-06-19] (eMPIA Technology, Inc.)
R0 vididr; C:\WINDOWS\System32\DRIVERS\vididr.sys [116000 2013-04-13] (Acronis International GmbH)
R0 vidsflt; C:\WINDOWS\System32\DRIVERS\vidsflt.sys [85280 2013-04-13] (Acronis International GmbH)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [87536 2009-09-01] (CyberLink Corp.)
S3 BVRPMPR5; \??\E:\INSTAL~E\Core\BVRPMPR5.SYS [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 Pcouffin; System32\Drivers\Pcouffin.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S0 Shadow; No ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-06 16:34 - 2014-02-06 16:34 - 00031233 _____ () C:\Documents and Settings\robertg\Desktop\FRST.txt
2014-02-06 16:33 - 2014-02-06 16:34 - 00000000 ____D () C:\FRST
2014-02-06 16:33 - 2014-02-06 16:33 - 01136640 _____ (Farbar) C:\Documents and Settings\robertg\Desktop\FRST.exe
2014-02-06 10:04 - 2014-02-06 10:05 - 00000000 ____D () C:\Documents and Settings\robertg\Start Menu\Programs\CyberLink PowerDVD
2014-02-06 09:51 - 2014-02-06 09:51 - 00029952 _____ () C:\ComboFix.txt
2014-02-06 09:34 - 2014-02-06 09:34 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-02-06 09:34 - 2014-02-06 09:34 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-02-06 09:34 - 2014-02-06 09:34 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-02-06 09:34 - 2014-02-06 09:34 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-02-06 09:34 - 2014-02-06 09:34 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-02-06 09:19 - 2014-02-06 09:19 - 00000000 _RSHD () C:\cmdcons
2014-02-06 09:19 - 2009-07-30 17:52 - 00000211 _____ () C:\Boot.bak
2014-02-06 09:19 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2014-02-06 09:17 - 2011-06-25 23:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-02-06 09:17 - 2010-11-07 10:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-02-06 09:17 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-02-06 09:17 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-02-06 09:17 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-02-06 09:17 - 2000-08-30 17:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-02-06 09:17 - 2000-08-30 17:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-02-06 09:17 - 2000-08-30 17:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-02-06 09:17 - 2000-08-30 17:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-02-06 09:16 - 2014-02-06 09:51 - 00000000 ____D () C:\Qoobox
2014-02-06 09:16 - 2014-02-06 09:49 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-06 09:07 - 2014-02-06 09:07 - 05180173 ____R (Swearware) C:\Documents and Settings\robertg\Desktop\ComboFix.exe
2014-02-04 19:50 - 2014-02-04 19:50 - 00001548 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-02-04 19:50 - 2014-02-04 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-02-04 19:49 - 2014-02-04 19:50 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 19:49 - 2014-02-04 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-04 19:49 - 2014-02-04 19:49 - 00000000 ____D () C:\Program Files\iPod
2014-02-02 10:45 - 2014-02-02 10:45 - 00033404 _____ () C:\Documents and Settings\robertg\Desktop\attach.txt
2014-02-02 10:45 - 2014-02-02 10:44 - 00025932 _____ () C:\Documents and Settings\robertg\Desktop\dds.txt
2014-02-02 10:36 - 2014-02-02 10:36 - 00688992 ____R (Swearware) C:\Documents and Settings\robertg\Desktop\dds.com
2014-01-24 14:31 - 2014-01-24 16:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-24 14:31 - 2014-01-24 14:31 - 00107224 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-01-24 14:15 - 2014-01-24 16:07 - 00000000 ____D () C:\Documents and Settings\robertg\Desktop\mbar
2014-01-24 14:15 - 2014-01-24 14:30 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-22 15:30 - 2014-01-24 12:10 - 00002239 _____ () C:\Documents and Settings\robertg\Desktop\launch view.txt
2014-01-15 07:09 - 2014-01-15 07:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-15 07:08 - 2014-01-15 07:09 - 00005885 _____ () C:\WINDOWS\KB2914368.log
2014-01-15 07:07 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-15 07:07 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-01-15 07:07 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-01-15 07:07 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-01-15 07:06 - 2014-01-15 07:07 - 00005134 _____ () C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log
2014-01-11 02:07 - 2014-01-11 02:07 - 00000000 ____D () C:\Documents and Settings\robertg\Application Data\AVG2014
2014-01-11 02:06 - 2014-01-11 02:06 - 00000708 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2014-01-11 02:06 - 2014-01-11 02:06 - 00000000 ____D () C:\Documents and Settings\robertg\Application Data\TuneUp Software
2014-01-11 02:06 - 2014-01-11 02:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-01-11 02:04 - 2014-01-11 02:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-01-11 02:04 - 2014-01-11 02:04 - 00000000 ____D () C:\Program Files\AVG
2014-01-11 02:04 - 2014-01-11 02:04 - 00000000 ____D () C:\$AVG
2014-01-11 02:01 - 2014-02-06 09:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-01-11 02:01 - 2014-01-11 03:16 - 00000000 ____D () C:\Documents and Settings\robertg\Local Settings\Application Data\Avg2014
2014-01-11 02:01 - 2014-01-11 02:01 - 00000000 ____D () C:\Documents and Settings\robertg\Local Settings\Application Data\MFAData
2014-01-10 08:12 - 2014-01-10 09:18 - 00001079 _____ () C:\Documents and Settings\robertg\Desktop\travel.txt
2014-01-09 21:42 - 2014-01-09 21:42 - 00002272 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-01-07 11:52 - 2014-01-08 08:55 - 00000671 _____ () C:\Documents and Settings\robertg\Desktop\rv ques.txt

