KillSoft.v2008 Removal

**cgh246** · 2012-02-05, 16:41

Hi, I have been having a problem with My PC saying that a HDD has failed, however in safe mode I am able to use and access this drive, so have now backed it all up.

After running SB S&D it removed a number of files, however KillSoft.v2008 can not be removed, it said can spy bot run on system restart to remove those file and I said yes, however spy bot does not run once the pc has restated.

Killsoft.V2008: [SBI $FF8A89C8] Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{7E41911F-13AA-11D3-A831-00104B9E30B5}

Killsoft.V2008: [SBI $A7366EB4] Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{7E419111-13AA-11D3-A831-00104B9E30B5}

Killsoft.V2008: [SBI $A7366EB4] Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{7E419111-13AA-11D3-A831-00104B9E30B5}

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

here is the DDS Text

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Chris at 15:38:12 on 2012-02-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8169.5649 [GMT 0:00]
.
AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG10\avgfws.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\AVG\AVG10\avgam.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\TightVNC\tvnserver.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Users\Chris\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Dyn Updater\DynTray.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\TightVNC\tvnserver.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Akamai NetSession Interface] C:\Users\Chris\AppData\Local\Akamai\netsession_win.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [MusicManager] "C:\Users\Chris\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
uRun: [Google Update] "C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
StartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Chris\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DYNUPD~1.LNK - C:\Program Files (x86)\Dyn Updater\DynTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
LSP: %SystemRoot%\system32\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 10.247.6.20 10.247.6.21
TCP: Interfaces\{B7E21927-C6DF-4A00-A32C-088E10D7850E} : DhcpNameServer = 10.247.6.20 10.247.6.21
TCP: Interfaces\{BC36B7B9-908B-40E3-AC1B-059BC083EB0D} : DhcpNameServer = 10.0.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO-X64: btorbit.com - No File
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64: IESpeakDoc - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
Hosts: 0.0.0.0 localhost
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\z2se70eu.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.arccosine.com/
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p=
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Chris\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys --> C:\Windows\system32\DRIVERS\AiCharger.sys [?]
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2011-6-23 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2011-6-23 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-6-23 586880]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-3-9 2708024]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 Dyn Updater;Dyn Updater;C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe [2011-11-15 95608]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2011-11-16 330072]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS --> C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -product HSS [?]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-1-31 375176]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2011-12-21 529768]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-11-30 2916736]
R2 tvnserver;TightVNC Server;C:\Program Files (x86)\TightVNC\tvnserver.exe [2011-8-3 828944]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-21 846448]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 bbcap;bb_capture_driver;C:\Windows\system32\DRIVERS\bbcap.sys --> C:\Windows\system32\DRIVERS\bbcap.sys [?]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\system32\DRIVERS\ICCWDT.sys --> C:\Windows\system32\DRIVERS\ICCWDT.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MySQL55_1_1;MySQL55_1_1;"G:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="G:\Program Files\MySQL\MySQL Server 5.5\my.ini" MySQL55_1_1 --> G:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld [?]
S2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-8-22 11837440]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]
S3 athrusb;Atheros Wireless LAN USB device driver;C:\Windows\system32\DRIVERS\athrxusb.sys --> C:\Windows\system32\DRIVERS\athrxusb.sys [?]
S3 BackupReader;BackupReader;C:\Windows\system32\DRIVERS\BackupReader.sys --> C:\Windows\system32\DRIVERS\BackupReader.sys [?]
S3 ddmdrv;ddmdrv;C:\Windows\System32\ddmdrv.sys [2012-2-5 12728]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys --> C:\Windows\system32\Drivers\VBoxUSB.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-05 15:28:55 -------- d-----w- C:\Users\Chris\AppData\Local\{B871A8C1-121D-4C55-A7F7-C5BDE48881EE}
2012-02-05 15:28:46 -------- d-----w- C:\Users\Chris\AppData\Local\{6208A74C-187D-4706-B867-46FC0D1CC10B}
2012-02-05 15:14:38 -------- d-----w- C:\Users\Chris\AppData\Local\{2A2946D6-5553-4D1D-942C-70962B6E8BFC}
2012-02-05 15:14:28 -------- d-----w- C:\Users\Chris\AppData\Local\{51546DDC-AE0F-481A-BF2C-26801ED145FA}
2012-02-05 15:09:10 8424784 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-02-05 15:09:07 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6153D8F2-CA49-4423-A66C-14BE578860D6}\mpengine.dll
2012-02-05 14:51:54 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2012-02-05 14:51:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-05 14:30:00 -------- d-----w- C:\Users\Chris\AppData\Local\{B5ED89D4-F7F4-4AD7-A1FD-79071D657DA5}
2012-02-05 14:29:32 -------- d-----w- C:\Users\Chris\AppData\Local\{616385CC-EA2E-4469-9D96-BEFA23B49B04}
2012-02-05 12:26:21 -------- d-----w- C:\Program Files\Drug Lord 2
2012-02-05 10:42:09 -------- d-----w- C:\Users\Chris\AppData\Local\{07C57815-79A8-46D5-8DFA-2F1176A8213E}
2012-02-05 10:41:59 -------- d-----w- C:\Users\Chris\AppData\Local\{A0D6672E-6F8C-4628-936F-6F6B6177FA40}
2012-02-05 03:03:55 -------- d-----w- C:\ProgramData\WindSolutions
2012-02-05 03:03:40 -------- d-----w- C:\Users\Chris\AppData\Roaming\WindSolutions
2012-02-05 03:03:40 -------- d-----w- C:\Program Files (x86)\CopyTrans Suite
2012-02-05 02:59:42 -------- d-----w- C:\Program Files (x86)\DIY DataRecovery DiskPatch
2012-02-05 01:43:58 15288 ----a-w- C:\Windows\System32\ddmdrv.sys
2012-02-05 01:43:58 1287096 ----a-w- C:\Windows\ddmmain.exe
2012-02-05 01:43:58 12728 ----a-w- C:\Windows\SysWow64\ddmdrv.sys
2012-02-05 01:43:57 -------- d-----w- C:\Program Files (x86)\Aomei DDM Server Edition
2012-02-05 01:28:48 -------- d-----w- C:\Program Files (x86)\Seagate
2012-02-05 01:28:33 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-02-05 00:20:10 -------- d-----w- C:\ProgramData\Dyn
2012-02-05 00:20:09 -------- d-----w- C:\Program Files (x86)\Dyn Updater
2012-02-04 23:36:55 -------- d-----w- C:\Users\Chris\AppData\Local\LogMeIn
2012-02-04 23:36:54 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2012-02-04 23:36:54 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2012-02-04 23:36:54 59776 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2012-02-04 23:36:54 34688 ----a-w- C:\Windows\System32\LMIport.dll
2012-02-04 23:36:54 11552 ----a-w- C:\Windows\System32\drivers\lmimirr.sys
2012-02-04 23:36:53 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2012-02-04 23:36:53 -------- d-----w- C:\ProgramData\LogMeIn
2012-02-04 23:36:49 -------- d-----w- C:\Program Files (x86)\LogMeIn
2012-02-04 22:03:56 -------- d-----w- C:\Users\Chris\AppData\Local\{08104330-393C-474C-AD6E-C3BA60ACFA26}
2012-02-04 22:03:47 -------- d-----w- C:\Users\Chris\AppData\Local\{582472AD-F2E7-439D-95B3-0CD0AC5379C6}
2012-02-04 20:49:35 -------- d-----w- C:\Users\Chris\Drug Lord 2
2012-02-04 09:56:49 -------- d-----w- C:\Users\Chris\AppData\Local\{314A8F7F-A857-4FAB-912D-D47DEBC34AC5}
2012-02-04 09:56:40 -------- d-----w- C:\Users\Chris\AppData\Local\{C9C372BB-78A6-4EF2-BFBA-01272C97F615}
2012-02-03 16:31:22 -------- d-----w- C:\Users\Chris\AppData\Local\{8E73B244-B05C-4952-A7B6-7264CC55C3FE}
2012-02-03 16:31:13 -------- d-----w- C:\Users\Chris\AppData\Local\{3D8C04D4-F93A-4835-A820-D3DFA32DA4E8}
2012-02-03 01:13:21 -------- d-----w- C:\Users\Chris\AppData\Local\{222B9225-1177-469D-9AE0-3622D1199249}
2012-02-03 01:13:09 -------- d-----w- C:\Users\Chris\AppData\Local\{55EEAE0E-9751-40B3-A085-03942019413B}
2012-02-02 10:13:10 -------- d-----w- C:\Users\Chris\AppData\Local\{76A674D0-3CF0-4F52-96D0-AB5893B1F42F}
2012-02-02 10:13:01 -------- d-----w- C:\Users\Chris\AppData\Local\{E7800F81-BB3E-440C-B8A2-A1ABBEA61CA2}
2012-02-01 17:07:04 -------- d-----w- C:\Users\Chris\AppData\Local\{F19399F7-1AEE-402A-B1CE-47DD91927CBE}
2012-02-01 17:06:55 -------- d-----w- C:\Users\Chris\AppData\Local\{EC050D75-9C24-4373-B3B1-30C2869CB5F3}
2012-02-01 00:10:18 -------- d-----w- C:\Users\Chris\AppData\Local\{900A5EFA-5D86-4D2C-8228-4B579E04A54A}
2012-02-01 00:10:09 -------- d-----w- C:\Users\Chris\AppData\Local\{EEC073CB-B845-4B79-A686-BC6620845C9A}
2012-01-31 16:20:57 -------- d-----w- C:\Program Files (x86)\TightVNC
2012-01-31 10:19:09 -------- d-----w- C:\Users\Chris\AppData\Local\{5A0D6543-B4B8-4143-AD89-CE0AC602534F}
2012-01-31 10:18:59 -------- d-----w- C:\Users\Chris\AppData\Local\{B2A81320-63F1-4B87-B3F9-33D7479F543F}
2012-01-30 22:18:48 -------- d-----w- C:\Users\Chris\AppData\Local\{6CC207C7-90A2-45D2-AC11-D781FA49FC77}
2012-01-30 22:18:39 -------- d-----w- C:\Users\Chris\AppData\Local\{AD6C4E7B-F742-4030-9349-16758890E36B}
2012-01-30 10:18:28 -------- d-----w- C:\Users\Chris\AppData\Local\{7E4B3CCF-B8E2-4724-BC9F-AFD181DEB976}
2012-01-30 10:18:18 -------- d-----w- C:\Users\Chris\AppData\Local\{55527683-566C-44C8-BB66-522980586143}
2012-01-29 12:12:31 -------- d-----w- C:\Program Files (x86)\WOW Slider
2012-01-29 11:50:56 -------- d-----w- C:\Users\Chris\AppData\Local\{00960C0F-D0D0-41F0-BE72-F9D160134A2D}
2012-01-29 11:50:47 -------- d-----w- C:\Users\Chris\AppData\Local\{32B756CB-B9D0-46EE-8A70-F9C7369F0B26}
2012-01-28 23:50:36 -------- d-----w- C:\Users\Chris\AppData\Local\{F8339B2F-80DE-4B9F-B0FB-EC42AC12C583}
2012-01-28 23:50:27 -------- d-----w- C:\Users\Chris\AppData\Local\{D4B67C9F-E24F-48DC-8147-59DAFB950C65}
2012-01-28 11:28:43 -------- d-----w- C:\Users\Chris\AppData\Local\{97F7702E-8FB4-422C-83F2-EA7D2A63D3DD}
