Musicsgood
2010-10-23, 07:45
DDS (Ver_10-10-21.02) - NTFSx86
Run by jones family at 21:33:27.96 on Fri 10/22/2010
Internet Explorer: 8.0.6001.18975
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1104 [GMT -7:00]
SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Windows\system32\dfshim32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\bitsprx232.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Windows\system32\lxdmcoms.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\cofiredm32.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DllHost.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Lexmark 5000 Series\lxdmmon.exe
C:\Program Files\Lexmark 5000 Series\lxdmamon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\wpcumi.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\jones family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OVRBHENY\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.msn.com
uDefault_Page_URL = hxxp://www.msn.com
uWindow Title = Internet Explorer, optimized for Bing and MSN
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Presario&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
BHO: {0205224a-e1c6-4132-a4bc-9defedaeb974} - c:\windows\system32\AUDIOKSE32.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\18.1.0.37\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows
live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: 24da7ef6: {ae0e083c-76e3-3bdb-9e60-0c1fd26846b8} - c:\windows\system32\colorui32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: @c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn
toolbar\platform\5.0.1449.0\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [RTHDBPL] c:\windows\lsass.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [lxdmmon.exe] "c:\program files\lexmark 5000 series\lxdmmon.exe"
mRun: [lxdmamon] "c:\program files\lexmark 5000 series\lxdmamon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [DVDAgent] "c:\program files\hewlett-packard\media\dvd\DVDAgent.exe"
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [RTHDBPL] c:\windows\lsass.exe
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1449.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [SpybotDeletingA2891] command.com /c del "c:\windows\lsass.exe_old"
mRunOnce: [SpybotDeletingC4995] cmd.exe /c del "c:\windows\lsass.exe_old"
dRun: [RTHDBPL] c:\windows\lsass.exe
StartupFolder: c:\users\jonesf~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pictur~1.lnk - c:\program files\picturemover\bin\PictureMover.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\windows\system32\wpclsp.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
AppInit_DLLs: c:\windows\system32\bitsigd32.dll
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1201000.025\SymDS.sys [2010-10-13 339504]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1201000.025\SymEFA.sys [2010-10-13 666672]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\bashdefs\20101001.001\BHDrvx86.sys [2010-8-31
692272]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\ipsdefs\20101020.001\IDSvix86.sys [2010-10-19
353840]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1201000.025\Ironx86.sys [2010-10-13 134704]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1201000.025\symtdiv.sys [2010-10-13 331312]
R2 AeLookupSvc32;Application Experience ;c:\windows\system32\dfshim32.exe [2010-10-12 1345536]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-9-27 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-5-31 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-10-10 47640]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\18.1.0.37\ccSvcHst.exe [2010-10-13 126904]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-10-16 1153368]
R2 SysMain32;Superfetch ;c:\windows\system32\cofiredm32.exe [2010-10-12 1345536]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-27 102448]
R3 HSXHWBS3;HSXHWBS3;c:\windows\system32\drivers\HSXHWBS3.sys [2009-7-15 207360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18
753504]
=============== Created Last 30 ================
2010-10-22 22:44:32 162304 --sha-w- c:\windows\lsass.exe
2010-10-22 20:45:35 -------- d-----w- c:\progra~2\ThumbnailCache4R
2010-10-22 09:28:09 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{cdecbfef-7330-40bd-9ab3-35b3d6b86e42}\mpengine.dll
2010-10-21 20:39:30 162304 ------w- c:\windows\lsass.exe_old
2010-10-21 20:37:44 171008 ----a-w- c:\windows\system32\eapp3hst32.dll.exe
2010-10-21 20:37:34 171008 ----a-w- c:\windows\system32\dpnhupnp32.dll.exe
2010-10-20 20:26:00 372736 ----a-w- c:\windows\system32\AUDIOKSE32.dll
2010-10-18 23:25:19 -------- d-----w- c:\program files\Safer Networking
2010-10-18 20:22:53 171008 ----a-w- c:\windows\system32\dskquoui32.dll.exe
2010-10-18 20:09:14 -------- d-----w- c:\program files\MSN Toolbar
2010-10-18 20:08:04 -------- d-----w- c:\program files\Bing Bar Installer
2010-10-17 20:04:08 1345536 ----a-w- c:\windows\system32\bitsprx232.exe
2010-10-17 20:04:07 253952 ----a-w- c:\windows\system32\bitsigd32.dll
2010-10-17 20:02:46 171008 ----a-w- c:\windows\system32\d3dxof32.dll.exe
2010-10-17 07:25:03 171008 ----a-w- c:\windows\system32\cmlua32.dll.exe
2010-10-17 06:24:31 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-10-17 06:24:31 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2010-10-16 16:34:20 171008 ----a-w- c:\windows\system32\devmgr32.dll.exe
2010-10-16 16:13:47 -------- d-----w- c:\progra~2\STOPzilla!