==================== One Month Modified Files and Folders =======

2014-02-06 16:34 - 2014-02-06 16:34 - 00031233 _____ () C:\Documents and Settings\robertg\Desktop\FRST.txt
2014-02-06 16:34 - 2014-02-06 16:33 - 00000000 ____D () C:\FRST
2014-02-06 16:33 - 2014-02-06 16:33 - 01136640 _____ (Farbar) C:\Documents and Settings\robertg\Desktop\FRST.exe
2014-02-06 16:33 - 2007-09-16 16:50 - 00000000 ____D () C:\Program Files\BOINC
2014-02-06 16:05 - 2010-08-20 17:14 - 00000888 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 10:13 - 2013-09-10 16:16 - 00123097 _____ () C:\WINDOWS\system32\_A6200_Service.txt
2014-02-06 10:11 - 2012-08-11 19:24 - 00000000 ____D () C:\Documents and Settings\robertg\Application Data\Dropbox
2014-02-06 10:08 - 2006-09-25 11:21 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-02-06 10:07 - 2006-09-25 17:39 - 01827507 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-06 10:07 - 2006-09-25 11:32 - 00000257 _____ () C:\WINDOWS\wiadebug.log
2014-02-06 10:06 - 2006-09-25 11:32 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-02-06 10:06 - 2006-02-28 05:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-06 10:05 - 2014-02-06 10:04 - 00000000 ____D () C:\Documents and Settings\robertg\Start Menu\Programs\CyberLink PowerDVD
2014-02-06 10:04 - 2010-08-20 17:14 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 10:04 - 2006-09-25 17:46 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-06 10:04 - 2004-09-17 23:53 - 00019095 _____ () C:\WINDOWS\MSTMON_S.INI
2014-02-06 10:02 - 2010-04-05 20:33 - 00316018 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-02-06 10:02 - 2006-09-28 19:16 - 00000278 ___SH () C:\Documents and Settings\robertg\ntuser.ini
2014-02-06 10:02 - 2006-09-25 17:46 - 00032592 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-06 09:51 - 2014-02-06 09:51 - 00029952 _____ () C:\ComboFix.txt
2014-02-06 09:51 - 2014-02-06 09:16 - 00000000 ____D () C:\Qoobox
2014-02-06 09:51 - 2006-09-25 17:45 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-02-06 09:49 - 2014-02-06 09:16 - 00000000 ____D () C:\WINDOWS\erdnt
2014-02-06 09:49 - 2006-09-25 11:30 - 00774758 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-06 09:48 - 2014-01-11 02:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-02-06 09:43 - 2006-02-28 05:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-02-06 09:35 - 2006-09-25 11:29 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-02-06 09:35 - 2006-09-25 11:29 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-02-06 09:35 - 2006-09-25 11:27 - 93585408 _____ () C:\WINDOWS\system32\config\software.bak
2014-02-06 09:35 - 2006-09-25 11:27 - 09175040 _____ () C:\WINDOWS\system32\config\system.bak
2014-02-06 09:35 - 2006-09-25 11:27 - 01835008 _____ () C:\WINDOWS\system32\config\default.bak
2014-02-06 09:34 - 2014-02-06 09:34 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-02-06 09:34 - 2014-02-06 09:34 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-02-06 09:34 - 2014-02-06 09:34 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-02-06 09:34 - 2014-02-06 09:34 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-02-06 09:34 - 2014-02-06 09:34 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-02-06 09:32 - 2006-09-28 19:16 - 00000000 ____D () C:\Documents and Settings\robertg
2014-02-06 09:19 - 2014-02-06 09:19 - 00000000 _RSHD () C:\cmdcons
2014-02-06 09:19 - 2006-09-25 11:28 - 00000327 __RSH () C:\boot.ini
2014-02-06 09:07 - 2014-02-06 09:07 - 05180173 ____R (Swearware) C:\Documents and Settings\robertg\Desktop\ComboFix.exe
2014-02-06 07:24 - 2008-09-10 19:40 - 00740058 _____ () C:\WINDOWS\setupapi.log
2014-02-06 02:00 - 2011-06-02 19:21 - 00000346 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-TRANTOR-robertg.job
2014-02-05 16:52 - 2012-11-12 17:55 - 00000000 ___RD () C:\Documents and Settings\robertg\Sync
2014-02-05 07:11 - 2012-12-24 08:30 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 07:11 - 2012-12-24 08:30 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-04 19:50 - 2014-02-04 19:50 - 00001548 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-02-04 19:50 - 2014-02-04 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-02-04 19:50 - 2014-02-04 19:49 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 19:50 - 2014-02-04 19:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-04 19:49 - 2014-02-04 19:49 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 19:49 - 2011-07-11 17:46 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-04 19:40 - 2011-07-11 17:46 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
2014-02-04 19:25 - 2011-11-01 10:14 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-02-04 11:01 - 2010-04-05 20:33 - 01722795 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-527237240-606747145-839522115-1003-0.dat
2014-02-04 07:57 - 2013-12-09 23:01 - 00002399 _____ () C:\Documents and Settings\All Users\Desktop\TurboTax 2013.lnk
2014-02-02 10:45 - 2014-02-02 10:45 - 00033404 _____ () C:\Documents and Settings\robertg\Desktop\attach.txt
2014-02-02 10:44 - 2014-02-02 10:45 - 00025932 _____ () C:\Documents and Settings\robertg\Desktop\dds.txt
2014-02-02 10:36 - 2014-02-02 10:36 - 00688992 ____R (Swearware) C:\Documents and Settings\robertg\Desktop\dds.com
2014-01-26 19:14 - 2010-04-03 15:49 - 00000000 ____D () C:\Documents and Settings\robertg\My Documents\SQL Server Management Studio
2014-01-24 16:07 - 2014-01-24 14:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-24 16:07 - 2014-01-24 14:15 - 00000000 ____D () C:\Documents and Settings\robertg\Desktop\mbar
2014-01-24 14:31 - 2014-01-24 14:31 - 00107224 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-01-24 14:30 - 2014-01-24 14:15 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-24 12:10 - 2014-01-22 15:30 - 00002239 _____ () C:\Documents and Settings\robertg\Desktop\launch view.txt
2014-01-22 07:07 - 2006-12-22 18:30 - 00000000 ____D () C:\Documents and Settings\robertg\Local Settings\Application Data\Adobe
2014-01-19 13:27 - 2011-09-16 20:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
2014-01-15 07:14 - 2013-08-10 10:01 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-15 07:09 - 2014-01-15 07:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-15 07:09 - 2014-01-15 07:08 - 00005885 _____ () C:\WINDOWS\KB2914368.log
2014-01-15 07:09 - 2006-09-27 17:06 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 07:09 - 2006-09-25 11:30 - 03068005 _____ () C:\WINDOWS\FaxSetup.log
2014-01-15 07:09 - 2006-09-25 11:30 - 01532043 _____ () C:\WINDOWS\ocgen.log
2014-01-15 07:09 - 2006-09-25 11:30 - 01429022 _____ () C:\WINDOWS\tsoc.log
2014-01-15 07:09 - 2006-09-25 11:30 - 01042893 _____ () C:\WINDOWS\comsetup.log
2014-01-15 07:09 - 2006-09-25 11:30 - 00974902 _____ () C:\WINDOWS\msmqinst.log
2014-01-15 07:09 - 2006-09-25 11:30 - 00640907 _____ () C:\WINDOWS\ntdtcsetup.log
2014-01-15 07:09 - 2006-09-25 11:30 - 00540560 _____ () C:\WINDOWS\netfxocm.log
2014-01-15 07:09 - 2006-09-25 11:30 - 00214780 _____ () C:\WINDOWS\MedCtrOC.log
2014-01-15 07:09 - 2006-09-25 11:30 - 00182201 _____ () C:\WINDOWS\iis6.log
2014-01-15 07:09 - 2006-09-25 11:30 - 00171507 _____ () C:\WINDOWS\ocmsn.log
2014-01-15 07:09 - 2006-09-25 11:30 - 00155645 _____ () C:\WINDOWS\msgsocm.log
2014-01-15 07:09 - 2006-09-25 11:30 - 00153840 _____ () C:\WINDOWS\tabletoc.log
2014-01-15 07:09 - 2006-09-25 11:30 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-01-15 07:07 - 2014-01-15 07:06 - 00005134 _____ () C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log
2014-01-15 07:07 - 2007-04-30 17:15 - 00000000 ____D () C:\Program Files\Java
2014-01-14 12:54 - 2013-03-11 06:07 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-01-11 10:00 - 2006-09-25 11:21 - 00000000 ____D () C:\WINDOWS\security
2014-01-11 03:16 - 2014-01-11 02:01 - 00000000 ____D () C:\Documents and Settings\robertg\Local Settings\Application Data\Avg2014
2014-01-11 02:07 - 2014-01-11 02:07 - 00000000 ____D () C:\Documents and Settings\robertg\Application Data\AVG2014
2014-01-11 02:07 - 2014-01-11 02:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-01-11 02:06 - 2014-01-11 02:06 - 00000708 _____ () C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2014-01-11 02:06 - 2014-01-11 02:06 - 00000000 ____D () C:\Documents and Settings\robertg\Application Data\TuneUp Software
2014-01-11 02:06 - 2014-01-11 02:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-01-11 02:04 - 2014-01-11 02:04 - 00000000 ____D () C:\Program Files\AVG
2014-01-11 02:04 - 2014-01-11 02:04 - 00000000 ____D () C:\$AVG
2014-01-11 02:01 - 2014-01-11 02:01 - 00000000 ____D () C:\Documents and Settings\robertg\Local Settings\Application Data\MFAData
2014-01-11 01:48 - 2010-02-27 20:24 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Norton
2014-01-10 09:18 - 2014-01-10 08:12 - 00001079 _____ () C:\Documents and Settings\robertg\Desktop\travel.txt
2014-01-09 21:42 - 2014-01-09 21:42 - 00002272 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-01-09 21:34 - 2012-08-12 18:45 - 00001026 _____ () C:\Documents and Settings\robertg\Desktop\Dropbox.lnk
2014-01-09 21:34 - 2012-08-12 18:42 - 00000000 ____D () C:\Documents and Settings\robertg\Start Menu\Programs\Dropbox
2014-01-08 08:55 - 2014-01-07 11:52 - 00000671 _____ () C:\Documents and Settings\robertg\Desktop\rv ques.txt

