Tech Support Forum banner
Cancel

stdrt.exe Is this a virus?

Jump to Latest Follow
Status
Not open for further replies.
1 - 3 of 3 Posts
F

· Registered
Joined
·
1 Posts
Discussion Starter · #1 ·
This is not the first time you guys have tackled this one
Every time I start my computer my firewall asks if I want to allow this program to start (stdrt.exe)
Even though I block this program the next time I start my computer it does the same thing over again.
I have tried combo-fix,norton power eraser, unhackme and malwarebytes anti-malware all to no success, this
file still exists. what else can I do?

OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 3764 Mb
Graphics Card: Intel(R) HD Graphics, 1754 Mb
Hard Drives: C: Total - 462503 MB, Free - 312316 MB; E: Total - 953867 MB, Free - 794197 MB;
Motherboard: Acer, HMA71_CP
Antivirus: Rogers Online Protection Anti-Virus, Updated and Enabled


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:26:01 PM, on 14/02/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\rps.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSMonitor.exe
C:\Users\rob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\rob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\rob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\rob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\rob\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Acer | MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - (no file)
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RogersServicepointAgent.exe] "C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe" /AUTORUN
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\rob\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Licensing Console - - C:\Windows\SysWOW64\adbcnsl.exe
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Lexar Media, Inc. - C:\Windows\system32\LxrSII1s.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Rogers Online Protection (Radialpoint Security Services) - Rogers - C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe
O23 - Service: RadialpointIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Rogers Online Protection Firewall (RP_FWS) - Rogers - C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\Fws.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServicepointService - Radialpoint Inc. - C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Rogers Backup Manager Service (VaultClientSRV) - Radialpoint SafeCare Inc. - C:\Program Files (x86)\Rogers Backup Manager\VaultClientSRV.exe
O23 - Service: Rogers Backup Manager Upgrade Service (VaultClientUpgrade) - Radialpoint SafeCare Inc. - C:\Program Files (x86)\Rogers Backup Manager\VaultClientUpgrade.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe

--
End of file - 17110 bytes

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by rob at 19:46:25 on 2012-02-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3765.934 [GMT -5:00]
.
AV: Rogers Online Protection Anti-Virus *Enabled/Updated* {A61154FD-4365-E00F-9A33-13A09AD54B56}
SP: Rogers Online Protection Anti-Spyware *Enabled/Updated* {1D70B519-655F-EF81-A083-28D2E15201EB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Rogers Online Protection Firewall *Enabled* {9E2AD5D8-090A-E157-B16C-BA9564060C2D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\Fws.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\rps.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\UnHackMe\hackmon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\TEMP\mrt91B3.tmp\stdrt.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Windows\SysWOW64\LxrSII1s.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Rogers Backup Manager\VaultClientSRV.exe
C:\Program Files (x86)\Rogers Backup Manager\VaultClientUpgrade.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\System32\svchost.exe -k bdx
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSMonitor.exe
C:\Windows\system32\conhost.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Users\rob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\rob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\rob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\rob\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\rob\Downloads\HijackThis.exe
C:\Program Files (x86)\Radialpoint\Security Advisor\SecurityAdvisorLogic.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://acer.msn.com
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - McAfee Phishing Filter
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Facebook Update] "C:\Users\rob\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [RogersServicepointAgent.exe] "C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe" /AUTORUN
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [DMXLauncher] "C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe"
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\rob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAG ICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{92859062-CAF4-40FC-8F50-AC4C94202B1E} : DhcpNameServer = 64.71.255.198
TCP: Interfaces\{92859062-CAF4-40FC-8F50-AC4C94202B1E}\2454C4C4530303 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{92859062-CAF4-40FC-8F50-AC4C94202B1E}\B656E64796E6E6 : DhcpNameServer = 192.168.0.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - McAfee Phishing Filter
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO-X64: Babylon toolbar helper - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [RogersServicepointAgent.exe] "C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe" /AUTORUN
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [DMXLauncher] "C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe"
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SMR250;Symantec SMR Utility Service 2.5.0;C:\Windows\system32\drivers\SMR250.SYS --> C:\Windows\system32\drivers\SMR250.SYS [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-14 169624]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-5-10 352848]
R2 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-9-27 172912]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-6-14 873064]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-24 1840128]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-5-10 244624]
