jason_MC
2011-02-19, 16:45
Here is my DDS file.
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by jason-n-jasmine at 10:28:51.10 on Sat 02/19/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.4024.948 [GMT -5:00]
AV: Norton 360 *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton 360 *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Stardock\Object Desktop\MyColors\VistaSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Users\jason-n-jasmine\AppData\Local\CrossLoop\CrossLoopService.exe
C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Stardock\Object Desktop\MyColors\WBVista.exe
C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\jason-n-jasmine\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Vuze\Azureus.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jason-n-jasmine\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://g.live.com/1rewlive4startup/home
uWindow Title = Jason
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7315u
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
mWinlogon: Userinit=C:\Windows\SysWOW64\userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
BHO: HttpWatch Basic: {f1f69322-008f-4895-b2bf-ad194219825a} - C:\Program Files (x86)\HttpWatch\httpwatchsc.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\googletoolbar2.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HttpWatch Basic: {2b4c4770-27fd-4a09-b17d-33ca580965fb} - C:\Program Files (x86)\HttpWatch\httpwatch.dll
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [SmAudio] C:\Program Files\Conexant\SmartAudio\SmAudio.exe -c
uRun: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
uRun: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
uRun: [Google Update] "C:\Users\jason-n-jasmine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [eRecoveryService]
mRun: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Trend Micro RUBotted V2.0 Beta] "C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe"
mRunOnce: [New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe
StartupFolder: C:\Users\JASON-~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BigFix.lnk - C:\Program Files\BigFix\bigfix.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {D103E85B-5D67-42c1-8C83-F01079DBAB26} - {2B4C4770-27FD-4A09-B17D-33CA580965FB} - C:\Program Files (x86)\HttpWatch\httpwatch.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {00000130-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/ACELPACM.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper200711281.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?39990.6314583333
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB-X64: {2B4C4770-27FD-4A09-B17D-33CA580965FB} - No File
mRun-x64: [IAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
================= FIREFOX ===================
FF - ProfilePath - C:\Users\JASON-~1\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://support.gateway.com/support/drivers/mydl.asp?tab=MY&os=Windows%207%20(64-bit)
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?&o=15527&l=dis&q=
FF - component: C:\Program Files (x86)\HttpWatch\Firefox\components\httpwatchff.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
FF - component: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: C:\Program Files (x86)\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Fast Dial: http://forums.spybot.info/misc.php?do=email_dev&email=ZmFzdGRpYWxAdGVsZWdhLnBocG5ldC51cw== - %profile%\extensions\fastdial@telega.phpnet.us
FF - Ext: Zotero: http://forums.spybot.info/misc.php?do=email_dev&email=em90ZXJvQGNobm0uZ211LmVkdQ== - %profile%\extensions\zotero@chnm.gmu.edu
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Clipmarks: {e1170235-2845-420c-acc3-42261a29dd46} - %profile%\extensions\{e1170235-2845-420c-acc3-42261a29dd46}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: http://forums.spybot.info/misc.php?do=email_dev&email=TG9nTWVJbkNsaWVudEBsb2dtZWluLmNvbQ== - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: HttpWatch Basic Edition: {1E2593B2-E106-4697-BCE7-A9D30DE05D73} - C:\Program Files (x86)\HttpWatch\Firefox
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn
---- FIREFOX POLICIES ----
============= SERVICES / DRIVERS ===============