Files to move or delete:
====================
C:\Documents and Settings\robertg\en_res.dll
C:\Documents and Settings\robertg\es_res.dll
C:\Documents and Settings\robertg\fr_res.dll
C:\Documents and Settings\robertg\grm_res.dll
C:\Documents and Settings\robertg\it_res.dll
C:\Documents and Settings\robertg\jp_res.dll
C:\Documents and Settings\robertg\mfc80u.dll
C:\Documents and Settings\robertg\msvcr80.dll
C:\Documents and Settings\robertg\PCPE Setup.exe
C:\Documents and Settings\robertg\pt_res.dll
C:\Documents and Settings\robertg\ru_res.dll
C:\Documents and Settings\robertg\zh_res.dll


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-02-2014
Ran by robertg at 2014-02-06 16:35:41
Running from C:\Documents and Settings\robertg\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

==================== Installed Programs ======================

1Click DVD Copy 5.7.9.0 (Version:  - LG Software Innovations) <==== ATTENTION
Adobe AIR (Version: 3.9.0.1380 - Adobe Systems Incorporated) <==== ATTENTION
Adobe AIR (Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Adobe Community Help (Version: 3.2.1 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Adobe Community Help (Version: 3.2.1.650 - Adobe Systems Incorporated) <==== ATTENTION
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated) <==== ATTENTION
Adobe Photoshop Elements 9 (Version: 9.0.3.0 - Adobe Systems Incorporated) <==== ATTENTION
Adobe Photoshop Elements 9 (Version: 9.0.3.0 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Adobe Photoshop.com Inspiration Browser (Version: 3.07 - Adobe Systems Incorporated) <==== ATTENTION
Adobe Photoshop.com Inspiration Browser (Version: 3.07 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Adobe Premiere Elements 9 (Version: 9.0 - Adobe Systems Incorporated) <==== ATTENTION
Adobe Premiere Elements 9 (Version: 9.0.1 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Adobe Reader XI (11.0.06) (Version: 11.0.06 - Adobe Systems Incorporated) <==== ATTENTION
AnswerWorks 4.0 Runtime - English (Version: 4.0.101 - Vantage Software Technologies) <==== ATTENTION
AnswerWorks 5.0 English Runtime (Version: 008.000.0003 - Vantage Linguistics) <==== ATTENTION
Anywhere PE Viewer 0.1.7 (Version: 0.1.7 - ucware.com) <==== ATTENTION
Apple Application Support (Version: 3.0 - Apple Inc.) <==== ATTENTION
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.) <==== ATTENTION
Apple Software Update (Version: 2.1.3.127 - Apple Inc.) <==== ATTENTION
AVG 2014 (Version: 14.0.3684 - AVG Technologies) Hidden <==== ATTENTION
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden <==== ATTENTION
AVG 2014 (Version: 2014.0.4259 - AVG Technologies) <==== ATTENTION
Beyond Compare 3.3.8 (Version: 3.3.8.16340 - Scooter Software) <==== ATTENTION
BOINC (Version: 5.10.20 - Space Sciences Laboratory, U.C. Berkeley) <==== ATTENTION
Bonjour (Version: 3.0.0.10 - Apple Inc.) <==== ATTENTION
Bonjour Print Services (Version: 2.0.0.36 - Apple Inc.) <==== ATTENTION
Brother MFL-Pro Suite (Version: 1.00 - Brother Industries, Ltd.) <==== ATTENTION
Bulk Rename Utility 2.7.1.2 (Version:  - TGRMN Software) <==== ATTENTION
Canon PowerShot SX50 HS Camera User Guide (Version: 1.0.0.1 - Canon Inc.) <==== ATTENTION
CDBurnerXP (Version: 4.3.7.2356 - CDBurnerXP) <==== ATTENTION
CinemaNow Media Manager (Version: 1.9.0.63 - CinemaNow, Inc.) <==== ATTENTION
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000 - Microsoft Corporation) <==== ATTENTION
Critical Update for Windows Media Player 11 (KB959772) (Version:  - Microsoft Corporation) <==== ATTENTION
CyberLink PowerDVD (Version: 7.3.5711.0 - CyberLink Corp.) <==== ATTENTION
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden <==== ATTENTION
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.) <==== ATTENTION
DVD43 v4.5.0 (Version:  - ) <==== ATTENTION
DVDFab Decrypter 3.0.2.0 (Version:  - Fengtao Software Inc.) <==== ATTENTION
Elements 9 Organizer (Version: 9.0 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Elements STI Installer (Version: 1.0 - Adobe Systems Incorporated) Hidden <==== ATTENTION
Elevated Installer (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden <==== ATTENTION
EMC 11 Content (Version: 1.1.019 - Roxo, Inc.) Hidden <==== ATTENTION
Family Lawyer 2002 (Version:  - ) <==== ATTENTION
Garmin Express (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden <==== ATTENTION
Garmin Express Tray (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden <==== ATTENTION
Garmin TOPO U.S. 2008 (Version: 4.0.0.0 - Garmin Ltd or its subsidiaries) <==== ATTENTION
Google Drive (Version: 1.13.5782.599 - Google, Inc.) <==== ATTENTION
Google Earth Plug-in (Version: 7.1.2.2041 - Google) <==== ATTENTION
Google Talk (remove only) (Version:  - ) <==== ATTENTION
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden <==== ATTENTION
Google+ Auto Backup (Version: 1.0.21.81 - Google) <==== ATTENTION
HD Writer AE 1.0 for HDC (Version: 1.00.051.1033 - Panasonic Corporation) <==== ATTENTION
Hi-Def Suite (Version: 5.0.1603 - CyberLink Corporation) <==== ATTENTION
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000 - Microsoft Corporation) <==== ATTENTION
HP Product Detection (Version: 9.7.2 - Hewlett-Packard Company) <==== ATTENTION
HQuote (Version:  - ) <==== ATTENTION
Install Intel Desktop Utilities (Version: 1.0.0 - Intel Corporation) <==== ATTENTION
Intel Audio Studio 2.0 (Version: 2.00.00123 - Intel Corporation) <==== ATTENTION
Intel Audio Studio 2.0 (Version: 2.00.00123 - Intel Corporation) Hidden <==== ATTENTION
Intel® Desktop Utilities (Version: 3.0.6.10 - OSA Technologies Inc., An Avocent Company) <==== ATTENTION
Intel® Desktop Utilities (Version: 3.0.6.10 - OSA Technologies Inc., An Avocent Company) Hidden <==== ATTENTION
Intel® Graphics Media Accelerator Driver (Version:  - ) <==== ATTENTION
Intel® IPP Run-Time Installer 5.2 for Windows* on IA-32 (Version: 5.2.0.2 - Intel Corporation) Hidden <==== ATTENTION
Intel® Management Engine Interface (Version:  - ) <==== ATTENTION
Intel® Matrix Storage Manager (Version:  - ) <==== ATTENTION
Intel® PRO Network Connections (Version:  - Intel) <==== ATTENTION
InterVideo WinDVD (Version: 5.0-B11.1004 - InterVideo Inc.) <==== ATTENTION
iTunes (Version: 11.1.4.62 - Apple Inc.) <==== ATTENTION
Java 7 Update 51 (Version: 7.0.510 - Oracle) <==== ATTENTION