R2 LxrSII1d;Secure II Driver;\??\C:\Windows\System32\Drivers\LxrSII1d.sys --> C:\Windows\System32\Drivers\LxrSII1d.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-12 652360]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-3-9 5352960]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-3-9 257344]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 Radialpoint Security Services;Rogers Online Protection;C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe [2010-6-7 166944]
R2 RadialpointIDSAgent;RadialpointIDSAgent;C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe [2012-1-13 5832712]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?]
R2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-8-24 166384]
R2 ServicepointService;ServicepointService;C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe [2012-1-13 689464]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-5-10 2538520]
R2 VaultClientSRV;Rogers Backup Manager Service;C:\Program Files (x86)\Rogers Backup Manager\VaultClientSRV.exe [2010-6-7 1053936]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 RadialpointIDSDriver;RadialpointIDSDriver;C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys [2012-1-13 132616]
R3 RadialpointIDSFilter;RadialpointIDSFilter;C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys [2012-1-13 35848]
R3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-8-24 1083888]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 Adobe Licensing Console;Adobe Licensing Console;C:\Windows\SysWOW64\adbcnsl.exe [2012-2-6 689492]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-11 136176]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2007-8-24 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-8-24 309744]
S3 DfSdkS;Defragmentation-Service;C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfSdkS64.exe [2012-2-12 544768]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-11 136176]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;C:\Windows\System32\drivers\libusb0.sys [2010-10-12 21504]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-18 340240]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2007-8-24 72176]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
.
=============== Created Last 30 ================
.
2012-02-15 00:10:03 -------- d-----w- C:\Users\rob\AppData\Local\{53F2BC47-4A2E-4931-B1C7-977440E3495A}
2012-02-15 00:09:51 -------- d-----w- C:\Users\rob\AppData\Local\{159BA561-F0E4-4093-BE7F-79C33890A100}
2012-02-14 23:04:31 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73E944F7-30E6-4D42-88A4-98AF1DE86717}\offreg.dll
2012-02-14 22:54:36 96376 ----a-w- C:\Windows\System32\drivers\SMR250.SYS
2012-02-14 22:50:16 -------- d-----w- C:\Users\rob\AppData\Local\Adobe
2012-02-14 20:40:27 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73E944F7-30E6-4D42-88A4-98AF1DE86717}\mpengine.dll
2012-02-14 20:31:59 -------- d-----w- C:\Users\rob\AppData\Local\LogMeIn Rescue Applet
2012-02-14 20:19:12 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-14 20:19:12 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-14 20:19:11 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-14 20:19:11 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-14 20:19:11 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-14 20:19:10 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-14 20:19:10 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-14 20:19:10 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-14 00:27:37 -------- d-sh--w- C:\$RECYCLE.BIN
2012-02-13 06:14:18 12800 ------w- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
2012-02-13 05:33:14 18432 ------w- C:\Windows\SysWow64\winwatch.DLL
2012-02-13 05:33:14 155648 ------w- C:\Windows\SysWow64\addurl41.DLL
2012-02-13 02:35:19 34304 ----a-w- C:\Windows\System32\DfSdkBt.exe
2012-02-12 23:28:29 -------- d-----w- C:\Users\rob\AppData\Local\NPE
2012-02-12 23:28:29 -------- d-----w- C:\ProgramData\Norton