2012-01-28 11:28:34 -------- d-----w- C:\Users\Chris\AppData\Local\{D58E97D9-21BC-4A53-AA99-A54329E27A6F}
2012-01-27 21:13:55 -------- d-----w- C:\Users\Chris\AppData\Local\{A3A14F92-B938-4EE1-8439-D4526389C1F9}
2012-01-27 21:13:46 -------- d-----w- C:\Users\Chris\AppData\Local\{B481B295-C71E-4414-B014-9BA79FC34101}
2012-01-27 09:13:35 -------- d-----w- C:\Users\Chris\AppData\Local\{390E92B0-1D4C-4F01-B32F-5EC9C9766AA6}
2012-01-27 09:13:19 -------- d-----w- C:\Users\Chris\AppData\Local\{FC442DDF-A72C-4679-BDA1-8A5E12B0E3D9}
2012-01-26 17:25:31 -------- d-----w- C:\Users\Chris\AppData\Local\{AB4D453F-3CA8-4AD7-9BE3-9377E3882939}
2012-01-26 17:25:16 -------- d-----w- C:\Users\Chris\AppData\Local\{7BE89C33-243F-46BB-AC17-76312FBA1A9F}
2012-01-25 23:18:55 -------- d-----w- C:\Users\Chris\AppData\Local\{49536687-E34E-4050-A8FD-3467AC0038F9}
2012-01-25 23:18:45 -------- d-----w- C:\Users\Chris\AppData\Local\{0530A48B-B994-4C30-8371-0A02906F2AB6}
2012-01-25 11:18:34 -------- d-----w- C:\Users\Chris\AppData\Local\{A0EA8C53-61E3-4ACA-9B48-7C8D5EF0B863}
2012-01-25 11:18:25 -------- d-----w- C:\Users\Chris\AppData\Local\{C1CFED1B-87ED-44D2-97C1-86C31B104F9D}
2012-01-24 22:00:02 -------- d-----w- C:\Users\Chris\AppData\Local\{B6DD63E9-7109-4082-A8DD-6A9E706CE2DC}
2012-01-24 21:59:52 -------- d-----w- C:\Users\Chris\AppData\Local\{14268CA3-8717-443E-9D72-F84A931F1088}
2012-01-24 09:59:29 -------- d-----w- C:\Users\Chris\AppData\Local\{A5D5EA9E-DB78-433D-94CD-0C6CFFD3BDD3}
2012-01-24 09:59:20 -------- d-----w- C:\Users\Chris\AppData\Local\{E6B345A9-D62E-43B8-9653-24370F9DE1DC}
2012-01-23 23:30:29 -------- d-----w- C:\Users\Chris\AppData\Local\libimobiledevice
2012-01-23 21:45:55 -------- d-----w- C:\Program Files\iPod
2012-01-23 21:45:54 -------- d-----w- C:\Program Files\iTunes
2012-01-23 21:42:54 -------- d-----w- C:\Users\Chris\AppData\Local\{94FB0C0F-98BA-4A25-A2B0-F093B6820A15}
2012-01-23 21:42:45 -------- d-----w- C:\Users\Chris\AppData\Local\{9BE284A3-E8F1-4027-BA5B-611156290408}
2012-01-23 09:34:48 -------- d-----w- C:\Users\Chris\AppData\Local\{86C80679-98B2-4362-879A-C7B42509B8D0}
2012-01-23 09:34:38 -------- d-----w- C:\Users\Chris\AppData\Local\{9380C4E7-D447-4AD0-9659-0614E7DD853D}
2012-01-22 13:55:33 -------- d-----w- C:\Users\Chris\AppData\Local\{99FF4602-A1A9-419F-9D87-50990C65B742}
2012-01-22 13:55:24 -------- d-----w- C:\Users\Chris\AppData\Local\{B7D23C47-454C-4CD0-B982-F36A03263D1B}
2012-01-21 22:46:17 -------- d-----w- C:\Users\Chris\AppData\Local\{B82F5656-2FEA-4F91-853A-DD380F5E53D0}
2012-01-21 22:46:07 -------- d-----w- C:\Users\Chris\AppData\Local\{FC9F0891-63BF-4261-B60A-22859197E5C2}
2012-01-21 10:45:56 -------- d-----w- C:\Users\Chris\AppData\Local\{A3D92F9B-7E3C-4D1A-99AF-0584DE3AB4E1}
2012-01-21 10:45:47 -------- d-----w- C:\Users\Chris\AppData\Local\{91E713FC-C98F-4557-833D-1088AAD22CBB}
2012-01-20 22:45:36 -------- d-----w- C:\Users\Chris\AppData\Local\{788569C2-B05F-45F4-9C29-6DBE0CE9B857}
2012-01-20 22:45:26 -------- d-----w- C:\Users\Chris\AppData\Local\{C1BAFD99-4E4E-4F7B-88F5-156DA5284A4D}
2012-01-20 08:46:42 -------- d-----w- C:\Users\Chris\AppData\Local\{952FBBD1-5205-4D83-A826-C0B8B24C04D9}
2012-01-20 08:46:28 -------- d-----w- C:\Users\Chris\AppData\Local\{E926C04B-ABFB-4A44-B85D-005F362CE2E9}
2012-01-19 11:47:26 -------- d-----w- C:\Users\Chris\AppData\Local\{C284A849-5559-42F6-AC15-8C856B84F59E}
2012-01-19 11:47:17 -------- d-----w- C:\Users\Chris\AppData\Local\{648F8552-D25E-454C-9115-2953290C7E49}
2012-01-18 23:10:10 -------- d-----w- C:\Users\Chris\AppData\Local\{6E14A251-B5A8-437E-BBE4-3BDD33B87608}
2012-01-18 23:10:00 -------- d-----w- C:\Users\Chris\AppData\Local\{7BC7556C-37E0-4AF9-AB66-4733EC12B829}
2012-01-18 21:53:30 -------- d-----w- C:\Program Files (x86)\Microsoft Games
2012-01-18 11:09:50 -------- d-----w- C:\Users\Chris\AppData\Local\{D2FE4734-D14E-4C10-9961-A42A2816A7E4}
2012-01-18 11:09:40 -------- d-----w- C:\Users\Chris\AppData\Local\{3721C142-8817-488B-8E34-6BAE6FAD1D28}
2012-01-17 23:09:29 -------- d-----w- C:\Users\Chris\AppData\Local\{69A47E73-1E5A-49EB-917E-B31A125826C7}
2012-01-17 23:09:20 -------- d-----w- C:\Users\Chris\AppData\Local\{9C48533C-C1C9-4C4A-9337-9C8E95857959}
2012-01-17 11:09:09 -------- d-----w- C:\Users\Chris\AppData\Local\{539E47CC-ADF1-4BCB-A265-942EE6DA4026}
2012-01-17 11:09:00 -------- d-----w- C:\Users\Chris\AppData\Local\{C927561D-3D1F-47A4-A1E0-ABD9A1A8B9FC}
2012-01-16 22:46:28 -------- d-----w- C:\Users\Chris\AppData\Local\{D087731E-0987-487F-BA00-AC38B03D6E89}
2012-01-16 22:46:18 -------- d-----w- C:\Users\Chris\AppData\Local\{3BA75B07-997B-4230-A91E-FFDF4C902AAA}
2012-01-16 10:46:07 -------- d-----w- C:\Users\Chris\AppData\Local\{005935C6-1878-4207-97A5-CE4A7EF22900}
2012-01-16 10:45:58 -------- d-----w- C:\Users\Chris\AppData\Local\{B794F5DD-48AE-49A3-8260-3EFB77B9256C}
2012-01-15 22:45:35 -------- d-----w- C:\Users\Chris\AppData\Local\{7FC8136E-CAC8-4CBB-8C48-D3DB401863EC}
2012-01-15 22:45:26 -------- d-----w- C:\Users\Chris\AppData\Local\{9C9718C4-3482-4856-BAE6-B86EA595B35D}
2012-01-15 16:00:36 -------- d-----w- C:\ProgramData\Splashtop
2012-01-15 16:00:27 -------- d-----w- C:\Program Files (x86)\Splashtop
2012-01-15 16:00:11 -------- d-----w- C:\Users\Chris\AppData\Local\{144B42D3-144F-466A-BA16-79245A51069E}
2012-01-15 10:45:15 -------- d-----w- C:\Users\Chris\AppData\Local\{28B6B5FE-9D16-4445-8085-5B07F14156D3}
2012-01-15 10:45:05 -------- d-----w- C:\Users\Chris\AppData\Local\{A7D5EB69-F15F-40BC-B5C2-FBD8657BB727}
2012-01-14 22:15:39 -------- d-----w- C:\Users\Chris\AppData\Local\{48573817-D167-4F23-9EA8-B562BFFEFE09}
2012-01-14 22:15:29 -------- d-----w- C:\Users\Chris\AppData\Local\{EC8A5267-4883-4B46-B53A-30298DC6A14D}
2012-01-14 10:15:18 -------- d-----w- C:\Users\Chris\AppData\Local\{6B5715D2-B88F-40AD-A6A4-FC3C678DF6BA}
2012-01-14 10:15:09 -------- d-----w- C:\Users\Chris\AppData\Local\{D20A043B-7DE8-459D-9C3C-FCF400A53288}
2012-01-13 17:09:47 -------- d-----w- C:\Users\Chris\AppData\Roaming\GMetrixSMS
2012-01-13 17:09:37 -------- d-----w- C:\Program Files (x86)\GMetrix SMS
2012-01-13 16:42:49 -------- d-----w- C:\Users\Chris\AppData\Local\{16B2741A-B4B8-42C4-B5E1-6B52EA5F355C}
2012-01-13 16:42:40 -------- d-----w- C:\Users\Chris\AppData\Local\{F44E5E02-D8CA-4683-85DB-57B2EB9D4729}
2012-01-12 23:26:22 -------- d-----w- C:\Users\Chris\AppData\Roaming\Microsoft Corporation
2012-01-12 17:28:26 -------- d-----w- C:\Users\Chris\AppData\Local\{31B8714B-65B7-49A6-8218-1011771D9B32}
2012-01-12 17:28:17 -------- d-----w- C:\Users\Chris\AppData\Local\{F9EA5D3E-3A54-4A5C-9961-977C107D6DB8}
2012-01-12 03:00:36 -------- d-----w- C:\Users\Chris\AppData\Local\{416B281D-E183-4517-8BFC-48D504E12B27}
2012-01-12 03:00:27 -------- d-----w- C:\Users\Chris\AppData\Local\{00BDBF84-EDF0-42AB-AD3D-9A49044FFEF7}
2012-01-11 11:17:44 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 11:17:44 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 11:17:44 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 11:17:43 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 11:17:42 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 11:17:42 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 11:17:41 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 11:17:41 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-11 11:08:29 -------- d-----w- C:\Users\Chris\AppData\Local\{B0F50FC3-8DF1-4630-BCFC-AACF654CCFC9}
2012-01-11 11:08:20 -------- d-----w- C:\Users\Chris\AppData\Local\{EA9641A4-55AC-4C0E-84A3-E255129B8424}
2012-01-10 15:44:10 -------- d-----w- C:\Users\Chris\AppData\Local\{A76DF942-62E2-4FF6-846F-F151C54623FE}
2012-01-10 15:44:01 -------- d-----w- C:\Users\Chris\AppData\Local\{EBDB566A-6098-4A05-8816-A5E88D72D466}
2012-01-09 23:25:20 -------- d-----r- C:\Users\Chris\Dropbox
2012-01-09 22:33:24 -------- d-----w- C:\Users\Chris\AppData\Local\{4DF052D4-FE7A-4E11-91F4-D0CEFFD230C5}
2012-01-09 22:33:14 -------- d-----w- C:\Users\Chris\AppData\Local\{2EAA000C-7288-4BD2-9012-37C7F8A68013}
2012-01-09 10:32:51 -------- d-----w- C:\Users\Chris\AppData\Local\{3AA61C99-8B5B-4FAB-BEC8-9B89CD19F223}
2012-01-09 10:32:41 -------- d-----w- C:\Users\Chris\AppData\Local\{0A32A0E7-8790-450D-B177-DF0D1EC107F1}
2012-01-08 23:23:27 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-01-08 22:32:18 -------- d-----w- C:\Users\Chris\AppData\Local\{04C850ED-CC4C-402B-B851-C4F043A549FB}
2012-01-08 22:32:08 -------- d-----w- C:\Users\Chris\AppData\Local\{83992810-D576-48FE-9274-255E23AF6235}
.
==================== Find3M ====================
.
2012-02-05 01:15:34 1025648 ----a-w- C:\Windows\PE_Rom.dll
2012-02-04 18:15:26 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2012-01-27 00:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-10 15:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2011-11-16 16:21:25 5632 ----a-w- C:\Windows\System32\bbchlp.dll
2011-11-16 16:21:25 4608 ----a-w- C:\Windows\System32\drivers\bbcap.sys
2011-11-16 16:21:25 37376 ----a-w- C:\Windows\System32\bbcap.dll
2011-11-16 16:06:02 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-15 18:32:42 56832 ----a-w- C:\Windows\System32\drivers\HssDrv.sys
2011-11-15 18:32:40 37888 ----a-w- C:\Windows\System32\drivers\taphss.sys
2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll
2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll
2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe
2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll
2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll
2011-11-10 02:18:44 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-11-09 22:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-11-09 22:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-11-09 22:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-11-09 22:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-11-09 22:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll
2011-11-09 22:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-11-09 22:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-11-09 22:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll
.
============= FINISH: 15:38:34.00 ===============

**Blade81** · 2012-02-09, 06:53

Hi,

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

µTorrent

I'd like you to read this thread.

Please uninstall the programs listed above (in red). When done, post fresh dds logs.

**Blade81** · 2012-02-17, 06:29

Due to inactivity, this thread will now be closed.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.

Thread: KillSoft.v2008 Removal

Thread Tools

Display

KillSoft.v2008 Removal

Posting Permissions