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden <==== ATTENTION
Java SE Runtime Environment 6 Update 1 (Version: 1.6.0.10 - Sun Microsystems, Inc.) <==== ATTENTION
jZip (HKCU Version: 2.0.0.129577 - Bandoo Media Inc) <==== ATTENTION
KONICA MINOLTA magicolor 2400W (Version:  - ) <==== ATTENTION
LightZone 3.7 (Version:  - Light Crafts, Inc.) <==== ATTENTION
Livescribe Connect (Version: 1.2.1 - Livescribe Inc) Hidden <==== ATTENTION
Livescribe Connect (Version: 1.2.1.58498 - Livescribe Inc) <==== ATTENTION
Livescribe Desktop (Version: 2.8.3 - Livescribe Inc) <==== ATTENTION
LUMIX Simple Viewer (Version: 0.99.0000 - Panasonic) <==== ATTENTION
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation) <==== ATTENTION
Microsoft .NET Framework 1.1 (Version:  - ) <==== ATTENTION
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden <==== ATTENTION
Microsoft .NET Framework 1.1 Security Update (KB2698023) (Version:  - ) <==== ATTENTION
Microsoft .NET Framework 1.1 Security Update (KB2833941) (Version:  - ) <==== ATTENTION
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation) <==== ATTENTION
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation) <==== ATTENTION
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation) <==== ATTENTION
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) <==== ATTENTION
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft .NET Framework 4 Extended Beta 2 (Version: 4.0.21006 - Microsoft Corporation) <==== ATTENTION
Microsoft .NET Framework 4 Extended Beta 2 (Version: 4.0.21006 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1 - Microsoft Corporation) <==== ATTENTION
Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft FrontPage Client - English (Version: 7.00.9209 - Microsoft) Hidden <==== ATTENTION
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0 - Microsoft) <==== ATTENTION
Microsoft IntelliType Pro 7.0 (Version: 7.0.260.0 - Microsoft) <==== ATTENTION
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft LifeCam (Version: 3.20.259.0 - Microsoft Corporation) <==== ATTENTION
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation) <==== ATTENTION
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0 - Microsoft Corporation) <==== ATTENTION
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Report Viewer Redistributable 2008 SP1 (Version:  - Microsoft Corporation) <==== ATTENTION
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server 2005 (Version:  - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server 2005 Books Online (English) (September 2007) (Version: 9.00.3104 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server 2005 Express Edition Books Online (Version: 1.0.5321 - Microsoft) <==== ATTENTION
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft SQL Server 2008 (Version:  - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server 2008 Management Studio (Version: 10.2.4000.0 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft SQL Server 2008 R2 (Version:  - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.51.2500.0 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.51.2500.0 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server 2008 RsFx Driver (Version: 10.2.4064.0 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.2.4064.0 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server Browser (Version: 10.51.2500.0 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (Version: 3.5.5692.0 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server Compact 3.5 SP2 Beta English (Version: 3.5.8044.0 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (Version: 3.5.8080.0 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server Native Client (Version: 9.00.4035.00 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00 - Microsoft Corporation) <==== ATTENTION
Microsoft SQL Server VSS Writer (Version: 10.51.2500.0 - Microsoft Corporation) <==== ATTENTION
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (Version: 2.0.1578.0 - Microsoft Corporation) <==== ATTENTION
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (Version: 2.0.1578.0 - Microsoft Corporation) <==== ATTENTION
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version:  - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual Studio .NET Professional 2003 - English (Version:  - Microsoft) <==== ATTENTION
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191 - Microsoft Corporation) <==== ATTENTION
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011 - Microsoft Corporation) <==== ATTENTION
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729 - Microsoft Corporation) <==== ATTENTION
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011 - Microsoft Corporation) <==== ATTENTION
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden <==== ATTENTION
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden <==== ATTENTION
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden <==== ATTENTION
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden <==== ATTENTION
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla) <==== ATTENTION
Mozilla Maintenance Service (Version: 26.0 - Mozilla) <==== ATTENTION
MSDN Library for Visual Studio .NET 2003 (Version: 7.38.3053 - Microsoft) <==== ATTENTION
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden <==== ATTENTION
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0 - Microsoft Corporation) <==== ATTENTION
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation) <==== ATTENTION
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0 - Microsoft Corporation) <==== ATTENTION
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation) <==== ATTENTION
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation) <==== ATTENTION
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0 - Microsoft Corporation) <==== ATTENTION
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0 - Microsoft Corporation) <==== ATTENTION
NETGEAR A6200 Genie (Version: 26.0.0.0 - NETGEAR) <==== ATTENTION
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden <==== ATTENTION
Olympus DSS Player (Version:  - ) <==== ATTENTION
OptiPix™ (Version: 1.10.0000 - Smartparts, Inc.) <==== ATTENTION
PaperPort Image Printer (Version: 1.00.0000 - Nuance Communications, Inc.) <==== ATTENTION