2012-02-12 23:26:38 -------- d-----w- C:\Users\rob\AppData\Roaming\Malwarebytes
2012-02-12 23:26:29 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-12 23:26:28 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-12 23:26:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-12 23:10:03 -------- d-----w- C:\Users\rob\AppData\Local\{5B2A1AF1-7348-4B1E-9852-1A07D5F0E017}
2012-02-12 23:09:52 -------- d-----w- C:\Users\rob\AppData\Local\{AB51977D-DABC-4CD1-90CE-36ACE08D07CA}
2012-02-12 22:11:50 -------- d-----w- C:\Combo-Fix32525C
2012-02-12 03:47:24 -------- d-----w- C:\Users\rob\AppData\Roaming\Ashampoo
2012-02-12 03:44:09 -------- d-----w- C:\Users\rob\AppData\Local\ashampoo
2012-02-12 03:44:09 -------- d-----w- C:\ProgramData\ashampoo
2012-02-12 03:14:28 39184 ----a-w- C:\Windows\System32\Partizan.exe
2012-02-12 03:13:01 -------- d-----r- C:\comment.htt
2012-02-12 03:08:28 2 --shatr- C:\Windows\winstart.bat
2012-02-12 03:08:20 -------- d-----w- C:\Program Files (x86)\UnHackMe
2012-02-12 02:30:12 98816 ----a-w- C:\Windows\sed.exe
2012-02-12 02:30:12 518144 ----a-w- C:\Windows\SWREG.exe
2012-02-12 02:30:12 256000 ----a-w- C:\Windows\PEV.exe
2012-02-12 02:30:12 208896 ----a-w- C:\Windows\MBR.exe
2012-02-12 02:30:08 -------- d-----w- C:\Combo-Fix
2012-02-11 04:48:25 -------- d-----w- C:\Program Files (x86)\Ashampoo
2012-02-11 02:25:22 -------- d-----w- C:\Users\rob\AppData\Local\{CF35BC15-38D3-4B7E-AB87-1B0F8369724D}
2012-02-11 02:25:12 -------- d-----w- C:\Users\rob\AppData\Local\{C21E6EE9-4267-46C7-8405-17C361531942}
2012-02-09 20:33:14 -------- d-----w- C:\Users\rob\AppData\Local\{B151A624-3D5B-4EEB-B1BA-411DE5CD9416}
2012-02-09 20:33:03 -------- d-----w- C:\Users\rob\AppData\Local\{7416E641-D71B-4979-B31C-619FBD6F56C4}
2012-02-09 05:39:18 -------- d-----w- C:\ProgramData\BlazeVideo
2012-02-09 05:39:18 -------- d-----w- C:\Program Files (x86)\BlazeVideo
2012-02-08 21:54:08 -------- d-----w- C:\Users\rob\AppData\Local\{A595B9B5-5BD9-4F8F-9D61-4D47A5A39AFF}
2012-02-08 21:53:57 -------- d-----w- C:\Users\rob\AppData\Local\{8C502BB3-264F-4A60-B904-5578726248AE}
2012-02-08 21:32:02 -------- d-----w- C:\Users\rob\AppData\Roaming\Nik Software
2012-02-08 20:58:59 -------- d-----w- C:\Users\rob\AppData\Local\Corel PaintShop Pro
2012-02-08 01:10:03 -------- d-----w- C:\Users\rob\AppData\Roaming\Hardcore
2012-02-07 22:10:40 -------- d-----w- C:\Users\rob\AppData\Local\{7B96E896-38F4-48A7-84CF-CCDF9DE0DFF5}
2012-02-07 22:10:29 -------- d-----w- C:\Users\rob\AppData\Local\{BF95E02F-F86F-414C-9E82-FB1D37C6504F}
2012-02-07 06:15:39 -------- d-----w- C:\Program Files (x86)\uTorrent
2012-02-07 06:14:25 -------- d-----w- C:\Users\rob\AppData\Roaming\uTorrent
2012-02-07 04:54:10 -------- d-----w- C:\Users\rob\AppData\Roaming\Image-Line
2012-02-07 03:10:45 -------- d-----w- C:\Users\rob\AppData\Local\MAGIX
2012-02-07 03:04:15 384 ------w- C:\Windows\SysWow64\checkOS.bat
2012-02-07 02:58:10 -------- d-----w- C:\Users\rob\AppData\Local\Xara
2012-02-07 02:58:03 -------- d-----w- C:\Users\rob\AppData\Roaming\MAGIX
2012-02-07 02:57:24 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Shared
2012-02-07 02:54:08 -------- d-----w- C:\Program Files (x86)\MAGIX
2012-02-07 02:54:00 -------- d-----w- C:\ProgramData\MAGIX
2012-02-07 02:53:58 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Services
2012-02-07 02:43:54 -------- d-----w- C:\Users\rob\AppData\Roaming\Deckadance19
2012-02-07 02:43:48 -------- d-----w- C:\Users\rob\AppData\Roaming\SongManager
2012-02-07 02:40:10 225280 ------w- C:\Windows\SysWow64\rewire.dll
2012-02-07 02:40:10 -------- d-----w- C:\Program Files (x86)\VstPlugins
2012-02-07 02:39:56 1554944 ------w- C:\Windows\SysWow64\vorbis.acm
