cgh246
2012-02-05, 17:41
Hi, I have been having a problem with My PC saying that a HDD has failed, however in safe mode I am able to use and access this drive, so have now backed it all up.
After running SB S&D it removed a number of files, however KillSoft.v2008 can not be removed, it said can spy bot run on system restart to remove those file and I said yes, however spy bot does not run once the pc has restated.
Killsoft.V2008: [SBI $FF8A89C8] Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{7E41911F-13AA-11D3-A831-00104B9E30B5}
Killsoft.V2008: [SBI $A7366EB4] Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{7E419111-13AA-11D3-A831-00104B9E30B5}
Killsoft.V2008: [SBI $A7366EB4] Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{7E419111-13AA-11D3-A831-00104B9E30B5}
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
here is the DDS Text
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Chris at 15:38:12 on 2012-02-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8169.5649 [GMT 0:00]
.
AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG10\avgfws.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\AVG\AVG10\avgam.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\TightVNC\tvnserver.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Users\Chris\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Dyn Updater\DynTray.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\TightVNC\tvnserver.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Akamai NetSession Interface] C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [MusicManager] "C:\Users\Chris\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
uRun: [Google Update] "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
StartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DYNUPD~1.LNK - C:\Program Files (x86)\Dyn Updater\DynTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
LSP: %SystemRoot%\system32\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 10.247.6.20 10.247.6.21
TCP: Interfaces\{B7E21927-C6DF-4A00-A32C-088E10D7850E} : DhcpNameServer = 10.247.6.20 10.247.6.21
TCP: Interfaces\{BC36B7B9-908B-40E3-AC1B-059BC083EB0D} : DhcpNameServer = 10.0.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO-X64: btorbit.com - No File
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64: IESpeakDoc - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
Hosts: 0.0.0.0 localhost
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\z2se70eu.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.arccosine.com/
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p=
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys --> C:\Windows\system32\DRIVERS\AiCharger.sys [?]
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2011-6-23 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2011-6-23 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-6-23 586880]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-3-9 2708024]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 Dyn Updater;Dyn Updater;C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe [2011-11-15 95608]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2011-11-16 330072]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS --> C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS [?]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-1-31 375176]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2011-12-21 529768]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-11-30 2916736]
R2 tvnserver;TightVNC Server;C:\Program Files (x86)\TightVNC\tvnserver.exe [2011-8-3 828944]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-21 846448]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 bbcap;bb_capture_driver;C:\Windows\system32\DRIVERS\bbcap.sys --> C:\Windows\system32\DRIVERS\bbcap.sys [?]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\system32\DRIVERS\ICCWDT.sys --> C:\Windows\system32\DRIVERS\ICCWDT.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MySQL55_1_1;MySQL55_1_1;"G:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="G:\Program Files\MySQL\MySQL Server 5.5\my.ini" MySQL55_1_1 --> G:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld [?]
S2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-8-22 11837440]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]
S3 athrusb;Atheros Wireless LAN USB device driver;C:\Windows\system32\DRIVERS\athrxusb.sys --> C:\Windows\system32\DRIVERS\athrxusb.sys [?]
S3 BackupReader;BackupReader;C:\Windows\system32\DRIVERS\BackupReader.sys --> C:\Windows\system32\DRIVERS\BackupReader.sys [?]
S3 ddmdrv;ddmdrv;C:\Windows\System32\ddmdrv.sys [2012-2-5 12728]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys --> C:\Windows\system32\Drivers\VBoxUSB.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-05 15:28:55 -------- d-----w- C:\Users\Chris\AppData\Local\{B871A8C1-121D-4C55-A7F7-C5BDE48881EE}
2012-02-05 15:28:46 -------- d-----w- C:\Users\Chris\AppData\Local\{6208A74C-187D-4706-B867-46FC0D1CC10B}
2012-02-05 15:14:38 -------- d-----w- C:\Users\Chris\AppData\Local\{2A2946D6-5553-4D1D-942C-70962B6E8BFC}