PhatNotes for Windows (Version: 5.60.0691 - PhatWare Corp.) <==== ATTENTION
PhoneBrowse 1.7.0 (Version: 1.7.0 - iMobie Inc.) <==== ATTENTION
PhoneClean 1.7.0 (Version: 1.7.0 - iMobie Inc.) <==== ATTENTION
PHOTOfunSTUDIO 5.2 HD Edition (Version: 5.02.126 - Panasonic Corporation) <==== ATTENTION
PHOTOfunSTUDIO 9.2 AE (Version: 9.02.513 - Panasonic Corporation) <==== ATTENTION
Picasa 3 (Version: 3.9 - Google, Inc.) <==== ATTENTION
Pinnacle Hollywood FX for Studio (Version:  - ) <==== ATTENTION
Pinnacle Studio 14 (Version: 14.0.0.7255 - Pinnacle Systems) <==== ATTENTION
Pinnacle Studio Ultimate Plugins (Version: 14.0.0.7255 - Pinnacle Systems) <==== ATTENTION
Pinnacle Video Driver (Version: 12.1.0.030 - Pinnacle Systems) <==== ATTENTION
plusdeck2 (Version: 3.25c - BTO) <==== ATTENTION
PowerChute Personal Edition 3.0.2 (Version: 3.0.2 - Schneider Electric) <==== ATTENTION
QuickTime (Version: 7.74.80.86 - Apple Inc.) <==== ATTENTION
Red Giant ToonIt Studio (Version:  - ) <==== ATTENTION
Roxio Activation Module (Version: 1.0 - Roxio) Hidden <==== ATTENTION
Roxio BackOnTrack (Version: 1.3.1 - Roxio) Hidden <==== ATTENTION
Roxio Burn (Version: 1.0.0 - Roxio) Hidden <==== ATTENTION
Roxio Burn Manager (Version: 1.0.0 - Roxio) Hidden <==== ATTENTION
Roxio Burn Manager CDB (Version: 1.0 - Roxio) Hidden <==== ATTENTION
Roxio CinePlayer (Version: 5.3 - Roxio) Hidden <==== ATTENTION
Roxio CinePlayer Decoder Pack (Version: 4.3.0 - Roxio) Hidden <==== ATTENTION
Roxio Creator 2009 (Version: 1.1.110 - Roxio) Hidden <==== ATTENTION
Roxio Creator 2009 (Version: 11.0 - Roxio) <==== ATTENTION
Roxio Creator 2009 (Version: 4.5.0 - Roxio) Hidden <==== ATTENTION
Roxio Creator 2010 Content (Version: 12.0.013 - Roxio) Hidden <==== ATTENTION
Roxio Creator 2010 Pro (Version: 1.2.193 - Roxio) Hidden <==== ATTENTION
Roxio Creator 2010 Pro (Version: 12.0 - Roxio) <==== ATTENTION
Roxio Creator 2010 Pro (Version: 5.0.0 - Roxio) Hidden <==== ATTENTION
Roxio Disaster Recovery (Version: 1.3.0 - Roxio) Hidden <==== ATTENTION
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden <==== ATTENTION
Roxio PhotoShow (Version: 6.0 - Roxio) <==== ATTENTION
Roxio Update Manager (Version: 6.0.0 - Roxio) <==== ATTENTION
Roxio Venue (Version: 2.2.170 - Sonic Solutions) Hidden <==== ATTENTION
Roxio Video Capture USB (Version: 1.22.0000 - Roxio) Hidden <==== ATTENTION
Roxio Video Capture USB Driver (Version:  - ) <==== ATTENTION
ScanSoft PaperPort 11 (Version: 11.1.0000 - Nuance Communications, Inc.) <==== ATTENTION
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden <==== ATTENTION
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation) <==== ATTENTION
SigmaTel Audio (Version: 5.10.4811.0 - SigmaTel) <==== ATTENTION
SILKYPIX Developer Studio 3.1 SE (Version: 3 - Ichikawa Soft Laboratory) <==== ATTENTION
SILKYPIX Developer Studio 3.1 SE (Version: 3 - Ichikawa Soft Laboratory) Hidden <==== ATTENTION
Skype Toolbars (Version: 1.0.4051 - Skype Technologies S.A.) <==== ATTENTION
Skype™ 5.10 (Version: 5.10.116 - Skype Technologies S.A.) <==== ATTENTION
SmartDraw 3.0 (Version:  - ) <==== ATTENTION
SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090 - SmartSound Software Inc) <==== ATTENTION
SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090 - SmartSound Software Inc) Hidden <==== ATTENTION
SmartSound Quicktracks Plugin (Version: 3.0.8.0 - SmartSound Software Inc) <==== ATTENTION
SmartSound Quicktracks Plugin (Version: 3.0.8.0 - SmartSound Software Inc) Hidden <==== ATTENTION
SmartSound Sonicfire Pro 5 (Version: 5.1.0 - SmartSound Software Inc.) <==== ATTENTION
Sony Player Plug-in for Windows Media Player (Version:  - ) <==== ATTENTION
SQL Server 2008 R2 Management Objects (Version: 10.50.1312.2 - Microsoft Corporation) <==== ATTENTION
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) Hidden <==== ATTENTION
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) Hidden <==== ATTENTION
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) Hidden <==== ATTENTION
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <==== ATTENTION
SQL Server System CLR Types (Version: 10.50.1312.2 - Microsoft Corporation) <==== ATTENTION
Studio 9 (Version: 9.3 - Pinnacle Systems) <==== ATTENTION
Studio 9.4 Patch (Version: 9.4.3.70 - ) <==== ATTENTION
SyncToy 2.1 (x86) (Version: 2.1.0 - Microsoft) <==== ATTENTION
TOPO! 4 (Version: 4.2.8 - National Geographic Maps) <==== ATTENTION
True Image 2013 (Version: 16.0.6514 - Acronis) Hidden <==== ATTENTION
TurboTax 2008 (Version:  - ) <==== ATTENTION
TurboTax 2008 WinPerFedFormset (Version: 008.000.0341 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0219 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0197 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2008 WinPerTaxSupport (Version: 008.000.1007 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2008 WinPerUserEducation (Version: 008.000.0433 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2008 wrapper (Version: 008.000.0065 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2008 wutiper (Version: 008.000.0119 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2009 (Version:  - Intuit, Inc) <==== ATTENTION
TurboTax 2009 WinPerFedFormset (Version: 009.000.2513 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0242 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2009 wrapper (Version: 009.000.0145 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2009 wutiper (Version: 009.000.0654 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2010 (Version:  - Intuit, Inc) <==== ATTENTION
TurboTax 2010 WinPerFedFormset (Version: 010.000.5821 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0222 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2010 wrapper (Version: 010.000.0157 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2010 wutiper (Version: 010.000.1704 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2011 (Version:  - Intuit, Inc) <==== ATTENTION
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2011 wrapper (Version: 011.000.0121 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2011 wutiper (Version: 011.000.1686 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2012 (Version: 2012.0 - Intuit, Inc) <==== ATTENTION
