Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

My computer is running slow after malware removal [RESOLVED]

Started by Dazed&Confused08 , Jun 21 2008 08:11 PM

This topic is locked

#1
Dazed&Confused08

Posted 21 June 2008 - 08:11 PM

Member

Member
75 posts

I had malware removed from my computer about a month ago, and my computer has been running slow ever since. I'm also having problems with my mouse freezing up. I've recieved about three Low Virtual Memory messages when I run different programs, like the Sims 2 for pc. I thought that maybe I needed to add more RAM. I was working with 512MB and so I purchased a 1GB stick. I now have 1.25 GB on my computer. My computer continues to run slow, and my mouse still freezes up, just not as often. I am running Windows XP. Is it possible that I still have some malware issues?

Edited by Dazed&Confused08, 25 June 2008 - 09:40 AM.

#2
BHowett

Posted 25 June 2008 - 11:23 AM

OT Moderator

Moderator
4,649 posts

Hi Dazed&Confused08

Welcome back to Geeks to Go, and the malware forum

I have read through your topics in regards to the mouse freezing up, and it looks like you have had this problem since your very first post. Since Thunderbird1988 did a good job cleaning your system of malware, and you still had the problem, I doubt this mouse thing is going to be malware related. But let’s take a look and see what we see

ATF Cleaner

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

===============================================

Deckard's System Scanner

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

Close all other windows before proceeding.
Double-click on dss.exe and follow the prompts.
When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

===============================================

Needed in your next reply:

Deckard's System Scanner main.txt and extra.txt

*NOTE* You may have to post the logs in more then one reply, so please check and make sure the entire log posted

#3
Dazed&Confused08

Posted 25 June 2008 - 11:47 AM

Member

Topic Starter
Member
75 posts

Here's my main.txt I didn't recieve an extra.txt

Deckard's System Scanner v20071014.68
Run by Jessica on 2008-06-25 12:39:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as Jessica.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:40:05 PM, on 6/25/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jessica\Local Settings\Temporary Internet Files\Content.IE5\4Y4XSAGS\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jessica.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 - http://origin.games....ts/y/poti_x.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer....l/installer.exe
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://livewc02.cus...l/java/RntX.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...960/mcfscan.cab
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 7406 bytes

-- Files created between 2008-05-25 and 2008-06-25 -----------------------------

2008-06-24 15:27:35 0 d-------- C:\Documents and Settings\Pimpin Ken\Application Data\Help
2008-06-24 15:25:32 0 d-------- C:\Documents and Settings\Pimpin Ken\Application Data\Corel
2008-06-21 23:54:08 1932 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-05-27 20:18:49 56 -r-hs---- C:\WINDOWS\system32\6709BCCFE0.sys