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0403000.005\symds64.sys [2011-1-20 433200]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0403000.005\symefa64.sys [2011-1-20 221232]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110211.003\BHDrvx64.sys [2011-2-10 1124472]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\N360x64\0403000.005\cchpx64.sys [2011-1-20 615040]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110218.003\IDSviA64.sys [2011-2-18 476792]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0403000.005\ironx64.sys [2011-1-20 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\System32\drivers\N360x64\0403000.005\symtdiv.sys [2011-1-20 451120]
R1 VBoxDrv;VirtualBox Service;C:\Windows\System32\drivers\VBoxDrv.sys [2010-9-28 202960]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\Windows\System32\drivers\VBoxUSBMon.sys [2010-9-28 53968]
R2 CrossLoopService;CrossLoop Service;C:\Users\jason-n-jasmine\AppData\Local\CrossLoop\CrossLoopService.exe [2011-1-19 560848]
R2 ETService;Empowering Technology Service;C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2008-9-18 24576]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-12-6 2101640]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2011-2-12 72216]
R2 npf;NetGroup Packet Filter Driver;C:\Windows\System32\drivers\npf.sys [2011-2-11 35344]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2008-10-15 292864]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-1-19 132656]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-8-19 126976]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-1-4 24152]
R3 O2MDRDR;O2MDRDR;C:\Windows\System32\drivers\o2mdx64.sys [2008-5-12 62424]
R3 O2SDRDR;O2SDRDR;C:\Windows\System32\drivers\o2sdx64.sys [2008-6-11 51800]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\System32\drivers\VBoxNetAdp.sys [2010-8-5 144720]
R3 VBoxNetFlt;VBoxNetFlt Service;C:\Windows\System32\drivers\VBoxNetFlt.sys [2010-8-5 164240]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2008-2-21 393728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-8 136176]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2008-8-19 33584]
S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 PSMounter;Macrium Reflect Image Explorer Service;C:\Windows\System32\drivers\psmounter.sys [2010-3-17 39904]
S3 rt70x64;Linksys Home Wireless-G USB Adaptor Driver;C:\Windows\System32\drivers\netr7064.sys [2009-2-26 380928]
S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2010-8-5 43728]
S4 ASKService;ASKService;C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe [2009-9-14 464264]
S4 ASKUpgrade;ASKUpgrade;C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe [2009-9-14 234888]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-2-24 93184]
=============== File Associations ===============
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
=============== Created Last 30 ================
2011-02-19 14:38:19 -------- d-----w- C:\Program Files (x86)\ESET
2011-02-18 22:39:13 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-02-16 18:10:35 -------- d-----w- C:\Users\jason-n-jasmine\.zenmap
2011-02-16 18:09:39 -------- d-----w- C:\Program Files\WinPcap
2011-02-16 18:09:15 -------- d-----w- C:\Program Files (x86)\Nmap
2011-02-16 01:38:37 -------- d-----w- C:\PROGRA~3\LogMeInBackup
2011-02-16 01:38:15 -------- d-----w- C:\Program Files (x86)\LogMeIn Backup
2011-02-12 21:45:35 -------- d-----w- C:\Users\JASON-~1\AppData\Local\LogMeIn
2011-02-12 21:45:22 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-02-12 21:45:22 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-02-12 21:45:22 60800 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2011-02-12 21:45:22 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-02-12 21:45:18 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-02-12 21:45:11 -------- d-----w- C:\PROGRA~3\LogMeIn
2011-02-12 21:44:50 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-02-12 21:18:23 -------- d-----w- C:\Users\JASON-~1\AppData\Local\LogMeIn Hamachi
2011-02-12 20:36:46 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2011-02-12 20:36:40 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2011-02-12 19:36:16 -------- d-----w- C:\Users\JASON-~1\AppData\Roaming\UltraVNC
2011-02-11 21:23:34 96784 ----a-w- C:\Windows\SysWow64\Packet.dll
2011-02-11 21:23:34 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll
2011-02-11 21:23:34 369168 ----a-w- C:\Windows\System32\wpcap.dll
2011-02-11 21:23:34 35344 ----a-w- C:\Windows\System32\drivers\npf.sys
2011-02-11 21:23:34 281104 ----a-w- C:\Windows\SysWow64\wpcap.dll
2011-02-11 21:23:34 106000 ----a-w- C:\Windows\System32\Packet.dll
2011-02-09 12:01:59 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2011-02-09 04:22:51 2755584 ----a-w- C:\Windows\System32\win32k.sys
2011-02-09 04:22:19 4692368 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-02-09 04:22:18 1560960 ----a-w- C:\Windows\System32\ntdll.dll
2011-02-09 04:22:18 1167488 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-02-09 04:20:56 48128 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-09 04:20:56 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-09 04:20:56 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-09 04:20:56 292352 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-04 18:17:48 53808 ----a-r- C:\Windows\System32\drivers\SymIMV.sys
2011-02-01 15:26:56 -------- d-----w- C:\Users\JASON-~1\AppData\Local\Deployment
2011-01-30 19:57:00 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-01-30 19:57:00 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-01-29 14:10:13 -------- d-----w- C:\Users\JASON-~1\AppData\Roaming\TeamViewer
2011-01-29 14:02:22 -------- d-----w- C:\Program Files (x86)\Microsoft Easy Assist
2011-01-28 03:18:07 -------- d-----w- C:\Windows\Downloaded Installations
2011-01-27 03:30:17 108 ----a-w- C:\Users\jason-n-jasmine\Messenger.bat
2011-01-26 16:30:16 -------- d-----w- C:\Program Files (x86)\Safer Networking
2011-01-25 18:34:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-01-25 18:34:45 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2011-01-22 18:49:16 -------- d-----w- C:\Windows\System32\catroot2
2011-01-22 18:18:57 -------- d-----w- C:\PROGRA~3\Applications
2011-01-22 02:17:17 -------- d-----w- C:\8c6408cf747ab2aeedb291576b
2011-01-22 00:27:43 -------- d-----w- C:\Windows\System32\CatRoot2_2011122133954
2011-01-20 21:59:24 -------- d-----w- C:\Windows\CheckSur
2011-01-20 16:48:52 451120 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\symtdiv.sys
2011-01-20 16:48:52 221232 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\symefa64.sys
2011-01-20 16:48:51 615040 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\cchpx64.sys
2011-01-20 16:48:51 505392 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\srtsp64.sys
2011-01-20 16:48:51 433200 ----a-r- C:\Windows\System32\drivers\N360x64\0403000.005\symds64.sys
2011-01-20 16:48:51 32304 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\srtspx64.sys
2011-01-20 16:48:51 150064 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\ironx64.sys
2011-01-20 16:48:33 -------- d-----w- C:\Windows\System32\drivers\N360x64\0403000.005
2011-01-20 16:20:08 -------- d-----w- C:\bc3cdc69e30bc3b674381ee74d
2011-01-20 16:17:59 1570816 ----a-w- C:\Windows\System32\quartz.dll
2011-01-20 16:17:59 1314816 ----a-w- C:\Windows\SysWow64\quartz.dll
==================== Find3M ====================
2011-01-19 23:07:49 173104 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2010-12-30 15:49:27 286720 ------w- C:\Windows\Setup1.exe
2010-12-30 15:49:26 73216 ----a-w- C:\Windows\ST6UNST.EXE
2010-12-28 15:26:13 462848 ----a-w- C:\Windows\System32\odbc32.dll
2010-12-28 14:57:35 409600 ----a-w- C:\Windows\SysWow64\odbc32.dll
2010-12-20 23:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-18 06:55:17 1147904 ----a-w- C:\Windows\System32\wininet.dll
2010-12-18 06:50:55 56832 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:50:36 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-12-18 06:50:16 77312 ----a-w- C:\Windows\System32\iesetup.dll
2010-12-18 06:50:16 132096 ----a-w- C:\Windows\System32\iesysprep.dll
2010-12-18 06:27:04 916480 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-18 06:22:41 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 06:22:27 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2010-12-18 06:22:11 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
2010-12-18 06:22:11 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2010-12-18 05:57:45 479232 ----a-w- C:\Windows\System32\html.iec
2010-12-18 05:25:26 385024 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 05:16:59 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
2010-12-18 05:15:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 04:48:39 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2010-12-18 04:47:11 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-12-14 16:20:18 1251840 ----a-w- C:\Windows\System32\sdclt.exe
============= FINISH: 10:31:46.26 ===============
http://forums.spybot.info/showthread.php?t=61656
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by jason-n-jasmine at 10:28:51.10 on Sat 02/19/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.4024.948 [GMT -5:00]
AV: Norton 360 *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton 360 *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files (x86)\Stardock\Object Desktop\MyColors\VistaSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Users\jason-n-jasmine\AppData\Local\CrossLoop\CrossLoopService.exe
C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Stardock\Object Desktop\MyColors\WBVista.exe
C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\jason-n-jasmine\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Vuze\Azureus.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jason-n-jasmine\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://g.live.com/1rewlive4startup/home
uWindow Title = Jason
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7315u
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
mWinlogon: Userinit=C:\Windows\SysWOW64\userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
BHO: HttpWatch Basic: {f1f69322-008f-4895-b2bf-ad194219825a} - C:\Program Files (x86)\HttpWatch\httpwatchsc.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\googletoolbar2.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HttpWatch Basic: {2b4c4770-27fd-4a09-b17d-33ca580965fb} - C:\Program Files (x86)\HttpWatch\httpwatch.dll
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [SmAudio] C:\Program Files\Conexant\SmartAudio\SmAudio.exe -c
uRun: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
uRun: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
uRun: [Google Update] "C:\Users\jason-n-jasmine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [eRecoveryService]
mRun: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Trend Micro RUBotted V2.0 Beta] "C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe"
mRunOnce: [New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe
StartupFolder: C:\Users\JASON-~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BigFix.lnk - C:\Program Files\BigFix\bigfix.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {D103E85B-5D67-42c1-8C83-F01079DBAB26} - {2B4C4770-27FD-4A09-B17D-33CA580965FB} - C:\Program Files (x86)\HttpWatch\httpwatch.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {00000130-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/ACELPACM.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper200711281.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?39990.6314583333
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB-X64: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB-X64: {2B4C4770-27FD-4A09-B17D-33CA580965FB} - No File
mRun-x64: [IAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
================= FIREFOX ===================
FF - ProfilePath - C:\Users\JASON-~1\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://support.gateway.com/support/drivers/mydl.asp?tab=MY&os=Windows%207%20(64-bit)
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?&o=15527&l=dis&q=
FF - component: C:\Program Files (x86)\HttpWatch\Firefox\components\httpwatchff.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
FF - component: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: C:\Program Files (x86)\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\ma2cnvr3.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\jason-n-jasmine\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Fast Dial: http://forums.spybot.info/misc.php?do=email_dev&email=ZmFzdGRpYWxAdGVsZWdhLnBocG5ldC51cw== - %profile%\extensions\fastdial@telega.phpnet.us
FF - Ext: Zotero: http://forums.spybot.info/misc.php?do=email_dev&email=em90ZXJvQGNobm0uZ211LmVkdQ== - %profile%\extensions\zotero@chnm.gmu.edu
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - Ext: Clipmarks: {e1170235-2845-420c-acc3-42261a29dd46} - %profile%\extensions\{e1170235-2845-420c-acc3-42261a29dd46}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: LogMeIn, Inc. Remote Access Plugin: http://forums.spybot.info/misc.php?do=email_dev&email=TG9nTWVJbkNsaWVudEBsb2dtZWluLmNvbQ== - %profile%\extensions\LogMeInClient@logmein.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: HttpWatch Basic Edition: {1E2593B2-E106-4697-BCE7-A9D30DE05D73} - C:\Program Files (x86)\HttpWatch\Firefox
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn
---- FIREFOX POLICIES ----
============= SERVICES / DRIVERS ===============
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0403000.005\symds64.sys [2011-1-20 433200]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0403000.005\symefa64.sys [2011-1-20 221232]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110211.003\BHDrvx64.sys [2011-2-10 1124472]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\N360x64\0403000.005\cchpx64.sys [2011-1-20 615040]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110218.003\IDSviA64.sys [2011-2-18 476792]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0403000.005\ironx64.sys [2011-1-20 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\System32\drivers\N360x64\0403000.005\symtdiv.sys [2011-1-20 451120]
R1 VBoxDrv;VirtualBox Service;C:\Windows\System32\drivers\VBoxDrv.sys [2010-9-28 202960]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\Windows\System32\drivers\VBoxUSBMon.sys [2010-9-28 53968]
R2 CrossLoopService;CrossLoop Service;C:\Users\jason-n-jasmine\AppData\Local\CrossLoop\CrossLoopService.exe [2011-1-19 560848]
R2 ETService;Empowering Technology Service;C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2008-9-18 24576]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-12-6 2101640]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2011-2-12 72216]
R2 npf;NetGroup Packet Filter Driver;C:\Windows\System32\drivers\npf.sys [2011-2-11 35344]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2008-10-15 292864]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-1-19 132656]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-8-19 126976]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-1-4 24152]
R3 O2MDRDR;O2MDRDR;C:\Windows\System32\drivers\o2mdx64.sys [2008-5-12 62424]
R3 O2SDRDR;O2SDRDR;C:\Windows\System32\drivers\o2sdx64.sys [2008-6-11 51800]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\System32\drivers\VBoxNetAdp.sys [2010-8-5 144720]
R3 VBoxNetFlt;VBoxNetFlt Service;C:\Windows\System32\drivers\VBoxNetFlt.sys [2010-8-5 164240]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2008-2-21 393728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-8 136176]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2008-8-19 33584]
S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 PSMounter;Macrium Reflect Image Explorer Service;C:\Windows\System32\drivers\psmounter.sys [2010-3-17 39904]
S3 rt70x64;Linksys Home Wireless-G USB Adaptor Driver;C:\Windows\System32\drivers\netr7064.sys [2009-2-26 380928]
S3 VBoxUSB;VirtualBox USB;C:\Windows\System32\drivers\VBoxUSB.sys [2010-8-5 43728]
S4 ASKService;ASKService;C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe [2009-9-14 464264]
S4 ASKUpgrade;ASKUpgrade;C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe [2009-9-14 234888]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-2-24 93184]
=============== File Associations ===============
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
=============== Created Last 30 ================
2011-02-19 14:38:19 -------- d-----w- C:\Program Files (x86)\ESET
2011-02-18 22:39:13 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-02-16 18:10:35 -------- d-----w- C:\Users\jason-n-jasmine\.zenmap
2011-02-16 18:09:39 -------- d-----w- C:\Program Files\WinPcap
2011-02-16 18:09:15 -------- d-----w- C:\Program Files (x86)\Nmap
2011-02-16 01:38:37 -------- d-----w- C:\PROGRA~3\LogMeInBackup
2011-02-16 01:38:15 -------- d-----w- C:\Program Files (x86)\LogMeIn Backup
2011-02-12 21:45:35 -------- d-----w- C:\Users\JASON-~1\AppData\Local\LogMeIn
2011-02-12 21:45:22 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-02-12 21:45:22 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-02-12 21:45:22 60800 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2011-02-12 21:45:22 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-02-12 21:45:18 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-02-12 21:45:11 -------- d-----w- C:\PROGRA~3\LogMeIn
2011-02-12 21:44:50 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-02-12 21:18:23 -------- d-----w- C:\Users\JASON-~1\AppData\Local\LogMeIn Hamachi
2011-02-12 20:36:46 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2011-02-12 20:36:40 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2011-02-12 19:36:16 -------- d-----w- C:\Users\JASON-~1\AppData\Roaming\UltraVNC
2011-02-11 21:23:34 96784 ----a-w- C:\Windows\SysWow64\Packet.dll
2011-02-11 21:23:34 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll
2011-02-11 21:23:34 369168 ----a-w- C:\Windows\System32\wpcap.dll
2011-02-11 21:23:34 35344 ----a-w- C:\Windows\System32\drivers\npf.sys
2011-02-11 21:23:34 281104 ----a-w- C:\Windows\SysWow64\wpcap.dll
2011-02-11 21:23:34 106000 ----a-w- C:\Windows\System32\Packet.dll
2011-02-09 12:01:59 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2011-02-09 04:22:51 2755584 ----a-w- C:\Windows\System32\win32k.sys
2011-02-09 04:22:19 4692368 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-02-09 04:22:18 1560960 ----a-w- C:\Windows\System32\ntdll.dll
2011-02-09 04:22:18 1167488 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-02-09 04:20:56 48128 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-09 04:20:56 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-09 04:20:56 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-09 04:20:56 292352 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-04 18:17:48 53808 ----a-r- C:\Windows\System32\drivers\SymIMV.sys
2011-02-01 15:26:56 -------- d-----w- C:\Users\JASON-~1\AppData\Local\Deployment
2011-01-30 19:57:00 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-01-30 19:57:00 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-01-29 14:10:13 -------- d-----w- C:\Users\JASON-~1\AppData\Roaming\TeamViewer
2011-01-29 14:02:22 -------- d-----w- C:\Program Files (x86)\Microsoft Easy Assist
2011-01-28 03:18:07 -------- d-----w- C:\Windows\Downloaded Installations
2011-01-27 03:30:17 108 ----a-w- C:\Users\jason-n-jasmine\Messenger.bat
2011-01-26 16:30:16 -------- d-----w- C:\Program Files (x86)\Safer Networking
2011-01-25 18:34:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-01-25 18:34:45 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2011-01-22 18:49:16 -------- d-----w- C:\Windows\System32\catroot2
2011-01-22 18:18:57 -------- d-----w- C:\PROGRA~3\Applications
2011-01-22 02:17:17 -------- d-----w- C:\8c6408cf747ab2aeedb291576b
2011-01-22 00:27:43 -------- d-----w- C:\Windows\System32\CatRoot2_2011122133954
2011-01-20 21:59:24 -------- d-----w- C:\Windows\CheckSur
2011-01-20 16:48:52 451120 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\symtdiv.sys
2011-01-20 16:48:52 221232 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\symefa64.sys
2011-01-20 16:48:51 615040 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\cchpx64.sys
2011-01-20 16:48:51 505392 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\srtsp64.sys
2011-01-20 16:48:51 433200 ----a-r- C:\Windows\System32\drivers\N360x64\0403000.005\symds64.sys
2011-01-20 16:48:51 32304 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\srtspx64.sys
2011-01-20 16:48:51 150064 ----a-w- C:\Windows\System32\drivers\N360x64\0403000.005\ironx64.sys
2011-01-20 16:48:33 -------- d-----w- C:\Windows\System32\drivers\N360x64\0403000.005
2011-01-20 16:20:08 -------- d-----w- C:\bc3cdc69e30bc3b674381ee74d
2011-01-20 16:17:59 1570816 ----a-w- C:\Windows\System32\quartz.dll
2011-01-20 16:17:59 1314816 ----a-w- C:\Windows\SysWow64\quartz.dll
==================== Find3M ====================
2011-01-19 23:07:49 173104 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2010-12-30 15:49:27 286720 ------w- C:\Windows\Setup1.exe
2010-12-30 15:49:26 73216 ----a-w- C:\Windows\ST6UNST.EXE
2010-12-28 15:26:13 462848 ----a-w- C:\Windows\System32\odbc32.dll
2010-12-28 14:57:35 409600 ----a-w- C:\Windows\SysWow64\odbc32.dll
2010-12-20 23:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-18 06:55:17 1147904 ----a-w- C:\Windows\System32\wininet.dll
2010-12-18 06:50:55 56832 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:50:36 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-12-18 06:50:16 77312 ----a-w- C:\Windows\System32\iesetup.dll
2010-12-18 06:50:16 132096 ----a-w- C:\Windows\System32\iesysprep.dll
2010-12-18 06:27:04 916480 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-18 06:22:41 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 06:22:27 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2010-12-18 06:22:11 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
2010-12-18 06:22:11 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2010-12-18 05:57:45 479232 ----a-w- C:\Windows\System32\html.iec
2010-12-18 05:25:26 385024 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 05:16:59 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
2010-12-18 05:15:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 04:48:39 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2010-12-18 04:47:11 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-12-14 16:20:18 1251840 ----a-w- C:\Windows\System32\sdclt.exe
============= FINISH: 10:31:46.26 ===============
http://forums.spybot.info/showthread.php?t=61656