TurboTax 2012 wcaiper (Version: 012.000.1508 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2012 WinPerFedFormset (Version: 012.000.2178 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0473 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0184 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2012 wrapper (Version: 012.000.0127 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2012 wutiper (Version: 012.000.1329 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2013 (Version: 2013.0 - Intuit, Inc) <==== ATTENTION
TurboTax 2013 wcaiper (Version: 013.000.1061 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2013 WinPerFedFormset (Version: 013.000.1596 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0437 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2013 WinPerTaxSupport (Version: 013.000.0162 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2013 wrapper (Version: 013.000.0135 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax 2013 wutiper (Version: 013.000.0979 - Intuit Inc.) Hidden <==== ATTENTION
TurboTax Deluxe 2005 (Version:  - ) <==== ATTENTION
TurboTax Deluxe 2007 (Version:  - ) <==== ATTENTION
TurboTax Deluxe Deduction Maximizer 2006 (Version:  - ) <==== ATTENTION
TurboTax ItsDeductible 2005 (Version: 9.05.0000 - Intuit) <==== ATTENTION
TurboTax ItsDeductible 2006 (Version: 10.00.0000 - Intuit) <==== ATTENTION
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Microsoft Windows (KB971513) (Version:  - Microsoft Corporation) <==== ATTENTION
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows Internet Explorer 8 (KB973874) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows Internet Explorer 8 (KB976662) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows Internet Explorer 8 (KB976749) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows Internet Explorer 8 (KB980182) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2141007) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2345886) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2467659) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2492386) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2541763) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2616676) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2616676-v2) (Version: 2 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2641690) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2661254-v2) (Version: 2 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2718704) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2736233) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2749655) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2863058) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB2904266) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB951072-v2) (Version: 2 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden <==== ATTENTION
Update for Windows XP (KB955759) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB955839) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB961503) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB967715) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB968389) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB971029) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB971737) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB973687) (Version: 1 - Microsoft Corporation) <==== ATTENTION
Update for Windows XP (KB973815) (Version: 1 - Microsoft Corporation) <==== ATTENTION
ViewSonic Monitor Drivers (Version:  - ) <==== ATTENTION
Visual Studio .NET Professional 2003 - English (Version: 7.1.3088 - Microsoft) Hidden <==== ATTENTION
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) <==== ATTENTION
Visual Studio.NET Baseline - English (Version: 7.1.3088 - Microsoft) Hidden <==== ATTENTION
WD Quick View (Version: 2.2.0.8 - Western Digital Technologies, Inc.) <==== ATTENTION
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden <==== ATTENTION
WexTech AnswerWorks (Version: 1.00.000 - ) <==== ATTENTION
WG111v2 Configuration Utility (Version: 1.00 - REALTEK Semiconductor Corp.) <==== ATTENTION
Windows 7 Upgrade Advisor (Version: 2.0.5000.0 - Microsoft Corporation) <==== ATTENTION
Windows Defender (Version: 1.1.1593.0 - Microsoft Corporation) <==== ATTENTION
Windows Defender Signatures (Version: 1.20.0.0 - Microsoft Corporation) Hidden <==== ATTENTION
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0 - Microsoft Corporation) <==== ATTENTION
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0 - Microsoft Corporation) <==== ATTENTION
Windows Genuine Advantage Validation Tool (KB892130) (Version:  - Microsoft Corporation) <==== ATTENTION
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation) <==== ATTENTION
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden <==== ATTENTION
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation) <==== ATTENTION
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden <==== ATTENTION
Windows Live Communications Platform (Version: 14.0.8098.930 - Microsoft Corporation) Hidden <==== ATTENTION
Windows Live Essentials (Version: 14.0.8089.0726 - Microsoft Corporation) <==== ATTENTION
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden <==== ATTENTION
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden <==== ATTENTION
Windows Live Photo Gallery (Version: 14.0.8081.709 - Microsoft Corporation) Hidden <==== ATTENTION
Windows Live Sign-in Assistant (Version: 5.000.818.5 - Microsoft Corporation) <==== ATTENTION
Windows Live Sync (Version: 14.0.8089.726 - Microsoft Corporation) <==== ATTENTION
Windows Live Upload Tool (Version: 14.0.8014.1029 - Microsoft Corporation) <==== ATTENTION
Windows Management Framework Core (Version:  - Microsoft Corporation) <==== ATTENTION
Windows Media Format 11 runtime (Version:  - ) <==== ATTENTION
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden <==== ATTENTION
Windows Media Player 11 (Version:  - ) <==== ATTENTION
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden <==== ATTENTION
Windows Mobile® Device Handbook (Version: 1.0 - Microsoft Corporation) <==== ATTENTION
Windows XP Service Pack 3 (Version: 20080414.031525 - Microsoft Corporation) <==== ATTENTION
WinZip 14.5 (Version: 14.5.9095 - WinZip Computing, S.L. ) <==== ATTENTION
Zoner Photo Studio 12 (Version: 12.0.1.10 - ZONER software) <==== ATTENTION