-- Find3M Report ---------------------------------------------------------------

2008-06-25 12:29:17 0 d-------- C:\Program Files\Dl_cats
2008-06-25 10:57:07 0 d-------- C:\Program Files\Spyware Doctor
2008-06-24 15:34:27 2516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-06-11 19:35:18 383 ---hs---- C:\Program Files\desktop.ini
2008-06-11 19:35:17 10260 ---hs--c- C:\Program Files\Folder.jpg
2008-06-11 19:35:17 10260 ---hs---- C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Large.jpg
2008-06-11 19:35:16 2403 ---hs--c- C:\Program Files\AlbumArtSmall.jpg
2008-06-11 19:35:16 2403 ---hs---- C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Small.jpg
2008-06-02 17:31:40 0 d-------- C:\Program Files\FrostWire
2008-06-02 16:19:20 11087 ---hs---- C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Large.jpg
2008-06-02 16:19:18 2792 ---hs---- C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Small.jpg
2008-05-31 17:58:35 0 d-------- C:\Program Files\VideoLAN
2008-05-31 17:56:18 0 d-------- C:\Program Files\DivX
2008-05-24 20:33:10 0 d-------- C:\Documents and Settings\Jessica\Application Data\FrostWire
2008-05-21 21:32:51 7651584 --a------ C:\Program Files\Phil Collins - Take Me Home (long version).mp3
2008-05-21 21:32:44 4010362 --a------ C:\Program Files\Journey - Don't Stop Beleiving.MP3
2008-05-21 21:32:38 5291083 --a------ C:\Program Files\Maroon five - Rag Doll.mp3
2008-05-21 21:31:09 9276 ---hs---- C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Large.jpg
2008-05-21 21:31:08 2353 ---hs---- C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Small.jpg
2008-05-21 16:04:44 0 d-------- C:\Documents and Settings\Jessica\Application Data\Adobe
2008-05-09 17:56:58 0 d-------- C:\Program Files\Messenger
2008-05-09 17:56:17 0 d-------- C:\Program Files\Movie Maker
2008-05-09 17:51:22 0 d-------- C:\Program Files\Windows NT
2008-05-09 16:47:47 0 d-------- C:\Program Files\Java
2008-05-09 14:37:20 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-09 14:26:02 0 d-------- C:\Program Files\Yahoo! Games
2008-05-08 15:13:31 0 d-------- C:\Documents and Settings\Jessica\Application Data\Malwarebytes
2008-05-08 15:06:20 0 d-------- C:\Program Files\Common Files
2008-05-08 11:47:18 0 d-------- C:\Program Files\Trend Micro
2008-05-05 19:10:30 0 d-------- C:\Program Files\Mozilla Firefox(2)
2008-05-04 14:44:56 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-04-29 14:41:08 0 d-------- C:\Documents and Settings\Jessica\Application Data\Move Networks
2008-04-27 22:45:36 0 d-------- C:\Program Files\Google
2008-04-27 12:33:26 0 d-------- C:\Program Files\Common Files\PC Tools
2008-04-27 02:24:04 0 d-------- C:\Documents and Settings\Jessica\Application Data\PC Tools
2008-04-24 08:10:33 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-04-23 22:14:09 82944 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-23 22:14:09 82944 --a------ C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-23 17:13:12 7700480 --a------ C:\Program Files\Pharell Williams, P Diddy, Lenny Kravitz - Show Me Your Soul.mp3
2008-04-23 16:59:04 3973854 --a------ C:\Program Files\Nickelback - Photogragh.mp3
2008-04-23 16:58:05 7026578 --a------ C:\Program Files\Sade - King Of Sorrow.mp3
2008-04-23 16:58:03 5163662 --a------ C:\Program Files\Phil Collins - You'll Be In My Heart.mp3
2008-04-23 16:57:59 1783510 --a------ C:\Program Files\Nsync - Something Like You.mp3
2008-04-23 16:57:56 6253434 --a------ C:\Program Files\Nsync - Selfish.mp3
2008-04-23 16:57:54 12616 ---hs---- C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Large.jpg
2008-04-23 16:57:51 3240030 --a------ C:\Program Files\Nsync - I thought she knew.mp3
2008-04-23 16:57:47 7411508 --a------ C:\Program Files\Musiq Soulchild - Dont Change.mp3
2008-04-23 16:57:46 3274 ---hs---- C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Small.jpg
2008-04-23 16:57:44 16056 ---hs---- C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Large.jpg
2008-04-23 16:57:41 5536958 --a------ C:\Program Files\Dixie Chicks - Landslide.mp3
2008-04-23 16:57:40 3591 ---hs---- C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Small.jpg
2008-04-16 16:27:27 125999092 --a------ C:\Program Files\Harvey Birdman Attorney at Law - 103 - Death By Chocolate.mpg
2008-04-16 14:55:26 121189628 --a------ C:\Program Files\Harvey Birdman Attorney at Law - 109 - Blackwatch Plaid.mpg
2008-04-14 22:59:43 11196 ---hs---- C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Large.jpg
2008-04-14 22:59:38 2375 ---hs---- C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Small.jpg
2008-04-14 22:59:26 3325369 --a------ C:\Program Files\Fall Out Boy - Get Busy Living Or Get Busy Dying.mp3
2008-04-14 22:59:17 11493 ---hs---- C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Large.jpg
2008-04-14 22:59:14 2800 ---hs---- C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Small.jpg
2008-04-14 22:58:01 4321454 --a------ C:\Program Files\Maroon 5 - Shiver.mp3
2008-04-14 22:57:25 3473 ---hs---- C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Small.jpg
2008-04-14 22:57:25 15403 ---hs---- C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Large.jpg
2008-04-13 17:42:37 4687039 --a------ C:\Program Files\Stained - Outside.mp3
2008-04-13 17:42:37 7216224 --a------ C:\Program Files\Jordan Sparks feat. Chris Brown - No Air.mp3
2008-04-13 17:42:36 4392667 --a------ C:\Program Files\Sade- By Your Side.mp3
2008-04-13 17:42:35 5196894 --a------ C:\Program Files\Puddle Of Mudd - She Hates Me.mp3
2008-04-13 17:42:35 8944288 --a------ C:\Program Files\P-Diddy feat. Keisha Cole- Last night.mp3
2008-04-13 17:42:34 5521441 --a------ C:\Program Files\Nelly Furtado - Maneater.mp3
2008-04-13 17:42:33 6452185 --a------ C:\Program Files\Musiq Soulchild - Teach me(1).mp3
2008-04-13 17:42:32 4423680 --a------ C:\Program Files\Mary J. Blige feat. Ja Rule - Rainy Days.mp3
2008-04-13 17:42:31 5612458 --a------ C:\Program Files\Marron 5 - Wake Up Call.mp3
2008-04-13 17:42:30 6148720 --a------ C:\Program Files\Maroon 5- Goodnight Goodnight.mp3
2008-04-13 17:42:29 5776567 --a------ C:\Program Files\Maroon 5 - Won't Go Home Without You.mp3
2008-04-13 17:42:27 5072281 --a------ C:\Program Files\Maroon 5 - Makes Me Wonder .mp3
2008-04-13 17:42:26 3737213 --a------ C:\Program Files\Maroon 5 - Little Of Your Time.mp3
2008-04-13 17:42:25 5322252 --a------ C:\Program Files\Maroon 5 - Kiwi.mp3
2008-04-13 17:42:23 6760771 --a------ C:\Program Files\Maroon 5 - Infatuation.mp3
2008-04-13 17:42:22 2170374 --a------ C:\Program Files\Maroon 5 - Can't Stop.mp3
2008-04-13 17:42:21 3010658 --a------ C:\Program Files\Maroon 5 - Back At Your Door.mp3
2008-04-13 17:42:20 5123792 --a------ C:\Program Files\Madonna - Ray of Light.mp3
2008-04-13 17:42:18 6299828 --a------ C:\Program Files\Lenny Kravitz- Again.mp3
2008-04-13 17:42:17 3500245 --a------ C:\Program Files\J.Holiday - Suffocate.mp3
2008-04-13 17:42:15 7605857 --a------ C:\Program Files\Gwen Steffani - Wind It Up.mp3
2008-04-13 17:42:13 4681228 --a------ C:\Program Files\Fuel - Bad Day.mp3
2008-04-13 17:42:12 5558400 --a------ C:\Program Files\Fat Boy Slim - Wonderful Night.mp3
2008-04-13 17:42:09 3602528 --a------ C:\Program Files\Dream - He Loves U Not.mp3
2008-04-13 17:42:08 5095802 --a------ C:\Program Files\Dido- Here With Me.mp3
2008-04-13 17:42:06 5176104 --a------ C:\Program Files\Dido - White Flag.mp3
2008-04-13 17:42:00 4028416 --a------ C:\Program Files\Christina Aguilera & Ricky Martin - Nobody Wants to Be Lonely.mp3
2008-04-13 17:41:57 11819 ---hs---- C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Large.jpg
2008-04-13 17:41:54 4285891 --a------ C:\Program Files\Aretha Franklin (feat. Lauryn Hill) - A Rose Is Still A Rose.mp3
2008-04-13 17:41:50 2567 ---hs---- C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Small.jpg
2008-04-13 17:31:53 5396087 --a------ C:\Program Files\Elisa - Dancing.mp3
2008-04-13 17:31:12 3021212 --a------ C:\Program Files\Journey - When The Lights Go Down In The City.mp3
2008-04-13 17:31:08 11644 ---hs---- C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Large.jpg
2008-04-13 17:30:59 2989 ---hs---- C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Small.jpg
2008-04-13 17:30:45 4956507 --a------ C:\Program Files\Switchfoot - I Dare You To Move (A Walk To Remember Soundtrack)(1).mp3
2008-04-13 17:30:40 12512 ---hs---- C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Large.jpg
2008-04-13 17:30:26 2893 ---hs---- C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Small.jpg
2008-04-13 17:29:46 1972 ---hs---- C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Small.jpg
2008-04-13 17:29:46 8989 ---hs---- C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Large.jpg
2008-04-13 17:29:32 9939 ---hs---- C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Large.jpg
2008-04-13 17:29:17 2499 ---hs---- C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Small.jpg
2008-04-13 17:27:55 2785784 --a------ C:\Program Files\Maroon 5 - Harder To Breathe.mp3
2008-04-13 17:25:41 10259 ---hs---- C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Large.jpg
2008-04-13 17:25:28 2552 ---hs---- C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Small.jpg
2008-04-13 17:25:09 8655 ---hs---- C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Large.jpg
2008-04-13 17:24:52 2579 ---hs---- C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Small.jpg
2008-04-13 17:24:38 10032 ---hs---- C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Large.jpg
2008-04-13 17:24:29 2390 ---hs---- C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Small.jpg
2008-04-13 17:23:53 7364 ---hs---- C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Large.jpg
2008-04-13 17:23:43 3354004 --a------ C:\Program Files\Maroon 5 - Simple Kind of Lovely.mp3
2008-04-13 17:23:37 2187 ---hs---- C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Small.jpg
2008-04-13 17:23:13 10040 ---hs---- C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Large.jpg
2008-04-13 17:22:59 2625 ---hs---- C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Small.jpg
2008-04-13 17:20:22 11795 ---hs---- C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Large.jpg
2008-04-13 17:20:18 2982 ---hs---- C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Small.jpg
2008-04-13 17:19:33 4548903 --a------ C:\Program Files\Madonna Feat Justin Timberlake & Timbaland-4 Minutes.mp3
2008-04-13 17:19:26 9542 ---hs---- C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Large.jpg
2008-04-13 17:19:18 2353 ---hs---- C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Small.jpg
2008-04-13 17:18:53 9449 ---hs---- C:\Program Files\AlbumArt_{AE85E330-21BE-4D3D-9954-75312FFF543E}_Large.jpg
2008-04-13 17:18:43 2429 ---hs---- C:\Program Files\AlbumArt_{AE85E330-21BE-4D3D-9954-75312FFF543E}_Small.jpg
2008-04-13 17:18:29 7783 ---hs---- C:\Program Files\AlbumArt_{A158502E-D531-4BC9-966B-5CFC0EEE8D9D}_Large.jpg
2008-04-13 17:18:21 2219 ---hs---- C:\Program Files\AlbumArt_{A158502E-D531-4BC9-966B-5CFC0EEE8D9D}_Small.jpg
2008-04-13 17:18:00 9173 ---hs---- C:\Program Files\AlbumArt_{5BA158BA-1376-4B75-9912-3EADD5C69625}_Large.jpg
2008-04-13 17:17:56 2403 ---hs---- C:\Program Files\AlbumArt_{5BA158BA-1376-4B75-9912-3EADD5C69625}_Small.jpg
2008-04-13 17:17:40 8798 ---hs---- C:\Program Files\AlbumArt_{9EBDBA08-AE07-4F77-A6CD-6E5E0E8FFE71}_Large.jpg
2008-04-13 17:17:34 2388 ---hs---- C:\Program Files\AlbumArt_{9EBDBA08-AE07-4F77-A6CD-6E5E0E8FFE71}_Small.jpg
2008-04-13 17:17:26 10291 ---hs---- C:\Program Files\AlbumArt_{A656F895-F50C-43C6-815D-1000CCE2C02C}_Large.jpg
2008-04-13 17:17:21 2765 ---hs---- C:\Program Files\AlbumArt_{A656F895-F50C-43C6-815D-1000CCE2C02C}_Small.jpg
2008-04-13 17:17:04 12196 ---hs---- C:\Program Files\AlbumArt_{6F5AD8DD-5286-4BD4-ABAC-39B30077C604}_Large.jpg
2008-04-13 17:17:01 3024 ---hs---- C:\Program Files\AlbumArt_{6F5AD8DD-5286-4BD4-ABAC-39B30077C604}_Small.jpg
2008-04-13 17:16:31 3208853 --a------ C:\Program Files\Fall Out Boy-This Aint A Scene, Its An Arms Race.mp3
2008-04-13 17:16:05 10044 ---hs---- C:\Program Files\AlbumArt_{20EEE73E-5BD8-4F6F-8B04-8FDB3C988089}_Large.jpg
2008-04-13 17:15:56 2509 ---hs---- C:\Program Files\AlbumArt_{20EEE73E-5BD8-4F6F-8B04-8FDB3C988089}_Small.jpg
2008-04-13 17:15:41 7954 ---hs---- C:\Program Files\AlbumArt_{B6287462-6DFF-464A-89FD-B0867AB749E3}_Large.jpg
2008-04-13 17:15:33 2095 ---hs---- C:\Program Files\AlbumArt_{B6287462-6DFF-464A-89FD-B0867AB749E3}_Small.jpg
2008-04-13 17:15:15 8915 ---hs---- C:\Program Files\AlbumArt_{38EA4E20-F84E-4BA2-9B46-7CE9BA2863A4}_Large.jpg
2008-04-13 17:15:09 2412 ---hs---- C:\Program Files\AlbumArt_{38EA4E20-F84E-4BA2-9B46-7CE9BA2863A4}_Small.jpg
2008-04-13 17:15:06 8814 ---hs---- C:\Program Files\AlbumArt_{F93F3FAD-2F98-48F1-870E-9AD9F9E6E2E5}_Large.jpg
2008-04-13 17:14:59 2175 ---hs---- C:\Program Files\AlbumArt_{F93F3FAD-2F98-48F1-870E-9AD9F9E6E2E5}_Small.jpg
2008-04-13 17:14:39 8574 ---hs---- C:\Program Files\AlbumArt_{0C5915AB-BCCE-4C76-B3B0-BC59D1CC4A1B}_Large.jpg
2008-04-13 17:14:38 2389 ---hs---- C:\Program Files\AlbumArt_{0C5915AB-BCCE-4C76-B3B0-BC59D1CC4A1B}_Small.jpg
2008-04-13 17:14:19 7495 ---hs---- C:\Program Files\AlbumArt_{08098882-E0B2-43A9-942F-12F923FF5998}_Large.jpg
2008-04-13 17:14:18 2229 ---hs---- C:\Program Files\AlbumArt_{08098882-E0B2-43A9-942F-12F923FF5998}_Small.jpg
2008-04-09 23:11:17 8412 ---hs---- C:\Program Files\AlbumArt_{41E88225-A345-4F9B-ABCC-68C71057C919}_Large.jpg
2008-04-09 23:11:15 2401 ---hs---- C:\Program Files\AlbumArt_{41E88225-A345-4F9B-ABCC-68C71057C919}_Small.jpg
2008-04-09 23:10:03 10506 ---hs---- C:\Program Files\AlbumArt_{F1F9DFCC-4E07-48F7-A59D-E4743097ABEE}_Large.jpg
2008-04-09 23:10:02 2888 ---hs---- C:\Program Files\AlbumArt_{F1F9DFCC-4E07-48F7-A59D-E4743097ABEE}_Small.jpg
2008-04-09 18:49:54 6624121 --a------ C:\Program Files\Red Hot Chilli Peppers - Cant Stop.mp3
2008-04-09 18:49:52 4126229 --a------ C:\Program Files\Red Hot Chili Peppers - By The Way.mp3
2008-04-09 18:49:50 5014693 --a------ C:\Program Files\Red Hot Chili Peppers- Dani California.mp3
2008-04-09 18:49:49 6069036 --a------ C:\Program Files\R.Kelly - If I turn back the hands of time.mp3
2008-04-09 18:49:47 5927616 --a------ C:\Program Files\Fergie-Clumsy.mp3
2008-04-09 18:49:45 5759178 --a------ C:\Program Files\Ciara - Like A Boy.mp3
2008-04-09 18:49:44 3556731 --a------ C:\Program Files\Ciara - My Goodies.mp3
2008-04-09 18:49:43 7341251 --a------ C:\Program Files\Justin Timberlake - Chop Me Up (ft. Timbaland & Three 6 Mafia).mp3
2008-04-09 18:49:41 3084002 --a------ C:\Program Files\Dream - This Is Me.mp3
2008-04-09 18:49:40 3873114 --a------ C:\Program Files\Queen (with David Bowie) - Under Pressure.mp3
2008-04-09 18:49:39 8337076 --a------ C:\Program Files\Prince - Purple Rain.mp3
2008-04-09 18:49:37 4966601 --a------ C:\Program Files\Prince - When the Doves Cry.mp3
2008-04-09 18:49:32 6139150 --a----c- C:\Program Files\Lenny Kravitz - Lady.mp3
2008-04-09 18:49:31 6237818 --a------ C:\Program Files\Lenny Kravitz - American Woman.mp3
2008-04-09 18:49:30 4886669 --a------ C:\Program Files\Jamiroquai - You Give Me Something.mp3
2008-04-09 18:49:29 5132288 --a------ C:\Program Files\Jamiroquai - Feels So Good.mp3
2008-04-09 18:49:27 5571440 --a------ C:\Program Files\Fantasia Barrino - Got Me Waiting.mp3
2008-04-09 18:49:26 3386484 --a------ C:\Program Files\Nickelback - Leader of Men.mp3
2008-04-09 18:49:26 5101696 --a------ C:\Program Files\Madonna - Die Another Day (James Bond Theme).mp3
2008-04-01 16:57:39 3828437 --a------ C:\Program Files\Jamiroquai - Little L.mp3
2008-04-01 16:57:35 5622768 --a------ C:\Program Files\Carrie Underwood - Before He Cheats.Mp3
2008-04-01 16:51:48 4233647 --a------ C:\Program Files\Red Hot Chilli Peppers - City of Angels.mp3
2008-04-01 16:50:58 8550 ---hs---- C:\Program Files\AlbumArt_{2C37F23F-6CEA-4CBC-B2F9-BE20D211E5EC}_Large.jpg
2008-04-01 16:50:51 2333 ---hs---- C:\Program Files\AlbumArt_{2C37F23F-6CEA-4CBC-B2F9-BE20D211E5EC}_Small.jpg
2008-04-01 16:50:47 8506942 --a------ C:\Program Files\Ciara - Get Up.mp3
2008-04-01 16:50:36 8284 ---hs---- C:\Program Files\AlbumArt_{CAD8CB3D-A890-40E1-8D5C-ACA336C6D779}_Large.jpg
2008-04-01 16:50:34 2389 ---hs---- C:\Program Files\AlbumArt_{CAD8CB3D-A890-40E1-8D5C-ACA336C6D779}_Small.jpg
2008-04-01 16:49:49 1492 ---hs---- C:\Program Files\AlbumArt_{793208AE-A9A4-4EFF-A89A-D25C530348C7}_Small.jpg
2008-04-01 16:49:49 4065 ---hs---- C:\Program Files\AlbumArt_{793208AE-A9A4-4EFF-A89A-D25C530348C7}_Large.jpg
2008-04-01 16:49:22 10391 ---hs---- C:\Program Files\AlbumArt_{D2EB3CBD-4AC8-402E-8ED4-5F8F3160F62F}_Large.jpg
2008-04-01 16:49:17 2675 ---hs---- C:\Program Files\AlbumArt_{D2EB3CBD-4AC8-402E-8ED4-5F8F3160F62F}_Small.jpg
2008-04-01 16:48:58 10949 ---hs---- C:\Program Files\AlbumArt_{883BBF7E-CE68-43A9-A75E-621B6AABAB67}_Large.jpg
2008-04-01 16:48:54 2794 ---hs---- C:\Program Files\AlbumArt_{883BBF7E-CE68-43A9-A75E-621B6AABAB67}_Small.jpg
2008-04-01 16:47:24 6616739 --a------ C:\Program Files\Ciara Ft. Ludacris - Oh.mp3
2008-04-01 16:43:46 16068 ---hs---- C:\Program Files\AlbumArt_{613A8D68-9D6B-41DD-A369-4C33DD367B49}_Large.jpg
2008-04-01 16:43:41 3391 ---hs---- C:\Program Files\AlbumArt_{613A8D68-9D6B-41DD-A369-4C33DD367B49}_Small.jpg
2008-04-01 16:42:22 4076677 --a------ C:\Program Files\Ciara - 1,2 Step.mp3
2008-04-01 16:40:33 1845 ---hs---- C:\Program Files\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Small.jpg
2008-04-01 16:40:33 5765 ---hs---- C:\Program Files\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Large.jpg
2008-04-01 16:32:02 8488 ---hs---- C:\Program Files\AlbumArt_{511441A0-1A74-47C2-B05A-04ED681081B8}_Large.jpg
2008-04-01 16:31:59 2631 ---hs---- C:\Program Files\AlbumArt_{511441A0-1A74-47C2-B05A-04ED681081B8}_Small.jpg
2008-04-01 16:31:44 11641 ---hs---- C:\Program Files\AlbumArt_{C3E0B318-4382-4B87-A904-41E1E52DD48B}_Large.jpg
2008-04-01 16:31:40 3036 ---hs---- C:\Program Files\AlbumArt_{C3E0B318-4382-4B87-A904-41E1E52DD48B}_Small.jpg
2008-04-01 16:30:27 12132 ---hs---- C:\Program Files\AlbumArt_{8CDB7DA4-18F9-47AA-A3E0-D400BFD62326}_Large.jpg
2008-04-01 16:29:54 2841 ---hs---- C:\Program Files\AlbumArt_{8CDB7DA4-18F9-47AA-A3E0-D400BFD62326}_Small.jpg
2008-04-01 16:29:25 15347 ---hs---- C:\Program Files\AlbumArt_{6D6C990F-6C33-4E1E-A011-8FF4E076A702}_Large.jpg
2008-04-01 16:29:10 3349 ---hs---- C:\Program Files\AlbumArt_{6D6C990F-6C33-4E1E-A011-8FF4E076A702}_Small.jpg
2008-04-01 16:28:28 9541 ---hs---- C:\Program Files\AlbumArt_{061154BA-DD5D-4D69-B367-26B2A5B5F1CB}_Large.jpg
2008-04-01 16:28:22 2627 ---hs---- C:\Program Files\AlbumArt_{061154BA-DD5D-4D69-B367-26B2A5B5F1CB}_Small.jpg
2008-04-01 16:27:50 14037 ---hs---- C:\Program Files\AlbumArt_{238F310C-5C19-42F8-AE40-7565278F8F3D}_Large.jpg
2008-04-01 16:27:42 3135 ---hs---- C:\Program Files\AlbumArt_{238F310C-5C19-42F8-AE40-7565278F8F3D}_Small.jpg
2008-04-01 16:27:28 9491 ---hs---- C:\Program Files\AlbumArt_{64D3F25A-C6F1-485F-AE15-EE16F7DFF470}_Large.jpg
2008-04-01 16:27:20 2334 ---hs---- C:\Program Files\AlbumArt_{64D3F25A-C6F1-485F-AE15-EE16F7DFF470}_Small.jpg
2008-04-01 16:24:22 5949555 --a------ C:\Program Files\Justin Timberlake - Summer Love.mp3
2008-04-01 16:24:06 4127903 --a------ C:\Program Files\Lenny Kravitz - I Belong To You.mp3
2008-04-01 16:23:42 7676858 --a----c- C:\Program Files\Seether feat. Amy Lee - Broken.mp3
2008-04-01 16:23:36 4419221 --a------ C:\Program Files\Evanescense - My Immortal (Rock Version).mp3
2008-04-01 16:22:54 3775886 --a------ C:\Program Files\The White Stripes - Blue Orchid.mp3
2008-04-01 16:22:47 5421184 --a------ C:\Program Files\Rihanna- Shut up and drive.mp3
2008-04-01 16:22:43 9581225 --a------ C:\Program Files\Rihanna- SOS (Rescue Me).mp3
2008-04-01 16:22:13 8307 ---hs---- C:\Program Files\AlbumArt_{0A6E2A24-BD47-459C-BC1E-9460E8285156}_Large.jpg
2008-04-01 16:21:51 2371 ---hs---- C:\Program Files\AlbumArt_{0A6E2A24-BD47-459C-BC1E-9460E8285156}_Small.jpg
2008-04-01 16:21:46 5549497 --a------ C:\Program Files\Mariah Carey - Don't Forget About Us.mp3
2008-04-01 16:21:43 5819650 --a------ C:\Program Files\Lenny Kravitz - It Ain't Over Till It's Over.mp3
2008-04-01 16:21:26 2783232 --a------ C:\Program Files\Ike and Tina Turner - A Fool in Love (60).mp3
2008-04-01 16:21:17 5347 ---hs---- C:\Program Files\AlbumArt_{866F7EC7-163A-4791-BB41-8081A3C9DF2B}_Large.jpg
2008-04-01 16:21:09 1744 ---hs---- C:\Program Files\AlbumArt_{866F7EC7-163A-4791-BB41-8081A3C9DF2B}_Small.jpg
2008-04-01 16:20:57 7149 ---hs---- C:\Program Files\AlbumArt_{B44A7213-3783-41A0-9E2D-D851FF5C1479}_Large.jpg
2008-04-01 16:20:51 2083 ---hs---- C:\Program Files\AlbumArt_{B44A7213-3783-41A0-9E2D-D851FF5C1479}_Small.jpg
2008-04-01 16:20:10 10579 ---hs---- C:\Program Files\AlbumArt_{F83E2583-9416-44AD-B5BD-5E689602DBCD}_Large.jpg
2008-04-01 16:20:07 2749 ---hs---- C:\Program Files\AlbumArt_{F83E2583-9416-44AD-B5BD-5E689602DBCD}_Small.jpg
2008-04-01 16:19:22 10026 ---hs---- C:\Program Files\AlbumArt_{9FEF1FBB-4727-44EA-B497-1BC2743833B6}_Large.jpg
2008-04-01 16:19:12 2539 ---hs---- C:\Program Files\AlbumArt_{9FEF1FBB-4727-44EA-B497-1BC2743833B6}_Small.jpg
2008-04-01 16:18:30 7305 ---hs---- C:\Program Files\AlbumArt_{45D79EE9-596C-4846-82A1-6871B6CFC192}_Large.jpg
2008-04-01 16:18:21 2016 ---hs---- C:\Program Files\AlbumArt_{45D79EE9-596C-4846-82A1-6871B6CFC192}_Small.jpg
2008-04-01 16:17:30 11334 ---hs---- C:\Program Files\AlbumArt_{DF4D94C2-1291-4A91-A4D5-800D49396CE5}_Large.jpg
2008-04-01 16:17:25 5520963 --a------ C:\Program Files\Evanescence - Call Me When You're Sober.mp3
2008-04-01 16:17:24 2820 ---hs---- C:\Program Files\AlbumArt_{DF4D94C2-1291-4A91-A4D5-800D49396CE5}_Small.jpg
2008-04-01 16:17:22 10445 ---hs---- C:\Program Files\AlbumArt_{5F015CD2-5BEF-483C-BF5F-EBFA1D22897C}_Large.jpg
2008-04-01 16:17:08 2684 ---hs---- C:\Program Files\AlbumArt_{5F015CD2-5BEF-483C-BF5F-EBFA1D22897C}_Small.jpg
2008-04-01 16:16:41 7707 ---hs---- C:\Program Files\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Large.jpg
2008-04-01 16:16:33 1934 ---hs---- C:\Program Files\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Small.jpg
2008-04-01 16:16:19 9003 ---hs---- C:\Program Files\AlbumArt_{30EF0FC0-8791-42E5-BF58-6B57CAC9281D}_Large.jpg
2008-04-01 16:16:15 2716 ---hs---- C:\Program Files\AlbumArt_{30EF0FC0-8791-42E5-BF58-6B57CAC9281D}_Small.jpg
2008-04-01 16:16:14 9795 ---hs---- C:\Program Files\AlbumArt_{9805E048-C781-4D3B-806A-B6FEB1983DFB}_Large.jpg
2008-04-01 16:16:11 2579 ---hs---- C:\Program Files\AlbumArt_{9805E048-C781-4D3B-806A-B6FEB1983DFB}_Small.jpg
2008-04-01 16:16:09 5969991 --a------ C:\Program Files\bow wow & omarion ft. cassidy & soulja boy - girlfriend (remix).mp3
2008-04-01 16:15:10 2346 ---hs---- C:\Program Files\AlbumArt_{8C38898C-735D-4779-BF24-C752EFCAF251}_Small.jpg
2008-04-01 16:15:10 8758 ---hs---- C:\Program Files\AlbumArt_{8C38898C-735D-4779-BF24-C752EFCAF251}_Large.jpg
2008-03-30 20:51:33 8751 ---hs---- C:\Program Files\AlbumArt_{062DE2FA-7DD6-4CC9-825F-E4B1D22B7F47}_Large.jpg
2008-03-30 20:51:25 2518 ---hs---- C:\Program Files\AlbumArt_{062DE2FA-7DD6-4CC9-825F-E4B1D22B7F47}_Small.jpg
2008-03-30 20:50:58 5324426 --a------ C:\Program Files\Amerie - One Thing.mp3
2008-03-30 20:50:56 8253 ---hs---- C:\Program Files\AlbumArt_{DF938B46-CFF3-4CD5-A89C-6D512C696CB9}_Large.jpg
2008-03-30 20:50:55 2404 ---hs---- C:\Program Files\AlbumArt_{DF938B46-CFF3-4CD5-A89C-6D512C696CB9}_Small.jpg
2008-03-30 20:38:53 10143 ---hs---- C:\Program Files\AlbumArt_{CB7FA5C1-DF2B-476E-B474-3BC06AFE7236}_Large.jpg
2008-03-30 20:38:50 2639 ---hs---- C:\Program Files\AlbumArt_{CB7FA5C1-DF2B-476E-B474-3BC06AFE7236}_Small.jpg