2010-10-15 09:08:21 359936 ----a-w- c:\windows\system32\cmutil32.dll
2010-10-15 03:07:48 1345536 ----a-w- c:\windows\system32\dhcpcsvc632.exe
2010-10-14 18:47:40 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-10-14 18:47:40 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-10-14 18:45:51 -------- d-----w- c:\windows\system32\drivers\nbrtwizard\0301000.00B
2010-10-14 18:45:51 -------- d-----w- c:\windows\system32\drivers\NBRTWizard
2010-10-14 18:45:36 -------- d-----w- c:\program files\Norton Bootable Recovery Tool Wizard
2010-10-14 17:51:37 -------- d-----w- c:\users\jonesf~1\appdata\local\NPE
2010-10-14 06:30:44 171008 ----a-w- c:\windows\system32\ds16gt32.dll.exe
2010-10-14 06:10:35 666672 ----a-r- c:\windows\system32\drivers\nis\1201000.025\SymEFA.sys
2010-10-14 06:10:35 50096 ----a-r- c:\windows\system32\drivers\nis\1201000.025\srtspx.sys
2010-10-14 06:10:35 489008 ----a-r- c:\windows\system32\drivers\nis\1201000.025\srtsp.sys
2010-10-14 06:10:35 339504 ----a-r- c:\windows\system32\drivers\nis\1201000.025\SymDS.sys
2010-10-14 06:10:35 331312 ----a-r- c:\windows\system32\drivers\nis\1201000.025\symtdiv.sys
2010-10-14 06:10:35 294448 ----a-r- c:\windows\system32\drivers\nis\1201000.025\symnets.sys
2010-10-14 06:10:35 134704 ----a-r- c:\windows\system32\drivers\nis\1201000.025\Ironx86.sys
2010-10-14 06:10:24 -------- d-----w- c:\windows\system32\drivers\nis\1201000.025
2010-10-14 06:00:28 -------- d-----w- c:\users\jonesf~1\appdata\roaming\Tific
2010-10-13 10:25:21 171008 ----a-w- c:\windows\system32\d3dim32.dll.exe
2010-10-13 10:25:11 171008 ----a-w- c:\windows\system32\corpol32.dll.exe
2010-10-13 00:32:00 -------- d-----w- c:\program files\iPod
2010-10-13 00:31:59 -------- d-----w- c:\program files\iTunes
2010-10-13 00:19:35 171008 ----a-w- c:\windows\system32\dfshim32.dll.exe
2010-10-13 00:19:35 1345536 ----a-w- c:\windows\system32\dfshim32.exe
2010-10-13 00:17:52 -------- d-sh--w- c:\progra~2\SysWoW32
2010-10-13 00:17:41 203776 --sh--w- c:\progra~2\unrar.exe
2010-10-13 00:17:41 -------- d-----w- c:\progra~2\1721452996
2010-10-13 00:17:15 1345536 ----a-w- c:\windows\system32\comdlg3232.exe
2010-10-13 00:17:15 -------- d-sh--w- c:\users\jonesf~1\appdata\roaming\SysWin
2010-10-13 00:17:14 253952 ----a-w- c:\windows\system32\colorui32.dll
2010-10-13 00:17:13 1345536 ----a-w- c:\windows\system32\cofiredm32.exe
2010-10-12 21:58:14 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2010-10-12 21:58:13 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-11 00:44:50 -------- d-----w- c:\users\jonesf~1\appdata\local\LogMeIn Hamachi
2010-10-11 00:30:57 -------- d-----w- c:\users\jonesf~1\appdata\local\LogMeIn
2010-10-11 00:30:57 -------- d-----w- c:\progra~2\LogMeIn
2010-10-11 00:30:16 53632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2010-10-11 00:30:16 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-10-11 00:30:15 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2010-10-11 00:30:15 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-10-11 00:30:15 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2010-10-11 00:30:09 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-10-11 00:29:14 -------- d-----w- c:\program files\LogMeIn
2010-10-11 00:26:22 -------- d-----w- c:\users\jonesf~1\appdata\local\Apps
2010-10-11 00:26:21 -------- d-----w- c:\users\jonesf~1\appdata\local\Deployment
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2010-10-01 00:16:36 -------- d-----w- c:\program files\Bonjour
2010-09-29 08:05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 08:05:02 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-09-23 14:28:35 2074729 ----a-w- c:\progra~2\SPL2473.tmp
2010-09-23 06:38:48 902668 ----a-w- c:\progra~2\SPLACE.tmp
==================== Find3M ====================
2010-10-19 18:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-08 18:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 18:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-08 06:01:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56:53 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04:36 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-06 16:20:29 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-09-06 16:19:06 17920 ----a-w- c:\windows\system32\netevent.dll