==================== Restore Points  =========================

08-11-2013 14:10:04 Software Distribution Service 3.0
09-11-2013 18:24:22 System Checkpoint
10-11-2013 20:51:30 System Checkpoint
12-11-2013 13:59:38 Software Distribution Service 3.0
14-11-2013 00:23:46 System Checkpoint
14-11-2013 04:08:06 Software Distribution Service 3.0
15-11-2013 15:16:05 Software Distribution Service 3.0
24-11-2013 04:50:38 Software Distribution Service 3.0
26-11-2013 14:14:10 Software Distribution Service 3.0
27-11-2013 18:28:20 System Checkpoint
29-11-2013 15:03:25 Software Distribution Service 3.0
03-12-2013 13:56:17 Software Distribution Service 3.0
04-12-2013 16:51:26 System Checkpoint
05-12-2013 19:53:12 System Checkpoint
06-12-2013 13:58:53 Software Distribution Service 3.0
07-12-2013 20:07:11 System Checkpoint
08-12-2013 21:45:07 System Checkpoint
09-12-2013 23:49:34 System Checkpoint
10-12-2013 06:00:14 Installed TurboTax 2013 wrapper
10-12-2013 06:09:53 Installed TurboTax 2013 wutiper
10-12-2013 06:10:04 Installed TurboTax 2013 wcaiper
10-12-2013 13:59:04 Software Distribution Service 3.0
11-12-2013 14:11:46 Software Distribution Service 3.0
13-12-2013 13:58:00 Software Distribution Service 3.0
14-12-2013 23:32:12 System Checkpoint
16-12-2013 21:00:11 System Checkpoint
17-12-2013 13:58:39 Software Distribution Service 3.0
20-12-2013 14:23:18 Software Distribution Service 3.0
23-12-2013 22:44:16 System Checkpoint
24-12-2013 14:11:13 Software Distribution Service 3.0
25-12-2013 20:10:58 System Checkpoint
27-12-2013 00:54:42 System Checkpoint
27-12-2013 15:15:00 Software Distribution Service 3.0
28-12-2013 22:14:05 System Checkpoint
31-12-2013 13:57:30 Software Distribution Service 3.0
03-01-2014 13:57:03 Software Distribution Service 3.0
05-01-2014 22:11:09 System Checkpoint
07-01-2014 14:04:20 Software Distribution Service 3.0
09-01-2014 03:17:42 System Checkpoint
10-01-2014 14:04:20 Software Distribution Service 3.0
11-01-2014 09:04:06 Installed AVG 2014
11-01-2014 09:04:31 Installed AVG 2014
12-01-2014 20:19:42 System Checkpoint
14-01-2014 15:54:46 Software Distribution Service 3.0
15-01-2014 14:06:36 Installed Java 7 Update 51
15-01-2014 14:08:51 Software Distribution Service 3.0
16-01-2014 16:51:47 System Checkpoint
18-01-2014 23:36:44 System Checkpoint
21-01-2014 22:47:35 System Checkpoint
24-01-2014 16:49:23 System Checkpoint
26-01-2014 18:03:59 System Checkpoint
27-01-2014 20:14:54 System Checkpoint
30-01-2014 00:22:57 System Checkpoint
31-01-2014 22:48:16 System Checkpoint
04-02-2014 16:47:27 System Checkpoint
05-02-2014 18:02:24 System Checkpoint

==================== Hosts content: ==========================

2006-02-28 05:00 - 2014-02-06 09:43 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-TRANTOR-robertg.job => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job => C:\Program Files\Microsoft LifeCam\LifeExp.exe

==================== Loaded Modules (whitelisted) =============

2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2005-07-05 10:12 - 2005-07-05 10:12 - 01013248 ____N () C:\WINDOWS\system32\indy70.bpl
2006-07-31 16:09 - 2006-07-31 16:09 - 06394880 ____N () C:\WINDOWS\system32\TMSD7.bpl
2013-03-27 21:36 - 2013-03-27 21:36 - 00021312 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2009-03-21 17:49 - 2009-03-21 17:49 - 00755712 _____ () C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
2009-03-21 17:52 - 2009-03-21 17:52 - 00471040 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2010-01-31 17:34 - 2010-01-31 17:34 - 00854016 _____ () C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-01-31 17:34 - 2010-01-31 17:34 - 00471040 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2010-12-18 13:57 - 2010-12-18 13:57 - 00476520 _____ () C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2005-03-31 11:32 - 2005-03-31 11:32 - 00040960 _____ () C:\Program Files\Intel\IDU\ServiceControl.dll
2006-02-28 05:00 - 2008-04-13 17:11 - 00059904 ____N () C:\WINDOWS\system32\devenum.dll
2006-02-28 05:00 - 2008-04-13 17:11 - 00014336 ____N () C:\WINDOWS\system32\msdmo.dll
2013-09-10 16:15 - 2013-02-18 15:15 - 00106496 _____ () C:\Program Files\NETGEAR\A6200\GWlanController.dll
2013-09-10 16:15 - 2013-03-26 15:59 - 00018944 _____ () C:\Program Files\NETGEAR\A6200\GWPSController.dll
2011-10-27 16:56 - 2011-10-27 16:56 - 00276992 _____ () C:\Program Files\Common Files\Livescribe\PenComm\PenCommSdk.dll
2007-07-02 13:10 - 2007-07-02 13:10 - 00061952 _____ () C:\Program Files\BOINC\zlib1.dll
2013-03-27 21:09 - 2013-03-27 21:09 - 00420160 _____ () C:\Program Files\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-12-19 20:42 - 2013-12-19 20:42 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-02-05 07:11 - 2014-02-05 07:11 - 16287624 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
2013-05-30 10:39 - 2013-05-30 10:39 - 01049920 _____ () C:\Program Files\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-3_upx.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Intel® 82566DC Gigabit Network Connection
Description: Intel® 82566DC Gigabit Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: e1express
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ROXIO DVD-ROM EMULATOR SCSI CdRom Device
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/06/2014 10:06:42 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/06/2014 09:43:49 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/06/2014 09:29:08 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (02/06/2014 09:29:08 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (02/06/2014 09:29:08 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (02/06/2014 09:29:08 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established

Error: (02/06/2014 09:24:24 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: A connection with the server could not be established

Error: (02/06/2014 07:37:36 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/05/2014 04:52:59 PM) (Source: Application Error) (User: )
Description: Faulting application trueimage.exe, version 16.0.0.6514, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000101b3.
Processing media-specific event for [trueimage.exe!ws!]

Error: (02/05/2014 06:56:58 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed


System errors:
=============
Error: (02/06/2014 10:06:47 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (02/06/2014 09:44:40 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (02/06/2014 09:34:04 AM) (Source: PlugPlayManager) (User: )
Description: The device Root\LEGACY_NPF\0000 disappeared from the system without first being prepared for removal.

Error: (02/06/2014 09:30:12 AM) (Source: Service Control Manager) (User: )
Description: The World Wide Web Publishing service terminated unexpectedly.  It has done this 4 time(s).

Error: (02/06/2014 09:30:12 AM) (Source: Service Control Manager) (User: )
Description: The Simple Mail Transfer Protocol (SMTP) service terminated unexpectedly.  It has done this 4 time(s).

Error: (02/06/2014 09:30:12 AM) (Source: Service Control Manager) (User: )
Description: The FTP Publishing service terminated unexpectedly.  It has done this 4 time(s).

Error: (02/06/2014 09:30:12 AM) (Source: Service Control Manager) (User: )
Description: The IIS Admin service terminated unexpectedly.  It has done this 4 time(s).  The following corrective action will be taken in 1 milliseconds: Run the configured recovery program.

Error: (02/06/2014 09:29:19 AM) (Source: Service Control Manager) (User: )
Description: The World Wide Web Publishing service terminated unexpectedly.  It has done this 3 time(s).

Error: (02/06/2014 09:29:19 AM) (Source: Service Control Manager) (User: )
Description: The Simple Mail Transfer Protocol (SMTP) service terminated unexpectedly.  It has done this 3 time(s).

Error: (02/06/2014 09:29:19 AM) (Source: Service Control Manager) (User: )
Description: The FTP Publishing service terminated unexpectedly.  It has done this 3 time(s).


Microsoft Office Sessions:
=========================
Error: (02/06/2014 10:06:42 AM) (Source: STacSV)(User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/06/2014 09:43:49 AM) (Source: STacSV)(User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/06/2014 09:29:08 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (02/06/2014 09:29:08 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (02/06/2014 09:29:08 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (02/06/2014 09:29:08 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established

Error: (02/06/2014 09:24:24 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established

Error: (02/06/2014 07:37:36 AM) (Source: STacSV)(User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/05/2014 04:52:59 PM) (Source: Application Error)(User: )
Description: trueimage.exe16.0.0.6514ntdll.dll5.1.2600.6055000101b3

Error: (02/05/2014 06:56:58 AM) (Source: STacSV)(User: NT AUTHORITY)
Description: Connection to the Storage interface failed


==================== Memory info ===========================

Percentage of memory in use: 55%
Total physical RAM: 3317.8 MB
Available physical RAM: 1492.45 MB
Total Pagefile: 5199.55 MB
Available Pagefile: 3258.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.65 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:298.08 GB) (Free:125.87 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Data) (Fixed) (Total:596.17 GB) (Free:537.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: F5ADF5AD)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 596 GB) (Disk ID: F656F656)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

OK, here's some info, for what it is worth.

 

I didn't uninstall or remove anything (per instructions), but I did try exiting various things that run as icons in my tray.

 

One of those is for the Netgear A6200 wifi adaptor that I am using. When I exit this, the services.exe cpu usage goes away, so that is apparently the source of the problem. I am not sure what this does or why it runs in the tray--exiting does not affect the network connectivity. I have sent a request to netgear support requesting info on what this is for. i will update when I hear from them.

Link to post
Share on other sites

Sorry, but I need more info before I run this.

 

Is this in response to my last post about the disk activity? Or back on the original problem.

 

What does this "CleanUp" do? I don't want to have settings and stuff "cleaned up" and have to reset everything!

 

Not complaining, just want to know what I am about to do.

 

Thanks.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.