2012-02-05 15:14:28 -------- d-----w- C:\Users\Chris\AppData\Local\{51546DDC-AE0F-481A-BF2C-26801ED145FA}
2012-02-05 15:09:10 8424784 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-02-05 15:09:07 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6153D8F2-CA49-4423-A66C-14BE578860D6}\mpengine.dll
2012-02-05 14:51:54 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2012-02-05 14:51:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-05 14:30:00 -------- d-----w- C:\Users\Chris\AppData\Local\{B5ED89D4-F7F4-4AD7-A1FD-79071D657DA5}
2012-02-05 14:29:32 -------- d-----w- C:\Users\Chris\AppData\Local\{616385CC-EA2E-4469-9D96-BEFA23B49B04}
2012-02-05 12:26:21 -------- d-----w- C:\Program Files\Drug Lord 2
2012-02-05 10:42:09 -------- d-----w- C:\Users\Chris\AppData\Local\{07C57815-79A8-46D5-8DFA-2F1176A8213E}
2012-02-05 10:41:59 -------- d-----w- C:\Users\Chris\AppData\Local\{A0D6672E-6F8C-4628-936F-6F6B6177FA40}
2012-02-05 03:03:55 -------- d-----w- C:\ProgramData\WindSolutions
2012-02-05 03:03:40 -------- d-----w- C:\Users\Chris\AppData\Roaming\WindSolutions
2012-02-05 03:03:40 -------- d-----w- C:\Program Files (x86)\CopyTrans Suite
2012-02-05 02:59:42 -------- d-----w- C:\Program Files (x86)\DIY DataRecovery DiskPatch
2012-02-05 01:43:58 15288 ----a-w- C:\Windows\System32\ddmdrv.sys
2012-02-05 01:43:58 1287096 ----a-w- C:\Windows\ddmmain.exe
2012-02-05 01:43:58 12728 ----a-w- C:\Windows\SysWow64\ddmdrv.sys
2012-02-05 01:43:57 -------- d-----w- C:\Program Files (x86)\Aomei DDM Server Edition
2012-02-05 01:28:48 -------- d-----w- C:\Program Files (x86)\Seagate
2012-02-05 01:28:33 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-02-05 00:20:10 -------- d-----w- C:\ProgramData\Dyn
2012-02-05 00:20:09 -------- d-----w- C:\Program Files (x86)\Dyn Updater
2012-02-04 23:36:55 -------- d-----w- C:\Users\Chris\AppData\Local\LogMeIn
2012-02-04 23:36:54 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2012-02-04 23:36:54 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2012-02-04 23:36:54 59776 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2012-02-04 23:36:54 34688 ----a-w- C:\Windows\System32\LMIport.dll
2012-02-04 23:36:54 11552 ----a-w- C:\Windows\System32\drivers\lmimirr.sys
2012-02-04 23:36:53 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2012-02-04 23:36:53 -------- d-----w- C:\ProgramData\LogMeIn
2012-02-04 23:36:49 -------- d-----w- C:\Program Files (x86)\LogMeIn
2012-02-04 22:03:56 -------- d-----w- C:\Users\Chris\AppData\Local\{08104330-393C-474C-AD6E-C3BA60ACFA26}
2012-02-04 22:03:47 -------- d-----w- C:\Users\Chris\AppData\Local\{582472AD-F2E7-439D-95B3-0CD0AC5379C6}
2012-02-04 20:49:35 -------- d-----w- C:\Users\Chris\Drug Lord 2
2012-02-04 09:56:49 -------- d-----w- C:\Users\Chris\AppData\Local\{314A8F7F-A857-4FAB-912D-D47DEBC34AC5}
2012-02-04 09:56:40 -------- d-----w- C:\Users\Chris\AppData\Local\{C9C372BB-78A6-4EF2-BFBA-01272C97F615}
2012-02-03 16:31:22 -------- d-----w- C:\Users\Chris\AppData\Local\{8E73B244-B05C-4952-A7B6-7264CC55C3FE}
2012-02-03 16:31:13 -------- d-----w- C:\Users\Chris\AppData\Local\{3D8C04D4-F93A-4835-A820-D3DFA32DA4E8}
2012-02-03 01:13:21 -------- d-----w- C:\Users\Chris\AppData\Local\{222B9225-1177-469D-9AE0-3622D1199249}
2012-02-03 01:13:09 -------- d-----w- C:\Users\Chris\AppData\Local\{55EEAE0E-9751-40B3-A085-03942019413B}
2012-02-02 10:13:10 -------- d-----w- C:\Users\Chris\AppData\Local\{76A674D0-3CF0-4F52-96D0-AB5893B1F42F}
2012-02-02 10:13:01 -------- d-----w- C:\Users\Chris\AppData\Local\{E7800F81-BB3E-440C-B8A2-A1ABBEA61CA2}
2012-02-01 17:07:04 -------- d-----w- C:\Users\Chris\AppData\Local\{F19399F7-1AEE-402A-B1CE-47DD91927CBE}
2012-02-01 17:06:55 -------- d-----w- C:\Users\Chris\AppData\Local\{EC050D75-9C24-4373-B3B1-30C2869CB5F3}
2012-02-01 00:10:18 -------- d-----w- C:\Users\Chris\AppData\Local\{900A5EFA-5D86-4D2C-8228-4B579E04A54A}
2012-02-01 00:10:09 -------- d-----w- C:\Users\Chris\AppData\Local\{EEC073CB-B845-4B79-A686-BC6620845C9A}
2012-01-31 16:20:57 -------- d-----w- C:\Program Files (x86)\TightVNC
2012-01-31 10:19:09 -------- d-----w- C:\Users\Chris\AppData\Local\{5A0D6543-B4B8-4143-AD89-CE0AC602534F}
2012-01-31 10:18:59 -------- d-----w- C:\Users\Chris\AppData\Local\{B2A81320-63F1-4B87-B3F9-33D7479F543F}
2012-01-30 22:18:48 -------- d-----w- C:\Users\Chris\AppData\Local\{6CC207C7-90A2-45D2-AC11-D781FA49FC77}
2012-01-30 22:18:39 -------- d-----w- C:\Users\Chris\AppData\Local\{AD6C4E7B-F742-4030-9349-16758890E36B}
2012-01-30 10:18:28 -------- d-----w- C:\Users\Chris\AppData\Local\{7E4B3CCF-B8E2-4724-BC9F-AFD181DEB976}
2012-01-30 10:18:18 -------- d-----w- C:\Users\Chris\AppData\Local\{55527683-566C-44C8-BB66-522980586143}
2012-01-29 12:12:31 -------- d-----w- C:\Program Files (x86)\WOW Slider
2012-01-29 11:50:56 -------- d-----w- C:\Users\Chris\AppData\Local\{00960C0F-D0D0-41F0-BE72-F9D160134A2D}
2012-01-29 11:50:47 -------- d-----w- C:\Users\Chris\AppData\Local\{32B756CB-B9D0-46EE-8A70-F9C7369F0B26}
2012-01-28 23:50:36 -------- d-----w- C:\Users\Chris\AppData\Local\{F8339B2F-80DE-4B9F-B0FB-EC42AC12C583}