2012-02-07 02:39:40 -------- d-----w- C:\Program Files (x86)\Outsim
2012-02-07 02:35:29 -------- d-----w- C:\Program Files (x86)\Image-Line
2012-02-07 02:34:34 689492 ------w- C:\Windows\SysWow64\adbcnsl.exe
2012-02-07 00:43:31 -------- d-----w- C:\Users\rob\AppData\Roaming\Rovio
2012-02-07 00:42:22 -------- d-----w- C:\Program Files (x86)\Rovio
2012-02-06 20:17:18 -------- d-----w- C:\Users\rob\AppData\Local\{2BA4E9D9-F0DA-4A81-BE2E-5C4BDEAC31FC}
2012-02-06 20:17:07 -------- d-----w- C:\Users\rob\AppData\Local\{1D9350EE-D377-4B93-8870-D7E4E9BAEF2E}
2012-02-06 01:20:13 -------- d-----w- C:\Users\rob\AppData\Local\{050CA100-81C1-45BE-9597-74395B9B137D}
2012-02-06 01:20:02 -------- d-----w- C:\Users\rob\AppData\Local\{4D4632A5-011E-46EA-973A-0845C86E868E}
2012-02-05 04:31:45 -------- d-----w- C:\Users\rob\AppData\Local\{14540EC3-13EF-4079-A0AC-3ADFDB334FD0}
2012-02-05 04:31:34 -------- d-----w- C:\Users\rob\AppData\Local\{7DC68B72-83F0-4E7A-9DFC-71CAE3FCE392}
2012-02-04 15:41:42 -------- d-----w- C:\Users\rob\AppData\Local\{CE45847A-B0E5-4F5A-9399-45ECDED8B171}
2012-02-04 15:41:19 -------- d-----w- C:\Users\rob\AppData\Local\{759FA311-333C-4AE5-82AE-57AA016A73DE}
2012-02-03 02:53:00 -------- d-----w- C:\ProgramData\Blumentals
2012-02-03 02:51:10 -------- d-----w- C:\Program Files (x86)\Easy GIF Animator
2012-02-03 02:44:52 -------- d-----w- C:\CamersoftOutput
2012-02-03 02:43:38 -------- d-----w- C:\Program Files (x86)\Camersoft
2012-02-03 02:04:11 -------- d-----w- C:\Program Files (x86)\UltraISO
2012-02-03 02:04:11 -------- d-----w- C:\Program Files (x86)\Common Files\EZB Systems
2012-02-02 18:35:47 -------- d-----w- C:\Users\rob\AppData\Local\{D4B78807-7096-4DE5-B0B7-496AF3B346D5}
2012-02-02 18:35:35 -------- d-----w- C:\Users\rob\AppData\Local\{3B4488AD-DCCA-4D43-B2D6-4D223F0FB806}
2012-02-02 00:17:23 -------- d-----w- C:\Users\rob\AppData\Roaming\Hoyle FaceCreator
2012-02-02 00:17:06 -------- d-----w- C:\Users\rob\AppData\Roaming\Hoyle
2012-02-02 00:14:56 3786760 ------w- C:\Windows\SysWow64\D3DX9_37.dll
2012-02-02 00:11:08 -------- d-----w- C:\Program Files (x86)\Encore
2012-02-01 22:42:04 -------- d-----w- C:\Users\rob\AppData\Local\{94CB1D13-E112-49DD-B9BA-F55C45F05933}
2012-02-01 22:41:52 -------- d-----w- C:\Users\rob\AppData\Local\{D5979278-E478-4AE8-9177-A1B9E2A424C6}
2012-02-01 21:42:18 53248 ----a-r- C:\Users\rob\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-02-01 21:42:13 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2012-02-01 21:40:17 -------- d-----w- C:\Users\rob\AppData\Roaming\Logishrd
2012-02-01 00:56:36 -------- d-----w- C:\Program Files (x86)\WON
2012-01-31 23:56:28 -------- d-----w- C:\Users\rob\AppData\Local\{131D2872-09DD-4F9A-8133-CF19B197431F}
2012-01-31 23:56:17 -------- d-----w- C:\Users\rob\AppData\Local\{1D03DBC3-94C0-4C07-BD1A-0CAB8048CB96}
2012-01-30 22:09:35 -------- d-----w- C:\Users\rob\AppData\Local\{CDB8AAAB-F11C-4D08-B830-871887C823D5}
2012-01-30 22:09:23 -------- d-----w- C:\Users\rob\AppData\Local\{970F4524-4240-4B62-8CAC-FC0412643805}
2012-01-30 07:07:50 -------- d-----w- C:\Windows\SysWow64\Adobe
2012-01-30 05:09:47 -------- d-----w- C:\Users\rob\AppData\Local\CrashDumps
2012-01-29 18:56:27 -------- d-----w- C:\Users\rob\AppData\Local\{75ED1037-8E41-4199-8321-0C5B28DC1A0E}
2012-01-29 18:56:16 -------- d-----w- C:\Users\rob\AppData\Local\{336BE495-6BF1-49E1-9CA0-84E82B5993C9}
2012-01-28 07:21:59 469264 ----a-w- C:\Windows\System32\d3dx10.dll
2012-01-28 06:12:46 -------- d-----w- C:\Users\rob\AppData\Roaming\No Company Name
2012-01-28 05:15:16 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2012-01-28 02:30:27 -------- d-----w- C:\Program Files (x86)\SopCast
2012-01-27 23:12:12 -------- d-----w- C:\Users\rob\AppData\Local\{857858BE-E72F-47D4-9782-7BEDAB559AB9}