2010-08-31 15:46:37 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 15:46:37 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-31 15:44:31 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-08-31 13:27:38 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-08-26 16:37:45 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-08-20 16:05:07 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-08-17 14:11:37 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-14 00:48:30 1568631 ----a-w- c:\progra~2\SPL8155.tmp
2010-08-14 00:44:34 1568631 ----a-w- c:\progra~2\SPLE966.tmp
2010-08-10 15:53:15 274944 ----a-w- c:\windows\system32\schannel.dll
2010-08-06 00:06:45 284298 ----a-w- c:\progra~2\SPL4F71.tmp
2010-08-06 00:02:57 284298 ----a-w- c:\progra~2\SPLD10F.tmp
2010-08-04 03:10:07 228261 ----a-w- c:\progra~2\SPL4175.tmp
2010-08-04 03:08:02 228261 ----a-w- c:\progra~2\SPL593F.tmp
2010-07-28 01:44:10 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-28 01:44:10 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-28 01:44:10 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-26 17:47:44 176840 ----a-w- c:\progra~2\SPL890C.tmp
============= FINISH: 21:34:49.36 ===============
This is the Spybot results..could not post to the clip board it would not run for some reason.
CN.wAQdN: [SBI $ABCAF88C] Executable (File, nothing done)
C:\WINDOWS\lsass.exe
Properties.size=162304
Properties.md5=6353DB67981FD55F7C18F05F13077391
Properties.filedate=1287787471
Properties.filedatetext=2010-10-22 15:44:30
Internet Explorer: [SBI $1E8157BE] Typed URL list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: [SBI $FF589D0C] Download directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Internet Explorer\Download Directory
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\as1.suitesmart.com\6thElement.sol
Properties.size=152
Properties.md5=437E346AF5A576844ADCA4DE419C8B98
Properties.filedate=1287627488
Properties.filedatetext=2010-10-20 19:18:08
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\c3metrics.com\480-SM.sol
Properties.size=83
Properties.md5=FECB44CD098540B3F1ED7400921C43ED
Properties.filedate=1287627507
Properties.filedatetext=2010-10-20 19:18:27
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\c3metrics.com\480-VT.sol
Properties.size=80
Properties.md5=713DD9C0CF22A23C768121A183CBBB28
Properties.filedate=1287627507
Properties.filedatetext=2010-10-20 19:18:27
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\d.yimg.com\VolumePrefs.sol
Properties.size=55
Properties.md5=680CC18183453BA30B3B748933B29AE7
Properties.filedate=1287726944
Properties.filedatetext=2010-10-21 22:55:44
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\d.yimg.com\YEPBWPrefs.sol
Properties.size=71
Properties.md5=9E4AF29325FE25FD2FCF86717EC57C3B
Properties.filedate=1287726801
Properties.filedatetext=2010-10-21 22:53:21
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\msnbcmedia.msn.com\varo_varoDefault.sol
Properties.size=44
Properties.md5=1D678A046FA699044633AA7E9F4C7919
Properties.filedate=1287772315
Properties.filedatetext=2010-10-22 11:31:55
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\p.ooyala.com\auth.sol
Properties.size=70
Properties.md5=5879BB04CF694678EA64E6A6DB1C9524
Properties.filedate=1287726299
Properties.filedatetext=2010-10-21 22:44:58
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\p.ooyala.com\auth2.sol
Properties.size=679
Properties.md5=04E980F68EDF9EBB4FDD1C9613E127D8
Properties.filedate=1287726301
Properties.filedatetext=2010-10-21 22:45:00
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\s.ytimg.com\soundData.sol
Properties.size=49
Properties.md5=F2945B8419B125F71FC8FD7CDDB59948
Properties.filedate=1287693041
Properties.filedatetext=2010-10-21 13:30:40
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\s.ytimg.com\videostats.sol
Properties.size=85
Properties.md5=8C560A755D9C75197B1483945E3BCD2D
Properties.filedate=1287693044
Properties.filedatetext=2010-10-21 13:30:44
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\us.mg4.mail.yahoo.com\cookies.sol
Properties.size=67
Properties.md5=703F196989C8E131AFDD521B6A377C71
Properties.filedate=1287806425
Properties.filedatetext=2010-10-22 21:00:24
Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\core.videoegg.com\#ve\admanager.sol
Properties.size=73
Properties.md5=C639D9F832E5A4E3152A3559787383E5
Properties.filedate=1287726297
Properties.filedatetext=2010-10-21 22:44:56
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\core.videoegg.com\#com\videoegg\Demo.sol
Properties.size=59
Properties.md5=4663E4C4D3ACC338D3FE20A2E9C00372
Properties.filedate=1287726297
Properties.filedatetext=2010-10-21 22:44:56
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\core.videoegg.com\#com\videoegg\Retargeting.sol
Properties.size=66
Properties.md5=DC8D4D1BBECA404E809B6CCDBC413B18
Properties.filedate=1287726301
Properties.filedatetext=2010-10-21 22:45:00
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\live.bodog.com\swf\live.swf\bodogLive.sol
Properties.size=190
Properties.md5=9DA8C6A9A90DEC95CF9740F9F0670E0F
Properties.filedate=1287717440
Properties.filedatetext=2010-10-21 20:17:19
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\static.trialpay.com\swf\logo.swf\helpData.sol
Properties.size=95
Properties.md5=87CC314410F50E6A28FEC17B738FC876
Properties.filedate=1287780086
Properties.filedatetext=2010-10-22 13:41:26
MS Management Console: [SBI $ECD50EAD] Recent command list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Microsoft Management Console\Recent File List
MS Media Player: [SBI $E48560B4] Recent file list (7 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\MediaPlayer\Player\RecentFileList
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (9 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Office\12.0\Excel\File MRU
MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (7 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Office\12.0\Word\File MRU
MS Wordpad: [SBI $4C02334D] Recent file list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (14 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Cookie: [SBI $49804B54] Cookie (83) (Cookie, nothing done)
Cache: [SBI $49804B54] Cache (3) (Cache, nothing done)
History: [SBI $49804B54] History (1471) (History, nothing done)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-10-18 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-06-29 Includes\Adware.sbi (*)
2010-10-12 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-09-22 Includes\Dialer.sbi (*)
2010-10-12 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-10-12 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-08-02 Includes\Keyloggers.sbi (*)
2010-10-12 Includes\KeyloggersC.sbi (*)
2010-09-13 Includes\Malware.sbi (*)
2010-10-19 Includes\MalwareC.sbi (*)
2010-05-18 Includes\PUPS.sbi (*)
2010-10-12 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-10-12 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-06-29 Includes\Spyware.sbi (*)
2010-10-12 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti (*)
2010-08-04 Includes\Trojans.sbi (*)
2010-10-12 Includes\TrojansC-02.sbi (*)
2010-10-12 Includes\TrojansC-03.sbi (*)
2010-10-12 Includes\TrojansC-04.sbi (*)
2010-10-20 Includes\TrojansC-05.sbi (*)
2010-10-12 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Run by jones family at 21:33:27.96 on Fri 10/22/2010
Internet Explorer: 8.0.6001.18975
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1104 [GMT -7:00]
SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Windows\system32\dfshim32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\bitsprx232.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Windows\system32\lxdmcoms.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\cofiredm32.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DllHost.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Lexmark 5000 Series\lxdmmon.exe
C:\Program Files\Lexmark 5000 Series\lxdmamon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\wpcumi.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\jones family\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OVRBHENY\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.msn.com
uDefault_Page_URL = hxxp://www.msn.com
uWindow Title = Internet Explorer, optimized for Bing and MSN
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Presario&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