2012-01-28 23:50:27 -------- d-----w- C:\Users\Chris\AppData\Local\{D4B67C9F-E24F-48DC-8147-59DAFB950C65}
2012-01-28 11:28:43 -------- d-----w- C:\Users\Chris\AppData\Local\{97F7702E-8FB4-422C-83F2-EA7D2A63D3DD}
2012-01-28 11:28:34 -------- d-----w- C:\Users\Chris\AppData\Local\{D58E97D9-21BC-4A53-AA99-A54329E27A6F}
2012-01-27 21:13:55 -------- d-----w- C:\Users\Chris\AppData\Local\{A3A14F92-B938-4EE1-8439-D4526389C1F9}
2012-01-27 21:13:46 -------- d-----w- C:\Users\Chris\AppData\Local\{B481B295-C71E-4414-B014-9BA79FC34101}
2012-01-27 09:13:35 -------- d-----w- C:\Users\Chris\AppData\Local\{390E92B0-1D4C-4F01-B32F-5EC9C9766AA6}
2012-01-27 09:13:19 -------- d-----w- C:\Users\Chris\AppData\Local\{FC442DDF-A72C-4679-BDA1-8A5E12B0E3D9}
2012-01-26 17:25:31 -------- d-----w- C:\Users\Chris\AppData\Local\{AB4D453F-3CA8-4AD7-9BE3-9377E3882939}
2012-01-26 17:25:16 -------- d-----w- C:\Users\Chris\AppData\Local\{7BE89C33-243F-46BB-AC17-76312FBA1A9F}
2012-01-25 23:18:55 -------- d-----w- C:\Users\Chris\AppData\Local\{49536687-E34E-4050-A8FD-3467AC0038F9}
2012-01-25 23:18:45 -------- d-----w- C:\Users\Chris\AppData\Local\{0530A48B-B994-4C30-8371-0A02906F2AB6}
2012-01-25 11:18:34 -------- d-----w- C:\Users\Chris\AppData\Local\{A0EA8C53-61E3-4ACA-9B48-7C8D5EF0B863}
2012-01-25 11:18:25 -------- d-----w- C:\Users\Chris\AppData\Local\{C1CFED1B-87ED-44D2-97C1-86C31B104F9D}
2012-01-24 22:00:02 -------- d-----w- C:\Users\Chris\AppData\Local\{B6DD63E9-7109-4082-A8DD-6A9E706CE2DC}
2012-01-24 21:59:52 -------- d-----w- C:\Users\Chris\AppData\Local\{14268CA3-8717-443E-9D72-F84A931F1088}
2012-01-24 09:59:29 -------- d-----w- C:\Users\Chris\AppData\Local\{A5D5EA9E-DB78-433D-94CD-0C6CFFD3BDD3}
2012-01-24 09:59:20 -------- d-----w- C:\Users\Chris\AppData\Local\{E6B345A9-D62E-43B8-9653-24370F9DE1DC}
2012-01-23 23:30:29 -------- d-----w- C:\Users\Chris\AppData\Local\libimobiledevice
2012-01-23 21:45:55 -------- d-----w- C:\Program Files\iPod
2012-01-23 21:45:54 -------- d-----w- C:\Program Files\iTunes
2012-01-23 21:42:54 -------- d-----w- C:\Users\Chris\AppData\Local\{94FB0C0F-98BA-4A25-A2B0-F093B6820A15}
2012-01-23 21:42:45 -------- d-----w- C:\Users\Chris\AppData\Local\{9BE284A3-E8F1-4027-BA5B-611156290408}
2012-01-23 09:34:48 -------- d-----w- C:\Users\Chris\AppData\Local\{86C80679-98B2-4362-879A-C7B42509B8D0}
2012-01-23 09:34:38 -------- d-----w- C:\Users\Chris\AppData\Local\{9380C4E7-D447-4AD0-9659-0614E7DD853D}
2012-01-22 13:55:33 -------- d-----w- C:\Users\Chris\AppData\Local\{99FF4602-A1A9-419F-9D87-50990C65B742}
2012-01-22 13:55:24 -------- d-----w- C:\Users\Chris\AppData\Local\{B7D23C47-454C-4CD0-B982-F36A03263D1B}
2012-01-21 22:46:17 -------- d-----w- C:\Users\Chris\AppData\Local\{B82F5656-2FEA-4F91-853A-DD380F5E53D0}
2012-01-21 22:46:07 -------- d-----w- C:\Users\Chris\AppData\Local\{FC9F0891-63BF-4261-B60A-22859197E5C2}
2012-01-21 10:45:56 -------- d-----w- C:\Users\Chris\AppData\Local\{A3D92F9B-7E3C-4D1A-99AF-0584DE3AB4E1}
2012-01-21 10:45:47 -------- d-----w- C:\Users\Chris\AppData\Local\{91E713FC-C98F-4557-833D-1088AAD22CBB}
2012-01-20 22:45:36 -------- d-----w- C:\Users\Chris\AppData\Local\{788569C2-B05F-45F4-9C29-6DBE0CE9B857}
2012-01-20 22:45:26 -------- d-----w- C:\Users\Chris\AppData\Local\{C1BAFD99-4E4E-4F7B-88F5-156DA5284A4D}
2012-01-20 08:46:42 -------- d-----w- C:\Users\Chris\AppData\Local\{952FBBD1-5205-4D83-A826-C0B8B24C04D9}
2012-01-20 08:46:28 -------- d-----w- C:\Users\Chris\AppData\Local\{E926C04B-ABFB-4A44-B85D-005F362CE2E9}
2012-01-19 11:47:26 -------- d-----w- C:\Users\Chris\AppData\Local\{C284A849-5559-42F6-AC15-8C856B84F59E}
2012-01-19 11:47:17 -------- d-----w- C:\Users\Chris\AppData\Local\{648F8552-D25E-454C-9115-2953290C7E49}
2012-01-18 23:10:10 -------- d-----w- C:\Users\Chris\AppData\Local\{6E14A251-B5A8-437E-BBE4-3BDD33B87608}
2012-01-18 23:10:00 -------- d-----w- C:\Users\Chris\AppData\Local\{7BC7556C-37E0-4AF9-AB66-4733EC12B829}
2012-01-18 21:53:30 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2012-01-18 11:09:50 -------- d-----w- C:\Users\Chris\AppData\Local\{D2FE4734-D14E-4C10-9961-A42A2816A7E4}
2012-01-18 11:09:40 -------- d-----w- C:\Users\Chris\AppData\Local\{3721C142-8817-488B-8E34-6BAE6FAD1D28}
2012-01-17 23:09:29 -------- d-----w- C:\Users\Chris\AppData\Local\{69A47E73-1E5A-49EB-917E-B31A125826C7}
2012-01-17 23:09:20 -------- d-----w- C:\Users\Chris\AppData\Local\{9C48533C-C1C9-4C4A-9337-9C8E95857959}
2012-01-17 11:09:09 -------- d-----w- C:\Users\Chris\AppData\Local\{539E47CC-ADF1-4BCB-A265-942EE6DA4026}
2012-01-17 11:09:00 -------- d-----w- C:\Users\Chris\AppData\Local\{C927561D-3D1F-47A4-A1E0-ABD9A1A8B9FC}
2012-01-16 22:46:28 -------- d-----w- C:\Users\Chris\AppData\Local\{D087731E-0987-487F-BA00-AC38B03D6E89}
2012-01-16 22:46:18 -------- d-----w- C:\Users\Chris\AppData\Local\{3BA75B07-997B-4230-A91E-FFDF4C902AAA}
2012-01-16 10:46:07 -------- d-----w- C:\Users\Chris\AppData\Local\{005935C6-1878-4207-97A5-CE4A7EF22900}
2012-01-16 10:45:58 -------- d-----w- C:\Users\Chris\AppData\Local\{B794F5DD-48AE-49A3-8260-3EFB77B9256C}
2012-01-15 22:45:35 -------- d-----w- C:\Users\Chris\AppData\Local\{7FC8136E-CAC8-4CBB-8C48-D3DB401863EC}