2012-01-27 23:12:01 -------- d-----w- C:\Users\rob\AppData\Local\{602D2F22-2D32-4177-B191-5ADF11FE0F1F}
2012-01-27 04:04:28 -------- d-----w- C:\Users\rob\AppData\Local\{85F31C6F-39D3-4734-B1E8-226AF458253D}
2012-01-27 04:04:17 -------- d-----w- C:\Users\rob\AppData\Local\{D67FAD3F-441F-4B34-B4A0-D8115D583AEF}
2012-01-27 02:31:11 -------- d-----w- C:\Program Files (x86)\VirtualDJ
2012-01-26 23:57:37 -------- dc-h--w- C:\ProgramData\{4A818508-3355-4FBC-B302-D53B599DD9D5}
2012-01-26 23:57:15 -------- d-----w- C:\Program Files (x86)\Common Files\Native Instruments
2012-01-26 23:57:07 -------- dc-h--w- C:\ProgramData\{2C41B757-F5D0-44F9-A206-EEB9CD973927}
2012-01-26 23:57:04 -------- d-----w- C:\ProgramData\Native Instruments
2012-01-26 23:57:04 -------- d-----w- C:\Program Files\Common Files\Native Instruments
2012-01-26 23:56:51 -------- dc-h--w- C:\ProgramData\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
2012-01-26 23:56:48 -------- d-----w- C:\Program Files\Native Instruments
2012-01-26 23:53:37 -------- d-----w- C:\Program Files (x86)\Native Instruments Traktor Pro
2012-01-26 23:31:01 -------- d-----w- C:\ProgramData\Protexis64
2012-01-26 23:04:18 -------- d-----w- C:\Program Files\Common Files\Protexis
2012-01-26 23:02:58 -------- d-----w- C:\Program Files\Corel
2012-01-26 22:15:15 -------- d-----w- C:\ProgramData\Corel Painter 12
2012-01-26 15:34:25 -------- d-----w- C:\Users\rob\AppData\Local\{2FE5C3DF-0ADF-4EE1-8853-92FD5C55AA3F}
2012-01-26 15:34:14 -------- d-----w- C:\Users\rob\AppData\Local\{F81DE35C-9D2B-46C6-9CE9-D730B39C37A0}
2012-01-25 20:24:15 10488 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2012-01-25 20:24:15 10488 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2012-01-25 17:43:31 -------- d-----w- C:\Users\rob\AppData\Local\{9B0D6F3A-A6EA-4AA5-8535-DBD0122BFC88}
2012-01-25 17:43:20 -------- d-----w- C:\Users\rob\AppData\Local\{A92C5AB2-2AB0-42C5-97DB-1CF00352D02C}
2012-01-25 01:00:38 306688 ----a-w- C:\Windows\IsUninst.exe
2012-01-24 19:43:05 -------- d-----w- C:\Users\rob\AppData\Roaming\Namco
2012-01-24 18:23:06 -------- d-----w- C:\Users\rob\AppData\Local\{FABB7466-B99C-45E4-8AAA-B0AE28BD009D}
2012-01-24 18:22:55 -------- d-----w- C:\Users\rob\AppData\Local\{6555048A-7644-4272-93F1-E47AC7A68DB6}
2012-01-24 17:37:49 -------- d-----w- C:\Users\rob\AppData\Local\{07E96DC9-748D-4BF5-9C23-A15CDD5392BF}
2012-01-24 04:43:39 -------- d-----w- C:\Users\rob\AppData\Local\ApplicationHistory
2012-01-24 04:25:08 -------- d-----w- C:\Program Files (x86)\InterActual
2012-01-24 04:15:53 55856 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2012-01-24 04:14:24 -------- d-----w- C:\Program Files\Roxio
2012-01-24 04:14:04 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2012-01-24 04:13:52 -------- d-----w- C:\Users\rob\AppData\Local\Programs
2012-01-24 04:13:51 -------- d-----w- C:\Program Files (x86)\Roxio
2012-01-24 04:13:24 506728 ----a-w- C:\Windows\System32\d3dx10_33.dll
2012-01-24 04:13:24 443752 ------w- C:\Windows\SysWow64\d3dx10_33.dll
2012-01-24 04:13:24 1400176 ----a-w- C:\Windows\System32\D3DCompiler_33.dll
2012-01-24 04:13:24 1123696 ------w- C:\Windows\SysWow64\D3DCompiler_33.dll
2012-01-24 04:13:23 4494184 ----a-w- C:\Windows\System32\d3dx9_33.dll
2012-01-24 04:13:23 3495784 ------w- C:\Windows\SysWow64\d3dx9_33.dll
2012-01-24 04:11:59 -------- d-----w- C:\Windows\SysWow64\URTTEMP
2012-01-24 03:11:21 -------- d-----w- C:\Users\rob\AppData\Local\Corel
2012-01-24 00:59:09 -------- d-----w- C:\Program Files\Garmin GPS Plugin
2012-01-24 00:59:07 -------- d-----w- C:\Program Files (x86)\Garmin GPS Plugin
2012-01-24 00:23:00 611840 ------w- C:\Windows\SysWow64\DVD43.dll
2012-01-24 00:23:00 -------- d-----w- C:\Program Files (x86)\DVD43 Plug-in
2012-01-23 23:53:46 -------- d-----w- C:\Users\rob\Corel
2012-01-23 23:36:55 -------- d-----w- C:\ProgramData\Protexis
2012-01-23 23:10:46 -------- d-----w- C:\ProgramData\1click dvd converter
2012-01-23 23:10:02 -------- d-----w- C:\ProgramData\1click dvd copy
2012-01-23 23:01:55 5120 ------w- C:\Windows\SysWow64\ff_vfw.dll
2012-01-23 23:01:53 -------- d-----w- C:\Program Files (x86)\ffdshow
2012-01-23 22:59:14 -------- d-----w- C:\Program Files (x86)\LG Software Innovations
2012-01-23 22:07:39 -------- d-----w- C:\Users\rob\AppData\Local\{0FCE02A1-5C21-4D15-BD72-B650043A15E7}
2012-01-23 22:07:28 -------- d-----w- C:\Users\rob\AppData\Local\{335BAC49-14C5-4A47-B085-25281AECC59E}
2012-01-22 16:18:15 -------- d-----w- C:\Users\rob\AppData\Local\{9C6054C4-DD22-458F-91F9-1EC038D70980}
2012-01-22 16:18:03 -------- d-----w- C:\Users\rob\AppData\Local\{15042EC0-9A51-49A8-932D-E7E734629359}
2012-01-22 15:01:29 -------- d-----w- C:\Users\rob\AppData\Local\{5CA21483-4AAC-4328-8CEF-EFF96262F9D4}
2012-01-21 18:36:11 -------- d-----w- C:\Users\rob\AppData\Local\{896BF39D-F7C0-4B50-926A-BF90741F92CC}
2012-01-21 18:36:00 -------- d-----w- C:\Users\rob\AppData\Local\{5362DF26-7EA6-489B-8FE3-959E4E76623B}
2012-01-21 17:24:59 -------- d-----w- C:\Users\rob\AppData\Local\{8311CCFA-EF36-458D-8967-A39FBCDA3A17}
2012-01-20 17:23:52 65536 ------w- C:\Windows\SysWow64\LxrSII1s.exe
2012-01-20 17:23:52 63064 ----a-w- C:\Windows\System32\drivers\LxrSII1d.sys
2012-01-20 17:23:52 140288 ------w- C:\Windows\SysWow64\LxrSII1.dll
2012-01-20 17:23:42 -------- d-----w- C:\Users\rob\AppData\Local\Lexar Media
2012-01-20 17:18:36 -------- d-----w- C:\Users\rob\AppData\Local\{B4EC9E62-A77D-4577-B4EC-B3530D9A099B}
2012-01-20 17:18:25 -------- d-----w- C:\Users\rob\AppData\Local\{5F8D016F-FBF3-4BF1-8B55-0EAD569ADE23}
2012-01-20 17:17:12 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-01-20 04:01:03 -------- d-----w- C:\Windows\{AEC0FEE6-3A76-44E1-97A2-5DA325DFC41C}
2012-01-20 03:43:26 1892184 ------w- C:\Windows\SysWow64\D3DX9_42.dll
2012-01-20 03:43:24 2414360 ------w- C:\Windows\SysWow64\d3dx9_31.dll
2012-01-20 03:42:18 -------- d-----w- C:\Program Files (x86)\Winamp Detect
2012-01-20 03:42:00 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-01-20 02:55:34 -------- d-----w- C:\Users\rob\AppData\Roaming\ACD Systems
2012-01-20 02:54:50 -------- d-----w- C:\Program Files (x86)\coolpro2
2012-01-20 02:53:07 -------- d-----w- C:\ProgramData\ACD Systems
2012-01-20 02:53:05 -------- d-----w- C:\Program Files (x86)\Common Files\ACD Systems
2012-01-20 02:53:05 -------- d-----w- C:\Program Files (x86)\ACD Systems
2012-01-20 02:50:15 -------- d-----w- C:\Users\rob\AppData\Local\Downloaded Installations
2012-01-20 01:32:43 -------- d-----w- C:\Program Files (x86)\Radialpoint
2012-01-19 23:23:08 -------- d-----w- C:\ProgramData\Nero
2012-01-19 23:23:08 -------- d-----w- C:\Program Files (x86)\Nero
2012-01-19 21:47:41 88 --sh--r- C:\ProgramData\80BC8B0779.sys
2012-01-19 21:47:41 5642 --sha-w- C:\ProgramData\KGyGaAvL.sys
2012-01-19 21:44:56 -------- d-----w- C:\ProgramData\Corel
2012-01-19 21:44:56 -------- d-----w- C:\Program Files (x86)\Common Files\Protexis
2012-01-19 21:43:47 -------- d-----w- C:\Program Files (x86)\Common Files\Corel
2012-01-19 21:43:33 -------- d-----w- C:\Program Files (x86)\Corel
2012-01-19 21:13:59 -------- d-----w- C:\Program Files (x86)\Common Files\Jasc Software Inc
2012-01-19 21:13:42 -------- d-----w- C:\Program Files (x86)\Jasc Software Inc
2012-01-19 20:27:58 -------- d-----w- C:\Users\rob\AppData\Local\{862DE727-FC44-4103-B38C-A2BC7340D64F}
2012-01-19 20:27:47 -------- d-----w- C:\Users\rob\AppData\Local\{DE5936B2-B52F-4141-8F4C-9675903385B5}