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 08:42 PM]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [09/03/2003 09:12 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [07/27/2004 05:50 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 05:50 PM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [01/27/2005 02:02 AM]
"DLCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [06/07/2005 07:38 AM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [02/23/2005 04:19 PM]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [04/08/2006 11:05 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [09/20/2005 09:35 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [09/20/2005 09:32 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 09:36 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/02/2006 08:39 PM]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [05/31/2005 06:33 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [11/15/2007 09:24 AM]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [04/10/2008 03:14 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/13/2008 07:12 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/13/2008 07:12 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc

-- End of Deckard's System Scanner: finished at 2008-06-25 12:45:35 ------------

#4
BHowett

Posted 25 June 2008 - 12:26 PM

OT Moderator

Moderator
4,649 posts

Hi Dazed&Confused08,

You must of all ready had DSS on your system, try this and it should produce both logs

click on Start, click on Run
copy and paste the following in bold in the open window and then click OK
"%userprofile%\desktop\dss.exe" /config
This will open up DSS configuration
click on Check All
click Scan
DSS will now run again when finished
Please post back both logs that open in notepad
Main txt and extra txt

#5
Dazed&Confused08

Posted 25 June 2008 - 12:37 PM

Member

Topic Starter
Member
75 posts

Here they are.

Deckard's System Scanner v20071014.68
Run by Jessica on 2008-06-25 13:30:12
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; unknown error code 0x0000007E

-- Last 5 Restore Point(s) --
63: 2008-06-25 18:30:14 UTC - RP676 - Deckard's System Scanner Restore Point
62: 2008-06-25 16:28:22 UTC - RP675 - After RAM update
61: 2008-06-25 15:59:58 UTC - RP674 - After RAM update
60: 2008-06-24 13:37:39 UTC - RP673 - System Checkpoint
59: 2008-06-23 05:15:39 UTC - RP672 - System Checkpoint

-- First Restore Point --
1: 2008-05-09 21:56:37 UTC - RP614 - System Checkpoint

Performed disk cleanup.

-- HijackThis (run as Jessica.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:30:24 PM, on 6/25/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jessica\desktop\dss.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jessica.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Yahoo! Pool 2 - http://origin.games....ts/y/poti_x.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer....l/installer.exe
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://livewc02.cus...l/java/RntX.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...960/mcfscan.cab
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 7349 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080508-115154-110 O4 - HKCU\..\Run: [Asfmodd] "C:\Program Files\F?nts\r?ndll32.exe"
backup-20080508-115154-271 O2 - BHO: (no name) - {2B277306-7C43-4FF9-AA4E-8E6E9D8E9BB6} - (no file)
backup-20080508-115154-303 O2 - BHO: (no name) - {A08B97A7-DCBA-481A-BBA5-A692C42EDEE4} - (no file)
backup-20080508-115154-373 O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
backup-20080508-115154-481 O2 - BHO: (no name) - {90C6E0BF-882E-47CC-A60C-7946E25380EB} - (no file)
backup-20080508-115154-491 O2 - BHO: (no name) - {1D0B1B2F-4D44-48DC-AE5A-F4BBBAE2A83F} - (no file)
backup-20080508-115154-618 O2 - BHO: (no name) - {F04B6A5A-0B29-45E3-960B-00CB392E79CF} - (no file)
backup-20080508-115154-625 O2 - BHO: (no name) - {ECF8EA6D-8F99-4ABD-A8F5-AF630689D85B} - (no file)
backup-20080508-115154-633 O20 - Winlogon Notify: ljJCVpop - ljJCVpop.dll (file missing)
backup-20080508-115154-637 O2 - BHO: (no name) - {0A6C3BD4-AA0E-45C4-92C8-BAC4D9F3F88D} - (no file)
backup-20080508-115154-666 O2 - BHO: (no name) - {32B02FC3-1237-4FCD-8D12-E5C18723DD1D} - (no file)
backup-20080508-115154-757 O2 - BHO: (no name) - {C6D94EA0-D245-D1C0-44E1-A48F02267DC1} - (no file)
backup-20080508-115154-956 O2 - BHO: (no name) - {CDA1B0C3-EB60-4003-B6E1-72998FA881CC} - (no file)

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
.ini - inifile - shell\open\command - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1
.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*
.txt - txtfile - shell\open\command - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>

S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
S3 dump_wmimmc - c:\ijji\english\u_sf\gameguard\dump_wmimmc.sys (file missing)
S3 NPPTNT2 - c:\windows\system32\npptnt2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Process Modules -------------------------------------------------------------

C:\WINDOWS\system32\winlogon.exe (pid 664)
2008-04-08 21:06:30 100352 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>

C:\WINDOWS\system32\svchost.exe (pid 892)
2008-04-08 21:06:30 100352 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>

C:\WINDOWS\system32\svchost.exe (pid 972)
2008-04-08 21:06:30 100352 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>

C:\WINDOWS\system32\svchost.exe (pid 1068)
2008-04-08 21:06:30 100352 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>

C:\WINDOWS\system32\svchost.exe (pid 1108)
2008-04-08 21:06:30 100352 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>

C:\WINDOWS\system32\svchost.exe (pid 1256)
2008-04-08 21:06:30 100352 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>

C:\WINDOWS\system32\svchost.exe (pid 1368)
2008-04-08 21:06:30 100352 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>

C:\WINDOWS\system32\svchost.exe (pid 1824)
2008-04-08 21:06:30 100352 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>

C:\WINDOWS\explorer.exe (pid 172)
2008-04-08 21:06:30 100352 --a------ C:\Program Files\Spyware Doctor\klg.dat <Not Verified; PC Tools; Spyware Doctor>
2002-07-04 10:38:00 53248 --a------ C:\Program Files\ArcSoft\PhotoImpression 5\Share\PIHook.dll

-- Scheduled Tasks -------------------------------------------------------------

2008-06-18 08:21:04 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

-- Files created between 2008-05-25 and 2008-06-25 -----------------------------

2008-06-24 15:27:35 0 d-------- C:\Documents and Settings\Pimpin Ken\Application Data\Help
2008-06-24 15:25:32 0 d-------- C:\Documents and Settings\Pimpin Ken\Application Data\Corel
2008-06-21 23:54:08 1932 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-05-27 20:18:49 56 -r-hs---- C:\WINDOWS\system32\6709BCCFE0.sys

-- Find3M Report ---------------------------------------------------------------

2008-06-25 12:29:17 0 d-------- C:\Program Files\Dl_cats
2008-06-25 10:57:07 0 d-------- C:\Program Files\Spyware Doctor
2008-06-24 15:34:27 2516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-06-11 19:35:18 383 ---hs---- C:\Program Files\desktop.ini
2008-06-11 19:35:17 10260 ---hs--c- C:\Program Files\Folder.jpg
2008-06-11 19:35:17 10260 ---hs---- C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Large.jpg
2008-06-11 19:35:16 2403 ---hs--c- C:\Program Files\AlbumArtSmall.jpg
2008-06-11 19:35:16 2403 ---hs---- C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Small.jpg
2008-06-02 17:31:40 0 d-------- C:\Program Files\FrostWire
2008-06-02 16:19:20 11087 ---hs---- C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Large.jpg
2008-06-02 16:19:18 2792 ---hs---- C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Small.jpg
2008-05-31 17:58:35 0 d-------- C:\Program Files\VideoLAN
2008-05-31 17:56:18 0 d-------- C:\Program Files\DivX
2008-05-24 20:33:10 0 d-------- C:\Documents and Settings\Jessica\Application Data\FrostWire
2008-05-21 21:32:51 7651584 --a------ C:\Program Files\Phil Collins - Take Me Home (long version).mp3
2008-05-21 21:32:44 4010362 --a------ C:\Program Files\Journey - Don't Stop Beleiving.MP3
2008-05-21 21:32:38 5291083 --a------ C:\Program Files\Maroon five - Rag Doll.mp3
2008-05-21 21:31:09 9276 ---hs---- C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Large.jpg
2008-05-21 21:31:08 2353 ---hs---- C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Small.jpg
2008-05-21 16:04:44 0 d-------- C:\Documents and Settings\Jessica\Application Data\Adobe
2008-05-09 17:56:58 0 d-------- C:\Program Files\Messenger
2008-05-09 17:56:17 0 d-------- C:\Program Files\Movie Maker
2008-05-09 17:51:22 0 d-------- C:\Program Files\Windows NT
2008-05-09 16:47:47 0 d-------- C:\Program Files\Java
2008-05-09 14:37:20 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-09 14:26:02 0 d-------- C:\Program Files\Yahoo! Games
2008-05-08 15:13:31 0 d-------- C:\Documents and Settings\Jessica\Application Data\Malwarebytes
2008-05-08 15:06:20 0 d-------- C:\Program Files\Common Files
2008-05-08 11:47:18 0 d-------- C:\Program Files\Trend Micro
2008-05-05 19:10:30 0 d-------- C:\Program Files\Mozilla Firefox(2)
2008-05-04 14:44:56 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-04-29 14:41:08 0 d-------- C:\Documents and Settings\Jessica\Application Data\Move Networks
2008-04-27 22:45:36 0 d-------- C:\Program Files\Google
2008-04-27 12:33:26 0 d-------- C:\Program Files\Common Files\PC Tools
2008-04-27 02:24:04 0 d-------- C:\Documents and Settings\Jessica\Application Data\PC Tools
2008-04-24 08:10:33 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-04-23 22:14:09 82944 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-23 22:14:09 82944 --a------ C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-04-23 17:13:12 7700480 --a------ C:\Program Files\Pharell Williams, P Diddy, Lenny Kravitz - Show Me Your Soul.mp3
2008-04-23 16:59:04 3973854 --a------ C:\Program Files\Nickelback - Photogragh.mp3
2008-04-23 16:58:05 7026578 --a------ C:\Program Files\Sade - King Of Sorrow.mp3
2008-04-23 16:58:03 5163662 --a------ C:\Program Files\Phil Collins - You'll Be In My Heart.mp3
2008-04-23 16:57:59 1783510 --a------ C:\Program Files\Nsync - Something Like You.mp3
2008-04-23 16:57:56 6253434 --a------ C:\Program Files\Nsync - Selfish.mp3
2008-04-23 16:57:54 12616 ---hs---- C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Large.jpg
2008-04-23 16:57:51 3240030 --a------ C:\Program Files\Nsync - I thought she knew.mp3
2008-04-23 16:57:47 7411508 --a------ C:\Program Files\Musiq Soulchild - Dont Change.mp3
2008-04-23 16:57:46 3274 ---hs---- C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Small.jpg
2008-04-23 16:57:44 16056 ---hs---- C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Large.jpg
2008-04-23 16:57:41 5536958 --a------ C:\Program Files\Dixie Chicks - Landslide.mp3
2008-04-23 16:57:40 3591 ---hs---- C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Small.jpg
2008-04-16 16:27:27 125999092 --a------ C:\Program Files\Harvey Birdman Attorney at Law - 103 - Death By Chocolate.mpg
2008-04-16 14:55:26 121189628 --a------ C:\Program Files\Harvey Birdman Attorney at Law - 109 - Blackwatch Plaid.mpg
2008-04-14 22:59:43 11196 ---hs---- C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Large.jpg
2008-04-14 22:59:38 2375 ---hs---- C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Small.jpg
2008-04-14 22:59:26 3325369 --a------ C:\Program Files\Fall Out Boy - Get Busy Living Or Get Busy Dying.mp3
2008-04-14 22:59:17 11493 ---hs---- C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Large.jpg
2008-04-14 22:59:14 2800 ---hs---- C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Small.jpg
2008-04-14 22:58:01 4321454 --a------ C:\Program Files\Maroon 5 - Shiver.mp3
2008-04-14 22:57:25 3473 ---hs---- C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Small.jpg
2008-04-14 22:57:25 15403 ---hs---- C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Large.jpg
2008-04-13 17:42:37 4687039 --a------ C:\Program Files\Stained - Outside.mp3
2008-04-13 17:42:37 7216224 --a------ C:\Program Files\Jordan Sparks feat. Chris Brown - No Air.mp3
2008-04-13 17:42:36 4392667 --a------ C:\Program Files\Sade- By Your Side.mp3
2008-04-13 17:42:35 5196894 --a------ C:\Program Files\Puddle Of Mudd - She Hates Me.mp3
2008-04-13 17:42:35 8944288 --a------ C:\Program Files\P-Diddy feat. Keisha Cole- Last night.mp3
2008-04-13 17:42:34 5521441 --a------ C:\Program Files\Nelly Furtado - Maneater.mp3
2008-04-13 17:42:33 6452185 --a------ C:\Program Files\Musiq Soulchild - Teach me(1).mp3
2008-04-13 17:42:32 4423680 --a------ C:\Program Files\Mary J. Blige feat. Ja Rule - Rainy Days.mp3
2008-04-13 17:42:31 5612458 --a------ C:\Program Files\Marron 5 - Wake Up Call.mp3
2008-04-13 17:42:30 6148720 --a------ C:\Program Files\Maroon 5- Goodnight Goodnight.mp3
2008-04-13 17:42:29 5776567 --a------ C:\Program Files\Maroon 5 - Won't Go Home Without You.mp3
2008-04-13 17:42:27 5072281 --a------ C:\Program Files\Maroon 5 - Makes Me Wonder .mp3
2008-04-13 17:42:26 3737213 --a------ C:\Program Files\Maroon 5 - Little Of Your Time.mp3
2008-04-13 17:42:25 5322252 --a------ C:\Program Files\Maroon 5 - Kiwi.mp3
2008-04-13 17:42:23 6760771 --a------ C:\Program Files\Maroon 5 - Infatuation.mp3
2008-04-13 17:42:22 2170374 --a------ C:\Program Files\Maroon 5 - Can't Stop.mp3
2008-04-13 17:42:21 3010658 --a------ C:\Program Files\Maroon 5 - Back At Your Door.mp3
2008-04-13 17:42:20 5123792 --a------ C:\Program Files\Madonna - Ray of Light.mp3
2008-04-13 17:42:18 6299828 --a------ C:\Program Files\Lenny Kravitz- Again.mp3
2008-04-13 17:42:17 3500245 --a------ C:\Program Files\J.Holiday - Suffocate.mp3
2008-04-13 17:42:15 7605857 --a------ C:\Program Files\Gwen Steffani - Wind It Up.mp3
2008-04-13 17:42:13 4681228 --a------ C:\Program Files\Fuel - Bad Day.mp3
2008-04-13 17:42:12 5558400 --a------ C:\Program Files\Fat Boy Slim - Wonderful Night.mp3
2008-04-13 17:42:09 3602528 --a------ C:\Program Files\Dream - He Loves U Not.mp3
2008-04-13 17:42:08 5095802 --a------ C:\Program Files\Dido- Here With Me.mp3
2008-04-13 17:42:06 5176104 --a------ C:\Program Files\Dido - White Flag.mp3
2008-04-13 17:42:00 4028416 --a------ C:\Program Files\Christina Aguilera & Ricky Martin - Nobody Wants to Be Lonely.mp3
2008-04-13 17:41:57 11819 ---hs---- C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Large.jpg
2008-04-13 17:41:54 4285891 --a------ C:\Program Files\Aretha Franklin (feat. Lauryn Hill) - A Rose Is Still A Rose.mp3
2008-04-13 17:41:50 2567 ---hs---- C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Small.jpg
2008-04-13 17:31:53 5396087 --a------ C:\Program Files\Elisa - Dancing.mp3
2008-04-13 17:31:12 3021212 --a------ C:\Program Files\Journey - When The Lights Go Down In The City.mp3
2008-04-13 17:31:08 11644 ---hs---- C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Large.jpg
2008-04-13 17:30:59 2989 ---hs---- C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Small.jpg
2008-04-13 17:30:45 4956507 --a------ C:\Program Files\Switchfoot - I Dare You To Move (A Walk To Remember Soundtrack)(1).mp3
2008-04-13 17:30:40 12512 ---hs---- C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Large.jpg
2008-04-13 17:30:26 2893 ---hs---- C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Small.jpg
2008-04-13 17:29:46 1972 ---hs---- C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Small.jpg
2008-04-13 17:29:46 8989 ---hs---- C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Large.jpg
2008-04-13 17:29:32 9939 ---hs---- C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Large.jpg
2008-04-13 17:29:17 2499 ---hs---- C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Small.jpg
2008-04-13 17:27:55 2785784 --a------ C:\Program Files\Maroon 5 - Harder To Breathe.mp3
2008-04-13 17:25:41 10259 ---hs---- C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Large.jpg
2008-04-13 17:25:28 2552 ---hs---- C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Small.jpg
2008-04-13 17:25:09 8655 ---hs---- C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Large.jpg
2008-04-13 17:24:52 2579 ---hs---- C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Small.jpg
2008-04-13 17:24:38 10032 ---hs---- C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Large.jpg
2008-04-13 17:24:29 2390 ---hs---- C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Small.jpg
2008-04-13 17:23:53 7364 ---hs---- C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Large.jpg
2008-04-13 17:23:43 3354004 --a------ C:\Program Files\Maroon 5 - Simple Kind of Lovely.mp3
2008-04-13 17:23:37 2187 ---hs---- C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Small.jpg
2008-04-13 17:23:13 10040 ---hs---- C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Large.jpg
2008-04-13 17:22:59 2625 ---hs---- C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Small.jpg
2008-04-13 17:20:22 11795 ---hs---- C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Large.jpg
2008-04-13 17:20:18 2982 ---hs---- C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Small.jpg
2008-04-13 17:19:33 4548903 --a------ C:\Program Files\Madonna Feat Justin Timberlake & Timbaland-4 Minutes.mp3
2008-04-13 17:19:26 9542 ---hs---- C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Large.jpg
2008-04-13 17:19:18 2353 ---hs---- C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Small.jpg
2008-04-13 17:18:53 9449 ---hs---- C:\Program Files\AlbumArt_{AE85E330-21BE-4D3D-9954-75312FFF543E}_Large.jpg
2008-04-13 17:18:43 2429 ---hs---- C:\Program Files\AlbumArt_{AE85E330-21BE-4D3D-9954-75312FFF543E}_Small.jpg
2008-04-13 17:18:29 7783 ---hs---- C:\Program Files\AlbumArt_{A158502E-D531-4BC9-966B-5CFC0EEE8D9D}_Large.jpg
2008-04-13 17:18:21 2219 ---hs---- C:\Program Files\AlbumArt_{A158502E-D531-4BC9-966B-5CFC0EEE8D9D}_Small.jpg
2008-04-13 17:18:00 9173 ---hs---- C:\Program Files\AlbumArt_{5BA158BA-1376-4B75-9912-3EADD5C69625}_Large.jpg
2008-04-13 17:17:56 2403 ---hs---- C:\Program Files\AlbumArt_{5BA158BA-1376-4B75-9912-3EADD5C69625}_Small.jpg
2008-04-13 17:17:40 8798 ---hs---- C:\Program Files\AlbumArt_{9EBDBA08-AE07-4F77-A6CD-6E5E0E8FFE71}_Large.jpg
2008-04-13 17:17:34 2388 ---hs---- C:\Program Files\AlbumArt_{9EBDBA08-AE07-4F77-A6CD-6E5E0E8FFE71}_Small.jpg
2008-04-13 17:17:26 10291 ---hs---- C:\Program Files\AlbumArt_{A656F895-F50C-43C6-815D-1000CCE2C02C}_Large.jpg
2008-04-13 17:17:21 2765 ---hs---- C:\Program Files\AlbumArt_{A656F895-F50C-43C6-815D-1000CCE2C02C}_Small.jpg
2008-04-13 17:17:04 12196 ---hs---- C:\Program Files\AlbumArt_{6F5AD8DD-5286-4BD4-ABAC-39B30077C604}_Large.jpg
2008-04-13 17:17:01 3024 ---hs---- C:\Program Files\AlbumArt_{6F5AD8DD-5286-4BD4-ABAC-39B30077C604}_Small.jpg
2008-04-13 17:16:31 3208853 --a------ C:\Program Files\Fall Out Boy-This Aint A Scene, Its An Arms Race.mp3
2008-04-13 17:16:05 10044 ---hs---- C:\Program Files\AlbumArt_{20EEE73E-5BD8-4F6F-8B04-8FDB3C988089}_Large.jpg
2008-04-13 17:15:56 2509 ---hs---- C:\Program Files\AlbumArt_{20EEE73E-5BD8-4F6F-8B04-8FDB3C988089}_Small.jpg
2008-04-13 17:15:41 7954 ---hs---- C:\Program Files\AlbumArt_{B6287462-6DFF-464A-89FD-B0867AB749E3}_Large.jpg
2008-04-13 17:15:33 2095 ---hs---- C:\Program Files\AlbumArt_{B6287462-6DFF-464A-89FD-B0867AB749E3}_Small.jpg
2008-04-13 17:15:15 8915 ---hs---- C:\Program Files\AlbumArt_{38EA4E20-F84E-4BA2-9B46-7CE9BA2863A4}_Large.jpg
2008-04-13 17:15:09 2412 ---hs---- C:\Program Files\AlbumArt_{38EA4E20-F84E-4BA2-9B46-7CE9BA2863A4}_Small.jpg
2008-04-13 17:15:06 8814 ---hs---- C:\Program Files\AlbumArt_{F93F3FAD-2F98-48F1-870E-9AD9F9E6E2E5}_Large.jpg
2008-04-13 17:14:59 2175 ---hs---- C:\Program Files\AlbumArt_{F93F3FAD-2F98-48F1-870E-9AD9F9E6E2E5}_Small.jpg
2008-04-13 17:14:39 8574 ---hs---- C:\Program Files\AlbumArt_{0C5915AB-BCCE-4C76-B3B0-BC59D1CC4A1B}_Large.jpg
2008-04-13 17:14:38 2389 ---hs---- C:\Program Files\AlbumArt_{0C5915AB-BCCE-4C76-B3B0-BC59D1CC4A1B}_Small.jpg
2008-04-13 17:14:19 7495 ---hs---- C:\Program Files\AlbumArt_{08098882-E0B2-43A9-942F-12F923FF5998}_Large.jpg
2008-04-13 17:14:18 2229 ---hs---- C:\Program Files\AlbumArt_{08098882-E0B2-43A9-942F-12F923FF5998}_Small.jpg
2008-04-09 23:11:17 8412 ---hs---- C:\Program Files\AlbumArt_{41E88225-A345-4F9B-ABCC-68C71057C919}_Large.jpg
2008-04-09 23:11:15 2401 ---hs---- C:\Program Files\AlbumArt_{41E88225-A345-4F9B-ABCC-68C71057C919}_Small.jpg
2008-04-09 23:10:03 10506 ---hs---- C:\Program Files\AlbumArt_{F1F9DFCC-4E07-48F7-A59D-E4743097ABEE}_Large.jpg
2008-04-09 23:10:02 2888 ---hs---- C:\Program Files\AlbumArt_{F1F9DFCC-4E07-48F7-A59D-E4743097ABEE}_Small.jpg
2008-04-09 18:49:54 6624121 --a------ C:\Program Files\Red Hot Chilli Peppers - Cant Stop.mp3
2008-04-09 18:49:52 4126229 --a------ C:\Program Files\Red Hot Chili Peppers - By The Way.mp3
2008-04-09 18:49:50 5014693 --a------ C:\Program Files\Red Hot Chili Peppers- Dani California.mp3
2008-04-09 18:49:49 6069036 --a------ C:\Program Files\R.Kelly - If I turn back the hands of time.mp3
2008-04-09 18:49:47 5927616 --a------ C:\Program Files\Fergie-Clumsy.mp3
2008-04-09 18:49:45 5759178 --a------ C:\Program Files\Ciara - Like A Boy.mp3
2008-04-09 18:49:44 3556731 --a------ C:\Program Files\Ciara - My Goodies.mp3
2008-04-09 18:49:43 7341251 --a------ C:\Program Files\Justin Timberlake - Chop Me Up (ft. Timbaland & Three 6 Mafia).mp3
2008-04-09 18:49:41 3084002 --a------ C:\Program Files\Dream - This Is Me.mp3
2008-04-09 18:49:40 3873114 --a------ C:\Program Files\Queen (with David Bowie) - Under Pressure.mp3
2008-04-09 18:49:39 8337076 --a------ C:\Program Files\Prince - Purple Rain.mp3
2008-04-09 18:49:37 4966601 --a------ C:\Program Files\Prince - When the Doves Cry.mp3
2008-04-09 18:49:32 6139150 --a----c- C:\Program Files\Lenny Kravitz - Lady.mp3
2008-04-09 18:49:31 6237818 --a------ C:\Program Files\Lenny Kravitz - American Woman.mp3
2008-04-09 18:49:30 4886669 --a------ C:\Program Files\Jamiroquai - You Give Me Something.mp3
2008-04-09 18:49:29 5132288 --a------ C:\Program Files\Jamiroquai - Feels So Good.mp3
2008-04-09 18:49:27 5571440 --a------ C:\Program Files\Fantasia Barrino - Got Me Waiting.mp3
2008-04-09 18:49:26 3386484 --a------ C:\Program Files\Nickelback - Leader of Men.mp3
2008-04-09 18:49:26 5101696 --a------ C:\Program Files\Madonna - Die Another Day (James Bond Theme).mp3
2008-04-01 16:57:39 3828437 --a------ C:\Program Files\Jamiroquai - Little L.mp3
2008-04-01 16:57:35 5622768 --a------ C:\Program Files\Carrie Underwood - Before He Cheats.Mp3
2008-04-01 16:51:48 4233647 --a------ C:\Program Files\Red Hot Chilli Peppers - City of Angels.mp3
2008-04-01 16:50:58 8550 ---hs---- C:\Program Files\AlbumArt_{2C37F23F-6CEA-4CBC-B2F9-BE20D211E5EC}_Large.jpg
2008-04-01 16:50:51 2333 ---hs---- C:\Program Files\AlbumArt_{2C37F23F-6CEA-4CBC-B2F9-BE20D211E5EC}_Small.jpg
2008-04-01 16:50:47 8506942 --a------ C:\Program Files\Ciara - Get Up.mp3
2008-04-01 16:50:36 8284 ---hs---- C:\Program Files\AlbumArt_{CAD8CB3D-A890-40E1-8D5C-ACA336C6D779}_Large.jpg
2008-04-01 16:50:34 2389 ---hs---- C:\Program Files\AlbumArt_{CAD8CB3D-A890-40E1-8D5C-ACA336C6D779}_Small.jpg
2008-04-01 16:49:49 1492 ---hs---- C:\Program Files\AlbumArt_{793208AE-A9A4-4EFF-A89A-D25C530348C7}_Small.jpg
2008-04-01 16:49:49 4065 ---hs---- C:\Program Files\AlbumArt_{793208AE-A9A4-4EFF-A89A-D25C530348C7}_Large.jpg
2008-04-01 16:49:22 10391 ---hs---- C:\Program Files\AlbumArt_{D2EB3CBD-4AC8-402E-8ED4-5F8F3160F62F}_Large.jpg
2008-04-01 16:49:17 2675 ---hs---- C:\Program Files\AlbumArt_{D2EB3CBD-4AC8-402E-8ED4-5F8F3160F62F}_Small.jpg
2008-04-01 16:48:58 10949 ---hs---- C:\Program Files\AlbumArt_{883BBF7E-CE68-43A9-A75E-621B6AABAB67}_Large.jpg
2008-04-01 16:48:54 2794 ---hs---- C:\Program Files\AlbumArt_{883BBF7E-CE68-43A9-A75E-621B6AABAB67}_Small.jpg
2008-04-01 16:47:24 6616739 --a------ C:\Program Files\Ciara Ft. Ludacris - Oh.mp3
2008-04-01 16:43:46 16068 ---hs---- C:\Program Files\AlbumArt_{613A8D68-9D6B-41DD-A369-4C33DD367B49}_Large.jpg
2008-04-01 16:43:41 3391 ---hs---- C:\Program Files\AlbumArt_{613A8D68-9D6B-41DD-A369-4C33DD367B49}_Small.jpg
2008-04-01 16:42:22 4076677 --a------ C:\Program Files\Ciara - 1,2 Step.mp3
2008-04-01 16:40:33 1845 ---hs---- C:\Program Files\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Small.jpg
2008-04-01 16:40:33 5765 ---hs---- C:\Program Files\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Large.jpg
2008-04-01 16:32:02 8488 ---hs---- C:\Program Files\AlbumArt_{511441A0-1A74-47C2-B05A-04ED681081B8}_Large.jpg
2008-04-01 16:31:59 2631 ---hs---- C:\Program Files\AlbumArt_{511441A0-1A74-47C2-B05A-04ED681081B8}_Small.jpg
2008-04-01 16:31:44 11641 ---hs---- C:\Program Files\AlbumArt_{C3E0B318-4382-4B87-A904-41E1E52DD48B}_Large.jpg
2008-04-01 16:31:40 3036 ---hs---- C:\Program Files\AlbumArt_{C3E0B318-4382-4B87-A904-41E1E52DD48B}_Small.jpg
2008-04-01 16:30:27 12132 ---hs---- C:\Program Files\AlbumArt_{8CDB7DA4-18F9-47AA-A3E0-D400BFD62326}_Large.jpg
2008-04-01 16:29:54 2841 ---hs---- C:\Program Files\AlbumArt_{8CDB7DA4-18F9-47AA-A3E0-D400BFD62326}_Small.jpg
2008-04-01 16:29:25 15347 ---hs---- C:\Program Files\AlbumArt_{6D6C990F-6C33-4E1E-A011-8FF4E076A702}_Large.jpg
2008-04-01 16:29:10 3349 ---hs---- C:\Program Files\AlbumArt_{6D6C990F-6C33-4E1E-A011-8FF4E076A702}_Small.jpg
2008-04-01 16:28:28 9541 ---hs---- C:\Program Files\AlbumArt_{061154BA-DD5D-4D69-B367-26B2A5B5F1CB}_Large.jpg
2008-04-01 16:28:22 2627 ---hs---- C:\Program Files\AlbumArt_{061154BA-DD5D-4D69-B367-26B2A5B5F1CB}_Small.jpg
2008-04-01 16:27:50 14037 ---hs---- C:\Program Files\AlbumArt_{238F310C-5C19-42F8-AE40-7565278F8F3D}_Large.jpg
2008-04-01 16:27:42 3135 ---hs---- C:\Program Files\AlbumArt_{238F310C-5C19-42F8-AE40-7565278F8F3D}_Small.jpg
2008-04-01 16:27:28 9491 ---hs---- C:\Program Files\AlbumArt_{64D3F25A-C6F1-485F-AE15-EE16F7DFF470}_Large.jpg
2008-04-01 16:27:20 2334 ---hs---- C:\Program Files\AlbumArt_{64D3F25A-C6F1-485F-AE15-EE16F7DFF470}_Small.jpg
2008-04-01 16:24:22 5949555 --a------ C:\Program Files\Justin Timberlake - Summer Love.mp3
2008-04-01 16:24:06 4127903 --a------ C:\Program Files\Lenny Kravitz - I Belong To You.mp3
2008-04-01 16:23:42 7676858 --a----c- C:\Program Files\Seether feat. Amy Lee - Broken.mp3
2008-04-01 16:23:36 4419221 --a------ C:\Program Files\Evanescense - My Immortal (Rock Version).mp3
2008-04-01 16:22:54 3775886 --a------ C:\Program Files\The White Stripes - Blue Orchid.mp3
2008-04-01 16:22:47 5421184 --a------ C:\Program Files\Rihanna- Shut up and drive.mp3
2008-04-01 16:22:43 9581225 --a------ C:\Program Files\Rihanna- SOS (Rescue Me).mp3
2008-04-01 16:22:13 8307 ---hs---- C:\Program Files\AlbumArt_{0A6E2A24-BD47-459C-BC1E-9460E8285156}_Large.jpg
2008-04-01 16:21:51 2371 ---hs---- C:\Program Files\AlbumArt_{0A6E2A24-BD47-459C-BC1E-9460E8285156}_Small.jpg
2008-04-01 16:21:46 5549497 --a------ C:\Program Files\Mariah Carey - Don't Forget About Us.mp3
2008-04-01 16:21:43 5819650 --a------ C:\Program Files\Lenny Kravitz - It Ain't Over Till It's Over.mp3
2008-04-01 16:21:26 2783232 --a------ C:\Program Files\Ike and Tina Turner - A Fool in Love (60).mp3
2008-04-01 16:21:17 5347 ---hs---- C:\Program Files\AlbumArt_{866F7EC7-163A-4791-BB41-8081A3C9DF2B}_Large.jpg
2008-04-01 16:21:09 1744 ---hs---- C:\Program Files\AlbumArt_{866F7EC7-163A-4791-BB41-8081A3C9DF2B}_Small.jpg
2008-04-01 16:20:57 7149 ---hs---- C:\Program Files\AlbumArt_{B44A7213-3783-41A0-9E2D-D851FF5C1479}_Large.jpg
2008-04-01 16:20:51 2083 ---hs---- C:\Program Files\AlbumArt_{B44A7213-3783-41A0-9E2D-D851FF5C1479}_Small.jpg
2008-04-01 16:20:10 10579 ---hs---- C:\Program Files\AlbumArt_{F83E2583-9416-44AD-B5BD-5E689602DBCD}_Large.jpg
2008-04-01 16:20:07 2749 ---hs---- C:\Program Files\AlbumArt_{F83E2583-9416-44AD-B5BD-5E689602DBCD}_Small.jpg
2008-04-01 16:19:22 10026 ---hs---- C:\Program Files\AlbumArt_{9FEF1FBB-4727-44EA-B497-1BC2743833B6}_Large.jpg
2008-04-01 16:19:12 2539 ---hs---- C:\Program Files\AlbumArt_{9FEF1FBB-4727-44EA-B497-1BC2743833B6}_Small.jpg
2008-04-01 16:18:30 7305 ---hs---- C:\Program Files\AlbumArt_{45D79EE9-596C-4846-82A1-6871B6CFC192}_Large.jpg
2008-04-01 16:18:21 2016 ---hs---- C:\Program Files\AlbumArt_{45D79EE9-596C-4846-82A1-6871B6CFC192}_Small.jpg
2008-04-01 16:17:30 11334 ---hs---- C:\Program Files\AlbumArt_{DF4D94C2-1291-4A91-A4D5-800D49396CE5}_Large.jpg
2008-04-01 16:17:25 5520963 --a------ C:\Program Files\Evanescence - Call Me When You're Sober.mp3
2008-04-01 16:17:24 2820 ---hs---- C:\Program Files\AlbumArt_{DF4D94C2-1291-4A91-A4D5-800D49396CE5}_Small.jpg
2008-04-01 16:17:22 10445 ---hs---- C:\Program Files\AlbumArt_{5F015CD2-5BEF-483C-BF5F-EBFA1D22897C}_Large.jpg
2008-04-01 16:17:08 2684 ---hs---- C:\Program Files\AlbumArt_{5F015CD2-5BEF-483C-BF5F-EBFA1D22897C}_Small.jpg
2008-04-01 16:16:41 7707 ---hs---- C:\Program Files\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Large.jpg
2008-04-01 16:16:33 1934 ---hs---- C:\Program Files\AlbumArt_{6BA74C58-F81B-451B-AA2E-F472DEC1E918}_Small.jpg
2008-04-01 16:16:19 9003 ---hs---- C:\Program Files\AlbumArt_{30EF0FC0-8791-42E5-BF58-6B57CAC9281D}_Large.jpg
2008-04-01 16:16:15 2716 ---hs---- C:\Program Files\AlbumArt_{30EF0FC0-8791-42E5-BF58-6B57CAC9281D}_Small.jpg
2008-04-01 16:16:14 9795 ---hs---- C:\Program Files\AlbumArt_{9805E048-C781-4D3B-806A-B6FEB1983DFB}_Large.jpg
2008-04-01 16:16:11 2579 ---hs---- C:\Program Files\AlbumArt_{9805E048-C781-4D3B-806A-B6FEB1983DFB}_Small.jpg
2008-04-01 16:16:09 5969991 --a------ C:\Program Files\bow wow & omarion ft. cassidy & soulja boy - girlfriend (remix).mp3
2008-04-01 16:15:10 2346 ---hs---- C:\Program Files\AlbumArt_{8C38898C-735D-4779-BF24-C752EFCAF251}_Small.jpg
2008-04-01 16:15:10 8758 ---hs---- C:\Program Files\AlbumArt_{8C38898C-735D-4779-BF24-C752EFCAF251}_Large.jpg
2008-03-30 20:51:33 8751 ---hs---- C:\Program Files\AlbumArt_{062DE2FA-7DD6-4CC9-825F-E4B1D22B7F47}_Large.jpg
2008-03-30 20:51:25 2518 ---hs---- C:\Program Files\AlbumArt_{062DE2FA-7DD6-4CC9-825F-E4B1D22B7F47}_Small.jpg
2008-03-30 20:50:58 5324426 --a------ C:\Program Files\Amerie - One Thing.mp3
2008-03-30 20:50:56 8253 ---hs---- C:\Program Files\AlbumArt_{DF938B46-CFF3-4CD5-A89C-6D512C696CB9}_Large.jpg
2008-03-30 20:50:55 2404 ---hs---- C:\Program Files\AlbumArt_{DF938B46-CFF3-4CD5-A89C-6D512C696CB9}_Small.jpg
2008-03-30 20:38:53 10143 ---hs---- C:\Program Files\AlbumArt_{CB7FA5C1-DF2B-476E-B474-3BC06AFE7236}_Large.jpg
2008-03-30 20:38:50 2639 ---hs---- C:\Program Files\AlbumArt_{CB7FA5C1-DF2B-476E-B474-3BC06AFE7236}_Small.jpg

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 08:42 PM]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [09/03/2003 09:12 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [07/27/2004 05:50 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 05:50 PM]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [01/27/2005 02:02 AM]
"DLCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [06/07/2005 07:38 AM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [02/23/2005 04:19 PM]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [04/08/2006 11:05 PM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [09/20/2005 09:35 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [09/20/2005 09:32 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 09:36 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/02/2006 08:39 PM]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [05/31/2005 06:33 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 11:16 PM]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [11/15/2007 09:24 AM]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [04/10/2008 03:14 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/13/2008 07:12 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/13/2008 07:12 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc

-- End of Deckard's System Scanner: finished at 2008-06-25 13:36:16 ------------

#6
Dazed&Confused08

Posted 25 June 2008 - 12:38 PM

Member

Topic Starter
Member
75 posts

Here is my extra.txt

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: English

CPU 0: Intel® Celeron® CPU 2.53GHz
Percentage of Memory in Use: 31%
Physical Memory (total/avail): 1277.98 MiB / 881.26 MiB
Pagefile Memory (total/avail): 1516.96 MiB / 1127.91 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1888.83 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 71.46 GiB total, 41.77 GiB free.
D: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST380011A - 74.5 GiB - 3 partitions
\PARTITION0 - Unknown - 39.19 MiB
\PARTITION1 (bootable) - Installable File System - 71.46 GiB - C:
\PARTITION2 - Unknown - 3 GiB

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Jessica\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_09\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=JESS
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Jessica
LOGONSERVER=\\JESS
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_09\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Jessica\LOCALS~1\Temp
TMP=C:\DOCUME~1\Jessica\LOCALS~1\Temp
USERDOMAIN=JESS
USERNAME=Jessica
USERPROFILE=C:\Documents and Settings\Jessica
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

Jessica (admin)
kiwana
Vickey.JESS
Pimpin Ken
Administrator (admin)
Guest (guest)

-- Add/Remove Programs ---------------------------------------------------------

--> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
--> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x9 UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
924PLC32 --> MsiExec.exe /I{94721EA3-7EA6-43EA-B99C-A5D0E3C66240}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
AOLIcon --> MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
Apple Software Update --> MsiExec.exe /I{55FA89BD-21D3-42F7-9249-C94C0094A83C}
Banctec Service Agreement --> MsiExec.exe /X{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}
CardRd81 --> MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6}
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
CR2 --> MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0}
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Media Experience --> MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
Dell Photo AIO Printer 924 --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\dlccUNST.EXE -NOLICENSE
Dell Support Center --> MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Content Portal --> MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
EA Download Manager --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1033
ebgcInfra --> MsiExec.exe /X{39B1BD87-561E-4762-AED9-7C5213B06C24}
ebgcRes --> MsiExec.exe /X{5380B111-5047-413D-A6E5-70D69391D08E}
ebgcSDK --> MsiExec.exe /X{13AD768A-9E04-499D-AE80-967A65DCCBA5}
EducateU --> MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
ESSTUTOR --> MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567}
ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot --> MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
FrostWire 4.13.5 --> C:\Program Files\FrostWire\Uninstall.exe
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HLPIndex --> MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE}
HLPPDOCK --> MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
HLPRFO --> MsiExec.exe /I{AADAC983-FDE9-42FA-8FD9-7BB324155593}
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel® 537EP V9x DF PCI Modem --> rundll32 IntelCci.dll,iSMUninstallation "Intel® 537EP V9x DF PCI Modem"
Intel® Extreme Graphics 2 Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel® PRO Network Adapters and Drivers --> Prounstl.exe
Intel® PROSet for Wired Connections --> MsiExec.exe /I{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}
Internet Explorer Default Page --> MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
Java™ 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140011_b14cea\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Modem Event Monitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}\setup.exe" -l0x9
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
Modem On Hold --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Jessica\Application Data\Move Networks\ie_bin\Uninst.exe
MySpaceIM --> C:\Program Files\MySpace\IM\Uninstall.exe
Netflix Movie Viewer --> MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OpenMG Secure Module 4.0.05 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{BB92E35A-F5B8-4D59-90F3-CF863871BCF3} /l1033 UNINSTALL
OTtBP --> MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK --> MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
Polaroid Digital Cam --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4CB7852-8308-4BBB-AF7D-48F073B58507}\Setup.exe" -l0x9
PowerDVD 5.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
RealArcade --> C:\Program Files\Real\RealArcade\Update\rnuninst.exe RealNetworks|RealArcade|1.2
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Registry Mechanic 7.0 --> "C:\Program Files\Registry Mechanic\unins000.exe"
SBC Yahoo! Base Components --> C:\PROGRA~1\Yahoo!\Common\unybase.exe
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow Audio --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SonicStage 2.3.00 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}\setup.exe" -l0x9 UNINSTALL
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
The Sims Deluxe Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10798AE3-DCBB-43C3-9C93-C23512427E25}\setup.exe" -l0009
The Sims™ 2 Deluxe --> C:\Program Files\EA GAMES\The Sims 2 Deluxe\EAUninstall.exe
VideoLAN VLC media player 0.8.6f --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
WebCyberCoach 3.2 Dell --> "C:\Program Files\WebCyberCoach\b_Dell\WCC_Wipe.exe" "WebCyberCoach ext\wtrb" /inf "engine.inf,RealUninstallSection,,4" /infcfg "enginecf.inf,RealUninstallSection,,4"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}

-- Application Event Log -------------------------------------------------------

Event Record #/Type2043 / Error
Event Submitted/Written: 06/25/2008 00:33:53 PM
Event ID/Source: 1001 / Application Hang
Event Description:
Fault bucket 382425709.

Event Record #/Type2042 / Error
Event Submitted/Written: 06/25/2008 00:33:50 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application ATF-Cleaner[1].exe, version 3.0.0.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type2041 / Warning
Event Submitted/Written: 06/25/2008 11:38:46 AM
Event ID/Source: 4353 / EventSystem
Event Description:
The COM+ Event System attempted to fire the EventObjectChange::ChangedSubscription event but received a bad return code. HRESULT was 80040201.

Event Record #/Type2039 / Warning
Event Submitted/Written: 06/25/2008 11:38:46 AM
Event ID/Source: 4356 / EventSystem
Event Description:
The COM+ Event System failed to create an instance of the subscriber partition:{41E90F3E-56C1-4633-81C3-6E8BAC8BDD70}!new:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}. CoGetObject returned HRESULT 800401E4.

Event Record #/Type2038 / Warning
Event Submitted/Written: 06/25/2008 11:38:46 AM
Event ID/Source: 4353 / EventSystem
Event Description:
The COM+ Event System attempted to fire the EventObjectChange::ChangedSubscription event but received a bad return code. HRESULT was 80040201.

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type7343 / Error
Event Submitted/Written: 06/25/2008 11:37:21 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Event Record #/Type7342 / Error
Event Submitted/Written: 06/25/2008 11:34:57 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service wuauserv with arguments ""
in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Event Record #/Type7341 / Error
Event Submitted/Written: 06/25/2008 11:34:15 AM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
AFD
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
pctfw2
RasAcd
Rdbss
Tcpip
WS2IFSL

Event Record #/Type7340 / Error
Event Submitted/Written: 06/25/2008 11:34:15 AM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
%%31

Event Record #/Type7339 / Error
Event Submitted/Written: 06/25/2008 11:34:15 AM
Event ID/Source: 7001 / Service Control Manager
Event Description:
The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:
%%31

-- End of Deckard's System Scanner: finished at 2008-06-25 13:36:16 ------------

#7
BHowett

Posted 25 June 2008 - 04:08 PM

OT Moderator

Moderator
4,649 posts

Hi Dazed&Confused08,

Not looking to bad, but I don’t see any antivirus or firewall running. What happen to the MacAfee AV you had last time you were being helped? Also I see you have Frostwire installed, so that will get you my peer-to-peer warning

P2P Warning!
Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur. Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current problem/infection. I would strongly suggest you remove Frostwire as this is one of the worst offenders. Removing can be done through Add/Remove Programs.

Right now we just need to fix some file associations, and I want to take a peek at another tools log. Please do the following:

Please download DAFT and save it to your desktop:

Double-click the daft.exe icon.
Click on the Scan button.
Select everything it is displaying there
Click the Fix button.
Then rescan with DAFT again - it should say now that "All associations are OK"
Close DAFT if you receive that message. This means that it is fixed now.

===============================================

ComboFix

Please visit below webpage for instructions for downloading and running ComboFix

http://www.bleepingc...to-use-combofix

This includes installing the Windows XP Recovery Console in case you have not installed it yet.

For more information on the Windows XP Recovery Console read http://support.microsoft.com/kb/314058.

Once you install the Recovery Console, when you reboot your computer, you'll see the option for the Recovery Console now as well. DO NOT select Recovery Console as we don't need it. By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows. That is normal.

Please post the log from ComboFix (located in C:\combofix.txt) in your next reply.

===============================================

Needed in you next reply

ComboFix log, and please advise me if you are using an Antivirus program.

#8
Dazed&Confused08

Posted 25 June 2008 - 05:21 PM

Member

Topic Starter
Member
75 posts

Here's my Combofix log, and I'm running Spyware Doctor, Antivirus, Malware detective, and Registry Mechanic
Also, I see files in the report that I thought were deleted from Limewire, how can I get rid of those and other unwanted files left on my computer that I don't see.

ComboFix 08-06-20.4 - Jessica 2008-06-25 17:59:02.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.917 [GMT -5:00]
Running from: C:\Documents and Settings\Jessica\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\mainms.vpi
C:\WINDOWS\promogif1.gif
C:\WINDOWS\promogif2.gif
C:\WINDOWS\promogif3.gif
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\sn.txt
C:\WINDOWS\system32\WwvwDJlm.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CLBDRIVER
-------\Service_clbdriver

((((((((((((((((((((((((( Files Created from 2008-05-25 to 2008-06-25 )))))))))))))))))))))))))))))))
.

2008-06-25 12:39 . 2008-06-25 12:39 <DIR> d-------- C:\Deckard
2008-06-24 15:25 . 2008-06-24 15:25 <DIR> d-------- C:\Documents and Settings\Pimpin Ken\Application Data\Corel
2008-06-21 23:54 . 2008-06-21 23:54 1,932 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-06-11 08:29 . 2008-06-13 06:05 272,128 --------- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 08:29 . 2008-05-08 09:02 203,136 --------- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-27 20:18 . 2008-06-24 15:34 56 -r-hs---- C:\WINDOWS\system32\6709BCCFE0.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-25 22:57 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-25 22:56 --------- d-----w C:\Program Files\Spyware Doctor
2008-06-25 22:50 --------- d-----w C:\Program Files\Dl_cats
2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-12 00:35 383 --sh--w C:\Program Files\desktop.ini
2008-06-12 00:35 2,403 -csh--w C:\Program Files\AlbumArtSmall.jpg
2008-06-12 00:35 2,403 --sh--w C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Small.jpg
2008-06-12 00:35 10,260 -csh--w C:\Program Files\Folder.jpg
2008-06-12 00:35 10,260 --sh--w C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Large.jpg
2008-06-02 22:31 --------- d-----w C:\Program Files\FrostWire
2008-06-02 21:19 2,792 --sh--w C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Small.jpg
2008-06-02 21:19 11,087 --sh--w C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Large.jpg
2008-05-31 22:58 --------- d-----w C:\Program Files\VideoLAN
2008-05-31 22:56 --------- d-----w C:\Program Files\DivX
2008-05-25 01:33 --------- d-----w C:\Documents and Settings\Jessica\Application Data\FrostWire
2008-05-22 02:32 7,651,584 ----a-w C:\Program Files\Phil Collins - Take Me Home (long version).mp3
2008-05-22 02:32 5,291,083 ----a-w C:\Program Files\Maroon five - Rag Doll.mp3
2008-05-22 02:32 4,010,362 ----a-w C:\Program Files\Journey - Don't Stop Beleiving.MP3
2008-05-22 02:31 9,276 --sh--w C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Large.jpg
2008-05-22 02:31 2,353 --sh--w C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Small.jpg
2008-05-13 15:55 --------- d-----w C:\Documents and Settings\Pimpin Ken\Application Data\CyberLink
2008-05-09 21:47 --------- d-----w C:\Program Files\Java
2008-05-09 19:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-09 19:26 --------- d-----w C:\Program Files\Yahoo! Games
2008-05-08 20:13 --------- d-----w C:\Documents and Settings\Jessica\Application Data\Malwarebytes
2008-05-08 20:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-08 16:47 --------- d-----w C:\Program Files\Trend Micro
2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-06 00:10 --------- d-----w C:\Program Files\Mozilla Firefox(2)
2008-05-04 19:44 --------- d-----w C:\Program Files\Common Files\INCA Shared
2008-05-04 15:06 --------- d-----w C:\Documents and Settings\kiwana\Application Data\InstallShield Installation Information
2008-05-01 18:31 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-05-01 18:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-01 18:06 159,880 ----a-w C:\WINDOWS\system32\drivers\pctfw2.sys
2008-04-29 19:41 --------- d-----w C:\Documents and Settings\Jessica\Application Data\Move Networks
2008-04-28 03:45 --------- d-----w C:\Program Files\Google
2008-04-27 17:33 --------- d-----w C:\Program Files\Common Files\PC Tools
2008-04-27 17:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Tools
2008-04-27 07:24 --------- d-----w C:\Documents and Settings\Jessica\Application Data\PC Tools
2008-04-26 21:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Visual Networks
2008-04-23 22:13 7,700,480 ----a-w C:\Program Files\Pharell Williams, P Diddy, Lenny Kravitz - Show Me Your Soul.mp3
2008-04-23 21:59 3,973,854 ----a-w C:\Program Files\Nickelback - Photogragh.mp3
2008-04-23 21:58 7,026,578 ----a-w C:\Program Files\Sade - King Of Sorrow.mp3
2008-04-23 21:58 5,163,662 ----a-w C:\Program Files\Phil Collins - You'll Be In My Heart.mp3
2008-04-23 21:57 7,411,508 ----a-w C:\Program Files\Musiq Soulchild - Dont Change.mp3
2008-04-23 21:57 6,253,434 ----a-w C:\Program Files\Nsync - Selfish.mp3
2008-04-23 21:57 5,536,958 ----a-w C:\Program Files\Dixie Chicks - Landslide.mp3
2008-04-23 21:57 3,591 --sh--w C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Small.jpg
2008-04-23 21:57 3,274 --sh--w C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Small.jpg
2008-04-23 21:57 3,240,030 ----a-w C:\Program Files\Nsync - I thought she knew.mp3
2008-04-23 21:57 16,056 --sh--w C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Large.jpg
2008-04-23 21:57 12,616 --sh--w C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Large.jpg
2008-04-23 21:57 1,783,510 ----a-w C:\Program Files\Nsync - Something Like You.mp3
2008-04-16 21:27 125,999,092 ----a-w C:\Program Files\Harvey Birdman Attorney at Law - 103 - Death By Chocolate.mpg
2008-04-16 19:55 121,189,628 ----a-w C:\Program Files\Harvey Birdman Attorney at Law - 109 - Blackwatch Plaid.mpg
2008-04-15 03:59 3,325,369 ----a-w C:\Program Files\Fall Out Boy - Get Busy Living Or Get Busy Dying.mp3
2008-04-15 03:59 2,800 --sh--w C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Small.jpg
2008-04-15 03:59 2,375 --sh--w C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Small.jpg
2008-04-15 03:59 11,493 --sh--w C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Large.jpg
2008-04-15 03:59 11,196 --sh--w C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Large.jpg
2008-04-15 03:58 4,321,454 ----a-w C:\Program Files\Maroon 5 - Shiver.mp3
2008-04-15 03:57 3,473 --sh--w C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Small.jpg
2008-04-15 03:57 15,403 --sh--w C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Large.jpg
2008-04-14 00:12 69,120 ----a-w C:\WINDOWS\notepad.exe
2008-04-14 00:12 50,688 ----a-w C:\WINDOWS\twain_32.dll
2008-04-14 00:12 32,866 ------w C:\WINDOWS\slrundll.exe
2008-04-14 00:12 283,648 ----a-w C:\WINDOWS\winhlp32.exe
2008-04-14 00:12 146,432 ----a-w C:\WINDOWS\regedit.exe
2008-04-14 00:12 10,752 ----a-w C:\WINDOWS\hh.exe
2008-04-14 00:12 1,033,728 ----a-w C:\WINDOWS\explorer.exe
2008-04-13 22:41 4,285,891 ----a-w C:\Program Files\Aretha Franklin (feat. Lauryn Hill) - A Rose Is Still A Rose.mp3
2008-04-13 22:41 2,567 --sh--w C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Small.jpg
2008-04-13 22:41 11,819 --sh--w C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Large.jpg
2008-04-13 22:31 5,396,087 ----a-w C:\Program Files\Elisa - Dancing.mp3
2008-04-13 22:31 3,021,212 ----a-w C:\Program Files\Journey - When The Lights Go Down In The City.mp3
2008-04-13 22:31 11,644 --sh--w C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Large.jpg
2008-04-13 22:30 4,956,507 ----a-w C:\Program Files\Switchfoot - I Dare You To Move (A Walk To Remember Soundtrack)(1).mp3
2008-04-13 22:30 2,989 --sh--w C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Small.jpg
2008-04-13 22:30 2,893 --sh--w C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Small.jpg
2008-04-13 22:30 12,512 --sh--w C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Large.jpg
2008-04-13 22:29 9,939 --sh--w C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Large.jpg
2008-04-13 22:29 8,989 --sh--w C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Large.jpg
2008-04-13 22:29 2,499 --sh--w C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Small.jpg
2008-04-13 22:29 1,972 --sh--w C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Small.jpg
2008-04-13 22:27 2,785,784 ----a-w C:\Program Files\Maroon 5 - Harder To Breathe.mp3
2008-04-13 22:25 8,655 --sh--w C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Large.jpg
2008-04-13 22:25 2,552 --sh--w C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Small.jpg
2008-04-13 22:25 10,259 --sh--w C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Large.jpg
2008-04-13 22:24 2,579 --sh--w C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Small.jpg
2008-04-13 22:24 2,390 --sh--w C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Small.jpg
2008-04-13 22:24 10,032 --sh--w C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Large.jpg
2008-04-13 22:23 7,364 --sh--w C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Large.jpg
2008-04-13 22:23 3,354,004 ----a-w C:\Program Files\Maroon 5 - Simple Kind of Lovely.mp3
2008-04-13 22:23 2,187 --sh--w C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Small.jpg
2008-04-13 22:23 10,040 --sh--w C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Large.jpg
2008-04-13 22:22 2,625 --sh--w C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Small.jpg
2008-04-13 22:20 2,982 --sh--w C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Small.jpg
2008-04-13 22:20 11,795 --sh--w C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Large.jpg
2008-04-13 22:19 9,542 --sh--w C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Large.jpg
2008-04-13 22:19 4,548,903 ----a-w C:\Program Files\Madonna Feat Justin Timberlake & Timbaland-4 Minutes.mp3
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:12 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 20:42 1404928]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 21:12 221184]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 17:50 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50 81920]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 02:02 86016]
"DLCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 07:38 69632]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 16:19 53248]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-04-08 23:05 26112]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 09:35 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 09:32 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 09:36 114688]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-02 20:39 282624]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 06:33 122941]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-18 20:47 8720384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPager.exe"=
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"C:\\Program Files\\FrostWire\\FrostWire.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=

R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [2008-05-01 13:06]
S3 dump_wmimmc;dump_wmimmc;C:\ijji\ENGLISH\U_SF\GameGuard\dump_wmimmc.sys []

.
Contents of the 'Scheduled Tasks' folder
"2008-06-18 13:21:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-25 18:06:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\verclsid.exe
.
**************************************************************************
.
Completion time: 2008-06-25 18:13:37 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-25 23:13:31

Pre-Run: 44,723,654,656 bytes free
Post-Run: 44,989,489,152 bytes free

202 --- E O F --- 2008-06-20 15:32:29

Edited by Dazed&Confused08, 25 June 2008 - 05:23 PM.

#9
BHowett

Posted 25 June 2008 - 06:10 PM

OT Moderator

Moderator
4,649 posts

I'm running Spyware Doctor, Antivirus, Malware detective, and Registry Mechanic

So you are running Spyware Doctor with AntiVirus the paid subscription? Because regular Spyware Doctor is just Anti-Spyware software, not an antivirus.

Also, I see files in the report that I thought were deleted from Limewire, how can I get rid of those

What limewire files are left that you know of ? Are you talking about Frostwire cause you can uninstall that through Add/Remove Programs.

and other unwanted files left on my computer that I don't see.

I’m not sure what you mean here… if you can’t see them how do you know what they are of if they are unwanted.

Also you missed installing the recovery console with ComboFix so lets get that done first.

Go to Microsoft's website => http://support.microsoft.com/kb/310994
Select the download that's appropriate for your Operating System.

Posted Image

Download the file & save it as it's originally named, next to ComboFix.exe.

Posted Image

Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console. When complete, a log named CF_RC.txt will open. Please post the contents of that log.

Please do not reboot your machine until we have reviewed the log.

#10
Dazed&Confused08

Posted 25 June 2008 - 06:47 PM

Member

Topic Starter
Member
75 posts

I followed the steps to download the recovery console, and nothing happens. I downloaded it and I drag it and dropped it in Combofix.exe. Then the small Combofix loading bar pops up and then it disappears and nothing happens. Also the Windows XP Home Edition recovery links show a service pack 1 and 2, but my computer says I have service pack 3. The same thing happened the first time. I have a paid subscription with antivirus. The files I see are from Limewire. Like the music files and video files that are showing up on the logs. I thought they were completely gone when I erased Limewire, but I now see them in the logs.

Edited by Dazed&Confused08, 25 June 2008 - 07:02 PM.

#11
BHowett

Posted 25 June 2008 - 07:17 PM

OT Moderator

Moderator
4,649 posts

I followed the steps to download the recovery console, and nothing happens. I downloaded it and I drag it and dropped it in Combofix.exe. Then the small Combofix loading bar pops up and then it disappears and nothing happens. Also the Windows XP Home Edition recovery links show a service pack 1 and 2, but my computer says I have service pack 3. The same thing happened the first time. I have a paid subscription with antivirus. The files I see are from Limewire. Like the music files and video files that are showing up on the logs. I thought they were completely gone when I erased Limewire, but I now see them in the logs.

Hello again,

I will have to consult with sUBs the creator of ComboFix and see if the service pack 3 makes a difference. I will get back with you on that.

Are the listed files below the files you are talking about.

2008-06-12 00:35 2,403 -csh--w C:\Program Files\AlbumArtSmall.jpg
2008-06-12 00:35 2,403 --sh--w C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Small.jpg
2008-06-12 00:35 10,260 -csh--w C:\Program Files\Folder.jpg
2008-06-12 00:35 10,260 --sh--w C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Large.jpg
2008-06-02 22:31 --------- d-----w C:\Program Files\FrostWire
2008-06-02 21:19 2,792 --sh--w C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Small.jpg
2008-06-02 21:19 11,087 --sh--w C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Large.jpg
2008-05-25 01:33 --------- d-----w C:\Documents and Settings\Jessica\Application Data\FrostWire
2008-05-22 02:32 7,651,584 ----a-w C:\Program Files\Phil Collins - Take Me Home (long version).mp3
2008-05-22 02:32 5,291,083 ----a-w C:\Program Files\Maroon five - Rag Doll.mp3
2008-05-22 02:32 4,010,362 ----a-w C:\Program Files\Journey - Don't Stop Beleiving.MP3
2008-05-22 02:31 9,276 --sh--w C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Large.jpg
2008-05-22 02:31 2,353 --sh--w C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Small.jpg
2008-04-23 22:13 7,700,480 ----a-w C:\Program Files\Pharell Williams, P Diddy, Lenny Kravitz - Show Me Your Soul.mp3
2008-04-23 21:59 3,973,854 ----a-w C:\Program Files\Nickelback - Photogragh.mp3
2008-04-23 21:58 7,026,578 ----a-w C:\Program Files\Sade - King Of Sorrow.mp3
2008-04-23 21:58 5,163,662 ----a-w C:\Program Files\Phil Collins - You'll Be In My Heart.mp3
2008-04-23 21:57 7,411,508 ----a-w C:\Program Files\Musiq Soulchild - Dont Change.mp3
2008-04-23 21:57 6,253,434 ----a-w C:\Program Files\Nsync - Selfish.mp3
2008-04-23 21:57 5,536,958 ----a-w C:\Program Files\Dixie Chicks - Landslide.mp3
2008-04-23 21:57 3,591 --sh--w C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Small.jpg
2008-04-23 21:57 3,274 --sh--w C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Small.jpg
2008-04-23 21:57 3,240,030 ----a-w C:\Program Files\Nsync - I thought she knew.mp3
2008-04-23 21:57 16,056 --sh--w C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Large.jpg
2008-04-23 21:57 12,616 --sh--w C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Large.jpg
2008-04-23 21:57 1,783,510 ----a-w C:\Program Files\Nsync - Something Like You.mp3
2008-04-16 21:27 125,999,092 ----a-w C:\Program Files\Harvey Birdman Attorney at Law - 103 - Death By Chocolate.mpg
2008-04-16 19:55 121,189,628 ----a-w C:\Program Files\Harvey Birdman Attorney at Law - 109 - Blackwatch Plaid.mpg
2008-04-15 03:59 3,325,369 ----a-w C:\Program Files\Fall Out Boy - Get Busy Living Or Get Busy Dying.mp3
2008-04-15 03:59 2,800 --sh--w C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Small.jpg
2008-04-15 03:59 2,375 --sh--w C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Small.jpg
2008-04-15 03:59 11,493 --sh--w C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Large.jpg
2008-04-15 03:59 11,196 --sh--w C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Large.jpg
2008-04-15 03:58 4,321,454 ----a-w C:\Program Files\Maroon 5 - Shiver.mp3
2008-04-15 03:57 3,473 --sh--w C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Small.jpg
2008-04-15 03:57 15,403 --sh--w C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Large.jpg
2008-04-13 22:41 4,285,891 ----a-w C:\Program Files\Aretha Franklin (feat. Lauryn Hill) - A Rose Is Still A Rose.mp3
2008-04-13 22:41 2,567 --sh--w C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Small.jpg
2008-04-13 22:41 11,819 --sh--w C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Large.jpg
2008-04-13 22:31 5,396,087 ----a-w C:\Program Files\Elisa - Dancing.mp3
2008-04-13 22:31 3,021,212 ----a-w C:\Program Files\Journey - When The Lights Go Down In The City.mp3
2008-04-13 22:31 11,644 --sh--w C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Large.jpg
2008-04-13 22:30 4,956,507 ----a-w C:\Program Files\Switchfoot - I Dare You To Move (A Walk To Remember Soundtrack)(1).mp3
2008-04-13 22:30 2,989 --sh--w C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Small.jpg
2008-04-13 22:30 2,893 --sh--w C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Small.jpg
2008-04-13 22:30 12,512 --sh--w C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Large.jpg
2008-04-13 22:29 9,939 --sh--w C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Large.jpg
2008-04-13 22:29 8,989 --sh--w C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Large.jpg
2008-04-13 22:29 2,499 --sh--w C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Small.jpg
2008-04-13 22:29 1,972 --sh--w C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Small.jpg
2008-04-13 22:27 2,785,784 ----a-w C:\Program Files\Maroon 5 - Harder To Breathe.mp3
2008-04-13 22:25 8,655 --sh--w C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Large.jpg
2008-04-13 22:25 2,552 --sh--w C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Small.jpg
2008-04-13 22:25 10,259 --sh--w C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Large.jpg
2008-04-13 22:24 2,579 --sh--w C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Small.jpg
2008-04-13 22:24 2,390 --sh--w C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Small.jpg
2008-04-13 22:24 10,032 --sh--w C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Large.jpg
2008-04-13 22:23 7,364 --sh--w C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Large.jpg
2008-04-13 22:23 3,354,004 ----a-w C:\Program Files\Maroon 5 - Simple Kind of Lovely.mp3
2008-04-13 22:23 2,187 --sh--w C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Small.jpg
2008-04-13 22:23 10,040 --sh--w C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Large.jpg
2008-04-13 22:22 2,625 --sh--w C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Small.jpg
2008-04-13 22:20 2,982 --sh--w C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Small.jpg
2008-04-13 22:20 11,795 --sh--w C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Large.jpg
2008-04-13 22:19 9,542 --sh--w C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Large.jpg
2008-04-13 22:19 4,548,903 ----a-w C:\Program Files\Madonna Feat Justin Timberlake & Timbaland-4 Minutes.mp3

If these are the files your referring to wold be happy to help you get rid of them

#12
Dazed&Confused08

Posted 25 June 2008 - 07:19 PM

Member

Topic Starter
Member
75 posts

yes, those are it! THANK YOU SOOOO MUCH

#13
BHowett

Posted 25 June 2008 - 07:51 PM

OT Moderator

Moderator
4,649 posts

Hi Dazed&Confused08,

Ok lets see what we can do…

Combofix Script.txt

1. Please open Notepad

Click Start , then Run
Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::
C:\WINDOWS\system32\6709BCCFE0.sys 
C:\Program Files\AlbumArtSmall.jpg
C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Small.jpg
C:\Program Files\Folder.jpg
C:\Program Files\AlbumArt_{BEC47316-A373-4054-8368-7D8D139252D7}_Large.jpg
C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Small.jpg
C:\Program Files\AlbumArt_{033D1EB7-074A-46D2-BA8A-17D0065BFBF3}_Large.jpg
C:\Program Files\Phil Collins - Take Me Home (long version).mp3
C:\Program Files\Maroon five - Rag Doll.mp3
C:\Program Files\Journey - Don't Stop Beleiving.MP3
C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Large.jpg
C:\Program Files\AlbumArt_{28589D26-941F-487F-8083-26A485FE8DF3}_Small.jpg
C:\Program Files\Pharell Williams, P Diddy, Lenny Kravitz - Show Me Your Soul.mp3
C:\Program Files\Nickelback - Photogragh.mp3
C:\Program Files\Sade - King Of Sorrow.mp3
C:\Program Files\Phil Collins - You'll Be In My Heart.mp3
C:\Program Files\Musiq Soulchild - Dont Change.mp3
C:\Program Files\Nsync - Selfish.mp3
C:\Program Files\Dixie Chicks - Landslide.mp3
C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Small.jpg
C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Small.jpg
C:\Program Files\Nsync - I thought she knew.mp3
C:\Program Files\AlbumArt_{9830F7D9-15CA-47D1-B61E-D55C9179548A}_Large.jpg
C:\Program Files\AlbumArt_{6E91038F-40AF-43DF-B7EB-445D2A7501CE}_Large.jpg
C:\Program Files\Nsync - Something Like You.mp3
C:\Program Files\Harvey Birdman Attorney at Law - 103 - Death By Chocolate.mpg
C:\Program Files\Harvey Birdman Attorney at Law - 109 - Blackwatch Plaid.mpg
C:\Program Files\Fall Out Boy - Get Busy Living Or Get Busy Dying.mp3
C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Small.jpg
C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Small.jpg
C:\Program Files\AlbumArt_{C79F18F5-5CE1-469C-9E63-F772460A2263}_Large.jpg
C:\Program Files\AlbumArt_{C1E4658C-4D7B-481F-8A25-E033A117028A}_Large.jpg
C:\Program Files\Maroon 5 - Shiver.mp3
C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Small.jpg
C:\Program Files\AlbumArt_{9DD0D907-2284-4F72-9391-14BB2B690BA8}_Large.jpg
C:\Program Files\Aretha Franklin (feat. Lauryn Hill) - A Rose Is Still A Rose.mp3
C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Small.jpg
C:\Program Files\AlbumArt_{DE36FA42-A68C-4CA2-AE5B-4C11D5042FDF}_Large.jpg
C:\Program Files\Elisa - Dancing.mp3
C:\Program Files\Journey - When The Lights Go Down In The City.mp3
C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Large.jpg
C:\Program Files\Switchfoot - I Dare You To Move (A Walk To Remember Soundtrack)(1).mp3
C:\Program Files\AlbumArt_{6BD410FA-C4E0-40CC-BAA0-721B8D95A562}_Small.jpg
C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Small.jpg
C:\Program Files\AlbumArt_{22CCD8D5-06CF-49FE-BC7C-0C701F5B94AD}_Large.jpg
C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Large.jpg
C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Large.jpg
C:\Program Files\AlbumArt_{CC231E2D-2C05-4C61-813B-E4B6D42BED36}_Small.jpg
C:\Program Files\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Small.jpg
C:\Program Files\Maroon 5 - Harder To Breathe.mp3
C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Large.jpg
C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Small.jpg
C:\Program Files\AlbumArt_{C91F467F-9332-482A-80E6-B9AF8BE8C16D}_Large.jpg
C:\Program Files\AlbumArt_{EAB9A23B-D51C-4FE4-84DA-1780064BD5D9}_Small.jpg
C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Small.jpg
C:\Program Files\AlbumArt_{F41A35BC-CE0D-4961-B41D-D6040135C77A}_Large.jpg
C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Large.jpg
C:\Program Files\Maroon 5 - Simple Kind of Lovely.mp3
C:\Program Files\AlbumArt_{78A4206F-C8AD-45D4-B1A5-ED5044C8BAD1}_Small.jpg
C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Large.jpg
C:\Program Files\AlbumArt_{18E0C471-9547-461B-B883-11319DB73B6D}_Small.jpg
C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Small.jpg
C:\Program Files\AlbumArt_{38B91EDA-C821-4B5B-ADAC-CCE0D5E56086}_Large.jpg
C:\Program Files\AlbumArt_{305C1E68-7556-453B-B2B3-E07E091D44E6}_Large.jpg
C:\Program Files\Madonna Feat Justin Timberlake & Timbaland-4 Minutes.mp3
Folder::
C:\Program Files\FrostWire
C:\Documents and Settings\Jessica\Application Data\FrostWire
DirLook::
C:\Documents and Settings\Pimpin Ken\Application Data\Help
C:\Documents and Settings\Pimpin Ken\Application Data\Corel

3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image

5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

Combofix.txt
A new HijackThis log.

===============================================

ATF Cleaner

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

===============================================

Kaspersky WebScanner
please go to Kaspersky website and perform an online antivirus scan.

Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
  Archives
  Mail databases
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Please post this log in your next reply.

===============================================

Needed in your next reply:

ComboFix Log

Kaspersky WebScanner Results

And let me know how things are running

*NOTE* You may need to post the requested logs in more then one reply due to how long they are. Please check to make sure all of the logs are posted.

#14
Dazed&Confused08

Posted 25 June 2008 - 08:03 PM

Member

Topic Starter
Member
75 posts

Combofix responded the same way it did with the recovery console, so I don't have that log. Here's my HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:01:17 PM, on 6/25/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

--
End of file - 1568 bytes