2012-01-15 22:45:26 -------- d-----w- C:\Users\Chris\AppData\Local\{9C9718C4-3482-4856-BAE6-B86EA595B35D}
2012-01-15 16:00:36 -------- d-----w- C:\ProgramData\Splashtop
2012-01-15 16:00:27 -------- d-----w- C:\Program Files (x86)\Splashtop
2012-01-15 16:00:11 -------- d-----w- C:\Users\Chris\AppData\Local\{144B42D3-144F-466A-BA16-79245A51069E}
2012-01-15 10:45:15 -------- d-----w- C:\Users\Chris\AppData\Local\{28B6B5FE-9D16-4445-8085-5B07F14156D3}
2012-01-15 10:45:05 -------- d-----w- C:\Users\Chris\AppData\Local\{A7D5EB69-F15F-40BC-B5C2-FBD8657BB727}
2012-01-14 22:15:39 -------- d-----w- C:\Users\Chris\AppData\Local\{48573817-D167-4F23-9EA8-B562BFFEFE09}
2012-01-14 22:15:29 -------- d-----w- C:\Users\Chris\AppData\Local\{EC8A5267-4883-4B46-B53A-30298DC6A14D}
2012-01-14 10:15:18 -------- d-----w- C:\Users\Chris\AppData\Local\{6B5715D2-B88F-40AD-A6A4-FC3C678DF6BA}
2012-01-14 10:15:09 -------- d-----w- C:\Users\Chris\AppData\Local\{D20A043B-7DE8-459D-9C3C-FCF400A53288}
2012-01-13 17:09:47 -------- d-----w- C:\Users\Chris\AppData\Roaming\GMetrixSMS
2012-01-13 17:09:37 -------- d-----w- C:\Program Files (x86)\GMetrix SMS
2012-01-13 16:42:49 -------- d-----w- C:\Users\Chris\AppData\Local\{16B2741A-B4B8-42C4-B5E1-6B52EA5F355C}
2012-01-13 16:42:40 -------- d-----w- C:\Users\Chris\AppData\Local\{F44E5E02-D8CA-4683-85DB-57B2EB9D4729}
2012-01-12 23:26:22 -------- d-----w- C:\Users\Chris\AppData\Roaming\Microsoft Corporation
2012-01-12 17:28:26 -------- d-----w- C:\Users\Chris\AppData\Local\{31B8714B-65B7-49A6-8218-1011771D9B32}
2012-01-12 17:28:17 -------- d-----w- C:\Users\Chris\AppData\Local\{F9EA5D3E-3A54-4A5C-9961-977C107D6DB8}
2012-01-12 03:00:36 -------- d-----w- C:\Users\Chris\AppData\Local\{416B281D-E183-4517-8BFC-48D504E12B27}
2012-01-12 03:00:27 -------- d-----w- C:\Users\Chris\AppData\Local\{00BDBF84-EDF0-42AB-AD3D-9A49044FFEF7}
2012-01-11 11:17:44 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 11:17:44 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 11:17:44 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 11:17:43 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 11:17:42 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 11:17:42 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 11:17:41 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 11:17:41 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-11 11:08:29 -------- d-----w- C:\Users\Chris\AppData\Local\{B0F50FC3-8DF1-4630-BCFC-AACF654CCFC9}
2012-01-11 11:08:20 -------- d-----w- C:\Users\Chris\AppData\Local\{EA9641A4-55AC-4C0E-84A3-E255129B8424}
2012-01-10 15:44:10 -------- d-----w- C:\Users\Chris\AppData\Local\{A76DF942-62E2-4FF6-846F-F151C54623FE}
2012-01-10 15:44:01 -------- d-----w- C:\Users\Chris\AppData\Local\{EBDB566A-6098-4A05-8816-A5E88D72D466}
2012-01-09 23:25:20 -------- d-----r- C:\Users\Chris\Dropbox
2012-01-09 22:33:24 -------- d-----w- C:\Users\Chris\AppData\Local\{4DF052D4-FE7A-4E11-91F4-D0CEFFD230C5}
2012-01-09 22:33:14 -------- d-----w- C:\Users\Chris\AppData\Local\{2EAA000C-7288-4BD2-9012-37C7F8A68013}
2012-01-09 10:32:51 -------- d-----w- C:\Users\Chris\AppData\Local\{3AA61C99-8B5B-4FAB-BEC8-9B89CD19F223}
2012-01-09 10:32:41 -------- d-----w- C:\Users\Chris\AppData\Local\{0A32A0E7-8790-450D-B177-DF0D1EC107F1}
2012-01-08 23:23:27 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-01-08 22:32:18 -------- d-----w- C:\Users\Chris\AppData\Local\{04C850ED-CC4C-402B-B851-C4F043A549FB}
2012-01-08 22:32:08 -------- d-----w- C:\Users\Chris\AppData\Local\{83992810-D576-48FE-9274-255E23AF6235}
.
==================== Find3M ====================
.
2012-02-05 01:15:34 1025648 ----a-w- C:\Windows\PE_Rom.dll
2012-02-04 18:15:26 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2012-01-27 00:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-10 15:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2011-11-16 16:21:25 5632 ----a-w- C:\Windows\System32\bbchlp.dll
2011-11-16 16:21:25 4608 ----a-w- C:\Windows\System32\drivers\bbcap.sys
2011-11-16 16:21:25 37376 ----a-w- C:\Windows\System32\bbcap.dll
2011-11-16 16:06:02 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-15 18:32:42 56832 ----a-w- C:\Windows\System32\drivers\HssDrv.sys
2011-11-15 18:32:40 37888 ----a-w- C:\Windows\System32\drivers\taphss.sys
2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll
2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll
2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe
2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll
2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll
2011-11-10 02:18:44 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-11-09 22:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-11-09 22:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-11-09 22:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-11-09 22:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-11-09 22:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll
2011-11-09 22:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-11-09 22:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-11-09 22:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
.
============= FINISH: 15:38:34.00 ===============
After running SB S&D it removed a number of files, however KillSoft.v2008 can not be removed, it said can spy bot run on system restart to remove those file and I said yes, however spy bot does not run once the pc has restated.
Killsoft.V2008: [SBI $FF8A89C8] Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{7E41911F-13AA-11D3-A831-00104B9E30B5}
Killsoft.V2008: [SBI $A7366EB4] Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{7E419111-13AA-11D3-A831-00104B9E30B5}
Killsoft.V2008: [SBI $A7366EB4] Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{7E419111-13AA-11D3-A831-00104B9E30B5}
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
here is the DDS Text
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Chris at 15:38:12 on 2012-02-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8169.5649 [GMT 0:00]
.
AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG10\avgfws.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\AVG\AVG10\avgam.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\TightVNC\tvnserver.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Users\Chris\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Dyn Updater\DynTray.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\TightVNC\tvnserver.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Akamai NetSession Interface] C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [MusicManager] "C:\Users\Chris\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
uRun: [Google Update] "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
StartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DYNUPD~1.LNK - C:\Program Files (x86)\Dyn Updater\DynTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
LSP: %SystemRoot%\system32\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 10.247.6.20 10.247.6.21
TCP: Interfaces\{B7E21927-C6DF-4A00-A32C-088E10D7850E} : DhcpNameServer = 10.247.6.20 10.247.6.21
TCP: Interfaces\{BC36B7B9-908B-40E3-AC1B-059BC083EB0D} : DhcpNameServer = 10.0.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO-X64: btorbit.com - No File
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64: IESpeakDoc - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
Hosts: 0.0.0.0 localhost
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\z2se70eu.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.arccosine.com/
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p=
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys --> C:\Windows\system32\DRIVERS\AiCharger.sys [?]
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2011-6-23 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2011-6-23 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-6-23 586880]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-3-9 2708024]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 Dyn Updater;Dyn Updater;C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe [2011-11-15 95608]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2011-11-16 330072]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS --> C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS [?]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-1-31 375176]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2011-12-21 529768]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-11-30 2916736]
R2 tvnserver;TightVNC Server;C:\Program Files (x86)\TightVNC\tvnserver.exe [2011-8-3 828944]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-21 846448]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 bbcap;bb_capture_driver;C:\Windows\system32\DRIVERS\bbcap.sys --> C:\Windows\system32\DRIVERS\bbcap.sys [?]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\system32\DRIVERS\ICCWDT.sys --> C:\Windows\system32\DRIVERS\ICCWDT.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MySQL55_1_1;MySQL55_1_1;"G:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="G:\Program Files\MySQL\MySQL Server 5.5\my.ini" MySQL55_1_1 --> G:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld [?]
S2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-8-22 11837440]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]
S3 athrusb;Atheros Wireless LAN USB device driver;C:\Windows\system32\DRIVERS\athrxusb.sys --> C:\Windows\system32\DRIVERS\athrxusb.sys [?]
S3 BackupReader;BackupReader;C:\Windows\system32\DRIVERS\BackupReader.sys --> C:\Windows\system32\DRIVERS\BackupReader.sys [?]
S3 ddmdrv;ddmdrv;C:\Windows\System32\ddmdrv.sys [2012-2-5 12728]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys --> C:\Windows\system32\Drivers\VBoxUSB.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-05 15:28:55 -------- d-----w- C:\Users\Chris\AppData\Local\{B871A8C1-121D-4C55-A7F7-C5BDE48881EE}
2012-02-05 15:28:46 -------- d-----w- C:\Users\Chris\AppData\Local\{6208A74C-187D-4706-B867-46FC0D1CC10B}
2012-02-05 15:14:38 -------- d-----w- C:\Users\Chris\AppData\Local\{2A2946D6-5553-4D1D-942C-70962B6E8BFC}
2012-02-05 15:14:28 -------- d-----w- C:\Users\Chris\AppData\Local\{51546DDC-AE0F-481A-BF2C-26801ED145FA}
2012-02-05 15:09:10 8424784 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-02-05 15:09:07 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6153D8F2-CA49-4423-A66C-14BE578860D6}\mpengine.dll
2012-02-05 14:51:54 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2012-02-05 14:51:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-05 14:30:00 -------- d-----w- C:\Users\Chris\AppData\Local\{B5ED89D4-F7F4-4AD7-A1FD-79071D657DA5}
2012-02-05 14:29:32 -------- d-----w- C:\Users\Chris\AppData\Local\{616385CC-EA2E-4469-9D96-BEFA23B49B04}
2012-02-05 12:26:21 -------- d-----w- C:\Program Files\Drug Lord 2
2012-02-05 10:42:09 -------- d-----w- C:\Users\Chris\AppData\Local\{07C57815-79A8-46D5-8DFA-2F1176A8213E}
2012-02-05 10:41:59 -------- d-----w- C:\Users\Chris\AppData\Local\{A0D6672E-6F8C-4628-936F-6F6B6177FA40}
2012-02-05 03:03:55 -------- d-----w- C:\ProgramData\WindSolutions
2012-02-05 03:03:40 -------- d-----w- C:\Users\Chris\AppData\Roaming\WindSolutions
2012-02-05 03:03:40 -------- d-----w- C:\Program Files (x86)\CopyTrans Suite
2012-02-05 02:59:42 -------- d-----w- C:\Program Files (x86)\DIY DataRecovery DiskPatch
2012-02-05 01:43:58 15288 ----a-w- C:\Windows\System32\ddmdrv.sys
2012-02-05 01:43:58 1287096 ----a-w- C:\Windows\ddmmain.exe
2012-02-05 01:43:58 12728 ----a-w- C:\Windows\SysWow64\ddmdrv.sys
2012-02-05 01:43:57 -------- d-----w- C:\Program Files (x86)\Aomei DDM Server Edition
2012-02-05 01:28:48 -------- d-----w- C:\Program Files (x86)\Seagate
2012-02-05 01:28:33 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-02-05 00:20:10 -------- d-----w- C:\ProgramData\Dyn
2012-02-05 00:20:09 -------- d-----w- C:\Program Files (x86)\Dyn Updater
2012-02-04 23:36:55 -------- d-----w- C:\Users\Chris\AppData\Local\LogMeIn
2012-02-04 23:36:54 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2012-02-04 23:36:54 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2012-02-04 23:36:54 59776 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2012-02-04 23:36:54 34688 ----a-w- C:\Windows\System32\LMIport.dll
2012-02-04 23:36:54 11552 ----a-w- C:\Windows\System32\drivers\lmimirr.sys
2012-02-04 23:36:53 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2012-02-04 23:36:53 -------- d-----w- C:\ProgramData\LogMeIn
2012-02-04 23:36:49 -------- d-----w- C:\Program Files (x86)\LogMeIn
2012-02-04 22:03:56 -------- d-----w- C:\Users\Chris\AppData\Local\{08104330-393C-474C-AD6E-C3BA60ACFA26}
2012-02-04 22:03:47 -------- d-----w- C:\Users\Chris\AppData\Local\{582472AD-F2E7-439D-95B3-0CD0AC5379C6}
2012-02-04 20:49:35 -------- d-----w- C:\Users\Chris\Drug Lord 2
2012-02-04 09:56:49 -------- d-----w- C:\Users\Chris\AppData\Local\{314A8F7F-A857-4FAB-912D-D47DEBC34AC5}
2012-02-04 09:56:40 -------- d-----w- C:\Users\Chris\AppData\Local\{C9C372BB-78A6-4EF2-BFBA-01272C97F615}
2012-02-03 16:31:22 -------- d-----w- C:\Users\Chris\AppData\Local\{8E73B244-B05C-4952-A7B6-7264CC55C3FE}
2012-02-03 16:31:13 -------- d-----w- C:\Users\Chris\AppData\Local\{3D8C04D4-F93A-4835-A820-D3DFA32DA4E8}
2012-02-03 01:13:21 -------- d-----w- C:\Users\Chris\AppData\Local\{222B9225-1177-469D-9AE0-3622D1199249}
2012-02-03 01:13:09 -------- d-----w- C:\Users\Chris\AppData\Local\{55EEAE0E-9751-40B3-A085-03942019413B}
2012-02-02 10:13:10 -------- d-----w- C:\Users\Chris\AppData\Local\{76A674D0-3CF0-4F52-96D0-AB5893B1F42F}
2012-02-02 10:13:01 -------- d-----w- C:\Users\Chris\AppData\Local\{E7800F81-BB3E-440C-B8A2-A1ABBEA61CA2}
2012-02-01 17:07:04 -------- d-----w- C:\Users\Chris\AppData\Local\{F19399F7-1AEE-402A-B1CE-47DD91927CBE}
2012-02-01 17:06:55 -------- d-----w- C:\Users\Chris\AppData\Local\{EC050D75-9C24-4373-B3B1-30C2869CB5F3}
2012-02-01 00:10:18 -------- d-----w- C:\Users\Chris\AppData\Local\{900A5EFA-5D86-4D2C-8228-4B579E04A54A}
2012-02-01 00:10:09 -------- d-----w- C:\Users\Chris\AppData\Local\{EEC073CB-B845-4B79-A686-BC6620845C9A}
2012-01-31 16:20:57 -------- d-----w- C:\Program Files (x86)\TightVNC
2012-01-31 10:19:09 -------- d-----w- C:\Users\Chris\AppData\Local\{5A0D6543-B4B8-4143-AD89-CE0AC602534F}
2012-01-31 10:18:59 -------- d-----w- C:\Users\Chris\AppData\Local\{B2A81320-63F1-4B87-B3F9-33D7479F543F}
2012-01-30 22:18:48 -------- d-----w- C:\Users\Chris\AppData\Local\{6CC207C7-90A2-45D2-AC11-D781FA49FC77}
2012-01-30 22:18:39 -------- d-----w- C:\Users\Chris\AppData\Local\{AD6C4E7B-F742-4030-9349-16758890E36B}
2012-01-30 10:18:28 -------- d-----w- C:\Users\Chris\AppData\Local\{7E4B3CCF-B8E2-4724-BC9F-AFD181DEB976}
2012-01-30 10:18:18 -------- d-----w- C:\Users\Chris\AppData\Local\{55527683-566C-44C8-BB66-522980586143}
2012-01-29 12:12:31 -------- d-----w- C:\Program Files (x86)\WOW Slider
2012-01-29 11:50:56 -------- d-----w- C:\Users\Chris\AppData\Local\{00960C0F-D0D0-41F0-BE72-F9D160134A2D}
2012-01-29 11:50:47 -------- d-----w- C:\Users\Chris\AppData\Local\{32B756CB-B9D0-46EE-8A70-F9C7369F0B26}
2012-01-28 23:50:36 -------- d-----w- C:\Users\Chris\AppData\Local\{F8339B2F-80DE-4B9F-B0FB-EC42AC12C583}
2012-01-28 23:50:27 -------- d-----w- C:\Users\Chris\AppData\Local\{D4B67C9F-E24F-48DC-8147-59DAFB950C65}
2012-01-28 11:28:43 -------- d-----w- C:\Users\Chris\AppData\Local\{97F7702E-8FB4-422C-83F2-EA7D2A63D3DD}
2012-01-28 11:28:34 -------- d-----w- C:\Users\Chris\AppData\Local\{D58E97D9-21BC-4A53-AA99-A54329E27A6F}
2012-01-27 21:13:55 -------- d-----w- C:\Users\Chris\AppData\Local\{A3A14F92-B938-4EE1-8439-D4526389C1F9}
2012-01-27 21:13:46 -------- d-----w- C:\Users\Chris\AppData\Local\{B481B295-C71E-4414-B014-9BA79FC34101}
2012-01-27 09:13:35 -------- d-----w- C:\Users\Chris\AppData\Local\{390E92B0-1D4C-4F01-B32F-5EC9C9766AA6}
2012-01-27 09:13:19 -------- d-----w- C:\Users\Chris\AppData\Local\{FC442DDF-A72C-4679-BDA1-8A5E12B0E3D9}
2012-01-26 17:25:31 -------- d-----w- C:\Users\Chris\AppData\Local\{AB4D453F-3CA8-4AD7-9BE3-9377E3882939}
2012-01-26 17:25:16 -------- d-----w- C:\Users\Chris\AppData\Local\{7BE89C33-243F-46BB-AC17-76312FBA1A9F}
2012-01-25 23:18:55 -------- d-----w- C:\Users\Chris\AppData\Local\{49536687-E34E-4050-A8FD-3467AC0038F9}
2012-01-25 23:18:45 -------- d-----w- C:\Users\Chris\AppData\Local\{0530A48B-B994-4C30-8371-0A02906F2AB6}
2012-01-25 11:18:34 -------- d-----w- C:\Users\Chris\AppData\Local\{A0EA8C53-61E3-4ACA-9B48-7C8D5EF0B863}
2012-01-25 11:18:25 -------- d-----w- C:\Users\Chris\AppData\Local\{C1CFED1B-87ED-44D2-97C1-86C31B104F9D}
2012-01-24 22:00:02 -------- d-----w- C:\Users\Chris\AppData\Local\{B6DD63E9-7109-4082-A8DD-6A9E706CE2DC}
2012-01-24 21:59:52 -------- d-----w- C:\Users\Chris\AppData\Local\{14268CA3-8717-443E-9D72-F84A931F1088}
2012-01-24 09:59:29 -------- d-----w- C:\Users\Chris\AppData\Local\{A5D5EA9E-DB78-433D-94CD-0C6CFFD3BDD3}
2012-01-24 09:59:20 -------- d-----w- C:\Users\Chris\AppData\Local\{E6B345A9-D62E-43B8-9653-24370F9DE1DC}
2012-01-23 23:30:29 -------- d-----w- C:\Users\Chris\AppData\Local\libimobiledevice
2012-01-23 21:45:55 -------- d-----w- C:\Program Files\iPod
2012-01-23 21:45:54 -------- d-----w- C:\Program Files\iTunes
2012-01-23 21:42:54 -------- d-----w- C:\Users\Chris\AppData\Local\{94FB0C0F-98BA-4A25-A2B0-F093B6820A15}
2012-01-23 21:42:45 -------- d-----w- C:\Users\Chris\AppData\Local\{9BE284A3-E8F1-4027-BA5B-611156290408}
2012-01-23 09:34:48 -------- d-----w- C:\Users\Chris\AppData\Local\{86C80679-98B2-4362-879A-C7B42509B8D0}
2012-01-23 09:34:38 -------- d-----w- C:\Users\Chris\AppData\Local\{9380C4E7-D447-4AD0-9659-0614E7DD853D}
2012-01-22 13:55:33 -------- d-----w- C:\Users\Chris\AppData\Local\{99FF4602-A1A9-419F-9D87-50990C65B742}
2012-01-22 13:55:24 -------- d-----w- C:\Users\Chris\AppData\Local\{B7D23C47-454C-4CD0-B982-F36A03263D1B}
2012-01-21 22:46:17 -------- d-----w- C:\Users\Chris\AppData\Local\{B82F5656-2FEA-4F91-853A-DD380F5E53D0}
2012-01-21 22:46:07 -------- d-----w- C:\Users\Chris\AppData\Local\{FC9F0891-63BF-4261-B60A-22859197E5C2}
2012-01-21 10:45:56 -------- d-----w- C:\Users\Chris\AppData\Local\{A3D92F9B-7E3C-4D1A-99AF-0584DE3AB4E1}
2012-01-21 10:45:47 -------- d-----w- C:\Users\Chris\AppData\Local\{91E713FC-C98F-4557-833D-1088AAD22CBB}
2012-01-20 22:45:36 -------- d-----w- C:\Users\Chris\AppData\Local\{788569C2-B05F-45F4-9C29-6DBE0CE9B857}
2012-01-20 22:45:26 -------- d-----w- C:\Users\Chris\AppData\Local\{C1BAFD99-4E4E-4F7B-88F5-156DA5284A4D}
2012-01-20 08:46:42 -------- d-----w- C:\Users\Chris\AppData\Local\{952FBBD1-5205-4D83-A826-C0B8B24C04D9}
2012-01-20 08:46:28 -------- d-----w- C:\Users\Chris\AppData\Local\{E926C04B-ABFB-4A44-B85D-005F362CE2E9}
2012-01-19 11:47:26 -------- d-----w- C:\Users\Chris\AppData\Local\{C284A849-5559-42F6-AC15-8C856B84F59E}
2012-01-19 11:47:17 -------- d-----w- C:\Users\Chris\AppData\Local\{648F8552-D25E-454C-9115-2953290C7E49}
2012-01-18 23:10:10 -------- d-----w- C:\Users\Chris\AppData\Local\{6E14A251-B5A8-437E-BBE4-3BDD33B87608}
2012-01-18 23:10:00 -------- d-----w- C:\Users\Chris\AppData\Local\{7BC7556C-37E0-4AF9-AB66-4733EC12B829}
2012-01-18 21:53:30 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2012-01-18 11:09:50 -------- d-----w- C:\Users\Chris\AppData\Local\{D2FE4734-D14E-4C10-9961-A42A2816A7E4}
2012-01-18 11:09:40 -------- d-----w- C:\Users\Chris\AppData\Local\{3721C142-8817-488B-8E34-6BAE6FAD1D28}
2012-01-17 23:09:29 -------- d-----w- C:\Users\Chris\AppData\Local\{69A47E73-1E5A-49EB-917E-B31A125826C7}
2012-01-17 23:09:20 -------- d-----w- C:\Users\Chris\AppData\Local\{9C48533C-C1C9-4C4A-9337-9C8E95857959}
2012-01-17 11:09:09 -------- d-----w- C:\Users\Chris\AppData\Local\{539E47CC-ADF1-4BCB-A265-942EE6DA4026}
2012-01-17 11:09:00 -------- d-----w- C:\Users\Chris\AppData\Local\{C927561D-3D1F-47A4-A1E0-ABD9A1A8B9FC}
2012-01-16 22:46:28 -------- d-----w- C:\Users\Chris\AppData\Local\{D087731E-0987-487F-BA00-AC38B03D6E89}
2012-01-16 22:46:18 -------- d-----w- C:\Users\Chris\AppData\Local\{3BA75B07-997B-4230-A91E-FFDF4C902AAA}
2012-01-16 10:46:07 -------- d-----w- C:\Users\Chris\AppData\Local\{005935C6-1878-4207-97A5-CE4A7EF22900}
2012-01-16 10:45:58 -------- d-----w- C:\Users\Chris\AppData\Local\{B794F5DD-48AE-49A3-8260-3EFB77B9256C}
2012-01-15 22:45:35 -------- d-----w- C:\Users\Chris\AppData\Local\{7FC8136E-CAC8-4CBB-8C48-D3DB401863EC}
2012-01-15 22:45:26 -------- d-----w- C:\Users\Chris\AppData\Local\{9C9718C4-3482-4856-BAE6-B86EA595B35D}
2012-01-15 16:00:36 -------- d-----w- C:\ProgramData\Splashtop
2012-01-15 16:00:27 -------- d-----w- C:\Program Files (x86)\Splashtop
2012-01-15 16:00:11 -------- d-----w- C:\Users\Chris\AppData\Local\{144B42D3-144F-466A-BA16-79245A51069E}
2012-01-15 10:45:15 -------- d-----w- C:\Users\Chris\AppData\Local\{28B6B5FE-9D16-4445-8085-5B07F14156D3}
2012-01-15 10:45:05 -------- d-----w- C:\Users\Chris\AppData\Local\{A7D5EB69-F15F-40BC-B5C2-FBD8657BB727}
2012-01-14 22:15:39 -------- d-----w- C:\Users\Chris\AppData\Local\{48573817-D167-4F23-9EA8-B562BFFEFE09}
2012-01-14 22:15:29 -------- d-----w- C:\Users\Chris\AppData\Local\{EC8A5267-4883-4B46-B53A-30298DC6A14D}
2012-01-14 10:15:18 -------- d-----w- C:\Users\Chris\AppData\Local\{6B5715D2-B88F-40AD-A6A4-FC3C678DF6BA}
2012-01-14 10:15:09 -------- d-----w- C:\Users\Chris\AppData\Local\{D20A043B-7DE8-459D-9C3C-FCF400A53288}
2012-01-13 17:09:47 -------- d-----w- C:\Users\Chris\AppData\Roaming\GMetrixSMS
2012-01-13 17:09:37 -------- d-----w- C:\Program Files (x86)\GMetrix SMS
2012-01-13 16:42:49 -------- d-----w- C:\Users\Chris\AppData\Local\{16B2741A-B4B8-42C4-B5E1-6B52EA5F355C}
2012-01-13 16:42:40 -------- d-----w- C:\Users\Chris\AppData\Local\{F44E5E02-D8CA-4683-85DB-57B2EB9D4729}
2012-01-12 23:26:22 -------- d-----w- C:\Users\Chris\AppData\Roaming\Microsoft Corporation
2012-01-12 17:28:26 -------- d-----w- C:\Users\Chris\AppData\Local\{31B8714B-65B7-49A6-8218-1011771D9B32}
2012-01-12 17:28:17 -------- d-----w- C:\Users\Chris\AppData\Local\{F9EA5D3E-3A54-4A5C-9961-977C107D6DB8}
2012-01-12 03:00:36 -------- d-----w- C:\Users\Chris\AppData\Local\{416B281D-E183-4517-8BFC-48D504E12B27}
2012-01-12 03:00:27 -------- d-----w- C:\Users\Chris\AppData\Local\{00BDBF84-EDF0-42AB-AD3D-9A49044FFEF7}
2012-01-11 11:17:44 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 11:17:44 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 11:17:44 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 11:17:43 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 11:17:42 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 11:17:42 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 11:17:41 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 11:17:41 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-11 11:08:29 -------- d-----w- C:\Users\Chris\AppData\Local\{B0F50FC3-8DF1-4630-BCFC-AACF654CCFC9}
2012-01-11 11:08:20 -------- d-----w- C:\Users\Chris\AppData\Local\{EA9641A4-55AC-4C0E-84A3-E255129B8424}
2012-01-10 15:44:10 -------- d-----w- C:\Users\Chris\AppData\Local\{A76DF942-62E2-4FF6-846F-F151C54623FE}
2012-01-10 15:44:01 -------- d-----w- C:\Users\Chris\AppData\Local\{EBDB566A-6098-4A05-8816-A5E88D72D466}
2012-01-09 23:25:20 -------- d-----r- C:\Users\Chris\Dropbox
2012-01-09 22:33:24 -------- d-----w- C:\Users\Chris\AppData\Local\{4DF052D4-FE7A-4E11-91F4-D0CEFFD230C5}
2012-01-09 22:33:14 -------- d-----w- C:\Users\Chris\AppData\Local\{2EAA000C-7288-4BD2-9012-37C7F8A68013}
2012-01-09 10:32:51 -------- d-----w- C:\Users\Chris\AppData\Local\{3AA61C99-8B5B-4FAB-BEC8-9B89CD19F223}
2012-01-09 10:32:41 -------- d-----w- C:\Users\Chris\AppData\Local\{0A32A0E7-8790-450D-B177-DF0D1EC107F1}
2012-01-08 23:23:27 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-01-08 22:32:18 -------- d-----w- C:\Users\Chris\AppData\Local\{04C850ED-CC4C-402B-B851-C4F043A549FB}
2012-01-08 22:32:08 -------- d-----w- C:\Users\Chris\AppData\Local\{83992810-D576-48FE-9274-255E23AF6235}
.
==================== Find3M ====================
.
2012-02-05 01:15:34 1025648 ----a-w- C:\Windows\PE_Rom.dll
2012-02-04 18:15:26 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2012-01-27 00:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-10 15:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2011-11-16 16:21:25 5632 ----a-w- C:\Windows\System32\bbchlp.dll
2011-11-16 16:21:25 4608 ----a-w- C:\Windows\System32\drivers\bbcap.sys
2011-11-16 16:21:25 37376 ----a-w- C:\Windows\System32\bbcap.dll
2011-11-16 16:06:02 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-15 18:32:42 56832 ----a-w- C:\Windows\System32\drivers\HssDrv.sys
2011-11-15 18:32:40 37888 ----a-w- C:\Windows\System32\drivers\taphss.sys
2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll
2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll
2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe
2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll
2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll
2011-11-10 02:18:44 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-11-09 22:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-11-09 22:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-11-09 22:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-11-09 22:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-11-09 22:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll
2011-11-09 22:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-11-09 22:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-11-09 22:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
.
============= FINISH: 15:38:34.00 ===============