ultragravity
2013-04-20, 07:55
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16912 BrowserJavaVersion: 10.7.2
Run by DJBoNnEtt at 18:14:30 on 2013-04-19
AV: Norton AntiVirus *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uWinlogon: Shell = explorer.exe,C:\Users\DJBoNnEtt\AppData\Roaming\skype.dat
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.1.22\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: VideoSaver: {FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} - C:\Program Files (x86)\VideoSaver\VideoSaver.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [KiesPreload] D:\Kies\Kies.exe /preload
uRun: [KiesAirMessage] D:\Kies\KiesAirMessage.exe -startup
uRun: [] D:\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [BeyluxeMessenger] "D:\Program Files (x86)\Beyluxe Messenger\Beyluxe Messenger.exe" /hide
uRun: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Wallpaper Changer] C:\Program Files (x86)\Wallpaper Changer\Wallpaper Changer.exe /minimized
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [KiesTrayAgent] D:\Kies\KiesTrayAgent.exe
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABNAEUASAAtAFIARQBEAFMATAAtADcARQBUAEUAQwAtAFUATABBADgAUgAtAEUAQQBPAEsATAAtADQARQBNAEIAUgA"&"inst=NwA2AC0AOQA2ADMANwA3ADcANwAwADMALQBGAFAAOQAyACsANgAtAE4AMQBGACsAMQAtAEIAQQBSADkARwArADEALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQAxADAAQQArADIALQBDAEkAQQA5ADAAKwAyAC0AWABPADkAKwAxAC0ARgA5AE0AMgArADEALQBEAEQAVAArADAALQBEADMAOAAxAEwAKwA1AC0ASQA5ADAAKwAxAC0ATgAxAEQAKwAxAC0AUwBUADkAMABBAFAAUAArADEALQBQAEwAKwA5AC0ARgBVAEkAKwAyAA"&"prod=2"&"ver=9.0.914
mRunOnce: [Malwarebytes Anti-Malware] d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
StartupFolder: C:\Users\DJBONN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
LSP: mswsock.dll
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100128050153
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?40437.6930208333
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUplden-gb.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{C4D6E9AA-A9D6-4BC1-A2AD-2D4C0898B34B} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D6E9AA-A9D6-4BC1-A2AD-2D4C0898B34B}\0594E47405F4E474 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D6E9AA-A9D6-4BC1-A2AD-2D4C0898B34B}\35B4959333730383 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D6E9AA-A9D6-4BC1-A2AD-2D4C0898B34B}\C4F4F4F405549544F4F4F4055495 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-mWinlogon: Userinit = Explorer.exe
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} -
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 metrics.bitdefender.com
Hosts: 127.0.0.1 wdcs.trendmicro.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DJBoNnEtt\AppData\Roaming\Mozilla\Firefox\Profiles\hl78eh6g.default-1348957136471\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=120328&babsrc=HP_ss&mntrId=D42E701A04321C22
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\DJBoNnEtt\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2011-06-06 22:34; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar.newTab - false
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2013-04-17 08:05:26 493656 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\symds64.sys
2013-04-17 08:05:26 432800 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\symnets.sys
2013-04-17 08:05:26 36952 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\srtspx64.sys
2013-04-17 08:05:26 23448 ----a-r- C:\Windows\System32\drivers\NAVx64\1403010.016\symelam.sys
2013-04-17 08:05:26 1139800 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\symefa64.sys
2013-04-17 08:05:25 796248 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\srtsp64.sys
2013-04-17 08:05:25 224416 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\ironx64.sys
2013-04-17 08:05:25 168096 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\ccsetx64.sys
2013-04-17 08:04:56 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1403010.016
2013-04-17 08:03:57 168096 ----a-w- C:\Windows\System32\drivers\NSTx64\7DD03030.013\ccsetx64.sys
2013-04-17 08:03:52 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD03030.013
2013-04-17 07:48:35 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2013-04-11 22:58:55 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-11 22:58:51 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-11 22:58:25 -------- d-----w- C:\Program Files (x86)\VideoSaver
2013-04-11 22:58:13 -------- d-----w- C:\ProgramData\BrowserProtect
2013-04-11 22:57:47 -------- d-----w- C:\Program Files (x86)\BabylonToolbar
2013-04-11 22:57:41 -------- d-----w- C:\Users\DJBoNnEtt\AppData\Local\WPFBChanger
2013-04-11 22:57:31 -------- d-----w- C:\ProgramData\Babylon
2013-04-11 22:57:30 -------- d-----w- C:\Users\DJBoNnEtt\AppData\Roaming\Babylon
2013-04-11 22:57:09 -------- d-----w- C:\Program Files (x86)\Wallpaper Changer
2013-03-23 22:02:07 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2E0443A2-94CD-4310-8C2C-9FF58CFC2C40}\mpengine.dll
2013-03-23 20:42:44 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
.
==================== Find3M ====================
.
2013-04-02 12:16:10 236248 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-03-23 21:36:23 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-23 21:36:23 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 18:17:03.80 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-19 17:58:33
-----------------------------
17:58:33.332 OS Version: Windows x64 6.1.7600
17:58:33.332 Number of processors: 2 586 0x301
17:58:33.334 ComputerName: DJBONNETT-TOSH UserName: DJBoNnEtt
17:58:34.376 Initialize success
17:59:04.938 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
17:59:04.946 Disk 0 Vendor: TOSHIBA_MK3263GSX FG020M Size: 305245MB BusType: 11
17:59:04.967 Disk 0 MBR read successfully
17:59:04.972 Disk 0 MBR scan
17:59:04.976 Disk 0 Windows 7 default MBR code
17:59:04.989 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
17:59:05.005 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
17:59:05.034 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
17:59:05.142 Disk 0 scanning C:\Windows\system32\drivers
17:59:14.373 Service scanning
18:00:11.353 Modules scanning
18:00:11.355 Disk 0 trace - called modules:
18:00:11.393 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8003b212c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:00:11.394 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049f1060]
18:00:11.398 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa80049e2060]
18:00:11.399 \Driver\atapi[0xfffffa800452ac40] -> IRP_MJ_CREATE -> 0xfffffa8003b212c0
18:00:11.400 Scan finished successfully
18:00:56.436 Disk 0 MBR has been saved successfully to "C:\Users\DJBoNnEtt\Desktop\MBR.dat"
18:00:56.453 The log file has been saved successfully to "C:\Users\DJBoNnEtt\Desktop\aswMBRrep.txt"
Congratulations!: No immediate threats were found. (Status)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-04-03 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-03-30 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-03-30 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-03-30 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-03-30 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-03-02 Includes\Malware.sbi (*)
2010-03-30 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-03-30 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-03-30 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02 Includes\Spyware.sbi (*)
2010-03-30 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-03-03 Includes\Trojans.sbi (*)
2010-03-30 Includes\TrojansC-02.sbi (*)
2010-03-30 Includes\TrojansC-03.sbi (*)
2010-03-30 Includes\TrojansC-04.sbi (*)
2010-03-30 Includes\TrojansC-05.sbi (*)
2010-03-30 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Internet Explorer: 8.0.7600.16912 BrowserJavaVersion: 10.7.2
Run by DJBoNnEtt at 18:14:30 on 2013-04-19
AV: Norton AntiVirus *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uWinlogon: Shell = explorer.exe,C:\Users\DJBoNnEtt\AppData\Roaming\skype.dat
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.1.22\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: VideoSaver: {FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} - C:\Program Files (x86)\VideoSaver\VideoSaver.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [KiesPreload] D:\Kies\Kies.exe /preload
uRun: [KiesAirMessage] D:\Kies\KiesAirMessage.exe -startup
uRun: [] D:\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [BeyluxeMessenger] "D:\Program Files (x86)\Beyluxe Messenger\Beyluxe Messenger.exe" /hide
uRun: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Wallpaper Changer] C:\Program Files (x86)\Wallpaper Changer\Wallpaper Changer.exe /minimized
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [KiesTrayAgent] D:\Kies\KiesTrayAgent.exe
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OABNAEUASAAtAFIARQBEAFMATAAtADcARQBUAEUAQwAtAFUATABBADgAUgAtAEUAQQBPAEsATAAtADQARQBNAEIAUgA"&"inst=NwA2AC0AOQA2ADMANwA3ADcANwAwADMALQBGAFAAOQAyACsANgAtAE4AMQBGACsAMQAtAEIAQQBSADkARwArADEALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQAxADAAQQArADIALQBDAEkAQQA5ADAAKwAyAC0AWABPADkAKwAxAC0ARgA5AE0AMgArADEALQBEAEQAVAArADAALQBEADMAOAAxAEwAKwA1AC0ASQA5ADAAKwAxAC0ATgAxAEQAKwAxAC0AUwBUADkAMABBAFAAUAArADEALQBQAEwAKwA5AC0ARgBVAEkAKwAyAA"&"prod=2"&"ver=9.0.914
mRunOnce: [Malwarebytes Anti-Malware] d:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [SpybotSnD] "C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
dRun: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
StartupFolder: C:\Users\DJBONN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
LSP: mswsock.dll
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20100128050153
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?40437.6930208333
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUplden-gb.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{C4D6E9AA-A9D6-4BC1-A2AD-2D4C0898B34B} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D6E9AA-A9D6-4BC1-A2AD-2D4C0898B34B}\0594E47405F4E474 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D6E9AA-A9D6-4BC1-A2AD-2D4C0898B34B}\35B4959333730383 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{C4D6E9AA-A9D6-4BC1-A2AD-2D4C0898B34B}\C4F4F4F405549544F4F4F4055495 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-mWinlogon: Userinit = Explorer.exe
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} -
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 metrics.bitdefender.com
Hosts: 127.0.0.1 wdcs.trendmicro.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DJBoNnEtt\AppData\Roaming\Mozilla\Firefox\Profiles\hl78eh6g.default-1348957136471\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=120328&babsrc=HP_ss&mntrId=D42E701A04321C22
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\DJBoNnEtt\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2011-06-06 22:34; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar.newTab - false
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2013-04-17 08:05:26 493656 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\symds64.sys
2013-04-17 08:05:26 432800 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\symnets.sys
2013-04-17 08:05:26 36952 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\srtspx64.sys
2013-04-17 08:05:26 23448 ----a-r- C:\Windows\System32\drivers\NAVx64\1403010.016\symelam.sys
2013-04-17 08:05:26 1139800 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\symefa64.sys
2013-04-17 08:05:25 796248 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\srtsp64.sys
2013-04-17 08:05:25 224416 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\ironx64.sys
2013-04-17 08:05:25 168096 ----a-w- C:\Windows\System32\drivers\NAVx64\1403010.016\ccsetx64.sys
2013-04-17 08:04:56 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1403010.016
2013-04-17 08:03:57 168096 ----a-w- C:\Windows\System32\drivers\NSTx64\7DD03030.013\ccsetx64.sys
2013-04-17 08:03:52 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD03030.013
2013-04-17 07:48:35 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2013-04-11 22:58:55 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-11 22:58:51 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-11 22:58:25 -------- d-----w- C:\Program Files (x86)\VideoSaver
2013-04-11 22:58:13 -------- d-----w- C:\ProgramData\BrowserProtect
2013-04-11 22:57:47 -------- d-----w- C:\Program Files (x86)\BabylonToolbar
2013-04-11 22:57:41 -------- d-----w- C:\Users\DJBoNnEtt\AppData\Local\WPFBChanger
2013-04-11 22:57:31 -------- d-----w- C:\ProgramData\Babylon
2013-04-11 22:57:30 -------- d-----w- C:\Users\DJBoNnEtt\AppData\Roaming\Babylon
2013-04-11 22:57:09 -------- d-----w- C:\Program Files (x86)\Wallpaper Changer
2013-03-23 22:02:07 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2E0443A2-94CD-4310-8C2C-9FF58CFC2C40}\mpengine.dll
2013-03-23 20:42:44 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
.
==================== Find3M ====================
.
2013-04-02 12:16:10 236248 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-03-23 21:36:23 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-23 21:36:23 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 18:17:03.80 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-19 17:58:33
-----------------------------
17:58:33.332 OS Version: Windows x64 6.1.7600
17:58:33.332 Number of processors: 2 586 0x301
17:58:33.334 ComputerName: DJBONNETT-TOSH UserName: DJBoNnEtt
17:58:34.376 Initialize success
17:59:04.938 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
17:59:04.946 Disk 0 Vendor: TOSHIBA_MK3263GSX FG020M Size: 305245MB BusType: 11
17:59:04.967 Disk 0 MBR read successfully
17:59:04.972 Disk 0 MBR scan
17:59:04.976 Disk 0 Windows 7 default MBR code
17:59:04.989 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 400 MB offset 2048
17:59:05.005 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 152622 MB offset 821248
17:59:05.034 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 152222 MB offset 313391104
17:59:05.142 Disk 0 scanning C:\Windows\system32\drivers
17:59:14.373 Service scanning
18:00:11.353 Modules scanning
18:00:11.355 Disk 0 trace - called modules:
18:00:11.393 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8003b212c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
18:00:11.394 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049f1060]
18:00:11.398 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa80049e2060]
18:00:11.399 \Driver\atapi[0xfffffa800452ac40] -> IRP_MJ_CREATE -> 0xfffffa8003b212c0
18:00:11.400 Scan finished successfully
18:00:56.436 Disk 0 MBR has been saved successfully to "C:\Users\DJBoNnEtt\Desktop\MBR.dat"
18:00:56.453 The log file has been saved successfully to "C:\Users\DJBoNnEtt\Desktop\aswMBRrep.txt"
Congratulations!: No immediate threats were found. (Status)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-04-03 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-03-30 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-03-30 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-03-30 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-03-30 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-03-02 Includes\Malware.sbi (*)
2010-03-30 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-03-30 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-03-30 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02 Includes\Spyware.sbi (*)
2010-03-30 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-03-03 Includes\Trojans.sbi (*)
2010-03-30 Includes\TrojansC-02.sbi (*)
2010-03-30 Includes\TrojansC-03.sbi (*)
2010-03-30 Includes\TrojansC-04.sbi (*)
2010-03-30 Includes\TrojansC-05.sbi (*)
2010-03-30 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll