enditys
2013-06-05, 04:11
having issues removing win32.downloader.gen please help...
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2
Run by Theresa at 17:06:31 on 2013-06-04
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4085.1977 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi Notebook\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Theresa\AppData\Local\Apps\2.0\866LPMJ7.1JZ\P5PYH541.T1D\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://sleeksearch.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: BTControl12DM2 Toolbar: {09110334-1bf2-481d-9ce3-7ac88f9ef9fe} - C:\Program Files (x86)\BTControl12DM2\prxtbBTCo.dll
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: BTControl12DM2 Toolbar: {09110334-1bf2-481d-9ce3-7ac88f9ef9fe} - C:\Program Files (x86)\BTControl12DM2\prxtbBTCo.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: BTControl12DM2 Toolbar: {09110334-1BF2-481D-9CE3-7AC88F9EF9FE} - C:\Program Files (x86)\BTControl12DM2\prxtbBTCo.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: BTControl12DM2 Toolbar: {09110334-1bf2-481d-9ce3-7ac88f9ef9fe} - C:\Program Files (x86)\BTControl12DM2\prxtbBTCo.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
uRun: [SearchProtect] C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\cltmng.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Notebook\Volume Panel\VolPanlu.exe" /r
mRun: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://driveragent.com/files/driveragent.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{00D4669A-BC21-426C-B4A6-FD2D7F2AA77C} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{992969E3-255B-43A3-80F1-AB2CE47C4BCA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{992969E3-255B-43A3-80F1-AB2CE47C4BCA}\2375942554234323 : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3274043&CUI=UN20816375541168785&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - BTControl12DM2 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.sleeksearch.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3274043&SearchSource=2&CUI=UN20816375541168785&UM=2&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\extensions\{09110334-1bf2-481d-9ce3-7ac88f9ef9fe}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\extensions\{09110334-1bf2-481d-9ce3-7ac88f9ef9fe}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - ExtSQL: 2013-04-11 23:24; {09110334-1bf2-481d-9ce3-7ac88f9ef9fe}; C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\extensions\{09110334-1bf2-481d-9ce3-7ac88f9ef9fe}
FF - ExtSQL: 2013-05-10 14:47; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2012-01-04 00:38; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-6 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-6 189936]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-12-21 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-12-21 378432]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2011-12-21 14904]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-12-21 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-12-21 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-21 46808]
R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2010-12-15 1085440]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-23 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-23 701512]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2011-12-22 60416]
R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2011-12-22 80384]
R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2011-12-22 55808]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-12-21 1153368]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]
R3 copperhd;Razer Copperhead Driver;C:\Windows\System32\drivers\copperhd.sys [2006-5-24 13824]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-12-21 25928]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-5-1 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-5-1 79360]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2011-12-22 21712]
S3 ksaud;Creative USB Audio Driver;C:\Windows\System32\drivers\ksaud.sys [2012-5-1 983936]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-12-21 20992]
S3 SaiH075C;SaiH075C;C:\Windows\System32\drivers\SaiH075C.sys [2012-1-24 326784]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-12-21 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-22 1255736]
.
=============== Created Last 30 ================
.
2013-06-04 15:31:13 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{879927B7-3C22-42FF-9E4C-BFEFDCBA6E12}\offreg.dll
2013-06-04 15:29:38 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{879927B7-3C22-42FF-9E4C-BFEFDCBA6E12}\mpengine.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-05-26 05:38:13 -------- d-----w- C:\Program Files\iPod
2013-05-26 05:38:12 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-26 05:38:12 -------- d-----w- C:\Program Files\iTunes
2013-05-26 05:38:12 -------- d-----w- C:\Program Files (x86)\iTunes
2013-05-20 14:25:01 -------- d-----w- C:\Users\Theresa\AppData\Roaming\SearchProtect
2013-05-15 23:18:41 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 23:18:41 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 23:18:41 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-15 23:18:20 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-15 23:18:18 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-15 23:18:18 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-15 23:18:18 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-15 23:17:27 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-15 23:17:27 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-15 23:17:25 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-10 07:57:26 187456 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-09 04:02:58 -------- d-----r- C:\Program Files (x86)\Skype
2013-05-07 19:56:37 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-05-07 06:07:10 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2013-05-20 03:38:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-20 03:38:25 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-05-09 08:59:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-05-09 08:59:07 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr
2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-05-01 07:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-11 14:22:56 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-04-11 14:22:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-04 18:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-06 22:30:42 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-03-06 22:30:42 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 17:07:07.45 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-04 17:49:35
-----------------------------
17:49:35.157 OS Version: Windows x64 6.1.7601 Service Pack 1
17:49:35.157 Number of processors: 8 586 0x1E05
17:49:35.157 ComputerName: THERESA-MUNOZ UserName: Theresa
17:49:35.859 Initialize success
17:49:35.968 AVAST engine defs: 13060400
17:49:37.762 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
17:49:37.762 Disk 0 Vendor: ST9320423AS D005SDM1 Size: 305245MB BusType: 11
17:49:37.778 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
17:49:37.778 Disk 1 Vendor: ST9320423AS 0002SDM1 Size: 305245MB BusType: 11
17:49:37.949 Disk 0 MBR read successfully
17:49:37.949 Disk 0 MBR scan
17:49:37.965 Disk 0 Windows 7 default MBR code
17:49:37.981 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:49:37.996 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
17:49:38.105 Disk 0 scanning C:\Windows\system32\drivers
17:49:56.560 Service scanning
17:50:11.100 Modules scanning
17:50:11.100 Disk 0 trace - called modules:
17:50:11.630 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:50:11.646 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80047ee790]
17:50:11.646 3 CLASSPNP.SYS[fffff8800194943f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80042552e0]
17:50:12.301 AVAST engine scan C:\Windows
17:50:23.096 AVAST engine scan C:\Windows\system32
17:54:19.327 AVAST engine scan C:\Windows\system32\drivers
17:54:47.126 AVAST engine scan C:\Users\Theresa
18:20:40.122 AVAST engine scan C:\ProgramData
18:23:29.117 Scan finished successfully
18:29:20.976 Disk 0 MBR has been saved successfully to "C:\Users\Theresa\Desktop\MBR.dat"
18:29:20.991 The log file has been saved successfully to "C:\Users\Theresa\Desktop\aswMBR.txt"
Win32.Downloader.gen: [SBI $BCCEBCBD] Program directory (Directory, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\
Win32.Downloader.gen: [SBI $37CF691B] Autorun settings (SearchProtect) (Registry value, nothing done)
HKEY_USERS\S-1-5-21-147755331-2039841654-876228001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchProtect
Win32.Downloader.gen: [SBI $37CF691B] Program file (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\cltmng.exe
Properties.size=2730784
Properties.md5=51DE6288470B700C0CD663CDAC49A4B0
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $4D2EF4F3] Autorun settings (SearchProtectAll) (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchProtectAll
Win32.Downloader.gen: [SBI $4D2EF4F3] Program file (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
Properties.size=2730784
Properties.md5=51DE6288470B700C0CD663CDAC49A4B0
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $4FAD8AA1] Configuration file (File, nothing done)
C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\searchplugins\conduit.xml
Properties.size=1005
Properties.md5=3325FAA8777E79C59ADF1BB84E1C3578
Properties.filedate=1365737063
Properties.filedatetext=2013-04-11 23:24:22
Win32.Downloader.gen: [SBI $97C26527] Configuration file (File, nothing done)
C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\prefs.js
Properties.size=26161
Properties.md5=00BA28177DB5D9B43663EC32F22F9BE9
Properties.filedate=1370328689
Properties.filedatetext=2013-06-04 02:51:29
Win32.Downloader.gen: [SBI $2B63DD0C] Program directory (Directory, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\
Win32.Downloader.gen: [SBI $CB403BBB] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\ChromeModule.dll
Properties.size=517920
Properties.md5=864605381EB8B0B5E022D98794284B5A
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $B6021D1F] Configuration file (File, nothing done)
C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Preferences
Properties.size=91633
Properties.md5=09D8AC33A9C0250B490F8643B2B767E6
Properties.filedate=1370296843
Properties.filedatetext=2013-06-03 18:00:43
Win32.Downloader.gen: [SBI $7EE5B2C0] Executable (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe
Properties.size=93984
Properties.md5=934F4153380EDB6809EB9231C6B5F2A9
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $38013861] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll
Properties.size=870176
Properties.md5=0F701EA1D517DA6350B8931ED7173DE3
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $64A0E025] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll
Properties.size=792352
Properties.md5=806DAC3D5373BA708693C4B37B955707
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $FAF2197D] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\msvcp100.dll
Properties.size=421200
Properties.md5=03E9314004F504A14A61C3D364B62F66
Properties.filedate=1365690176
Properties.filedatetext=2013-04-11 10:22:56
Win32.Downloader.gen: [SBI $D40431FB] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\msvcr100.dll
Properties.size=770384
Properties.md5=67EC459E42D3081DD8FD34356F7CAFC1
Properties.filedate=1365690176
Properties.filedatetext=2013-04-11 10:22:56
Win32.Downloader.gen: [SBI $C408DE11] Data (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\rep.dat
Properties.size=20320
Properties.md5=D5BEB6BA5BEC3C7E6B725BA3490E53DF
Properties.filedate=1370389705
Properties.filedatetext=2013-06-04 19:48:24
Win32.Downloader.gen: [SBI $C35DA846] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\SPHook32.dll
Properties.size=149792
Properties.md5=F294E06F6213CD325208E09C0B0A2699
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $72695CF4] Executable (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\uninstall.exe
Properties.size=194520
Properties.md5=62566150BA62A00B7D4233F561E33B6A
Properties.filedate=1365690514
Properties.filedatetext=2013-04-11 10:28:34
Win32.Downloader.gen: [SBI $E6AD2227] Program directory (Directory, nothing done)
C:\Users\Theresa\AppData\Local\Conduit\
Win32.Downloader.gen: [SBI $F65FFCFA] Library (File, nothing done)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll
Properties.size=638560
Properties.md5=6796F6E449F90A543DC3345538ACC46F
Properties.filedate=1362485924
Properties.filedatetext=2013-03-05 08:18:44
Win32.Downloader.gen: [SBI $84685D62] Program directory (Directory, nothing done)
C:\Program Files (x86)\SearchProtect\bin\
Win32.Downloader.gen: [SBI $6815DCAA] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll
Properties.size=517920
Properties.md5=864605381EB8B0B5E022D98794284B5A
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $1B6AE556] Executable (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
Properties.size=93984
Properties.md5=934F4153380EDB6809EB9231C6B5F2A9
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $7BE23E0D] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll
Properties.size=870176
Properties.md5=0F701EA1D517DA6350B8931ED7173DE3
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $A31C5F5A] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll
Properties.size=792352
Properties.md5=806DAC3D5373BA708693C4B37B955707
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $F3790893] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll
Properties.size=421200
Properties.md5=03E9314004F504A14A61C3D364B62F66
Properties.filedate=1365690176
Properties.filedatetext=2013-04-11 10:22:56
Win32.Downloader.gen: [SBI $DD8F2015] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll
Properties.size=770384
Properties.md5=67EC459E42D3081DD8FD34356F7CAFC1
Properties.filedate=1365690176
Properties.filedatetext=2013-04-11 10:22:56
Win32.Downloader.gen: [SBI $726854BC] Data (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\rep.dat
Properties.size=268
Properties.md5=30102E05D6A20F3F83B1B08E46F608C9
Properties.filedate=1366063748
Properties.filedatetext=2013-04-15 18:09:07
Win32.Downloader.gen: [SBI $CAD6B9A8] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll
Properties.size=149792
Properties.md5=F294E06F6213CD325208E09C0B0A2699
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $17E60B62] Executable (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\uninstall.exe
Properties.size=194520
Properties.md5=62566150BA62A00B7D4233F561E33B6A
Properties.filedate=1365690514
Properties.filedatetext=2013-04-11 10:28:34
Right Media: Tracking cookie (Internet Explorer: Theresa) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2011-12-21 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2013-04-11 Includes\Adware.sbi (*)
2013-05-28 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2013-04-11 Includes\DialerC.sbi (*)
2013-04-11 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2013-04-11 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2013-04-11 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-05-29 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-05-22 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-04-11 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-05-08 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-05-29 Includes\TrojansC-03.sbi (*)
2013-05-16 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-04-19 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2
Run by Theresa at 17:06:31 on 2013-06-04
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4085.1977 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi Notebook\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Theresa\AppData\Local\Apps\2.0\866LPMJ7.1JZ\P5PYH541.T1D\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://sleeksearch.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: BTControl12DM2 Toolbar: {09110334-1bf2-481d-9ce3-7ac88f9ef9fe} - C:\Program Files (x86)\BTControl12DM2\prxtbBTCo.dll
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: BTControl12DM2 Toolbar: {09110334-1bf2-481d-9ce3-7ac88f9ef9fe} - C:\Program Files (x86)\BTControl12DM2\prxtbBTCo.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: BTControl12DM2 Toolbar: {09110334-1BF2-481D-9CE3-7AC88F9EF9FE} - C:\Program Files (x86)\BTControl12DM2\prxtbBTCo.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: BTControl12DM2 Toolbar: {09110334-1bf2-481d-9ce3-7ac88f9ef9fe} - C:\Program Files (x86)\BTControl12DM2\prxtbBTCo.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
uRun: [SearchProtect] C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\cltmng.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [OM2_Monitor] "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Notebook\Volume Panel\VolPanlu.exe" /r
mRun: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://driveragent.com/files/driveragent.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{00D4669A-BC21-426C-B4A6-FD2D7F2AA77C} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{992969E3-255B-43A3-80F1-AB2CE47C4BCA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{992969E3-255B-43A3-80F1-AB2CE47C4BCA}\2375942554234323 : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3274043&CUI=UN20816375541168785&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - BTControl12DM2 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.sleeksearch.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3274043&SearchSource=2&CUI=UN20816375541168785&UM=2&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\extensions\{09110334-1bf2-481d-9ce3-7ac88f9ef9fe}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\extensions\{09110334-1bf2-481d-9ce3-7ac88f9ef9fe}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - ExtSQL: 2013-04-11 23:24; {09110334-1bf2-481d-9ce3-7ac88f9ef9fe}; C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\extensions\{09110334-1bf2-481d-9ce3-7ac88f9ef9fe}
FF - ExtSQL: 2013-05-10 14:47; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2012-01-04 00:38; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-6 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-6 189936]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-12-21 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-12-21 378432]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2011-12-21 14904]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-12-21 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-12-21 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-21 46808]
R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2010-12-15 1085440]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-23 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-23 701512]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2011-12-22 60416]
R2 risdpcie;risdpcie;C:\Windows\System32\drivers\risdpe64.sys [2011-12-22 80384]
R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2011-12-22 55808]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-12-21 1153368]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-5-14 3289208]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]
R3 copperhd;Razer Copperhead Driver;C:\Windows\System32\drivers\copperhd.sys [2006-5-24 13824]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-12-21 25928]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-5-1 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-5-1 79360]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2011-12-22 21712]
S3 ksaud;Creative USB Audio Driver;C:\Windows\System32\drivers\ksaud.sys [2012-5-1 983936]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-12-21 20992]
S3 SaiH075C;SaiH075C;C:\Windows\System32\drivers\SaiH075C.sys [2012-1-24 326784]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-12-21 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-22 1255736]
.
=============== Created Last 30 ================
.
2013-06-04 15:31:13 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{879927B7-3C22-42FF-9E4C-BFEFDCBA6E12}\offreg.dll
2013-06-04 15:29:38 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{879927B7-3C22-42FF-9E4C-BFEFDCBA6E12}\mpengine.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2013-05-26 05:46:20 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2013-05-26 05:38:13 -------- d-----w- C:\Program Files\iPod
2013-05-26 05:38:12 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-26 05:38:12 -------- d-----w- C:\Program Files\iTunes
2013-05-26 05:38:12 -------- d-----w- C:\Program Files (x86)\iTunes
2013-05-20 14:25:01 -------- d-----w- C:\Users\Theresa\AppData\Roaming\SearchProtect
2013-05-15 23:18:41 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-15 23:18:41 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-15 23:18:41 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-15 23:18:20 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-15 23:18:18 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-15 23:18:18 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-15 23:18:18 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-15 23:17:27 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-15 23:17:27 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-15 23:17:25 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-10 07:57:26 187456 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-09 04:02:58 -------- d-----r- C:\Program Files (x86)\Skype
2013-05-07 19:56:37 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-05-07 06:07:10 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2013-05-20 03:38:25 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-20 03:38:25 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-05-09 08:59:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-05-09 08:59:07 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr
2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-05-01 07:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-11 14:22:56 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-04-11 14:22:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-04 18:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-06 22:30:42 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-03-06 22:30:42 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 17:07:07.45 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-04 17:49:35
-----------------------------
17:49:35.157 OS Version: Windows x64 6.1.7601 Service Pack 1
17:49:35.157 Number of processors: 8 586 0x1E05
17:49:35.157 ComputerName: THERESA-MUNOZ UserName: Theresa
17:49:35.859 Initialize success
17:49:35.968 AVAST engine defs: 13060400
17:49:37.762 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
17:49:37.762 Disk 0 Vendor: ST9320423AS D005SDM1 Size: 305245MB BusType: 11
17:49:37.778 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
17:49:37.778 Disk 1 Vendor: ST9320423AS 0002SDM1 Size: 305245MB BusType: 11
17:49:37.949 Disk 0 MBR read successfully
17:49:37.949 Disk 0 MBR scan
17:49:37.965 Disk 0 Windows 7 default MBR code
17:49:37.981 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:49:37.996 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
17:49:38.105 Disk 0 scanning C:\Windows\system32\drivers
17:49:56.560 Service scanning
17:50:11.100 Modules scanning
17:50:11.100 Disk 0 trace - called modules:
17:50:11.630 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:50:11.646 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80047ee790]
17:50:11.646 3 CLASSPNP.SYS[fffff8800194943f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80042552e0]
17:50:12.301 AVAST engine scan C:\Windows
17:50:23.096 AVAST engine scan C:\Windows\system32
17:54:19.327 AVAST engine scan C:\Windows\system32\drivers
17:54:47.126 AVAST engine scan C:\Users\Theresa
18:20:40.122 AVAST engine scan C:\ProgramData
18:23:29.117 Scan finished successfully
18:29:20.976 Disk 0 MBR has been saved successfully to "C:\Users\Theresa\Desktop\MBR.dat"
18:29:20.991 The log file has been saved successfully to "C:\Users\Theresa\Desktop\aswMBR.txt"
Win32.Downloader.gen: [SBI $BCCEBCBD] Program directory (Directory, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\
Win32.Downloader.gen: [SBI $37CF691B] Autorun settings (SearchProtect) (Registry value, nothing done)
HKEY_USERS\S-1-5-21-147755331-2039841654-876228001-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchProtect
Win32.Downloader.gen: [SBI $37CF691B] Program file (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\cltmng.exe
Properties.size=2730784
Properties.md5=51DE6288470B700C0CD663CDAC49A4B0
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $4D2EF4F3] Autorun settings (SearchProtectAll) (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchProtectAll
Win32.Downloader.gen: [SBI $4D2EF4F3] Program file (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
Properties.size=2730784
Properties.md5=51DE6288470B700C0CD663CDAC49A4B0
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $4FAD8AA1] Configuration file (File, nothing done)
C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\searchplugins\conduit.xml
Properties.size=1005
Properties.md5=3325FAA8777E79C59ADF1BB84E1C3578
Properties.filedate=1365737063
Properties.filedatetext=2013-04-11 23:24:22
Win32.Downloader.gen: [SBI $97C26527] Configuration file (File, nothing done)
C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\s0ho6sxs.default\prefs.js
Properties.size=26161
Properties.md5=00BA28177DB5D9B43663EC32F22F9BE9
Properties.filedate=1370328689
Properties.filedatetext=2013-06-04 02:51:29
Win32.Downloader.gen: [SBI $2B63DD0C] Program directory (Directory, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\
Win32.Downloader.gen: [SBI $CB403BBB] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\ChromeModule.dll
Properties.size=517920
Properties.md5=864605381EB8B0B5E022D98794284B5A
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $B6021D1F] Configuration file (File, nothing done)
C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Preferences
Properties.size=91633
Properties.md5=09D8AC33A9C0250B490F8643B2B767E6
Properties.filedate=1370296843
Properties.filedatetext=2013-06-03 18:00:43
Win32.Downloader.gen: [SBI $7EE5B2C0] Executable (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe
Properties.size=93984
Properties.md5=934F4153380EDB6809EB9231C6B5F2A9
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $38013861] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll
Properties.size=870176
Properties.md5=0F701EA1D517DA6350B8931ED7173DE3
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $64A0E025] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll
Properties.size=792352
Properties.md5=806DAC3D5373BA708693C4B37B955707
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $FAF2197D] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\msvcp100.dll
Properties.size=421200
Properties.md5=03E9314004F504A14A61C3D364B62F66
Properties.filedate=1365690176
Properties.filedatetext=2013-04-11 10:22:56
Win32.Downloader.gen: [SBI $D40431FB] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\msvcr100.dll
Properties.size=770384
Properties.md5=67EC459E42D3081DD8FD34356F7CAFC1
Properties.filedate=1365690176
Properties.filedatetext=2013-04-11 10:22:56
Win32.Downloader.gen: [SBI $C408DE11] Data (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\rep.dat
Properties.size=20320
Properties.md5=D5BEB6BA5BEC3C7E6B725BA3490E53DF
Properties.filedate=1370389705
Properties.filedatetext=2013-06-04 19:48:24
Win32.Downloader.gen: [SBI $C35DA846] Library (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\SPHook32.dll
Properties.size=149792
Properties.md5=F294E06F6213CD325208E09C0B0A2699
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $72695CF4] Executable (File, nothing done)
C:\Users\Theresa\AppData\Roaming\SearchProtect\bin\uninstall.exe
Properties.size=194520
Properties.md5=62566150BA62A00B7D4233F561E33B6A
Properties.filedate=1365690514
Properties.filedatetext=2013-04-11 10:28:34
Win32.Downloader.gen: [SBI $E6AD2227] Program directory (Directory, nothing done)
C:\Users\Theresa\AppData\Local\Conduit\
Win32.Downloader.gen: [SBI $F65FFCFA] Library (File, nothing done)
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll
Properties.size=638560
Properties.md5=6796F6E449F90A543DC3345538ACC46F
Properties.filedate=1362485924
Properties.filedatetext=2013-03-05 08:18:44
Win32.Downloader.gen: [SBI $84685D62] Program directory (Directory, nothing done)
C:\Program Files (x86)\SearchProtect\bin\
Win32.Downloader.gen: [SBI $6815DCAA] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll
Properties.size=517920
Properties.md5=864605381EB8B0B5E022D98794284B5A
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $1B6AE556] Executable (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
Properties.size=93984
Properties.md5=934F4153380EDB6809EB9231C6B5F2A9
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $7BE23E0D] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll
Properties.size=870176
Properties.md5=0F701EA1D517DA6350B8931ED7173DE3
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $A31C5F5A] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll
Properties.size=792352
Properties.md5=806DAC3D5373BA708693C4B37B955707
Properties.filedate=1365690486
Properties.filedatetext=2013-04-11 10:28:06
Win32.Downloader.gen: [SBI $F3790893] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\msvcp100.dll
Properties.size=421200
Properties.md5=03E9314004F504A14A61C3D364B62F66
Properties.filedate=1365690176
Properties.filedatetext=2013-04-11 10:22:56
Win32.Downloader.gen: [SBI $DD8F2015] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\msvcr100.dll
Properties.size=770384
Properties.md5=67EC459E42D3081DD8FD34356F7CAFC1
Properties.filedate=1365690176
Properties.filedatetext=2013-04-11 10:22:56
Win32.Downloader.gen: [SBI $726854BC] Data (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\rep.dat
Properties.size=268
Properties.md5=30102E05D6A20F3F83B1B08E46F608C9
Properties.filedate=1366063748
Properties.filedatetext=2013-04-15 18:09:07
Win32.Downloader.gen: [SBI $CAD6B9A8] Library (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll
Properties.size=149792
Properties.md5=F294E06F6213CD325208E09C0B0A2699
Properties.filedate=1365690488
Properties.filedatetext=2013-04-11 10:28:08
Win32.Downloader.gen: [SBI $17E60B62] Executable (File, nothing done)
C:\Program Files (x86)\SearchProtect\bin\uninstall.exe
Properties.size=194520
Properties.md5=62566150BA62A00B7D4233F561E33B6A
Properties.filedate=1365690514
Properties.filedatetext=2013-04-11 10:28:34
Right Media: Tracking cookie (Internet Explorer: Theresa) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2011-12-21 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2013-04-11 Includes\Adware.sbi (*)
2013-05-28 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2013-04-11 Includes\DialerC.sbi (*)
2013-04-11 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2013-04-11 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2013-04-11 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-05-29 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-05-22 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2013-04-11 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-05-08 Includes\SpywareC.sbi (*)
2012-11-19 Includes\Tracks.uti
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-05-29 Includes\TrojansC-03.sbi (*)
2013-05-16 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-04-19 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll