Hi,thanks for your help. My computer is infected with the Barowwsoe2Save Virus.
I don't believe that I can run ERUNT because my operating system is Windows 7.
Also, Teatimer was turned off before I ran Spybot as Administrator.
DDS LOG
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.25.2
Run by Way at 13:28:56 on 2014-04-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2013.508 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe
C:\Program Files\HP webOS\PDK\tcprelay.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Way\AppData\Local\TVersity\Media Server\MediaServer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\CTHELPER.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\Lexmark S410 Series\LMADGmon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Users\Way\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\CTHELPER.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\Lexmark S410 Series\LMADGmon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe
C:\Program Files\VistaSwitcher\vswitch.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\CaptureIt Plus\CaptureItPlus.exe
C:\Users\Way\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
E:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
E:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Users\Way\AppData\Local\Programs\Houdah Software\ACTPrinter Win Client\ACTPrinter Win.exe
C:\Users\Way\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Way\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\calc.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Way\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.141\McAfeeMSS_IE.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: RebateRobot BHO: {FA3FEDF6-1A34-4076-9F25-A26A2DE6A401} -
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [AdobeBridge] <no file>
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [CTHelper] CTHELPER.EXE
mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [AmazonGSDownloaderTray] c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderTray.exe
mRun: [Windows Mobile-based device management] c:\windows\windowsmobile\wmdcBase.exe
mRun: [LMADGmon] "c:\program files\lexmark s410 series\LMADGmon.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\way\appdata\roaming\micros~1\windows\startm~1\programs\startup\7stick~1.lnk - c:\program files\7 sticky notes\7StickyNotes.exe
StartupFolder: c:\users\way\appdata\roaming\micros~1\windows\startm~1\programs\startup\actpri~1.lnk - c:\users\way\appdata\local\programs\houdah software\actprinter win client\ACTPrinter Win.exe
StartupFolder: c:\users\way\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\way\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\way\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\way\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\way\appdata\roaming\micros~1\windows\startm~1\programs\startup\quickm~1.lnk - c:\program files\quickmenu\QuickMenu.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\actpri~1.lnk - c:\program files\houdah software\actprinter win client\ACTPrinter Win.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\crashp~1.lnk - c:\program files\crashplan\CrashPlanTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.8.141\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{849F4D15-2429-45CF-8BF7-002AEFD138C0} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{849F4D15-2429-45CF-8BF7-002AEFD138C0}\131364850353133323837373 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{849F4D15-2429-45CF-8BF7-002AEFD138C0}\27F6574756 : DHCPNameServer = 192.168.1.1 192.168.1.1 192.168.0.1 192.168.1.1 192.168.1.1
TCP: Interfaces\{FA537B2D-EBA3-4F18-BD89-C96A61DB53EA} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\way\appdata\roaming\mozilla\firefox\profiles\1t8q293v.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=SLVTDF&PC=MSSL&q=
FF - prefs.js: browser.search.selectedEngine - Conduit Search
FF - prefs.js: keyword.URL -
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee security scan\3.8.141\npMcAfeeMSS.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\users\way\appdata\local\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\users\way\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\way\appdata\roaming\mozilla\firefox\profiles\1t8q293v.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
FF - plugin: c:\users\way\appdata\roaming\mozilla\firefox\profiles\1t8q293v.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2_x64.dll
FF - plugin: c:\users\way\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\way\appdata\roaming\mozilla\plugins\npo1d.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: e:\program files\foxit reader\plugins\npFoxitReaderPlugin.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(general.useragent.extra.brc,
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-7-28 64288]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2014-1-25 231960]
R2 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2013-1-26 401920]
R2 ca82e1a5;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe [2009-7-13 44544]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 104264]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.SYS [2008-3-20 98328]
R3 CTEDSPIO.SYS;CTEDSPIO.SYS;c:\windows\system32\drivers\CTEDSPIO.SYS [2008-3-20 134168]
R3 CTEDSPSY.SYS;CTEDSPSY.SYS;c:\windows\system32\drivers\CTEDSPSY.SYS [2008-3-20 309784]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-8-6 273960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2010-3-31 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2010-3-31 20864]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2010-3-31 19968]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2010-3-31 24960]
S3 andnetadb;ADB Interface DriverNet;c:\windows\system32\drivers\lgandnetadb.sys [2010-7-21 25856]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\lgandadb.sys [2010-3-31 25728]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2011-7-17 84832]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2008-3-20 98328]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.SYS [2008-3-20 171032]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2008-3-20 171032]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.SYS [2008-3-20 528920]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2008-3-20 528920]
S3 CTEAPSFX.SYS;CTEAPSFX.SYS;c:\windows\system32\drivers\CTEAPSFX.SYS [2008-3-20 163352]
S3 CTEAPSFX;CTEAPSFX;c:\windows\system32\drivers\CTEAPSFX.SYS [2008-3-20 163352]
S3 CTEDSPFX.SYS;CTEDSPFX.SYS;c:\windows\system32\drivers\CTEDSPFX.SYS [2008-3-20 259096]
S3 CTEDSPFX;CTEDSPFX;c:\windows\system32\drivers\CTEDSPFX.SYS [2008-3-20 259096]
S3 CTEDSPIO;CTEDSPIO;c:\windows\system32\drivers\CTEDSPIO.SYS [2008-3-20 134168]
S3 CTEDSPSY;CTEDSPSY;c:\windows\system32\drivers\CTEDSPSY.SYS [2008-3-20 309784]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.SYS [2008-3-20 99352]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2008-3-20 99352]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.SYS [2008-3-20 1324056]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2008-3-20 1324056]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.SYS [2008-3-20 72728]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2008-3-20 72728]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.SYS [2008-3-20 534040]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2008-3-20 534040]
S3 MHIKEY10;MHIKEY10;c:\windows\system32\drivers\MHIKEY10.sys [2010-10-1 52096]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2011-2-11 728064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-1 52224]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\notepad++.exe="c:\program files\notepad++\notepad++.exe" "%1" [UserChoice]
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-04-23 13:00:39 8050496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{df42f470-b1fe-439a-9a9c-71f714db35d4}\mpengine.dll
2014-04-23 01:43:25 8050496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-04-20 01:46:28 -------- d-----w- c:\users\way\appdata\roaming\OverDrive
2014-04-19 14:43:05 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d79664f4-5a6b-4f6d-b6e1-1460d1c50231}\gapaengine.dll
2014-04-18 22:48:33 -------- d-sh--w- c:\users\way\appdata\local\EmieUserList
2014-04-18 22:48:33 -------- d-sh--w- c:\users\way\appdata\local\EmieSiteList
2014-04-17 07:00:58 4254720 ----a-w- c:\windows\system32\jscript9.dll
2014-04-17 03:50:28 107736 ----a-w- c:\windows\system32\drivers\48230029.sys
2014-04-12 21:59:51 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-12 21:56:10 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-12 21:56:10 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-12 19:33:43 -------- d-----w- c:\program files\SearchProtect
2014-04-12 19:30:29 -------- d-----w- c:\programdata\VisualBee
2014-04-12 19:29:51 -------- d-----w- c:\users\way\appdata\local\emaze
2014-04-12 19:29:43 1097384 ----a-w- c:\users\way\appdata\local\nsoE3E3.tmp
2014-04-12 19:28:58 -------- d-----w- C:\temp
2014-04-12 19:27:02 -------- d-----w- c:\program files\003
2014-04-12 19:25:50 -------- d-----w- c:\program files\Optimizer Pro
2014-04-12 18:22:20 -------- d-----w- c:\users\way\appdata\local\webinternetsecurity
2014-04-11 00:27:01 -------- d-----w- c:\users\way\appdata\local\Adobe_Systems_Incorporate
2014-04-09 12:23:53 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-09 12:23:53 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-09 12:23:53 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-09 12:23:53 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-09 12:23:48 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-02 21:52:13 -------- d-----w- c:\users\way\appdata\local\ABBYY
.
==================== Find3M ====================
.
2014-04-03 13:50:56 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-11 21:58:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 21:58:42 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-11 13:52:30 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-06 08:32:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-03-06 08:31:27 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:02:34 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- c:\windows\system32\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-06 07:38:13 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-06 07:38:10 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-06 07:36:40 592896 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-06 07:28:01 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 07:13:43 32256 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 06:40:39 1967104 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-06 05:41:49 1789440 ----a-w- c:\windows\system32\wininet.dll
2014-02-07 01:07:56 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04:22 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04:11 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06:47 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-01-25 05:19:42 231960 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-11-30 04:38:32 49940480 ----a-w- c:\program files\GUT9A67.tmp
.
============= FINISH: 13:31:05.75 ===============
aswMBR
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-04-23 13:47:46
-----------------------------
13:47:46.056 OS Version: Windows 6.1.7601 Service Pack 1
13:47:46.056 Number of processors: 2 586 0x170A
13:47:46.057 ComputerName: REBIRTH UserName: Way
13:47:47.983 Initialize success
13:48:12.248 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:48:12.249 Disk 0 Vendor: WDC_WD3200AAKS-75L9A0 02.03E02 Size: 305245MB BusType: 3
13:48:12.389 Disk 0 MBR read successfully
13:48:12.391 Disk 0 MBR scan
13:48:12.393 Disk 0 Windows 7 default MBR code
13:48:12.396 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
13:48:12.401 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 8318 MB offset 81920
13:48:12.412 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 50003 MB offset 17117184
13:48:12.415 Disk 0 Partition - 00 0F Extended LBA 246882 MB offset 119523600
13:48:12.434 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 185881 MB offset 119523663
13:48:12.437 Disk 0 Partition - 00 05 Extended 20999 MB offset 500213697
13:48:12.461 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 20999 MB offset 500213760
13:48:12.465 Disk 0 Partition - 00 05 Extended 39999 MB offset 923911794
13:48:12.484 Disk 0 Partition 6 00 07 HPFS/NTFS NTFS 39999 MB offset 543221760
13:48:12.489 Disk 0 scanning sectors +625139712
13:48:12.559 Disk 0 scanning C:\Windows\system32\drivers
13:48:18.873 Service scanning
13:48:24.919 Service MpKsla04e0c8c C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DF42F470-B1FE-439A-9A9C-71F714DB35D4}\MpKsla04e0c8c.sys **LOCKED** 32
13:48:31.327 Modules scanning
13:48:36.191 Disk 0 trace - called modules:
13:48:36.199
13:48:36.204 Scan finished successfully
13:49:02.353 Disk 0 MBR has been saved successfully to "C:\Users\Way\Desktop\SPY BOT CLEANUP\MBR.dat"
13:49:02.359 The log file has been saved successfully to "C:\Users\Way\Desktop\SPY BOT CLEANUP\aswMBR.txt"
Spybot SEARCH AND DESTROY LOG
Barowwsoe2Save: [SBI $F5174E26] Program directory (Directory, nothing done)
C:\Program Files\Optimizer Pro\
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---