2012-01-18 17:29:38 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys
2012-01-18 17:29:38 255552 ------w- C:\Windows\SysWow64\drivers\mcdbus.sys
2012-01-18 17:29:37 -------- d-----w- C:\Program Files (x86)\MagicDisc
2012-01-18 17:26:56 -------- d-----w- C:\Program Files (x86)\MagicISO
2012-01-18 17:13:54 -------- d-----w- C:\Users\rob\AppData\Local\{F48B9DED-21B1-4A16-B958-A0432B081832}
2012-01-18 17:13:43 -------- d-----w- C:\Users\rob\AppData\Local\{02DD7CD8-DCCE-47C0-9F09-0DE8FCDFBB57}
2012-01-18 03:56:31 -------- d-----w- C:\Program Files (x86)\BabylonToolbar
2012-01-18 03:56:27 -------- d-----w- C:\Users\rob\AppData\Local\Babylon
2012-01-18 03:56:26 -------- d-----w- C:\Users\rob\AppData\Roaming\Babylon
2012-01-18 03:56:26 -------- d-----w- C:\ProgramData\Babylon
2012-01-17 19:23:25 -------- d-----w- C:\Users\rob\AppData\Local\{C8F1C4DA-0D04-478B-9F60-DE1A093C1A38}
2012-01-17 19:23:14 -------- d-----w- C:\Users\rob\AppData\Local\{5922D073-17A9-4206-B2E2-ED7A213AFFC3}
2012-01-17 18:20:12 -------- d-----w- C:\Program Files (x86)\BitTorrent
2012-01-17 18:18:39 -------- d-----w- C:\Users\rob\AppData\Roaming\BitTorrent
2012-01-16 21:28:45 -------- d-----w- C:\Users\rob\AppData\Local\ElevatedDiagnostics
2012-01-16 21:19:09 -------- d-----w- C:\Users\rob\AppData\Roaming\HpUpdate
2012-01-16 21:19:07 -------- d-----w- C:\Windows\Hewlett-Packard
2012-01-16 15:28:05 -------- d-----w- C:\Users\rob\AppData\Local\{1B742BE6-CA97-4D39-A76A-ED87D9E51D7E}
2012-01-16 15:27:54 -------- d-----w- C:\Users\rob\AppData\Local\{D5722982-4E3D-42F7-89E6-04396962C5E3}
.
==================== Find3M ====================
.
2012-01-27 05:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-13 18:48:02 71456 ----a-w- C:\Windows\System32\drivers\rp_skt64.sys
2012-01-13 18:47:53 59136 ----a-w- C:\Windows\System32\drivers\rp_pkt64.sys
2012-01-12 18:04:01 472808 ------w- C:\Windows\SysWow64\deployJava1.dll
2012-01-12 16:04:36 525544 ----a-w- C:\Windows\System32\deployJava1.dll
2011-12-20 02:46:50 43520 ----a-w- C:\Windows\System32\libusb0.dll
2011-12-20 02:46:50 29184 ----a-w- C:\Windows\System32\drivers\libusb0.sys
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-11-19 14:58:00 77312 ----a-w- C:\Windows\System32\packager.dll
2011-11-19 14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:41:18 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:38:39 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 19:48:29.61 ===============
 

Attachments

Larusso

· Registered
Joined
·
729 Posts
#2 ·
Hy
my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.
  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.



You mentioned that you ran ComboFix. While you may see ComboFix being used quite often without incident, the tool should not be run unsupervised (as stated in the Disclaimer that is first displayed by ComboFix when you run the tool)

Going forward, I highly recommend you heed such instructions. As explained in Post 2 of our pre-posting topic...

Why we don't ask you to run ComboFix from the onset

ComboFix is a very powerful tool which when improperly used may render your machine to a doorstop.

We first need to verify if there's any rootkits present and how they could affect our tools. DDS & GMER are preliminary scans. We use their logs to map our strategy for attack.

With these logs we can determine the infections present & decide whether to deploy ComboFix.
Click to expand...

That being said, the log it produced contains very important information for me. You'll find it located at C:\ComboFix.txt. Please include that log in your next reply,
 
Save Share
1 - 3 of 3 Posts
Status
Not open for further replies.
About this Discussion
2 Replies
3 Participants
Last post:
amateur
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top