BHO: {0205224a-e1c6-4132-a4bc-9defedaeb974} - c:\windows\system32\AUDIOKSE32.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\18.1.0.37\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows
live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: 24da7ef6: {ae0e083c-76e3-3bdb-9e60-0c1fd26846b8} - c:\windows\system32\colorui32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: @c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn
toolbar\platform\5.0.1449.0\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [RTHDBPL] c:\windows\lsass.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [lxdmmon.exe] "c:\program files\lexmark 5000 series\lxdmmon.exe"
mRun: [lxdmamon] "c:\program files\lexmark 5000 series\lxdmamon.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [DVDAgent] "c:\program files\hewlett-packard\media\dvd\DVDAgent.exe"
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [RTHDBPL] c:\windows\lsass.exe
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1449.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRunOnce: [SpybotDeletingA2891] command.com /c del "c:\windows\lsass.exe_old"
mRunOnce: [SpybotDeletingC4995] cmd.exe /c del "c:\windows\lsass.exe_old"
dRun: [RTHDBPL] c:\windows\lsass.exe
StartupFolder: c:\users\jonesf~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pictur~1.lnk - c:\program files\picturemover\bin\PictureMover.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\windows\system32\wpclsp.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
AppInit_DLLs: c:\windows\system32\bitsigd32.dll
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1201000.025\SymDS.sys [2010-10-13 339504]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1201000.025\SymEFA.sys [2010-10-13 666672]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\bashdefs\20101001.001\BHDrvx86.sys [2010-8-31
692272]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\ipsdefs\20101020.001\IDSvix86.sys [2010-10-19
353840]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1201000.025\Ironx86.sys [2010-10-13 134704]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1201000.025\symtdiv.sys [2010-10-13 331312]
R2 AeLookupSvc32;Application Experience ;c:\windows\system32\dfshim32.exe [2010-10-12 1345536]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-9-27 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-5-31 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-10-10 47640]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\18.1.0.37\ccSvcHst.exe [2010-10-13 126904]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-10-16 1153368]
R2 SysMain32;Superfetch ;c:\windows\system32\cofiredm32.exe [2010-10-12 1345536]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-27 102448]
R3 HSXHWBS3;HSXHWBS3;c:\windows\system32\drivers\HSXHWBS3.sys [2009-7-15 207360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18
753504]
=============== Created Last 30 ================
2010-10-22 22:44:32 162304 --sha-w- c:\windows\lsass.exe
2010-10-22 20:45:35 -------- d-----w- c:\progra~2\ThumbnailCache4R
2010-10-22 09:28:09 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{cdecbfef-7330-40bd-9ab3-35b3d6b86e42}\mpengine.dll
2010-10-21 20:39:30 162304 ------w- c:\windows\lsass.exe_old
2010-10-21 20:37:44 171008 ----a-w- c:\windows\system32\eapp3hst32.dll.exe
2010-10-21 20:37:34 171008 ----a-w- c:\windows\system32\dpnhupnp32.dll.exe
2010-10-20 20:26:00 372736 ----a-w- c:\windows\system32\AUDIOKSE32.dll
2010-10-18 23:25:19 -------- d-----w- c:\program files\Safer Networking
2010-10-18 20:22:53 171008 ----a-w- c:\windows\system32\dskquoui32.dll.exe
2010-10-18 20:09:14 -------- d-----w- c:\program files\MSN Toolbar
2010-10-18 20:08:04 -------- d-----w- c:\program files\Bing Bar Installer
2010-10-17 20:04:08 1345536 ----a-w- c:\windows\system32\bitsprx232.exe
2010-10-17 20:04:07 253952 ----a-w- c:\windows\system32\bitsigd32.dll
2010-10-17 20:02:46 171008 ----a-w- c:\windows\system32\d3dxof32.dll.exe
2010-10-17 07:25:03 171008 ----a-w- c:\windows\system32\cmlua32.dll.exe
2010-10-17 06:24:31 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-10-17 06:24:31 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2010-10-16 16:34:20 171008 ----a-w- c:\windows\system32\devmgr32.dll.exe
2010-10-16 16:13:47 -------- d-----w- c:\progra~2\STOPzilla!
2010-10-15 09:08:21 359936 ----a-w- c:\windows\system32\cmutil32.dll
2010-10-15 03:07:48 1345536 ----a-w- c:\windows\system32\dhcpcsvc632.exe
2010-10-14 18:47:40 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-10-14 18:47:40 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-10-14 18:45:51 -------- d-----w- c:\windows\system32\drivers\nbrtwizard\0301000.00B
2010-10-14 18:45:51 -------- d-----w- c:\windows\system32\drivers\NBRTWizard
2010-10-14 18:45:36 -------- d-----w- c:\program files\Norton Bootable Recovery Tool Wizard
2010-10-14 17:51:37 -------- d-----w- c:\users\jonesf~1\appdata\local\NPE
2010-10-14 06:30:44 171008 ----a-w- c:\windows\system32\ds16gt32.dll.exe
2010-10-14 06:10:35 666672 ----a-r- c:\windows\system32\drivers\nis\1201000.025\SymEFA.sys
2010-10-14 06:10:35 50096 ----a-r- c:\windows\system32\drivers\nis\1201000.025\srtspx.sys
2010-10-14 06:10:35 489008 ----a-r- c:\windows\system32\drivers\nis\1201000.025\srtsp.sys
2010-10-14 06:10:35 339504 ----a-r- c:\windows\system32\drivers\nis\1201000.025\SymDS.sys
2010-10-14 06:10:35 331312 ----a-r- c:\windows\system32\drivers\nis\1201000.025\symtdiv.sys
2010-10-14 06:10:35 294448 ----a-r- c:\windows\system32\drivers\nis\1201000.025\symnets.sys
2010-10-14 06:10:35 134704 ----a-r- c:\windows\system32\drivers\nis\1201000.025\Ironx86.sys
2010-10-14 06:10:24 -------- d-----w- c:\windows\system32\drivers\nis\1201000.025
2010-10-14 06:00:28 -------- d-----w- c:\users\jonesf~1\appdata\roaming\Tific
2010-10-13 10:25:21 171008 ----a-w- c:\windows\system32\d3dim32.dll.exe
2010-10-13 10:25:11 171008 ----a-w- c:\windows\system32\corpol32.dll.exe
2010-10-13 00:32:00 -------- d-----w- c:\program files\iPod
2010-10-13 00:31:59 -------- d-----w- c:\program files\iTunes
2010-10-13 00:19:35 171008 ----a-w- c:\windows\system32\dfshim32.dll.exe
2010-10-13 00:19:35 1345536 ----a-w- c:\windows\system32\dfshim32.exe
2010-10-13 00:17:52 -------- d-sh--w- c:\progra~2\SysWoW32
2010-10-13 00:17:41 203776 --sh--w- c:\progra~2\unrar.exe
2010-10-13 00:17:41 -------- d-----w- c:\progra~2\1721452996
2010-10-13 00:17:15 1345536 ----a-w- c:\windows\system32\comdlg3232.exe
2010-10-13 00:17:15 -------- d-sh--w- c:\users\jonesf~1\appdata\roaming\SysWin
2010-10-13 00:17:14 253952 ----a-w- c:\windows\system32\colorui32.dll
2010-10-13 00:17:13 1345536 ----a-w- c:\windows\system32\cofiredm32.exe
2010-10-12 21:58:14 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2010-10-12 21:58:13 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-11 00:44:50 -------- d-----w- c:\users\jonesf~1\appdata\local\LogMeIn Hamachi
2010-10-11 00:30:57 -------- d-----w- c:\users\jonesf~1\appdata\local\LogMeIn
2010-10-11 00:30:57 -------- d-----w- c:\progra~2\LogMeIn
2010-10-11 00:30:16 53632 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2010-10-11 00:30:16 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-10-11 00:30:15 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2010-10-11 00:30:15 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-10-11 00:30:15 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2010-10-11 00:30:09 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-10-11 00:29:14 -------- d-----w- c:\program files\LogMeIn
2010-10-11 00:26:22 -------- d-----w- c:\users\jonesf~1\appdata\local\Apps
2010-10-11 00:26:21 -------- d-----w- c:\users\jonesf~1\appdata\local\Deployment
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-10-01 00:22:49 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2010-10-01 00:16:36 -------- d-----w- c:\program files\Bonjour
2010-09-29 08:05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 08:05:02 13312 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-09-23 14:28:35 2074729 ----a-w- c:\progra~2\SPL2473.tmp
2010-09-23 06:38:48 902668 ----a-w- c:\progra~2\SPLACE.tmp
==================== Find3M ====================
2010-10-19 18:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-08 18:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 18:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-08 06:01:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56:53 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56:53 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04:36 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26:46 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25:15 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-06 16:20:29 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-09-06 16:19:06 17920 ----a-w- c:\windows\system32\netevent.dll
2010-08-31 15:46:37 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 15:46:37 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-31 15:44:31 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-08-31 13:27:38 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-08-26 16:37:45 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-08-20 16:05:07 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-08-17 14:11:37 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-14 00:48:30 1568631 ----a-w- c:\progra~2\SPL8155.tmp
2010-08-14 00:44:34 1568631 ----a-w- c:\progra~2\SPLE966.tmp
2010-08-10 15:53:15 274944 ----a-w- c:\windows\system32\schannel.dll
2010-08-06 00:06:45 284298 ----a-w- c:\progra~2\SPL4F71.tmp
2010-08-06 00:02:57 284298 ----a-w- c:\progra~2\SPLD10F.tmp
2010-08-04 03:10:07 228261 ----a-w- c:\progra~2\SPL4175.tmp
2010-08-04 03:08:02 228261 ----a-w- c:\progra~2\SPL593F.tmp
2010-07-28 01:44:10 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-28 01:44:10 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-28 01:44:10 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-26 17:47:44 176840 ----a-w- c:\progra~2\SPL890C.tmp
============= FINISH: 21:34:49.36 ===============
This is the Spybot results..could not post to the clip board it would not run for some reason.
CN.wAQdN: [SBI $ABCAF88C] Executable (File, nothing done)
C:\WINDOWS\lsass.exe
Properties.size=162304
Properties.md5=6353DB67981FD55F7C18F05F13077391
Properties.filedate=1287787471
Properties.filedatetext=2010-10-22 15:44:30
Internet Explorer: [SBI $1E8157BE] Typed URL list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: [SBI $FF589D0C] Download directory (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Internet Explorer\Download Directory
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\as1.suitesmart.com\6thElement.sol
Properties.size=152
Properties.md5=437E346AF5A576844ADCA4DE419C8B98
Properties.filedate=1287627488
Properties.filedatetext=2010-10-20 19:18:08
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\c3metrics.com\480-SM.sol
Properties.size=83
Properties.md5=FECB44CD098540B3F1ED7400921C43ED
Properties.filedate=1287627507
Properties.filedatetext=2010-10-20 19:18:27
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\c3metrics.com\480-VT.sol
Properties.size=80
Properties.md5=713DD9C0CF22A23C768121A183CBBB28
Properties.filedate=1287627507
Properties.filedatetext=2010-10-20 19:18:27
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\d.yimg.com\VolumePrefs.sol
Properties.size=55
Properties.md5=680CC18183453BA30B3B748933B29AE7
Properties.filedate=1287726944
Properties.filedatetext=2010-10-21 22:55:44
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\d.yimg.com\YEPBWPrefs.sol
Properties.size=71
Properties.md5=9E4AF29325FE25FD2FCF86717EC57C3B
Properties.filedate=1287726801
Properties.filedatetext=2010-10-21 22:53:21
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\msnbcmedia.msn.com\varo_varoDefault.sol
Properties.size=44
Properties.md5=1D678A046FA699044633AA7E9F4C7919
Properties.filedate=1287772315
Properties.filedatetext=2010-10-22 11:31:55
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\p.ooyala.com\auth.sol
Properties.size=70
Properties.md5=5879BB04CF694678EA64E6A6DB1C9524
Properties.filedate=1287726299
Properties.filedatetext=2010-10-21 22:44:58
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\p.ooyala.com\auth2.sol
Properties.size=679
Properties.md5=04E980F68EDF9EBB4FDD1C9613E127D8
Properties.filedate=1287726301
Properties.filedatetext=2010-10-21 22:45:00
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\s.ytimg.com\soundData.sol
Properties.size=49
Properties.md5=F2945B8419B125F71FC8FD7CDDB59948
Properties.filedate=1287693041
Properties.filedatetext=2010-10-21 13:30:40
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\s.ytimg.com\videostats.sol
Properties.size=85
Properties.md5=8C560A755D9C75197B1483945E3BCD2D
Properties.filedate=1287693044
Properties.filedatetext=2010-10-21 13:30:44
Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\us.mg4.mail.yahoo.com\cookies.sol
Properties.size=67
Properties.md5=703F196989C8E131AFDD521B6A377C71
Properties.filedate=1287806425
Properties.filedatetext=2010-10-22 21:00:24
Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\core.videoegg.com\#ve\admanager.sol
Properties.size=73
Properties.md5=C639D9F832E5A4E3152A3559787383E5
Properties.filedate=1287726297
Properties.filedatetext=2010-10-21 22:44:56
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\core.videoegg.com\#com\videoegg\Demo.sol
Properties.size=59
Properties.md5=4663E4C4D3ACC338D3FE20A2E9C00372
Properties.filedate=1287726297
Properties.filedatetext=2010-10-21 22:44:56
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\core.videoegg.com\#com\videoegg\Retargeting.sol
Properties.size=66
Properties.md5=DC8D4D1BBECA404E809B6CCDBC413B18
Properties.filedate=1287726301
Properties.filedatetext=2010-10-21 22:45:00
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\live.bodog.com\swf\live.swf\bodogLive.sol
Properties.size=190
Properties.md5=9DA8C6A9A90DEC95CF9740F9F0670E0F
Properties.filedate=1287717440
Properties.filedatetext=2010-10-21 20:17:19
Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, nothing done)
C:\Users\jones family\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H3WEDXTA\static.trialpay.com\swf\logo.swf\helpData.sol
Properties.size=95
Properties.md5=87CC314410F50E6A28FEC17B738FC876
Properties.filedate=1287780086
Properties.filedatetext=2010-10-22 13:41:26
MS Management Console: [SBI $ECD50EAD] Recent command list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Microsoft Management Console\Recent File List
MS Media Player: [SBI $E48560B4] Recent file list (7 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\MediaPlayer\Player\RecentFileList
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (9 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Office\12.0\Excel\File MRU
MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (7 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Office\12.0\Word\File MRU
MS Wordpad: [SBI $4C02334D] Recent file list (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows Explorer: [SBI $2026AFB6] User Assistant history IE (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (14 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-2614237343-615573927-4018152048-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Cookie: [SBI $49804B54] Cookie (83) (Cookie, nothing done)
Cache: [SBI $49804B54] Cache (3) (Cache, nothing done)
History: [SBI $49804B54] History (1471) (History, nothing done)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-10-18 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-06-29 Includes\Adware.sbi (*)
2010-10-12 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-09-22 Includes\Dialer.sbi (*)
2010-10-12 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-10-12 Includes\HijackersC.sbi (*)
2010-09-15 Includes\iPhone.sbi (*)
2010-08-02 Includes\Keyloggers.sbi (*)
2010-10-12 Includes\KeyloggersC.sbi (*)
2010-09-13 Includes\Malware.sbi (*)
2010-10-19 Includes\MalwareC.sbi (*)
2010-05-18 Includes\PUPS.sbi (*)
2010-10-12 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-10-12 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-06-29 Includes\Spyware.sbi (*)
2010-10-12 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti (*)
2010-08-04 Includes\Trojans.sbi (*)
2010-10-12 Includes\TrojansC-02.sbi (*)
2010-10-12 Includes\TrojansC-03.sbi (*)
2010-10-12 Includes\TrojansC-04.sbi (*)
2010-10-20 Includes\TrojansC-05.sbi (*)
2010-10-12 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll