Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My spyware and antivirus didn't completely remove infection. [RESO

Started by Dazed&Confused08 , May 01 2008 02:49 PM

  • This topic is locked This topic is locked

#1
Dazed&Confused08
Posted 01 May 2008 - 02:49 PM

Dazed&Confused08

    Member

  • Member
  • PipPip
  • 75 posts
Hi, I've never posted in a web forum before and I'm a little overwhelmed. I'm not really computer savy and I need an explanation that is basic. I recently had a bad infection of somekind loaded into my computer. My desktop background was hijacked with a false message saying that there was a spyware threat and to click this link to fix it (I never clicked it). I was then bombarded with pop-ups on my screen for false spyware removers,vundo,zeno, etc. My task manager and registry edit was disabled by a false administrator. I then purchased and ran spyware doctor, antivirus, and registry mechanic. Most of the problems disappeared. However I did have to look online in order to fix my registry and enable my task manager. Now the some of the same infections are repeating themselves after they've been cleaned (trojan.2nd-thought_com, adware.2020search_com,trojan purity scan, etc.) The only problems I have now is that my mouse will freeze and i have to unplug it. Also, my google and yahoo search results have been hijacked. I click the search results and I'm directed to another search engine, spyware products, or some ebay page. I've been trying to get my computer back to normal for 5 days now and these appear to be the last of my problems. THANK YOU!
  • 0

Advertisements

#2
Thunderbird1988
Posted 03 May 2008 - 02:20 AM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello Dazed&Confused08 and welcome at Geekstogo,

I am Thunderbird1988 and I am going to fix your malwareproblems. If you have questions, feel free to ask. :)

Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

Thunderbird1988
  • 0

#3
Dazed&Confused08
Posted 05 May 2008 - 06:51 PM

Dazed&Confused08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
Thanks Thunderbird, but i haven't been able to reach this site in two days! I would type the address and the page wouldn't come up. I would google the page and paste the url and it still wouldn't come up. Every other website did, and I was still having the same problems up until about an hour ago. I ran my Spyware doctor's antivirus and registry mechanic, and it removed some things I had never seen on the previous scans, like hidden files. Immediately after the scan I recieved a message from windows saying "the files required for windows to run regularly have been replaced by unrecognized information..." I ignored it and restarted my compter when prompted by Spyware doctor. I immediatly tried Internet Explorer and did a search and it WORKED. My search results weren't hijacked. My mouse hasn't frozen, and I reached the Geek To Go website! I originally thought the site was down, but now I think it was the rotten virus! Here's my report, and what are your thoughts on this?

Deckard's System Scanner v20071014.68
Run by Jessica on 2008-05-05 19:51:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
112: 2008-05-06 00:52:05 UTC - RP597 - Deckard's System Scanner Restore Point
111: 2008-05-06 00:10:26 UTC - RP596 - Made by Registry Mechanic O
110: 2008-05-06 00:07:54 UTC - RP595 - Spyware Doctor: Cleaning Threats
109: 2008-05-05 23:51:09 UTC - RP594 - Spyware Doctor: Cleaning Threats
108: 2008-05-05 22:02:59 UTC - RP593 - Spyware Doctor: Cleaning Threats


-- First Restore Point --
1: 2008-04-26 21:27:42 UTC - RP486 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 510 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-05 19:58:33
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\McAfee.com\Agent\Mcdetect.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee.com\Agent\McTskshd.exe
C:\WINDOWS\winself.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\alg.exe
C:\Documents and Settings\Jessica\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsof...search.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0A6C3BD4-AA0E-45C4-92C8-BAC4D9F3F88D} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: (no name) - {1D0B1B2F-4D44-48DC-AE5A-F4BBBAE2A83F} - (no file)
O2 - BHO: (no name) - {2B277306-7C43-4FF9-AA4E-8E6E9D8E9BB6} - (no file)
O2 - BHO: (no name) - {32B02FC3-1237-4FCD-8D12-E5C18723DD1D} - (no file)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {90C6E0BF-882E-47CC-A60C-7946E25380EB} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {A08B97A7-DCBA-481A-BBA5-A692C42EDEE4} - (no file)
O2 - BHO: (no name) - {C6D94EA0-D245-D1C0-44E1-A48F02267DC1} - (no file)
O2 - BHO: (no name) - {CDA1B0C3-EB60-4003-B6E1-72998FA881CC} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {ECF8EA6D-8F99-4ABD-A8F5-AF630689D85B} - (no file)
O2 - BHO: (no name) - {F04B6A5A-0B29-45E3-960B-00CB392E79CF} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O2 - BHO: (no name) - {FFFFFFFF-BBBB-4146-86FD-A722E8AB3489} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /S
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Asfmodd] "C:\Program Files\F?nts\r?ndll32.exe"
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr=1
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 () - http://origin.games....ts/y/poti_x.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...swdir8d196a.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.ma...t/ultrashim.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} () - http://download.yaho...alls/yab_af.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} () - http://3dlifeplayer....l/installer.exe
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://livewc02.cus...l/java/RntX.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...960/mcfscan.cab
O20 - Winlogon Notify: ljJCVpop - C:\WINDOWS\system32\ljJCVpop.dll (file missing)
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\Mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\McTskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINDOWS\winself.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe


--
End of file - 10646 bytes

-- File Associations -----------------------------------------------------------

.ini - inifile - shell\open\command - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1
.scr - scrfile - shell\open\command - "%1" /S "%3"
.txt - txtfile - shell\open\command - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 drmkk - c:\windows\system32\drivers\drmkk.sys
R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>

S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
S3 dump_wmimmc - c:\ijji\english\u_sf\gameguard\dump_wmimmc.sys (file missing)
S3 NPPTNT2 - c:\windows\system32\npptnt2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 MsSecurity1.209.4 (MsSecurity Updated) - c:\windows\winself.exe service


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-09-05 08:21:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-04-05 and 2008-05-05 -----------------------------

2008-05-04 14:44:56 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-05-04 14:44:51 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-05-04 14:44:07 0 d-------- C:\Documents and Settings\Jessica\Application Data\Xfire
2008-05-04 14:19:27 0 d-------- C:\ijji
2008-05-04 14:19:22 0 d--h----- C:\Documents and Settings\Jessica\Application Data\ijjigame
2008-05-04 14:18:48 704512 --a------ C:\WINDOWS\system32\ijjiSetup.exe <Not Verified; NHN USA; ijjiSetup Application>
2008-05-04 14:18:48 0 d-------- C:\Program Files\NHN USA
2008-05-03 12:33:03 0 d-------- C:\Documents and Settings\kiwana\Application Data\BearShare
2008-04-29 23:26:14 0 d-------- C:\Documents and Settings\Jessica\Application Data\BearShare
2008-04-29 23:26:07 0 d-------- C:\Program Files\BearShare Applications
2008-04-27 13:31:01 2033 --a------ C:\WINDOWS\system32\yqkpmhjj.dll
2008-04-27 12:32:47 0 d-------- C:\Program Files\Common Files\PC Tools
2008-04-27 12:32:37 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-04-27 12:09:51 0 d-------- C:\Program Files\Google
2008-04-27 02:24:28 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-27 02:24:04 0 d-------- C:\Program Files\Spyware Doctor
2008-04-27 02:24:04 0 d-------- C:\Documents and Settings\Jessica\Application Data\PC Tools
2008-04-27 01:37:25 298311 --a------ C:\WINDOWS\system32\gside.exe
2008-04-27 01:26:31 515519 --ahs---- C:\WINDOWS\system32\WwvwDJlm.ini2
2008-04-26 23:17:03 7374 --ahs---- C:\WINDOWS\system32\PrqWwyxx.ini2
2008-04-26 23:03:04 4200 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-26 23:01:41 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-26 23:01:41 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-04-26 23:01:41 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-04-26 23:01:41 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-04-26 23:01:41 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-04-26 23:01:41 82944 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-26 23:01:41 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-26 23:01:41 82944 --a------ C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-26 20:43:15 7629 --ahs---- C:\WINDOWS\system32\pqqsCcfe.ini2
2008-04-26 19:38:22 7425 --ahs---- C:\WINDOWS\system32\gPVuDMoq.ini2
2008-04-26 19:30:36 30208 --a------ C:\WINDOWS\bjam.dll
2008-04-26 18:28:44 25856 --a------ C:\WINDOWS\swin32.dll
2008-04-26 18:28:44 19968 --a------ C:\WINDOWS\mspphe.dll
2008-04-26 17:18:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-26 16:54:21 15360 --a------ C:\WINDOWS\voiceip.dll
2008-04-26 16:54:21 29952 --a------ C:\WINDOWS\cdsm32.dll
2008-04-26 16:54:21 32000 --a------ C:\WINDOWS\bokja.exe
2008-04-26 16:54:16 19712 --a------ C:\WINDOWS\saiemod.dll
2008-04-26 16:54:16 12544 --a------ C:\WINDOWS\msapasrc.dll
2008-04-26 16:54:16 26112 --a------ C:\WINDOWS\msa64chk.dll
2008-04-26 16:54:15 27648 --a------ C:\WINDOWS\shdocpl.dll
2008-04-26 16:54:14 13312 --a------ C:\WINDOWS\shdocpe.dll
2008-04-26 16:54:13 20736 --a------ C:\WINDOWS\winsb.dll
2008-04-26 16:54:13 14336 --a------ C:\WINDOWS\browserad.dll
2008-04-26 16:54:13 31744 --a------ C:\WINDOWS\aviwrap32.dll
2008-04-26 16:54:13 28928 --a------ C:\WINDOWS\avisynthex32.dll
2008-04-26 16:54:12 10752 --a------ C:\WINDOWS\avifile32.dll
2008-04-26 16:54:12 16128 --a------ C:\WINDOWS\autodisc32.dll
2008-04-26 16:54:12 27136 --a------ C:\WINDOWS\audiosrv32.dll
2008-04-26 16:54:12 16384 --a------ C:\WINDOWS\ati2dvag32.dll
2008-04-26 16:54:12 11520 --a------ C:\WINDOWS\ati2dvaa32.dll
2008-04-26 16:54:12 27136 --a------ C:\WINDOWS\athprxy32.dll
2008-04-26 16:54:11 15360 --a------ C:\WINDOWS\changeurl_30.dll
2008-04-26 16:54:11 20480 --a------ C:\WINDOWS\asycfilt32.dll
2008-04-26 16:54:11 26880 --a------ C:\WINDOWS\asferror32.dll
2008-04-26 16:27:31 8020 --ahs---- C:\WINDOWS\system32\DgOpoUtv.ini2
2008-04-26 16:22:47 863 --a------ C:\WINDOWS\system32\winpfz33.sys
2008-04-26 16:22:40 0 d--hs---- C:\WINDOWS\SmVzc2ljYQ
2008-04-26 16:22:35 200768 --a------ C:\WINDOWS\system32\scntmkdn.exe
2008-04-26 16:22:31 400546 --a------ C:\WINDOWS\system32\g76.exe
2008-04-26 16:22:27 86144 --a------ C:\WINDOWS\system32\drivers\drmkk.sys
2008-04-26 16:22:25 0 d-------- C:\WINDOWS\system32\wTMP
2008-04-26 16:22:25 0 d-------- C:\WINDOWS\system32\n3
2008-04-26 16:22:25 0 d-------- C:\WINDOWS\system32\b1
2008-04-26 16:22:23 0 d-------- C:\WINDOWS\system32\pnVes06
2008-04-26 16:21:56 0 d-------- C:\Program Files\F?nts
2008-04-26 16:21:49 0 d-------- C:\Program Files\Common Files\M?crosoft
2008-04-26 16:21:31 88491 --a------ C:\WINDOWS\system32\wmsdkns.exe <Not Verified; Microsoft; XML Media>
2008-04-26 16:21:31 88491 --a------ C:\WINDOWS\lfn.exe <Not Verified; Microsoft; XML Media>
2008-04-26 16:21:22 29696 --a------ C:\WINDOWS\winself.exe
2008-04-15 13:47:10 0 d-------- C:\Documents and Settings\Jessica\Saved Games
2008-04-15 13:47:10 0 d-------- C:\Documents and Settings\Jessica\Application Data\FloodLightGames
2008-04-15 13:47:10 0 d-------- C:\Documents and Settings\All Users\Application Data\FloodLightGames
2008-04-15 13:46:58 0 d-------- C:\Program Files\AOL Games
2008-04-07 11:27:18 329216 --a------ C:\WINDOWS\system32\_{f9dd31ba-e854-da85-c499-21b194989885}.dll
2008-04-05 00:29:14 270694 --a------ C:\WINDOWS\system32\000080.exe


-- Find3M Report ---------------------------------------------------------------

2008-05-05 19:50:53 2516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-05-05 19:50:53 56 -r-hs---- C:\WINDOWS\system32\6709BCCFE0.sys
2008-05-05 19:10:31 0 d-------- C:\Program Files\LimeWire
2008-05-05 19:10:30 0 d-------- C:\Program Files\Mozilla Firefox(2)
2008-05-04 14:44:56 0 d-------- C:\Program Files\Common Files
2008-05-04 14:18:47 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-01 12:55:08 0 d-------- C:\Program Files\Dl_cats
2008-04-29 14:41:08 0 d-------- C:\Documents and Settings\Jessica\Application Data\Move Networks
2008-04-27 16:14:20 0 d-------- C:\Program Files\F?nts
2008-04-27 16:14:20 0 d-------- C:\Program Files\Common Files\M?crosoft
2008-04-23 17:29:45 0 d-------- C:\Program Files\Java
2008-04-23 17:13:12 7700480 --a------ C:\Program Files\Pharell Williams, P Diddy, Lenny Kravitz - Show Me Your Soul.mp3
2008-04-23 16:59:04 3973854 --a------ C:\Program Files\Nickelback - Photogragh.mp3
2008-04-23 16:58:05 7026578 --a------ C:\Program Files\Sade - King Of Sorrow.mp3
2008-04-23 16:58:03 5163662 --a------ C:\Program Files\Phil Collins - You'll Be In My Heart.mp3
2008-04-23 16:58:02 7651584 --a------ C:\Program Files\Phil Collins - Take Me Home (long version).mp3
2008-04-23 16:57:59 1783510 --a------ C:\Program Files\Nsync - Something Like You.mp3
2008-04-23 16:57:57 347 ---hs---- C:\Program Files\desktop.ini
2008-04-23 16:57:56 6253434 --a------ C:\Program Files\Nsync - Selfish.mp3
2008-04-23 16:57:54 12616 ---hs--c- C:\Program Files\Folder.jpg
2008-04-23 16:57:54 12616 ---hs---- C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Large.jpg
2008-04-23 16:57:51 3240030 --a------ C:\Program Files\Nsync - I thought she knew.mp3
2008-04-23 16:57:47 7411508 --a------ C:\Program Files\Musiq Soulchild - Dont Change.mp3
2008-04-23 16:57:46 3274 ---hs--c- C:\Program Files\AlbumArtSmall.jpg
2008-04-23 16:57:46 3274 ---hs---- C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Small.jpg
2008-04-23 16:57:44 16056 ---hs---- C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Large.jpg
2008-04-23 16:57:41 5536958 --a------ C:\Program Files\Dixie Chicks - Landslide.mp3
2008-04-23 16:57:40 3591 ---hs---- C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Small.jpg
2008-04-23 16:57:37 5286731 --a------ C:\Program Files\Maroon five - Rag Doll.mp3
2008-04-23 16:50:40 0 d-------- C:\Documents and Settings\Jessica\Application Data\Jasc Software Inc
2008-04-23 16:50:29 0 d-------- C:\Program Files\Mozilla Sunbird
2008-04-23 15:48:52 0 d-------- C:\Program Files\Jasc Software Inc
2008-04-16 16:27:27 125999092 --a------ C:\Program Files\Harvey Birdman Attorney at Law - 103 - Death By Chocolate.mpg
2008-04-16 14:55:26 121189628 --a------ C:\Program Files\Harvey Birdman Attorney at Law - 109 - Blackwatch Plaid.mpg
2008-04-14 22:59:43 11196 ---hs---- C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Large.jpg
2008-04-14 22:59:38 2375 ---hs---- C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Small.jpg
2008-04-14 22:59:26 3325369 --a------ C:\Program Files\Fall Out Boy - Get Busy Living Or Get Busy Dying.mp3
2008-04-14 22:59:17 11493 ---hs---- C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Large.jpg
2008-04-14 22:59:14 2800 ---hs---- C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Small.jpg
2008-04-14 22:58:01 4321454 --a------ C:\Program Files\Maroon 5 - Shiver.mp3
2008-04-14 22:57:25 3473 ---hs---- C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Small.jpg
2008-04-14 22:57:25 15403 ---hs---- C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Large.jpg
2008-04-13 17:52:04 10260 ---hs---- C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Large.jpg
2008-04-13 17:52:03 2403 ---hs---- C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Small.jpg
2008-04-13 17:42:37 4687039 --a------ C:\Program Files\Stained - Outside.mp3
2008-04-13 17:42:37 7216224 --a------ C:\Program Files\Jordan Sparks feat. Chris Brown - No Air.mp3
2008-04-13 17:42:36 4392667 --a------ C:\Program Files\Sade- By Your Side.mp3
2008-04-13 17:42:35 5196894 --a------ C:\Program Files\Puddle Of Mudd - She Hates Me.mp3
2008-04-13 17:42:35 8944288 --a------ C:\Program Files\P-Diddy feat. Keisha Cole- Last night.mp3
2008-04-13 17:42:34 5521441 --a------ C:\Program Files\Nelly Furtado - Maneater.mp3
2008-04-13 17:42:33 6452185 --a------ C:\Program Files\Musiq Soulchild - Teach me(1).mp3
2008-04-13 17:42:32 4423680 --a------ C:\Program Files\Mary J. Blige feat. Ja Rule - Rainy Days.mp3
2008-04-13 17:42:31 5612458 --a------ C:\Program Files\Marron 5 - Wake Up Call.mp3
2008-04-13 17:42:30 6148720 --a------ C:\Program Files\Maroon 5- Goodnight Goodnight.mp3
2008-04-13 17:42:29 5776567 --a------ C:\Program Files\Maroon 5 - Won't Go Home Without You.mp3
2008-04-13 17:42:27 5072281 --a------ C:\Program Files\Maroon 5 - Makes Me Wonder .mp3
2008-04-13 17:42:26 3737213 --a------ C:\Program Files\Maroon 5 - Little Of Your Time.mp3
2008-04-13 17:42:25 5322252 --a------ C:\Program Files\Maroon 5 - Kiwi.mp3
2008-04-13 17:42:23 6760771 --a------ C:\Program Files\Maroon 5 - Infatuation.mp3
2008-04-13 17:42:22 2170374 --a------ C:\Program Files\Maroon 5 - Can't Stop.mp3
2008-04-13 17:42:21 3010658 --a------ C:\Program Files\Maroon 5 - Back At Your Door.mp3
2008-04-13 17:42:20 5123792 --a------ C:\Program Files\Madonna - Ray of Light.mp3
2008-04-13 17:42:18 6299828 --a------ C:\Program Files\Lenny Kravitz- Again.mp3
2008-04-13 17:42:17 3500245 --a------ C:\Program Files\J.Holiday - Suffocate.mp3
2008-04-13 17:42:15 7605857 --a------ C:\Program Files\Gwen Steffani - Wind It Up.mp3
2008-04-13 17:42:13 4681228 --a------ C:\Program Files\Fuel - Bad Day.mp3
2008-04-13 17:42:12 5558400 --a------ C:\Program Files\Fat Boy Slim - Wonderful Night.mp3
2008-04-13 17:42:09 3602528 --a------ C:\Program Files\Dream - He Loves U Not.mp3
2008-04-13 17:42:08 5095802 --a------ C:\Program Files\Dido- Here With Me.mp3
2008-04-13 17:42:06 5176104 --a------ C:\Program Files\Dido - White Flag.mp3
2008-04-13 17:42:00 4028416 --a------ C:\Program Files\Christina Aguilera & Ricky Martin - Nobody Wants to Be Lonely.mp3
2008-04-13 17:41:57 11819 ---hs---- C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Large.jpg
2008-04-13 17:41:54 4285891 --a------ C:\Program Files\Aretha Franklin (feat. Lauryn Hill) - A Rose Is Still A Rose.mp3
2008-04-13 17:41:50 2567 ---hs---- C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Small.jpg
2008-04-13 17:31:53 5396087 --a------ C:\Program Files\Elisa - Dancing.mp3
2008-04-13 17:31:12 3021212 --a------ C:\Program Files\Journey - When The Lights Go Down In The City.mp3
2008-04-13 17:31:08 11644 ---hs---- C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Large.jpg
2008-04-13 17:30:59 2989 ---hs---- C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Small.jpg
2008-04-13 17:30:45 4956507 --a------ C:\Program Files\Switchfoot - I Dare You To Move (A Walk To Remember Soundtrack)(1).mp3
2008-04-13 17:30:40 12512 ---hs---- C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Large.jpg
2008-04-13 17:30:26 2893 ---hs---- C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Small.jpg
2008-04-13 17:29:46 1972 ---hs---- C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Small.jpg
2008-04-13 17:29:46 8989 ---hs---- C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Large.jpg
2008-04-13 17:29:32 9939 ---hs---- C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Large.jpg
2008-04-13 17:29:17 2499 ---hs---- C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Small.jpg
2008-04-13 17:27:55 2785784 --a------ C:\Program Files\Maroon 5 - Harder To Breathe.mp3
2008-04-13 17:25:52 4010362 --a------ C:\Program Files\Journey - Don't Stop Beleiving.MP3
2008-04-13 17:25:41 10259 ---hs---- C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Large.jpg
2008-04-13 17:25:28 2552 ---hs---- C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Small.jpg
2008-04-13 17:25:09 8655 ---hs---- C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Large.jpg
2008-04-13 17:24:52 2579 ---hs---- C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Small.jpg
2008-04-13 17:24:38 10032 ---hs---- C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Large.jpg
2008-04-13 17:24:29 2390 ---hs---- C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Small.jpg
2008-04-13 17:23:53 7364 ---hs---- C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Large.jpg
2008-04-13 17:23:43 3354004 --a------ C:\Program Files\Maroon 5 - Simple Kind of Lovely.mp3
2008-04-13 17:23:37 2187 ---hs---- C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Small.jpg
2008-04-13 17:23:13 10040 ---hs---- C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Large.jpg
2008-04-13 17:22:59 2625 ---hs---- C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Small.jpg
2008-04-13 17:21:16 11087 ---hs---- C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Large.jpg
2008-04-13 17:21:05 2792 ---hs---- C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Small.jpg
2008-04-13 17:20:22 11795 ---hs---- C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Large.jpg
2008-04-13 17:20:18 2982 ---hs---- C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Small.jpg
2008-04-13 17:19:33 4548903 --a------ C:\Program Files\Madonna Feat Justin Timberlake & Timbaland-4 Minutes.mp3
2008-04-13 17:19:26 9542 ---hs---- C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Large.jpg
2008-04-13 17:19:18 2353 ---hs---- C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Small.jpg
2008-04-13 17:18:53 9449 ---hs---- C:\Program Files\AlbumArt_{AE85E330-21BE-4D3D-9954-75312FFF543E}_Large.jpg
2008-04-13 17:18:43 2429 ---hs---- C:\Program Files\AlbumArt_{AE85E330-21BE-4D3D-9954-75312FFF543E}_Small.jpg
2008-04-13 17:18:29 7783 ---hs---- C:\Program Files\AlbumArt_{A158502E-D531-4BC9-966B-5CFC0EEE8D9D}_Large.jpg
2008-04-13 17:18:21 2219 ---hs---- C:\Program Files\AlbumArt_{A158502E-D531-4BC9-966B-5CFC0EEE8D9D}_Small.jpg
2008-04-13 17:18:00 9173 ---hs---- C:\Program Files\AlbumArt_{5BA158BA-1376-4B75-9912-3EADD5C69625}_Large.jpg
2008-04-13 17:17:56 2403 ---hs---- C:\Program Files\AlbumArt_{5BA158BA-1376-4B75-9912-3EADD5C69625}_Small.jpg
2008-04-13 17:17:40 8798 ---hs---- C:\Program Files\AlbumArt_{9EBDBA08-AE07-4F77-A6CD-6E5E0E8FFE71}_Large.jpg
2008-04-13 17:17:34 2388 ---hs---- C:\Program Files\AlbumArt_{9EBDBA08-AE07-4F77-A6CD-6E5E0E8FFE71}_Small.jpg
2008-04-13 17:17:26 10291 ---hs---- C:\Program Files\AlbumArt_{A656F895-F50C-43C6-815D-1000CCE2C02C}_Large.jpg
2008-04-13 17:17:21 2765 ---hs---- C:\Program Files\AlbumArt_{A656F895-F50C-43C6-815D-1000CCE2C02C}_Small.jpg
2008-04-13 17:17:04 12196 ---hs---- C:\Program Files\AlbumArt_{6F5AD8DD-5286-4BD4-ABAC-39B30077C604}_Large.jpg
2008-04-13 17:17:01 3024 ---hs---- C:\Program Files\AlbumArt_{6F5AD8DD-5286-4BD4-ABAC-39B30077C604}_Small.jpg
2008-04-13 17:16:31 3208853 --a------ C:\Program Files\Fall Out Boy-This Aint A Scene, Its An Arms Race.mp3
2008-04-13 17:16:05 10044 ---hs---- C:\Program Files\AlbumArt_{20EEE73E-5BD8-4F6F-8B04-8FDB3C988089}_Large.jpg
2008-04-13 17:15:56 2509 ---hs---- C:\Program Files\AlbumArt_{20EEE73E-5BD8-4F6F-8B04-8FDB3C988089}_Small.jpg
2008-04-13 17:15:41 7954 ---hs---- C:\Program Files\AlbumArt_{B6287462-6DFF-464A-89FD-B0867AB749E3}_Large.jpg
2008-04-13 17:15:33 2095 ---hs---- C:\Program Files\AlbumArt_{B6287462-6DFF-464A-89FD-B0867AB749E3}_Small.jpg
2008-04-13 17:15:15 8915 ---hs---- C:\Program Files\AlbumArt_{38EA4E20-F84E-4BA2-9B46-7CE9BA2863A4}_Large.jpg
2008-04-13 17:15:09 2412 ---hs---- C:\Program Files\AlbumArt_{38EA4E20-F84E-4BA2-9B46-7CE9BA2863A4}_Small.jpg
2008-04-13 17:15:06 8814 ---hs---- C:\Program Files\AlbumArt_{F93F3FAD-2F98-48F1-870E-9AD9F9E6E2E5}_Large.jpg
2008-04-13 17:14:59 2175 ---hs---- C:\Program Files\AlbumArt_{F93F3FAD-2F98-48F1-870E-9AD9F9E6E2E5}_Small.jpg
2008-04-13 17:14:39 8574 ---hs---- C:\Program Files\AlbumArt_{0C5915AB-BCCE-4C76-B3B0-BC59D1CC4A1B}_Large.jpg
2008-04-13 17:14:38 2389 ---hs---- C:\Program Files\AlbumArt_{0C5915AB-BCCE-4C76-B3B0-BC59D1CC4A1B}_Small.jpg
2008-04-13 17:14:19 7495 ---hs---- C:\Program Files\AlbumArt_{08098882-E0B2-43A9-942F-12F923FF5998}_Large.jpg
2008-04-13 17:14:18 2229 ---hs---- C:\Program Files\AlbumArt_{08098882-E0B2-43A9-942F-12F923FF5998}_Small.jpg
2008-04-09 23:11:17 8412 ---hs---- C:\Program Files\AlbumArt_{41E88225-A345-4F9B-ABCC-68C71057C919}_Large.jpg
2008-04-09 23:11:15 2401 ---hs---- C:\Program Files\AlbumArt_{41E88225-A345-4F9B-ABCC-68C71057C919}_Small.jpg
2008-04-09 23:10:03 10506 ---hs---- C:\Program Files\AlbumArt_{F1F9DFCC-4E07-48F7-A59D-E4743097ABEE}_Large.jpg
2008-04-09 23:10:02 2888 ---hs---- C:\Program Files\AlbumArt_{F1F9DFCC-4E07-48F7-A59D-E4743097ABEE}_Small.jpg
2008-04-09 18:49:54 6624121 --a------ C:\Program Files\Red Hot Chilli Peppers - Cant Stop.mp3
2008-04-09 18:49:52 4126229 --a------ C:\Program Files\Red Hot Chili Peppers - By The Way.mp3
2008-04-09 18:49:50 5014693 --a------ C:\Program Files\Red Hot Chili Peppers- Dani California.mp3
2008-04-09 18:49:49 6069036 --a------ C:\Program Files\R.Kelly - If I turn back the hands of time.mp3
2008-04-09 18:49:47 5927616 --a------ C:\Program Files\Fergie-Clumsy.mp3
2008-04-09 18:49:45 5759178 --a------ C:\Program Files\Ciara - Like A Boy.mp3
2008-04-09 18:49:44 3556731 --a------ C:\Program Files\Ciara - My Goodies.mp3
2008-04-09 18:49:43 7341251 --a------ C:\Program Files\Justin Timberlake - Chop Me Up (ft. Timbaland & Three 6 Mafia).mp3
2008-04-09 18:49:41 3084002 --a------ C:\Program Files\Dream - This Is Me.mp3
2008-04-09 18:49:40 3873114 --a------ C:\Program Files\Queen (with David Bowie) - Under Pressure.mp3
2008-04-09 18:49:39 8337076 --a------ C:\Program Files\Prince - Purple Rain.mp3
2008-04-09 18:49:37 4966601 --a------ C:\Program Files\Prince - When the Doves Cry.mp3
2008-04-09 18:49:32 6139150 --a----c- C:\Program Files\Lenny Kravitz - Lady.mp3
2008-04-09 18:49:31 6237818 --a------ C:\Program Files\Lenny Kravitz - American Woman.mp3
2008-04-09 18:49:30 4886669 --a------ C:\Program Files\Jamiroquai - You Give Me Something.mp3
2008-04-09 18:49:29 5132288 --a------ C:\Program Files\Jamiroquai - Feels So Good.mp3
2008-04-09 18:49:27 5571440 --a------ C:\Program Files\Fantasia Barrino - Got Me Waiting.mp3
2008-04-09 18:49:26 3386484 --a------ C:\Program Files\Nickelback - Leader of Men.mp3
2008-04-09 18:49:26 5101696 --a------ C:\Program Files\Madonna - Die Another Day (James Bond Theme).mp3
2008-04-01 16:57:39 3828437 --a------ C:\Program Files\Jamiroquai - Little L.mp3
2008-04-01 16:57:35 5622768 --a------ C:\Program Files\Carrie Underwood - Before He Cheats.Mp3
2008-04-01 16:51:48 4233647 --a------ C:\Program Files\Red Hot Chilli Peppers - City of Angels.mp3
2008-04-01 16:50:58 8550 ---hs---- C:\Program Files\AlbumArt_{2C37F23F-6CEA-4CBC-B2F9-BE20D211E5EC}_Large.jpg
2008-04-01 16:50:51 2333 ---hs---- C:\Program Files\AlbumArt_{2C37F23F-6CEA-4CBC-B2F9-BE20D211E5EC}_Small.jpg
2008-04-01 16:50:47 8506942 --a------ C:\Program Files\Ciara - Get Up.mp3
2008-04-01 16:50:36 8284 ---hs---- C:\Program Files\AlbumArt_{CAD8CB3D-A890-40E1-8D5C-ACA336C6D779}_Large.jpg
2008-04-01 16:50:34 2389 ---hs---- C:\Program Files\AlbumArt_{CAD8CB3D-A890-40E1-8D5C-ACA336C6D779}_Small.jpg
2008-04-01 16:49:49 1492 ---hs---- C:\Program Files\AlbumArt_{793208AE-A9A4-4EFF-A89A-D25C530348C7}_Small.jpg
2008-04-01 16:49:49 4065 ---hs---- C:\Program Files\AlbumArt_{793208AE-A9A4-4EFF-A89A-D25C530348C7}_Large.jpg
2008-04-01 16:49:22 10391 ---hs---- C:\Program Files\AlbumArt_{D2EB3CBD-4AC8-402E-8ED4-5F8F3160F62F}_Large.jpg
2008-04-01 16:49:17 2675 ---hs---- C:\Program Files\AlbumArt_{D2EB3CBD-4AC8-402E-8ED4-5F8F3160F62F}_Small.jpg
2008-04-01 16:48:58 10949 ---hs---- C:\Program Files\AlbumArt_{883BBF7E-CE68-43A9-A75E-621B6AABAB67}_Large.jpg
2008-04-01 16:48:54 2794 ---hs---- C:\Program Files\AlbumArt_{883BBF7E-CE68-43A9-A75E-621B6AABAB67}_Small.jpg
2008-04-01 16:47:24 6616739 --a------ C:\Program Files\Ciara Ft. Ludacris - Oh.mp3
2008-04-01 16:43:46 16068 ---hs---- C:\Program Files\AlbumArt_{613A8D68-9D6B-41DD-A369-4C33DD367B49}_Large.jpg
2008-04-01 16:43:41 3391 ---hs---- C:\Program Files\AlbumArt_{613A8D68-9D6B-41DD-A369-4C33DD367B49}_Small.jpg
2008-04-01 16:42:22 4076677 --a------ C:\Program Files\Ciara - 1,2 Step.mp3
2008-04-01 16:40:33 1845 ---hs---- C:\Program Files\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Small.jpg
2008-04-01 16:40:33 5765 ---hs---- C:\Program Files\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Large.jpg
2008-04-01 16:32:02 8488 ---hs---- C:\Program Files\AlbumArt_{511441A0-1A74-47C2-B05A-04ED681081B8}_Large.jpg
2008-04-01 16:31:59 2631 ---hs---- C:\Program Files\AlbumArt_{511441A0-1A74-47C2-B05A-04ED681081B8}_Small.jpg
2008-04-01 16:31:44 11641 ---hs---- C:\Program Files\AlbumArt_{C3E0B318-4382-4B87-A904-41E1E52DD48B}_Large.jpg
2008-04-01 16:31:40 3036 ---hs---- C:\Program Files\AlbumArt_{C3E0B318-4382-4B87-A904-41E1E52DD48B}_Small.jpg
2008-04-01 16:30:27 12132 ---hs---- C:\Program Files\AlbumArt_{8CDB7DA4-18F9-47AA-A3E0-D400BFD62326}_Large.jpg
2008-04-01 16:29:54 2841 ---hs---- C:\Program Files\AlbumArt_{8CDB7DA4-18F9-47AA-A3E0-D400BFD62326}_Small.jpg
2008-04-01 16:29:25 15347 ---hs---- C:\Program Files\AlbumArt_{6D6C990F-6C33-4E1E-A011-8FF4E076A702}_Large.jpg
2008-04-01 16:29:10 3349 ---hs---- C:\Program Files\AlbumArt_{6D6C990F-6C33-4E1E-A011-8FF4E076A702}_Small.jpg
2008-04-01 16:28:28 9541 ---hs---- C:\Program Files\AlbumArt_{061154BA-DD5D-4D69-B367-26B2A5B5F1CB}_Large.jpg
2008-04-01 16:28:22 2627 ---hs---- C:\Program Files\AlbumArt_{061154BA-DD5D-4D69-B367-26B2A5B5F1CB}_Small.jpg
2008-04-01 16:27:50 14037 ---hs---- C:\Program Files\AlbumArt_{238F310C-5C19-42F8-AE40-7565278F8F3D}_Large.jpg
2008-04-01 16:27:42 3135 ---hs---- C:\Program Files\AlbumArt_{238F310C-5C19-42F8-AE40-7565278F8F3D}_Small.jpg
2008-04-01 16:27:28 9491 ---hs---- C:\Program Files\AlbumArt_{64D3F25A-C6F1-485F-AE15-EE16F7DFF470}_Large.jpg
2008-04-01 16:27:20 2334 ---hs---- C:\Program Files\AlbumArt_{64D3F25A-C6F1-485F-AE15-EE16F7DFF470}_Small.jpg
2008-04-01 16:24:22 5949555 --a------ C:\Program Files\Justin Timberlake - Summer Love.mp3
2008-04-01 16:24:06 4127903 --a------ C:\Program Files\Lenny Kravitz - I Belong To You.mp3
2008-04-01 16:23:42 7676858 --a----c- C:\Program Files\Seether feat. Amy Lee - Broken.mp3
2008-04-01 16:23:36 4419221 --a------ C:\Program Files\Evanescense - My Immortal (Rock Version).mp3
2008-04-01 16:22:54 3775886 --a------ C:\Program Files\The White Stripes - Blue Orchid.mp3
2008-04-01 16:22:47 5421184 --a------ C:\Program Files\Rihanna- Shut up and drive.mp3
2008-04-01 16:22:43 9581225 --a------ C:\Program Files\Rihanna- SOS (Rescue Me).mp3
2008-04-01 16:22:13 8307 ---hs---- C:\Program Files\AlbumArt_{0A6E2A24-BD47-459C-BC1E-9460E8285156}_Large.jpg
2008-04-01 16:21:51 2371 ---hs---- C:\Program Files\AlbumArt_{0A6E2A24-BD47-459C-BC1E-9460E8285156}_Small.jpg
2008-04-01 16:21:46 5549497 --a------ C:\Program Files\Mariah Carey - Don't Forget About Us.mp3
2008-04-01 16:21:43 5819650 --a------ C:\Program Files\Lenny Kravitz - It Ain't Over Till It's Over.mp3
2008-04-01 16:21:26 2783232 --a------ C:\Program Files\Ike and Tina Turner - A Fool in Love (60).mp3
2008-04-01 16:21:17 5347 ---hs---- C:\Program Files\AlbumArt_{866F7EC7-163A-4791-BB41-8081A3C9DF2B}_Large.jpg
2008-04-01 16:21:09 1744 ---hs---- C:\Program Files\AlbumArt_{866F7EC7-163A-4791-BB41-8081A3C9DF2B}_Small.jpg
2008-04-01 16:20:57 7149 ---hs---- C:\Program Files\AlbumArt_{B44A7213-3783-41A0-9E2D-D851FF5C1479}_Large.jpg
2008-04-01 16:20:51 2083 ---hs---- C:\Program Files\AlbumArt_{B44A7213-3783-41A0-9E2D-D851FF5C1479}_Small.jpg
2008-04-01 16:20:10 10579 ---hs---- C:\Program Files\AlbumArt_{F83E2583-9416-44AD-B5BD-5E689602DBCD}_Large.jpg
2008-04-01 16:20:07 2749 ---hs---- C:\Program Files\AlbumArt_{F83E2583-9416-44AD-B5BD-5E689602DBCD}_Small.jpg
2008-04-01 16:19:22 10026 ---hs---- C:\Program Files\AlbumArt_{9FEF1FBB-4727-44EA-B497-1BC2743833B6}_Large.jpg
2008-04-01 16:19:12 2539 ---hs---- C:\Program Files\AlbumArt_{9FEF1FBB-4727-44EA-B497-1BC2743833B6}_Small.jpg
2008-04-01 16:18:30 7305 ---hs---- C:\Program Files\AlbumArt_{45D79EE9-596C-4846-82A1-6871B6CFC192}_Large.jpg
2008-04-01 16:18:21 2016 ---hs---- C:\Program Files\AlbumArt_{45D79EE9-596C-4846-82A1-6871B6CFC192}_Small.jpg
2008-04-01 16:17:30 11334 ---hs---- C:\Program Files\AlbumArt_{DF4D94C2-1291-4A91-A4D5-800D49396CE5}_Large.jpg
2008-04-01 16:17:25 5520963 --a------ C:\Program Files\Evanescence - Call Me When You're Sober.mp3
2008-04-01 16:17:24 2820 ---hs---- C:\Program Files\AlbumArt_{DF4D94C2-1291-4A91-A4D5-800D49396CE5}_Small.jpg
2008-04-01 16:17:22 10445 ---hs---- C:\Program Files\AlbumArt_{5F015CD2-5BEF-483C-BF5F-EBFA1D22897C}_Large.jpg
2008-04-01 16:17:08 2684 ---hs---- C:\Program Files\AlbumArt_{5F015CD2-5BEF-483C-BF5F-EBFA1D22897C}_Small.jpg
2008-04-01 16:16:41 7707 ---hs---- C:\Program Files\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Large.jpg
2008-04-01 16:16:33 1934 ---hs---- C:\Program Files\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Small.jpg
2008-04-01 16:16:19 9003 ---hs---- C:\Program Files\AlbumArt_{30EF0FC0-8791-42E5-BF58-6B57CAC9281D}_Large.jpg
2008-04-01 16:16:15 2716 ---hs---- C:\Program Files\AlbumArt_{30EF0FC0-8791-42E5-BF58-6B57CAC9281D}_Small.jpg
2008-04-01 16:16:14 9795 ---hs---- C:\Program Files\AlbumArt_{9805E048-C781-4D3B-806A-B6FEB1983DFB}_Large.jpg
2008-04-01 16:16:11 2579 ---hs---- C:\Program Files\AlbumArt_{9805E048-C781-4D3B-806A-B6FEB1983DFB}_Small.jpg
2008-04-01 16:16:09 5969991 --a------ C:\Program Files\bow wow & omarion ft. cassidy & soulja boy - girlfriend (remix).mp3
2008-04-01 16:15:10 2346 ---hs---- C:\Program Files\AlbumArt_{8C38898C-735D-4779-BF24-C752EFCAF251}_Small.jpg
2008-04-01 16:15:10 8758 ---hs---- C:\Program Files\AlbumArt_{8C38898C-735D-4779-BF24-C752EFCAF251}_Large.jpg
2008-04-01 12:28:47 0 d-------- C:\Program Files\Dell Support Center
2008-04-01 12:28:30 0 d-------- C:\Program Files\Common Files\supportsoft
2008-03-30 20:51:33 8751 ---hs---- C:\Program Files\AlbumArt_{062DE2FA-7DD6-4CC9-825F-E4B1D22B7F47}_Large.jpg
2008-03-30 20:51:25 2518 ---hs---- C:\Program Files\AlbumArt_{062DE2FA-7DD6-4CC9-825F-E4B1D22B7F47}_Small.jpg
2008-03-30 20:50:58 5324426 --a------ C:\Program Files\Amerie - One Thing.mp3
2008-03-30 20:50:56 8253 ---hs---- C:\Program Files\AlbumArt_{DF938B46-CFF3-4CD5-A89C-6D512C696CB9}_Large.jpg
2008-03-30 20:50:55 2404 ---hs---- C:\Program Files\AlbumArt_{DF938B46-CFF3-4CD5-A89C-6D512C696CB9}_Small.jpg
2008-03-30 20:38:53 10143 ---hs---- C:\Program Files\AlbumArt_{CB7FA5C1-DF2B-476E-B474-3BC06AFE7236}_Large.jpg
2008-03-30 20:38:50 2639 ---hs---- C:\Program Files\AlbumArt_{CB7FA5C1-DF2B-476E-B474-3BC06AFE7236}_Small.jpg
2008-03-30 20:28:39 9 --a------ C:\Program Files\limewire.m3u
2008-03-24 13:23:16 0 d-------- C:\Documents and Settings\Jessica\Application Data\Talkback
2008-03-24 13:23:13 0 d-------- C:\Documents and Settings\Jessica\Application Data\Mozilla
2008-03-24 13:03:15 0 d-------- C:\Program Files\BizWare Magic DATEwise
2008-03-18 14:18:45 7444340 --a------ C:\Program Files\Bow Wow ft. Omarion- Girlfriend.mp3
2008-02-25 17:28:53 442368 --a------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2008-02-19 15:16:14 228 --a------ C:\UnInstall.dat
2008-02-12 01:05:02 4114432 --a------ C:\Program Files\The White Stripes - Icky Thump.mp3


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00000250-0320-4dd4-be4f-7566d2314352}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0A6C3BD4-AA0E-45C4-92C8-BAC4D9F3F88D}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15651c7c-e812-44a2-a9ac-b467a2233e7d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1D0B1B2F-4D44-48DC-AE5A-F4BBBAE2A83F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2B277306-7C43-4FF9-AA4E-8E6E9D8E9BB6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{32B02FC3-1237-4FCD-8D12-E5C18723DD1D}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e7bd74f-2b8d-469e-92c6-ce7eb590a94d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5929cd6e-2062-44a4-b2c5-2c7e78fbab38}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5dafd089-24b1-4c5e-bd42-8ca72550717b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5fa6752a-c4a0-4222-88c2-928ae5ab4966}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{622cc208-b014-4fe0-801b-874a5e5e403a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{90C6E0BF-882E-47CC-A60C-7946E25380EB}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9c5b2f29-1f46-4639-a6b4-828942301d3e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A08B97A7-DCBA-481A-BBA5-A692C42EDEE4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C6D94EA0-D245-D1C0-44E1-A48F02267DC1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CDA1B0C3-EB60-4003-B6E1-72998FA881CC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ECF8EA6D-8F99-4ABD-A8F5-AF630689D85B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F04B6A5A-0B29-45E3-960B-00CB392E79CF}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ffff0001-0002-101a-a3c9-08002b2f49fb}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-BBBB-4146-86FD-A722E8AB3489}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 08:42 PM]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [09/03/2003 09:12 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [07/27/2004 05:50 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 05:50 PM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [01/27/2005 02:02 AM]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [09/22/2005 06:29 PM]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [01/11/2006 12:05 PM]
"DLCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [06/07/2005 07:38 AM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [02/23/2005 04:19 PM]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [04/08/2006 11:05 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [09/20/2005 09:35 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [09/20/2005 09:32 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 09:36 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/02/2006 08:39 PM]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [05/31/2005 06:33 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [11/15/2007 09:24 AM]
"RegistryMechanic"="C:\Program Files\Registry Mechanic\RegMech.exe" [08/20/2007 11:58 AM]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [04/10/2008 03:14 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 06:00 AM]
"Asfmodd"="C:\Program Files\F?nts\r?ndll32.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljJCVpop]
ljJCVpop.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\mlJDwvwW

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\clbdriver.sys]
@="driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"




-- End of Deckard's System Scanner: finished at 2008-05-05 20:02:15 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Celeron® CPU 2.53GHz
Percentage of Memory in Use: 53%
Physical Memory (total/avail): 509.98 MiB / 235.49 MiB
Pagefile Memory (total/avail): 861.85 MiB / 509.16 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1920.27 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 71.46 GiB total, 40.05 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST380011A - 74.5 GiB - 3 partitions
\PARTITION0 - Unknown - 39.19 MiB
\PARTITION1 (bootable) - Installable File System - 71.46 GiB - C:
\PARTITION2 - Unknown - 3 GiB



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

AV: Spyware Doctor with AntiVirus v (PC Tools)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe&

Edited by Dazed&Confused08, 05 May 2008 - 07:05 PM.

  • 0

#4
Thunderbird1988
Posted 06 May 2008 - 09:13 AM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello Dazed&Confused08

There is still malware present on your computer.

Could you please post extra.txt again? it isn't compelete, because it exceeded the max size of one post.

Thunderbird1988
  • 0

#5
Dazed&Confused08
Posted 06 May 2008 - 11:33 AM

Dazed&Confused08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
I ran DSS again, but all that pops up is the main.txt. I tried it twice and still only main.txt comes up.
  • 0

#6
Thunderbird1988
Posted 06 May 2008 - 01:49 PM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello Dazed&Confused08

Its, nomral dss doesn't give extra.txt the second time you run it. I thought you would maybe still have it. But if you don't I can work without it. :)

Let's remove some malware. :)

Please download DAFT and save it to your desktop:
  • Double-click the daft.exe icon.
  • Click on the Scan button.
  • Select everything it is displaying there
  • Click the Fix button.
  • Then rescan with DAFT again - it should say now that "All associations are OK"
  • Close DAFT if you receive that message. This means that it is fixed now.

Download ComboFix from one of the locations below, and save it to your Desktop.

Link 1
Link 2
Link 3

Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Thunderbird1988
  • 0

#7
Dazed&Confused08
Posted 06 May 2008 - 02:10 PM

Dazed&Confused08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
i tried to download ComboFix from every link and each time i recieved a message: this application failed to start because clb.dll was not found. then a blue box appears but nothing happens.

Edited by Dazed&Confused08, 06 May 2008 - 02:16 PM.

  • 0

#8
Thunderbird1988
Posted 07 May 2008 - 05:39 AM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello Dazed&Confused08,

Could you please do the following?

go to Start » Run, and type or copy: regsvr32 clb.dll then hit enter

Then please try combofix again.

If'Combofix still doesn't run, please do the following:

Insert your windows XP drive, please exit when it starts.

Then, go to Start » Run, and type or copy:
expand D:\i386\clb.dl_ C:\Windows\System32\clb.dll


Then, go to Start » Run, and type or copy:
regsvr32 clb.dll

After that, Combofix should work. If it doesn't please let me know.
If it works, please post the log it provides.

Thunderbird1988
  • 0

#9
Dazed&Confused08
Posted 07 May 2008 - 10:38 AM

Dazed&Confused08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
I don't have a Windows XP disk, and when I tried your first suggestion i recieved the message: LoadLibrary("clb.dll") failed. The specified module could not be found. Sorry
  • 0

#10
Thunderbird1988
Posted 07 May 2008 - 11:23 AM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello Dazed&Confused08

Please download clb.dll from here. Please download it to C:\Windows\System32

Then, go to Start » Run, and type or copy:
regsvr32 clb.dll

After that, Combofix should work. Please post the log it gives. If it doesn't work, please let me know.

Thunderbird1988
  • 0

Advertisements

#11
Dazed&Confused08
Posted 07 May 2008 - 12:37 PM

Dazed&Confused08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
i downloaded clb.dll and it ran Combofix, the blue box came up, but nothing happened. no log.
  • 0

#12
Thunderbird1988
Posted 07 May 2008 - 02:24 PM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello Dazed&Confused08,

Combofix gives still the same errormessage? You have also done this?

Then, go to Start » Run, and type or copy:
regsvr32 clb.dll

Did it still give the same message when you typed it?

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum with a new DSS log.

  • 0

#13
Dazed&Confused08
Posted 07 May 2008 - 04:40 PM

Dazed&Confused08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
here's my report.txt

SDFix: Version 1.180
Run by Jessica on Wed 05/07/2008 at 04:19 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Name :
MsSecurity1.209.4
DRMKK

Path :
C:\WINDOWS\winself.exe service
System32\drivers\drmkk.sys

MsSecurity1.209.4 - Deleted
DRMKK - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat - Contains Links to Malware Sites! - Deleted
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat - Contains Links to Malware Sites! - Deleted
C:\Temp\1cb\syscheck.log - Deleted
C:\WINDOWS\system32\000080.exe - Deleted
C:\WINDOWS\123messenger.per - Deleted
C:\WINDOWS\asferror32.dll - Deleted
C:\WINDOWS\asycfilt32.dll - Deleted
C:\WINDOWS\athprxy32.dll - Deleted
C:\WINDOWS\ati2dvaa32.dll - Deleted
C:\WINDOWS\ati2dvag32.dll - Deleted
C:\WINDOWS\audiosrv32.dll - Deleted
C:\WINDOWS\autodisc32.dll - Deleted
C:\WINDOWS\avifile32.dll - Deleted
C:\WINDOWS\avisynthex32.dll - Deleted
C:\WINDOWS\aviwrap32.dll - Deleted
C:\WINDOWS\bjam.dll - Deleted
C:\WINDOWS\bokja.exe - Deleted
C:\WINDOWS\browserad.dll - Deleted
C:\WINDOWS\cdsm32.dll - Deleted
C:\WINDOWS\changeurl_30.dll - Deleted
C:\WINDOWS\didduid.ini - Deleted
C:\WINDOWS\index.html - Deleted
C:\WINDOWS\licencia.txt - Deleted
C:\WINDOWS\megavid.cdt - Deleted
C:\WINDOWS\msa64chk.dll - Deleted
C:\WINDOWS\msapasrc.dll - Deleted
C:\WINDOWS\mspphe.dll - Deleted
C:\WINDOWS\muotr.so - Deleted
C:\WINDOWS\saiemod.dll - Deleted
C:\WINDOWS\shdocpe.dll - Deleted
C:\WINDOWS\shdocpl.dll - Deleted
C:\WINDOWS\swin32.dll - Deleted
C:\WINDOWS\system32\drivers\core.cache.dsk - Deleted
C:\WINDOWS\system32\lt.res - Deleted
C:\WINDOWS\system32\sft.res - Deleted
C:\WINDOWS\system32\wmsdkns.exe - Deleted
C:\WINDOWS\telefonos.txt - Deleted
C:\WINDOWS\textos.txt - Deleted
C:\WINDOWS\voiceip.dll - Deleted
C:\WINDOWS\winsb.dll - Deleted
C:\WINDOWS\winself.exe - Deleted
C:\WINDOWS\system32\drivers\DRMKK.sys - Deleted



Folder C:\Temp\1cb - Removed
Folder C:\Temp\tn3 - Removed
Folder C:\WINDOWS\system32\pnVes06 - Removed


Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-07 17:15:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPager.exe"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Disabled:LimeWire"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Common Files\\AOL\\1161708162\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1161708162\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1161708162\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1161708162\\ee\\aim6.exe:*:Enabled:AIM"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpaceIM"
"C:\\Program Files\\Yahoo! Games\\Wheel of Fortune\\Wheel of Fortune.exe"="C:\\Program Files\\Yahoo! Games\\Wheel of Fortune\\Wheel of Fortune.exe:*:Enabled:Wheel of Fortune"
"C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"="C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe:*:Enabled:BearShare"
"C:\\ijji\\ENGLISH\\u_sf\\soldierfront.exe"="C:\\ijji\\ENGLISH\\u_sf\\soldierfront.exe:*:Enabled:soldierfront"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Wed 1 Sep 2004 54,384 A..H. --- "C:\Program Files\America Online 9.0\aolphx.exe"
Wed 1 Sep 2004 156,784 A..H. --- "C:\Program Files\America Online 9.0\aoltray.exe"
Wed 1 Sep 2004 31,344 A..H. --- "C:\Program Files\America Online 9.0\RBM.exe"
Mon 5 May 2008 56 ..SHR --- "C:\WINDOWS\system32\6709BCCFE0.sys"
Mon 5 May 2008 2,516 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Thu 7 Sep 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\385cb67dda0ffd4dea8c0d990dc65796\BIT3.tmp"
Tue 6 May 2008 2,425 ...HR --- "C:\Documents and Settings\Jessica\Application Data\SecuROM\UserData\securom_v7_01.bak"
Thu 7 Sep 2006 4,348 ...H. --- "C:\Documents and Settings\Jessica\My Documents\My Music\License Backup\drmv1key.bak"
Tue 12 Sep 2006 20 A..H. --- "C:\Documents and Settings\Jessica\My Documents\My Music\License Backup\drmv1lic.bak"
Fri 18 Nov 2005 312 A.SH. --- "C:\Documents and Settings\Jessica\My Documents\My Music\License Backup\drmv2key.bak"
Sun 4 May 2008 2,137 ...HR --- "C:\Documents and Settings\kiwana\Application Data\SecuROM\UserData\securom_v7_01.bak"

Finished!
  • 0

#14
Dazed&Confused08
Posted 07 May 2008 - 04:42 PM

Dazed&Confused08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 75 posts
here's my main.txt

Deckard's System Scanner v20071014.68
Run by Jessica on 2008-05-07 17:27:03
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 510 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-07 17:27:34
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee.com\Agent\Mcdetect.exe
C:\Program Files\McAfee.com\Agent\McTskshd.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\alg.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Jessica\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsof...search.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0A6C3BD4-AA0E-45C4-92C8-BAC4D9F3F88D} - (no file)
O2 - BHO: (no name) - {1D0B1B2F-4D44-48DC-AE5A-F4BBBAE2A83F} - (no file)
O2 - BHO: (no name) - {2B277306-7C43-4FF9-AA4E-8E6E9D8E9BB6} - (no file)
O2 - BHO: (no name) - {32B02FC3-1237-4FCD-8D12-E5C18723DD1D} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {90C6E0BF-882E-47CC-A60C-7946E25380EB} - (no file)
O2 - BHO: (no name) - {A08B97A7-DCBA-481A-BBA5-A692C42EDEE4} - (no file)
O2 - BHO: (no name) - {C6D94EA0-D245-D1C0-44E1-A48F02267DC1} - (no file)
O2 - BHO: (no name) - {CDA1B0C3-EB60-4003-B6E1-72998FA881CC} - (no file)
O2 - BHO: (no name) - {ECF8EA6D-8F99-4ABD-A8F5-AF630689D85B} - (no file)
O2 - BHO: (no name) - {F04B6A5A-0B29-45E3-960B-00CB392E79CF} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /S
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Asfmodd] "C:\Program Files\F?nts\r?ndll32.exe"
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 () - http://origin.games....ts/y/poti_x.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...swdir8d196a.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.ma...t/ultrashim.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} () - http://download.yaho...alls/yab_af.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.ma...ash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} () - http://3dlifeplayer....l/installer.exe
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://livewc02.cus...l/java/RntX.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...960/mcfscan.cab
O20 - Winlogon Notify: ljJCVpop - C:\WINDOWS\system32\ljJCVpop.dll (file missing)
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\Mcdetect.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\McTskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe


--
End of file - 9344 bytes

-- Files created between 2008-04-07 and 2008-05-07 -----------------------------

2008-05-07 15:37:32 0 d-------- C:\WINDOWS\ERUNT
2008-05-04 14:44:56 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-05-04 14:44:51 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-05-04 14:44:07 0 d-------- C:\Documents and Settings\Jessica\Application Data\Xfire
2008-05-04 14:19:27 0 d-------- C:\ijji
2008-05-04 14:19:22 0 d--h----- C:\Documents and Settings\Jessica\Application Data\ijjigame
2008-05-04 14:18:48 704512 --a------ C:\WINDOWS\system32\ijjiSetup.exe <Not Verified; NHN USA; ijjiSetup Application>
2008-05-04 14:18:48 0 d-------- C:\Program Files\NHN USA
2008-05-03 12:33:03 0 d-------- C:\Documents and Settings\kiwana\Application Data\BearShare
2008-04-29 23:26:14 0 d-------- C:\Documents and Settings\Jessica\Application Data\BearShare
2008-04-29 23:26:07 0 d-------- C:\Program Files\BearShare Applications
2008-04-27 13:31:01 2033 --a------ C:\WINDOWS\system32\yqkpmhjj.dll
2008-04-27 12:32:47 0 d-------- C:\Program Files\Common Files\PC Tools
2008-04-27 12:32:37 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-04-27 12:09:51 0 d-------- C:\Program Files\Google
2008-04-27 02:24:28 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-27 02:24:04 0 d-------- C:\Program Files\Spyware Doctor
2008-04-27 02:24:04 0 d-------- C:\Documents and Settings\Jessica\Application Data\PC Tools
2008-04-27 01:37:25 298311 --a------ C:\WINDOWS\system32\gside.exe
2008-04-27 01:26:31 515519 --ahs---- C:\WINDOWS\system32\WwvwDJlm.ini2
2008-04-26 23:17:03 7374 --ahs---- C:\WINDOWS\system32\PrqWwyxx.ini2
2008-04-26 23:03:04 4200 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-26 23:01:41 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-04-26 23:01:41 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-04-26 23:01:41 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-04-26 23:01:41 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-04-26 23:01:41 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-04-26 23:01:41 82944 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-26 23:01:41 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-04-26 23:01:41 82944 --a------ C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-26 20:43:15 7629 --ahs---- C:\WINDOWS\system32\pqqsCcfe.ini2
2008-04-26 19:38:22 7425 --ahs---- C:\WINDOWS\system32\gPVuDMoq.ini2
2008-04-26 17:18:02 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-26 16:27:31 8020 --ahs---- C:\WINDOWS\system32\DgOpoUtv.ini2
2008-04-26 16:22:47 863 --a------ C:\WINDOWS\system32\winpfz33.sys
2008-04-26 16:22:40 0 d--hs---- C:\WINDOWS\SmVzc2ljYQ
2008-04-26 16:22:35 200768 --a------ C:\WINDOWS\system32\scntmkdn.exe
2008-04-26 16:22:31 400546 --a------ C:\WINDOWS\system32\g76.exe
2008-04-26 16:22:25 0 d-------- C:\WINDOWS\system32\wTMP
2008-04-26 16:22:25 0 d-------- C:\WINDOWS\system32\n3
2008-04-26 16:22:25 0 d-------- C:\WINDOWS\system32\b1
2008-04-26 16:21:56 0 d-------- C:\Program Files\F?nts
2008-04-26 16:21:49 0 d-------- C:\Program Files\Common Files\M?crosoft
2008-04-26 16:21:31 88491 --a------ C:\WINDOWS\lfn.exe <Not Verified; Microsoft; XML Media>
2008-04-15 13:47:10 0 d-------- C:\Documents and Settings\Jessica\Saved Games
2008-04-15 13:47:10 0 d-------- C:\Documents and Settings\Jessica\Application Data\FloodLightGames
2008-04-15 13:47:10 0 d-------- C:\Documents and Settings\All Users\Application Data\FloodLightGames
2008-04-15 13:46:58 0 d-------- C:\Program Files\AOL Games
2008-04-07 11:27:18 329216 --a------ C:\WINDOWS\system32\_{f9dd31ba-e854-da85-c499-21b194989885}.dll


-- Find3M Report ---------------------------------------------------------------

2008-05-07 15:30:10 0 d-------- C:\Program Files\Dl_cats
2008-05-05 19:50:53 2516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-05-05 19:50:53 56 -r-hs---- C:\WINDOWS\system32\6709BCCFE0.sys
2008-05-05 19:10:31 0 d-------- C:\Program Files\LimeWire
2008-05-05 19:10:30 0 d-------- C:\Program Files\Mozilla Firefox(2)
2008-05-04 14:44:56 0 d-------- C:\Program Files\Common Files
2008-05-04 14:18:47 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-29 14:41:08 0 d-------- C:\Documents and Settings\Jessica\Application Data\Move Networks
2008-04-27 16:14:20 0 d-------- C:\Program Files\F?nts
2008-04-27 16:14:20 0 d-------- C:\Program Files\Common Files\M?crosoft
2008-04-23 17:29:45 0 d-------- C:\Program Files\Java
2008-04-23 17:13:12 7700480 --a------ C:\Program Files\Pharell Williams, P Diddy, Lenny Kravitz - Show Me Your Soul.mp3
2008-04-23 16:59:04 3973854 --a------ C:\Program Files\Nickelback - Photogragh.mp3
2008-04-23 16:58:05 7026578 --a------ C:\Program Files\Sade - King Of Sorrow.mp3
2008-04-23 16:58:03 5163662 --a------ C:\Program Files\Phil Collins - You'll Be In My Heart.mp3
2008-04-23 16:58:02 7651584 --a------ C:\Program Files\Phil Collins - Take Me Home (long version).mp3
2008-04-23 16:57:59 1783510 --a------ C:\Program Files\Nsync - Something Like You.mp3
2008-04-23 16:57:57 347 ---hs---- C:\Program Files\desktop.ini
2008-04-23 16:57:56 6253434 --a------ C:\Program Files\Nsync - Selfish.mp3
2008-04-23 16:57:54 12616 ---hs--c- C:\Program Files\Folder.jpg
2008-04-23 16:57:54 12616 ---hs---- C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Large.jpg
2008-04-23 16:57:51 3240030 --a------ C:\Program Files\Nsync - I thought she knew.mp3
2008-04-23 16:57:47 7411508 --a------ C:\Program Files\Musiq Soulchild - Dont Change.mp3
2008-04-23 16:57:46 3274 ---hs--c- C:\Program Files\AlbumArtSmall.jpg
2008-04-23 16:57:46 3274 ---hs---- C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Small.jpg
2008-04-23 16:57:44 16056 ---hs---- C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Large.jpg
2008-04-23 16:57:41 5536958 --a------ C:\Program Files\Dixie Chicks - Landslide.mp3
2008-04-23 16:57:40 3591 ---hs---- C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Small.jpg
2008-04-23 16:57:37 5286731 --a------ C:\Program Files\Maroon five - Rag Doll.mp3
2008-04-23 16:50:40 0 d-------- C:\Documents and Settings\Jessica\Application Data\Jasc Software Inc
2008-04-23 16:50:29 0 d-------- C:\Program Files\Mozilla Sunbird
2008-04-23 15:48:52 0 d-------- C:\Program Files\Jasc Software Inc
2008-04-16 16:27:27 125999092 --a------ C:\Program Files\Harvey Birdman Attorney at Law - 103 - Death By Chocolate.mpg
2008-04-16 14:55:26 121189628 --a------ C:\Program Files\Harvey Birdman Attorney at Law - 109 - Blackwatch Plaid.mpg
2008-04-14 22:59:43 11196 ---hs---- C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Large.jpg
2008-04-14 22:59:38 2375 ---hs---- C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Small.jpg
2008-04-14 22:59:26 3325369 --a------ C:\Program Files\Fall Out Boy - Get Busy Living Or Get Busy Dying.mp3
2008-04-14 22:59:17 11493 ---hs---- C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Large.jpg
2008-04-14 22:59:14 2800 ---hs---- C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Small.jpg
2008-04-14 22:58:01 4321454 --a------ C:\Program Files\Maroon 5 - Shiver.mp3
2008-04-14 22:57:25 3473 ---hs---- C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Small.jpg
2008-04-14 22:57:25 15403 ---hs---- C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Large.jpg
2008-04-13 17:52:04 10260 ---hs---- C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Large.jpg
2008-04-13 17:52:03 2403 ---hs---- C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Small.jpg
2008-04-13 17:42:37 4687039 --a------ C:\Program Files\Stained - Outside.mp3
2008-04-13 17:42:37 7216224 --a------ C:\Program Files\Jordan Sparks feat. Chris Brown - No Air.mp3
2008-04-13 17:42:36 4392667 --a------ C:\Program Files\Sade- By Your Side.mp3
2008-04-13 17:42:35 5196894 --a------ C:\Program Files\Puddle Of Mudd - She Hates Me.mp3
2008-04-13 17:42:35 8944288 --a------ C:\Program Files\P-Diddy feat. Keisha Cole- Last night.mp3
2008-04-13 17:42:34 5521441 --a------ C:\Program Files\Nelly Furtado - Maneater.mp3
2008-04-13 17:42:33 6452185 --a------ C:\Program Files\Musiq Soulchild - Teach me(1).mp3
2008-04-13 17:42:32 4423680 --a------ C:\Program Files\Mary J. Blige feat. Ja Rule - Rainy Days.mp3
2008-04-13 17:42:31 5612458 --a------ C:\Program Files\Marron 5 - Wake Up Call.mp3
2008-04-13 17:42:30 6148720 --a------ C:\Program Files\Maroon 5- Goodnight Goodnight.mp3
2008-04-13 17:42:29 5776567 --a------ C:\Program Files\Maroon 5 - Won't Go Home Without You.mp3
2008-04-13 17:42:27 5072281 --a------ C:\Program Files\Maroon 5 - Makes Me Wonder .mp3
2008-04-13 17:42:26 3737213 --a------ C:\Program Files\Maroon 5 - Little Of Your Time.mp3
2008-04-13 17:42:25 5322252 --a------ C:\Program Files\Maroon 5 - Kiwi.mp3
2008-04-13 17:42:23 6760771 --a------ C:\Program Files\Maroon 5 - Infatuation.mp3
2008-04-13 17:42:22 2170374 --a------ C:\Program Files\Maroon 5 - Can't Stop.mp3
2008-04-13 17:42:21 3010658 --a------ C:\Program Files\Maroon 5 - Back At Your Door.mp3
2008-04-13 17:42:20 5123792 --a------ C:\Program Files\Madonna - Ray of Light.mp3
2008-04-13 17:42:18 6299828 --a------ C:\Program Files\Lenny Kravitz- Again.mp3
2008-04-13 17:42:17 3500245 --a------ C:\Program Files\J.Holiday - Suffocate.mp3
2008-04-13 17:42:15 7605857 --a------ C:\Program Files\Gwen Steffani - Wind It Up.mp3
2008-04-13 17:42:13 4681228 --a------ C:\Program Files\Fuel - Bad Day.mp3
2008-04-13 17:42:12 5558400 --a------ C:\Program Files\Fat Boy Slim - Wonderful Night.mp3
2008-04-13 17:42:09 3602528 --a------ C:\Program Files\Dream - He Loves U Not.mp3
2008-04-13 17:42:08 5095802 --a------ C:\Program Files\Dido- Here With Me.mp3
2008-04-13 17:42:06 5176104 --a------ C:\Program Files\Dido - White Flag.mp3
2008-04-13 17:42:00 4028416 --a------ C:\Program Files\Christina Aguilera & Ricky Martin - Nobody Wants to Be Lonely.mp3
2008-04-13 17:41:57 11819 ---hs---- C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Large.jpg
2008-04-13 17:41:54 4285891 --a------ C:\Program Files\Aretha Franklin (feat. Lauryn Hill) - A Rose Is Still A Rose.mp3
2008-04-13 17:41:50 2567 ---hs---- C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Small.jpg
2008-04-13 17:31:53 5396087 --a------ C:\Program Files\Elisa - Dancing.mp3
2008-04-13 17:31:12 3021212 --a------ C:\Program Files\Journey - When The Lights Go Down In The City.mp3
2008-04-13 17:31:08 11644 ---hs---- C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Large.jpg
2008-04-13 17:30:59 2989 ---hs---- C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Small.jpg
2008-04-13 17:30:45 4956507 --a------ C:\Program Files\Switchfoot - I Dare You To Move (A Walk To Remember Soundtrack)(1).mp3
2008-04-13 17:30:40 12512 ---hs---- C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Large.jpg
2008-04-13 17:30:26 2893 ---hs---- C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Small.jpg
2008-04-13 17:29:46 1972 ---hs---- C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Small.jpg
2008-04-13 17:29:46 8989 ---hs---- C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Large.jpg
2008-04-13 17:29:32 9939 ---hs---- C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Large.jpg
2008-04-13 17:29:17 2499 ---hs---- C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Small.jpg
2008-04-13 17:27:55 2785784 --a------ C:\Program Files\Maroon 5 - Harder To Breathe.mp3
2008-04-13 17:25:52 4010362 --a------ C:\Program Files\Journey - Don't Stop Beleiving.MP3
2008-04-13 17:25:41 10259 ---hs---- C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Large.jpg
2008-04-13 17:25:28 2552 ---hs---- C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Small.jpg
2008-04-13 17:25:09 8655 ---hs---- C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Large.jpg
2008-04-13 17:24:52 2579 ---hs---- C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Small.jpg
2008-04-13 17:24:38 10032 ---hs---- C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Large.jpg
2008-04-13 17:24:29 2390 ---hs---- C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Small.jpg
2008-04-13 17:23:53 7364 ---hs---- C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Large.jpg
2008-04-13 17:23:43 3354004 --a------ C:\Program Files\Maroon 5 - Simple Kind of Lovely.mp3
2008-04-13 17:23:37 2187 ---hs---- C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Small.jpg
2008-04-13 17:23:13 10040 ---hs---- C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Large.jpg
2008-04-13 17:22:59 2625 ---hs---- C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Small.jpg
2008-04-13 17:21:16 11087 ---hs---- C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Large.jpg
2008-04-13 17:21:05 2792 ---hs---- C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Small.jpg
2008-04-13 17:20:22 11795 ---hs---- C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Large.jpg
2008-04-13 17:20:18 2982 ---hs---- C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Small.jpg
2008-04-13 17:19:33 4548903 --a------ C:\Program Files\Madonna Feat Justin Timberlake & Timbaland-4 Minutes.mp3
2008-04-13 17:19:26 9542 ---hs---- C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Large.jpg
2008-04-13 17:19:18 2353 ---hs---- C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Small.jpg
2008-04-13 17:18:53 9449 ---hs---- C:\Program Files\AlbumArt_{AE85E330-21BE-4D3D-9954-75312FFF543E}_Large.jpg
2008-04-13 17:18:43 2429 ---hs---- C:\Program Files\AlbumArt_{AE85E330-21BE-4D3D-9954-75312FFF543E}_Small.jpg
2008-04-13 17:18:29 7783 ---hs---- C:\Program Files\AlbumArt_{A158502E-D531-4BC9-966B-5CFC0EEE8D9D}_Large.jpg
2008-04-13 17:18:21 2219 ---hs---- C:\Program Files\AlbumArt_{A158502E-D531-4BC9-966B-5CFC0EEE8D9D}_Small.jpg
2008-04-13 17:18:00 9173 ---hs---- C:\Program Files\AlbumArt_{5BA158BA-1376-4B75-9912-3EADD5C69625}_Large.jpg
2008-04-13 17:17:56 2403 ---hs---- C:\Program Files\AlbumArt_{5BA158BA-1376-4B75-9912-3EADD5C69625}_Small.jpg
2008-04-13 17:17:40 8798 ---hs---- C:\Program Files\AlbumArt_{9EBDBA08-AE07-4F77-A6CD-6E5E0E8FFE71}_Large.jpg
2008-04-13 17:17:34 2388 ---hs---- C:\Program Files\AlbumArt_{9EBDBA08-AE07-4F77-A6CD-6E5E0E8FFE71}_Small.jpg
2008-04-13 17:17:26 10291 ---hs---- C:\Program Files\AlbumArt_{A656F895-F50C-43C6-815D-1000CCE2C02C}_Large.jpg
2008-04-13 17:17:21 2765 ---hs---- C:\Program Files\AlbumArt_{A656F895-F50C-43C6-815D-1000CCE2C02C}_Small.jpg
2008-04-13 17:17:04 12196 ---hs---- C:\Program Files\AlbumArt_{6F5AD8DD-5286-4BD4-ABAC-39B30077C604}_Large.jpg
2008-04-13 17:17:01 3024 ---hs---- C:\Program Files\AlbumArt_{6F5AD8DD-5286-4BD4-ABAC-39B30077C604}_Small.jpg
2008-04-13 17:16:31 3208853 --a------ C:\Program Files\Fall Out Boy-This Aint A Scene, Its An Arms Race.mp3
2008-04-13 17:16:05 10044 ---hs---- C:\Program Files\AlbumArt_{20EEE73E-5BD8-4F6F-8B04-8FDB3C988089}_Large.jpg
2008-04-13 17:15:56 2509 ---hs---- C:\Program Files\AlbumArt_{20EEE73E-5BD8-4F6F-8B04-8FDB3C988089}_Small.jpg
2008-04-13 17:15:41 7954 ---hs---- C:\Program Files\AlbumArt_{B6287462-6DFF-464A-89FD-B0867AB749E3}_Large.jpg
2008-04-13 17:15:33 2095 ---hs---- C:\Program Files\AlbumArt_{B6287462-6DFF-464A-89FD-B0867AB749E3}_Small.jpg
2008-04-13 17:15:15 8915 ---hs---- C:\Program Files\AlbumArt_{38EA4E20-F84E-4BA2-9B46-7CE9BA2863A4}_Large.jpg
2008-04-13 17:15:09 2412 ---hs---- C:\Program Files\AlbumArt_{38EA4E20-F84E-4BA2-9B46-7CE9BA2863A4}_Small.jpg
2008-04-13 17:15:06 8814 ---hs---- C:\Program Files\AlbumArt_{F93F3FAD-2F98-48F1-870E-9AD9F9E6E2E5}_Large.jpg
2008-04-13 17:14:59 2175 ---hs---- C:\Program Files\AlbumArt_{F93F3FAD-2F98-48F1-870E-9AD9F9E6E2E5}_Small.jpg
2008-04-13 17:14:39 8574 ---hs---- C:\Program Files\AlbumArt_{0C5915AB-BCCE-4C76-B3B0-BC59D1CC4A1B}_Large.jpg
2008-04-13 17:14:38 2389 ---hs---- C:\Program Files\AlbumArt_{0C5915AB-BCCE-4C76-B3B0-BC59D1CC4A1B}_Small.jpg
2008-04-13 17:14:19 7495 ---hs---- C:\Program Files\AlbumArt_{08098882-E0B2-43A9-942F-12F923FF5998}_Large.jpg
2008-04-13 17:14:18 2229 ---hs---- C:\Program Files\AlbumArt_{08098882-E0B2-43A9-942F-12F923FF5998}_Small.jpg
2008-04-09 23:11:17 8412 ---hs---- C:\Program Files\AlbumArt_{41E88225-A345-4F9B-ABCC-68C71057C919}_Large.jpg
2008-04-09 23:11:15 2401 ---hs---- C:\Program Files\AlbumArt_{41E88225-A345-4F9B-ABCC-68C71057C919}_Small.jpg
2008-04-09 23:10:03 10506 ---hs---- C:\Program Files\AlbumArt_{F1F9DFCC-4E07-48F7-A59D-E4743097ABEE}_Large.jpg
2008-04-09 23:10:02 2888 ---hs---- C:\Program Files\AlbumArt_{F1F9DFCC-4E07-48F7-A59D-E4743097ABEE}_Small.jpg
2008-04-09 18:49:54 6624121 --a------ C:\Program Files\Red Hot Chilli Peppers - Cant Stop.mp3
2008-04-09 18:49:52 4126229 --a------ C:\Program Files\Red Hot Chili Peppers - By The Way.mp3
2008-04-09 18:49:50 5014693 --a------ C:\Program Files\Red Hot Chili Peppers- Dani California.mp3
2008-04-09 18:49:49 6069036 --a------ C:\Program Files\R.Kelly - If I turn back the hands of time.mp3
2008-04-09 18:49:47 5927616 --a------ C:\Program Files\Fergie-Clumsy.mp3
2008-04-09 18:49:45 5759178 --a------ C:\Program Files\Ciara - Like A Boy.mp3
2008-04-09 18:49:44 3556731 --a------ C:\Program Files\Ciara - My Goodies.mp3
2008-04-09 18:49:43 7341251 --a------ C:\Program Files\Justin Timberlake - Chop Me Up (ft. Timbaland & Three 6 Mafia).mp3
2008-04-09 18:49:41 3084002 --a------ C:\Program Files\Dream - This Is Me.mp3
2008-04-09 18:49:40 3873114 --a------ C:\Program Files\Queen (with David Bowie) - Under Pressure.mp3
2008-04-09 18:49:39 8337076 --a------ C:\Program Files\Prince - Purple Rain.mp3
2008-04-09 18:49:37 4966601 --a------ C:\Program Files\Prince - When the Doves Cry.mp3
2008-04-09 18:49:32 6139150 --a----c- C:\Program Files\Lenny Kravitz - Lady.mp3
2008-04-09 18:49:31 6237818 --a------ C:\Program Files\Lenny Kravitz - American Woman.mp3
2008-04-09 18:49:30 4886669 --a------ C:\Program Files\Jamiroquai - You Give Me Something.mp3
2008-04-09 18:49:29 5132288 --a------ C:\Program Files\Jamiroquai - Feels So Good.mp3
2008-04-09 18:49:27 5571440 --a------ C:\Program Files\Fantasia Barrino - Got Me Waiting.mp3
2008-04-09 18:49:26 3386484 --a------ C:\Program Files\Nickelback - Leader of Men.mp3
2008-04-09 18:49:26 5101696 --a------ C:\Program Files\Madonna - Die Another Day (James Bond Theme).mp3
2008-04-01 16:57:39 3828437 --a------ C:\Program Files\Jamiroquai - Little L.mp3
2008-04-01 16:57:35 5622768 --a------ C:\Program Files\Carrie Underwood - Before He Cheats.Mp3
2008-04-01 16:51:48 4233647 --a------ C:\Program Files\Red Hot Chilli Peppers - City of Angels.mp3
2008-04-01 16:50:58 8550 ---hs---- C:\Program Files\AlbumArt_{2C37F23F-6CEA-4CBC-B2F9-BE20D211E5EC}_Large.jpg
2008-04-01 16:50:51 2333 ---hs---- C:\Program Files\AlbumArt_{2C37F23F-6CEA-4CBC-B2F9-BE20D211E5EC}_Small.jpg
2008-04-01 16:50:47 8506942 --a------ C:\Program Files\Ciara - Get Up.mp3
2008-04-01 16:50:36 8284 ---hs---- C:\Program Files\AlbumArt_{CAD8CB3D-A890-40E1-8D5C-ACA336C6D779}_Large.jpg
2008-04-01 16:50:34 2389 ---hs---- C:\Program Files\AlbumArt_{CAD8CB3D-A890-40E1-8D5C-ACA336C6D779}_Small.jpg
2008-04-01 16:49:49 1492 ---hs---- C:\Program Files\AlbumArt_{793208AE-A9A4-4EFF-A89A-D25C530348C7}_Small.jpg
2008-04-01 16:49:49 4065 ---hs---- C:\Program Files\AlbumArt_{793208AE-A9A4-4EFF-A89A-D25C530348C7}_Large.jpg
2008-04-01 16:49:22 10391 ---hs---- C:\Program Files\AlbumArt_{D2EB3CBD-4AC8-402E-8ED4-5F8F3160F62F}_Large.jpg
2008-04-01 16:49:17 2675 ---hs---- C:\Program Files\AlbumArt_{D2EB3CBD-4AC8-402E-8ED4-5F8F3160F62F}_Small.jpg
2008-04-01 16:48:58 10949 ---hs---- C:\Program Files\AlbumArt_{883BBF7E-CE68-43A9-A75E-621B6AABAB67}_Large.jpg
2008-04-01 16:48:54 2794 ---hs---- C:\Program Files\AlbumArt_{883BBF7E-CE68-43A9-A75E-621B6AABAB67}_Small.jpg
2008-04-01 16:47:24 6616739 --a------ C:\Program Files\Ciara Ft. Ludacris - Oh.mp3
2008-04-01 16:43:46 16068 ---hs---- C:\Program Files\AlbumArt_{613A8D68-9D6B-41DD-A369-4C33DD367B49}_Large.jpg
2008-04-01 16:43:41 3391 ---hs---- C:\Program Files\AlbumArt_{613A8D68-9D6B-41DD-A369-4C33DD367B49}_Small.jpg
2008-04-01 16:42:22 4076677 --a------ C:\Program Files\Ciara - 1,2 Step.mp3
2008-04-01 16:40:33 1845 ---hs---- C:\Program Files\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Small.jpg
2008-04-01 16:40:33 5765 ---hs---- C:\Program Files\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Large.jpg
2008-04-01 16:32:02 8488 ---hs---- C:\Program Files\AlbumArt_{511441A0-1A74-47C2-B05A-04ED681081B8}_Large.jpg
2008-04-01 16:31:59 2631 ---hs---- C:\Program Files\AlbumArt_{511441A0-1A74-47C2-B05A-04ED681081B8}_Small.jpg
2008-04-01 16:31:44 11641 ---hs---- C:\Program Files\AlbumArt_{C3E0B318-4382-4B87-A904-41E1E52DD48B}_Large.jpg
2008-04-01 16:31:40 3036 ---hs---- C:\Program Files\AlbumArt_{C3E0B318-4382-4B87-A904-41E1E52DD48B}_Small.jpg
2008-04-01 16:30:27 12132 ---hs---- C:\Program Files\AlbumArt_{8CDB7DA4-18F9-47AA-A3E0-D400BFD62326}_Large.jpg
2008-04-01 16:29:54 2841 ---hs---- C:\Program Files\AlbumArt_{8CDB7DA4-18F9-47AA-A3E0-D400BFD62326}_Small.jpg
2008-04-01 16:29:25 15347 ---hs---- C:\Program Files\AlbumArt_{6D6C990F-6C33-4E1E-A011-8FF4E076A702}_Large.jpg
2008-04-01 16:29:10 3349 ---hs---- C:\Program Files\AlbumArt_{6D6C990F-6C33-4E1E-A011-8FF4E076A702}_Small.jpg
2008-04-01 16:28:28 9541 ---hs---- C:\Program Files\AlbumArt_{061154BA-DD5D-4D69-B367-26B2A5B5F1CB}_Large.jpg
2008-04-01 16:28:22 2627 ---hs---- C:\Program Files\AlbumArt_{061154BA-DD5D-4D69-B367-26B2A5B5F1CB}_Small.jpg
2008-04-01 16:27:50 14037 ---hs---- C:\Program Files\AlbumArt_{238F310C-5C19-42F8-AE40-7565278F8F3D}_Large.jpg
2008-04-01 16:27:42 3135 ---hs---- C:\Program Files\AlbumArt_{238F310C-5C19-42F8-AE40-7565278F8F3D}_Small.jpg
2008-04-01 16:27:28 9491 ---hs---- C:\Program Files\AlbumArt_{64D3F25A-C6F1-485F-AE15-EE16F7DFF470}_Large.jpg
2008-04-01 16:27:20 2334 ---hs---- C:\Program Files\AlbumArt_{64D3F25A-C6F1-485F-AE15-EE16F7DFF470}_Small.jpg
2008-04-01 16:24:22 5949555 --a------ C:\Program Files\Justin Timberlake - Summer Love.mp3
2008-04-01 16:24:06 4127903 --a------ C:\Program Files\Lenny Kravitz - I Belong To You.mp3
2008-04-01 16:23:42 7676858 --a----c- C:\Program Files\Seether feat. Amy Lee - Broken.mp3
2008-04-01 16:23:36 4419221 --a------ C:\Program Files\Evanescense - My Immortal (Rock Version).mp3
2008-04-01 16:22:54 3775886 --a------ C:\Program Files\The White Stripes - Blue Orchid.mp3
2008-04-01 16:22:47 5421184 --a------ C:\Program Files\Rihanna- Shut up and drive.mp3
2008-04-01 16:22:43 9581225 --a------ C:\Program Files\Rihanna- SOS (Rescue Me).mp3
2008-04-01 16:22:13 8307 ---hs---- C:\Program Files\AlbumArt_{0A6E2A24-BD47-459C-BC1E-9460E8285156}_Large.jpg
2008-04-01 16:21:51 2371 ---hs---- C:\Program Files\AlbumArt_{0A6E2A24-BD47-459C-BC1E-9460E8285156}_Small.jpg
2008-04-01 16:21:46 5549497 --a------ C:\Program Files\Mariah Carey - Don't Forget About Us.mp3
2008-04-01 16:21:43 5819650 --a------ C:\Program Files\Lenny Kravitz - It Ain't Over Till It's Over.mp3
2008-04-01 16:21:26 2783232 --a------ C:\Program Files\Ike and Tina Turner - A Fool in Love (60).mp3
2008-04-01 16:21:17 5347 ---hs---- C:\Program Files\AlbumArt_{866F7EC7-163A-4791-BB41-8081A3C9DF2B}_Large.jpg
2008-04-01 16:21:09 1744 ---hs---- C:\Program Files\AlbumArt_{866F7EC7-163A-4791-BB41-8081A3C9DF2B}_Small.jpg
2008-04-01 16:20:57 7149 ---hs---- C:\Program Files\AlbumArt_{B44A7213-3783-41A0-9E2D-D851FF5C1479}_Large.jpg
2008-04-01 16:20:51 2083 ---hs---- C:\Program Files\AlbumArt_{B44A7213-3783-41A0-9E2D-D851FF5C1479}_Small.jpg
2008-04-01 16:20:10 10579 ---hs---- C:\Program Files\AlbumArt_{F83E2583-9416-44AD-B5BD-5E689602DBCD}_Large.jpg
2008-04-01 16:20:07 2749 ---hs---- C:\Program Files\AlbumArt_{F83E2583-9416-44AD-B5BD-5E689602DBCD}_Small.jpg
2008-04-01 16:19:22 10026 ---hs---- C:\Program Files\AlbumArt_{9FEF1FBB-4727-44EA-B497-1BC2743833B6}_Large.jpg
2008-04-01 16:19:12 2539 ---hs---- C:\Program Files\AlbumArt_{9FEF1FBB-4727-44EA-B497-1BC2743833B6}_Small.jpg
2008-04-01 16:18:30 7305 ---hs---- C:\Program Files\AlbumArt_{45D79EE9-596C-4846-82A1-6871B6CFC192}_Large.jpg
2008-04-01 16:18:21 2016 ---hs---- C:\Program Files\AlbumArt_{45D79EE9-596C-4846-82A1-6871B6CFC192}_Small.jpg
2008-04-01 16:17:30 11334 ---hs---- C:\Program Files\AlbumArt_{DF4D94C2-1291-4A91-A4D5-800D49396CE5}_Large.jpg
2008-04-01 16:17:25 5520963 --a------ C:\Program Files\Evanescence - Call Me When You're Sober.mp3
2008-04-01 16:17:24 2820 ---hs---- C:\Program Files\AlbumArt_{DF4D94C2-1291-4A91-A4D5-800D49396CE5}_Small.jpg
2008-04-01 16:17:22 10445 ---hs---- C:\Program Files\AlbumArt_{5F015CD2-5BEF-483C-BF5F-EBFA1D22897C}_Large.jpg
2008-04-01 16:17:08 2684 ---hs---- C:\Program Files\AlbumArt_{5F015CD2-5BEF-483C-BF5F-EBFA1D22897C}_Small.jpg
2008-04-01 16:16:41 7707 ---hs---- C:\Program Files\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Large.jpg
2008-04-01 16:16:33 1934 ---hs---- C:\Program Files\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Small.jpg
2008-04-01 16:16:19 9003 ---hs---- C:\Program Files\AlbumArt_{30EF0FC0-8791-42E5-BF58-6B57CAC9281D}_Large.jpg
2008-04-01 16:16:15 2716 ---hs---- C:\Program Files\AlbumArt_{30EF0FC0-8791-42E5-BF58-6B57CAC9281D}_Small.jpg
2008-04-01 16:16:14 9795 ---hs---- C:\Program Files\AlbumArt_{9805E048-C781-4D3B-806A-B6FEB1983DFB}_Large.jpg
2008-04-01 16:16:11 2579 ---hs---- C:\Program Files\AlbumArt_{9805E048-C781-4D3B-806A-B6FEB1983DFB}_Small.jpg
2008-04-01 16:16:09 5969991 --a------ C:\Program Files\bow wow & omarion ft. cassidy & soulja boy - girlfriend (remix).mp3
2008-04-01 16:15:10 2346 ---hs---- C:\Program Files\AlbumArt_{8C38898C-735D-4779-BF24-C752EFCAF251}_Small.jpg
2008-04-01 16:15:10 8758 ---hs---- C:\Program Files\AlbumArt_{8C38898C-735D-4779-BF24-C752EFCAF251}_Large.jpg
2008-04-01 12:28:47 0 d-------- C:\Program Files\Dell Support Center
2008-04-01 12:28:30 0 d-------- C:\Program Files\Common Files\supportsoft
2008-03-30 20:51:33 8751 ---hs---- C:\Program Files\AlbumArt_{062DE2FA-7DD6-4CC9-825F-E4B1D22B7F47}_Large.jpg
2008-03-30 20:51:25 2518 ---hs---- C:\Program Files\AlbumArt_{062DE2FA-7DD6-4CC9-825F-E4B1D22B7F47}_Small.jpg
2008-03-30 20:50:58 5324426 --a------ C:\Program Files\Amerie - One Thing.mp3
2008-03-30 20:50:56 8253 ---hs---- C:\Program Files\AlbumArt_{DF938B46-CFF3-4CD5-A89C-6D512C696CB9}_Large.jpg
2008-03-30 20:50:55 2404 ---hs---- C:\Program Files\AlbumArt_{DF938B46-CFF3-4CD5-A89C-6D512C696CB9}_Small.jpg
2008-03-30 20:38:53 10143 ---hs---- C:\Program Files\AlbumArt_{CB7FA5C1-DF2B-476E-B474-3BC06AFE7236}_Large.jpg
2008-03-30 20:38:50 2639 ---hs---- C:\Program Files\AlbumArt_{CB7FA5C1-DF2B-476E-B474-3BC06AFE7236}_Small.jpg
2008-03-30 20:28:39 9 --a------ C:\Program Files\limewire.m3u
2008-03-24 13:23:16 0 d-------- C:\Documents and Settings\Jessica\Application Data\Talkback
2008-03-24 13:23:13 0 d-------- C:\Documents and Settings\Jessica\Application Data\Mozilla
2008-03-24 13:03:15 0 d-------- C:\Program Files\BizWare Magic DATEwise
2008-03-18 14:18:45 7444340 --a------ C:\Program Files\Bow Wow ft. Omarion- Girlfriend.mp3
2008-02-25 17:28:53 442368 --a------ C:\WINDOWS\system32\vp6vfw.dll <Not Verified; On2.com; On2_VP6>
2008-02-19 15:16:14 228 --a------ C:\UnInstall.dat
2008-02-12 01:05:02 4114432 --a------ C:\Program Files\The White Stripes - Icky Thump.mp3


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0A6C3BD4-AA0E-45C4-92C8-BAC4D9F3F88D}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1D0B1B2F-4D44-48DC-AE5A-F4BBBAE2A83F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2B277306-7C43-4FF9-AA4E-8E6E9D8E9BB6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{32B02FC3-1237-4FCD-8D12-E5C18723DD1D}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{90C6E0BF-882E-47CC-A60C-7946E25380EB}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A08B97A7-DCBA-481A-BBA5-A692C42EDEE4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C6D94EA0-D245-D1C0-44E1-A48F02267DC1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CDA1B0C3-EB60-4003-B6E1-72998FA881CC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ECF8EA6D-8F99-4ABD-A8F5-AF630689D85B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F04B6A5A-0B29-45E3-960B-00CB392E79CF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 08:42 PM]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [09/03/2003 09:12 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [07/27/2004 05:50 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 05:50 PM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [01/27/2005 02:02 AM]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [09/22/2005 06:29 PM]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [01/11/2006 12:05 PM]
"DLCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [06/07/2005 07:38 AM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [02/23/2005 04:19 PM]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [04/08/2006 11:05 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [09/20/2005 09:35 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [09/20/2005 09:32 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 09:36 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/02/2006 08:39 PM]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [05/31/2005 06:33 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [11/15/2007 09:24 AM]
"RegistryMechanic"="C:\Program Files\Registry Mechanic\RegMech.exe" [08/20/2007 11:58 AM]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [04/10/2008 03:14 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 06:00 AM]
"Asfmodd"="C:\Program Files\F?nts\r?ndll32.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljJCVpop]
ljJCVpop.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\mlJDwvwW

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\clbdriver.sys]
@="driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"




-- End of Deckard's System Scanner: finished at 2008-05-07 17:30:50 ------------
  • 0

#15
Thunderbird1988
Posted 08 May 2008 - 01:09 AM

Thunderbird1988

    Member 2k

  • Member
  • PipPipPipPipPip
  • 2,416 posts
Hello Dazed&Confused08,

SDfix, has done its work.

Click here to download HJTInstall.exe
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan only button.
  • Check the boxes next to all the entries listed below.


O2 - BHO: (no name) - {0A6C3BD4-AA0E-45C4-92C8-BAC4D9F3F88D} - (no file)
O2 - BHO: (no name) - {1D0B1B2F-4D44-48DC-AE5A-F4BBBAE2A83F} - (no file)
O2 - BHO: (no name) - {2B277306-7C43-4FF9-AA4E-8E6E9D8E9BB6} - (no file)
O2 - BHO: (no name) - {32B02FC3-1237-4FCD-8D12-E5C18723DD1D} - (no file)
O2 - BHO: (no name) - {90C6E0BF-882E-47CC-A60C-7946E25380EB} - (no file)
O2 - BHO: (no name) - {A08B97A7-DCBA-481A-BBA5-A692C42EDEE4} - (no file)
O2 - BHO: (no name) - {C6D94EA0-D245-D1C0-44E1-A48F02267DC1} - (no file)
O2 - BHO: (no name) - {CDA1B0C3-EB60-4003-B6E1-72998FA881CC} - (no file)
O2 - BHO: (no name) - {ECF8EA6D-8F99-4ABD-A8F5-AF630689D85B} - (no file)
O2 - BHO: (no name) - {F04B6A5A-0B29-45E3-960B-00CB392E79CF} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKCU\..\Run: [Asfmodd] "C:\Program Files\F?nts\r?ndll32.exe"
O20 - Winlogon Notify: ljJCVpop - C:\WINDOWS\system32\ljJCVpop.dll (file missing)
Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    [b] [kill explorer]
C:\ijji
C:\Documents and Settings\Jessica\Application Data\ijjigame
C:\WINDOWS\system32\ijjiSetup.exe
C:\Documents and Settings\kiwana\Application Data\BearShare
C:\Documents and Settings\Jessica\Application Data\BearShare
C:\Program Files\BearShare Applications
C:\WINDOWS\system32\yqkpmhjj.dll
C:\WINDOWS\system32\gside.exe
C:\WINDOWS\system32\WwvwDJlm.ini2
C:\WINDOWS\system32\PrqWwyxx.ini2
C:\WINDOWS\system32\pqqsCcfe.ini2
C:\WINDOWS\system32\gPVuDMoq.ini2
C:\WINDOWS\system32\DgOpoUtv.ini2
C:\WINDOWS\system32\winpfz33.sys
C:\WINDOWS\SmVzc2ljYQ
C:\WINDOWS\system32\scntmkdn.exe
C:\WINDOWS\system32\g76.exe
C:\WINDOWS\system32\wTMP
C:\WINDOWS\system32\n3
C:\WINDOWS\system32\b1
C:\Program Files\F?nts /u
C:\Program Files\Common Files\M?crosoft /u
C:\WINDOWS\lfn.exe
C:\WINDOWS\system32\_{f9dd31ba-e854-da85-c499-21b194989885}.dll
C:\WINDOWS\system32\6709BCCFE0.sys
C:\Program Files\LimeWire
C:\Program Files\limewire.m3u
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\clbdriver.sys
purity
[start explorer] [/b]
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.

After you have Finished this, please post the logs of the uninstall list, OTmoveit, MBAM and a new log of dss.

Thunderbird1988
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP