[JPClark2323]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:22:56 PM, on 7/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\kmw_run.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\iDumpPro\NMSAccessU.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\KMW_SHOW.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\iDumpPro\NMSAccessU.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 3896 bytes

[Advertisements]

Hi there and sorry for the delay I would like a fresh look at your system

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

• Close all other windows before proceeding.
• Double-click on dss.exe and follow the prompts.
• When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

[Essexboy]

Hi there and sorry for the delay I would like a fresh look at your system

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

• Close all other windows before proceeding.
• Double-click on dss.exe and follow the prompts.
• When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

[JPClark2323]

Sweet! Thanks for the Help! I got the first 2 scans for you..

Deckard's System Scanner v20071014.68
Run by Dave on 2008-07-17 18:47:45
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
28: 2008-07-17 22:47:54 UTC - RP188 - Deckard's System Scanner Restore Point
27: 2008-07-17 00:01:04 UTC - RP187 - System Checkpoint
26: 2008-07-14 20:29:05 UTC - RP186 - System Checkpoint
25: 2008-07-12 16:11:30 UTC - RP185 - Software Distribution Service 3.0
24: 2008-07-11 04:24:44 UTC - RP184 - System Checkpoint


-- First Restore Point --
1: 2008-04-23 18:22:44 UTC - RP161 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 504 MiB (512 MiB recommended).


-- HijackThis (run as Dave.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:50:22 PM, on 7/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\kmw_run.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\iDumpPro\NMSAccessU.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Dave\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Dave.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\iDumpPro\NMSAccessU.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 4093 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080422-222755-110 O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
backup-20080422-222755-255 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
backup-20080424-095021-115 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
backup-20080424-095021-273 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
backup-20080424-095021-289 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
backup-20080424-095021-325 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
backup-20080424-095021-510 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
backup-20080424-095021-924 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
backup-20080424-095021-960 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
backup-20080424-095023-241 O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
backup-20080424-095023-254 O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
backup-20080424-095023-263 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
backup-20080424-095023-360 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
backup-20080424-095023-419 O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
backup-20080424-095023-682 O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
backup-20080424-095023-688 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
backup-20080424-095023-746 O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
backup-20080424-095023-783 O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
backup-20080424-095023-862 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
backup-20080424-095023-906 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
backup-20080424-095023-928 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
backup-20080424-095023-988 O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
backup-20080424-095027-926 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
backup-20080424-095028-269 O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
backup-20080424-095028-897 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
backup-20080424-095029-267 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
backup-20080424-095029-453 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20080424-095029-497 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
backup-20080424-095029-705 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
backup-20080424-095030-851 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
backup-20080424-095031-259 O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
backup-20080424-095032-643 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1176777088234
backup-20080424-095033-122 O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
backup-20080424-095033-312 O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
backup-20080424-095033-503 O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\RGF2aWQ\command.exe
backup-20080424-095033-601 O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
backup-20080424-095033-691 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.6.0.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.6.0.0>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>

S0 cercsr6 - c:\windows\system32\drivers\cercsr6.sys <Not Verified; Adaptec, Inc.; Dell RAID Controller>
S3 catchme - c:\combofix\catchme.sys (file missing)
S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 UIUSys (Conexant Setup API) - c:\windows\system32\drivers\uiusys.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
R2 WLANKEEPER (Intel® PROSet/Wireless SSO Service) - c:\program files\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSO Service>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller
Device ID: PCI\VEN_8086&DEV_2792&SUBSYS_01881028&REV_03\3&61AAA01&0&11
Manufacturer:
Name: Video Controller
PNP Device ID: PCI\VEN_8086&DEV_2792&SUBSYS_01881028&REV_03\3&61AAA01&0&11
Service:

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\3FFFFFFF5B4FC000
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\3FFFFFFF5B4FC000
Service: NIC1394


-- Scheduled Tasks -------------------------------------------------------------

2008-07-07 22:48:03 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-07-04 15:00:09 406 --a------ C:\WINDOWS\Tasks\Norton Security Scan.job


-- Files created between 2008-06-17 and 2008-07-17 -----------------------------

2008-06-21 19:53:12 0 d-------- C:\iPodMusic
2008-06-21 19:52:05 1522155 --a------ C:\WINDOWS\iDumpPro Uninstaller.exe
2008-06-21 19:52:02 0 d-------- C:\Program Files\Common Files\Thraex Software
2008-06-21 19:52:01 0 d-------- C:\Program Files\iDumpPro
2008-06-21 10:24:03 0 d-------- C:\Program Files\iDump


-- Find3M Report ---------------------------------------------------------------

2008-07-08 15:34:32 0 d-------- C:\Documents and Settings\Dave\Application Data\LimeWire
2008-07-06 16:28:22 0 d-------- C:\Program Files\LimeWire
2008-07-04 15:00:00 0 d-------- C:\Program Files\Norton Security Scan
2008-06-21 19:52:02 0 d-------- C:\Program Files\Common Files
2008-06-20 19:40:22 0 d-------- C:\Program Files\SpywareBlaster
2008-06-11 14:38:39 0 d-------- C:\Documents and Settings\Dave\Application Data\Kensington
2008-06-11 14:34:24 0 d-------- C:\Program Files\Kensington
2008-06-11 14:34:24 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-09 17:04:25 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-09 13:20:58 0 d-------- C:\Documents and Settings\Dave\Application Data\SUPERAntiSpyware.com
2008-06-09 13:20:37 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-09 12:22:32 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-09 00:31:45 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-08 22:23:55 0 d-------- C:\Program Files\Lavasoft
2008-06-08 12:32:34 0 d-------- C:\Documents and Settings\Dave\Application Data\WinRAR
2008-06-06 17:47:17 0 d-------- C:\Program Files\EA Games
2008-05-23 20:28:13 0 d-------- C:\Program Files\iTunes
2008-05-23 20:27:57 0 d-------- C:\Program Files\iPod
2008-05-23 20:25:53 0 d-------- C:\Program Files\Bonjour
2008-05-23 20:25:25 0 d-------- C:\Program Files\QuickTime
2008-04-23 14:20:07 0 --a------ C:\WINDOWS\system32\taskkill.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/28/2008 11:37 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [03/30/2008 10:36 AM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [03/09/2007 11:09 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM]
"kmw_run.exe"="kmw_run.exe" [08/03/2006 11:47 AM C:\WINDOWS\system32\kmw_run.exe]
"MSWheel"="" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 06:00 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [02/27/2007 11:39 AM]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [03/01/2007 10:37 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 12:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 02/27/2007 11:39 AM 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
"C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
C:\Program Files\Dell\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7cba1830-e914-11db-bdfb-806d6172696f}]
AutoRun\command- D:\Autorun.exe




-- End of Deckard's System Scanner: finished at 2008-07-17 18:51:35 ------------


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® M processor 1.50GHz
Percentage of Memory in Use: 46%
Physical Memory (total/avail): 503.37 MiB / 268.72 MiB
Pagefile Memory (total/avail): 1228.42 MiB / 887.64 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.9 MiB

C: is Fixed (NTFS) - 74.52 GiB total, 50.35 GiB free.
D: is CDROM (UDF)

\\.\PHYSICALDRIVE0 - TOSHIBA MK8032GAX - 74.53 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.52 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntivirusOverride is set.


[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"="C:\\WINDOWS\\system32\\usmt\\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"
"C:\\Documents and Settings\\Dave\\Desktop\\utorrent.exe"="C:\\Documents and Settings\\Dave\\Desktop\\utorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Disabled:AOL Instant Messenger"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Pando Networks\\Pando\\pando.exe"="C:\\Program Files\\Pando Networks\\Pando\\pando.exe:*:Disabled:pando"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Disabled:Windows Explorer"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\Dave\\Local Settings\\Temp\\{DEFAB122-7861-4BF2-A77C-422A2B59AD87}\\{4C78937F-0C8E-11D9-A3EB-0001025FA304}\\k_update.exe"="C:\\Documents and Settings\\Dave\\Local Settings\\Temp\\{DEFAB122-7861-4BF2-A77C-422A2B59AD87}\\{4C78937F-0C8E-11D9-A3EB-0001025FA304}\\k_update.exe:*:Enabled:Kensington Digital Update of installed software via the Web."
"C:\\Program Files\\Kensington\\MouseWorks\\k_update.exe"="C:\\Program Files\\Kensington\\MouseWorks\\k_update.exe:*:Enabled:Kensington Digital Update of installed software via the Web."


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Dave\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DAVID
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Dave
LOGONSERVER=\\DAVID
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\QuickTime\QTSystem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Dave\LOCALS~1\Temp
TMP=C:\DOCUME~1\Dave\LOCALS~1\Temp
USERDOMAIN=DAVID
USERNAME=Dave
USERPROFILE=C:\Documents and Settings\Dave
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Dave (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
C-Major Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Command & Conquer The First Decade --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}\setup.exe" -l0x9 -removeonly
Conexant D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf
Dell CinePlayer --> MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell ResourceCD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
iDump (Backing up your iPod) --> C:\Program Files\iDump\uninstall.exe
iDumpPro --> C:\WINDOWS\iDumpPro Uninstaller.exe
Intel® Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kensington MouseWorks --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C78937F-0C8E-11D9-A3EB-0001025FA304}\setup.exe" -l0x9 -u
LimeWire 4.18.3 --> "C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver --> MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi --> MsiExec.exe /I{90CC4231-94AC-45CD-991A-0253BFAC0650}
mHlpDell --> MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (2.0.0.16) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSSO --> MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI --> MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Norton Security Scan --> MsiExec.exe /I{3A4FFB84-D070-4DA5-AB7B-D41D87FD8D19}
Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PowerDVD 5.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
SC Audio CD creator 3.4.0.0 --> "C:\Program Files\SoftwareClub.ws\SC Audio CD creator\unins000.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Videora iPod Converter 2.19 --> C:\Program Files\Red Kawa\Video Converter\uninstaller.exe
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
XML Paper Specification Shared Components Pack 1.0 -->


-- Application Event Log -------------------------------------------------------

Event Record #/Type2694 / Warning
Event Submitted/Written: 07/14/2008 10:42:51 AM
Event ID/Source: 2002 / LoadPerf
Event Description:
The MOF file created for the Outlook service could not be loaded. The
error code returned by the MOF Compiler is contained in the Record Data.
Before the performance counters of this service can be collected by WMI
the MOF file will need to be loaded manually. Contact the vendor of this
service for additional information.

Event Record #/Type2687 / Error
Event Submitted/Written: 07/10/2008 11:58:18 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.62306, faulting module nss3.dll, version 3.11.9.0, fault address 0x0003187f.
Processing media-specific event for [firefox.exe!ws!]

Event Record #/Type2665 / Error
Event Submitted/Written: 07/07/2008 11:12:01 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.62306, faulting module nss3.dll, version 3.11.9.0, fault address 0x0003187f.
Processing media-specific event for [firefox.exe!ws!]

Event Record #/Type2664 / Error
Event Submitted/Written: 07/06/2008 03:38:59 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.40413, faulting module nss3.dll, version 3.11.5.0, fault address 0x000306df.
Processing media-specific event for [firefox.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type47212 / Error
Event Submitted/Written: 07/17/2008 06:49:26 PM
Event ID/Source: 7011 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.

Event Record #/Type47211 / Warning
Event Submitted/Written: 07/17/2008 05:18:14 PM
Event ID/Source: 2504 / Server
Event Description:
The server could not bind to the transport \Device\NetBT_Tcpip_{04722F4D-2A0A-45BE-B58A-598AD7A1728D}.

Event Record #/Type47210 / Warning
Event Submitted/Written: 07/17/2008 05:18:08 PM
Event ID/Source: 1007 / Dhcp
Event Description:
Your computer has automatically configured the IP address for the Network
Card with network address 0012F099231D. The IP address being used is 169.254.144.72.

Event Record #/Type47209 / Warning
Event Submitted/Written: 07/17/2008 05:18:07 PM
Event ID/Source: 2504 / Server
Event Description:
The server could not bind to the transport \Device\NetBT_Tcpip_{04722F4D-2A0A-45BE-B58A-598AD7A1728D}.

Event Record #/Type47208 / Warning
Event Submitted/Written: 07/17/2008 05:17:59 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 0012F099231D. The following
error occurred:
%%121.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.



-- End of Deckard's System Scanner: finished at 2008-07-17 18:51:35 ------------

[Essexboy]

Not a great deal there - what problems are you experiencing ?

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to infect your system. Please follow these steps to remove older version Java components and update:

• Download the latest version of Java Runtime Environment (JRE) 6 Update 7 and save it to your desktop.
• Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 7...allows end-users to run Java applications".
• Click the "Download" button to the right.
• Read the License Agreement and then check the box that says: "Accept License Agreement". The page will refresh.
• Click on the link to download Windows Offline Installation and save the file to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
• Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java versions.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-6u7-windows-i586-p.exe to install the newest version.

[JPClark2323]

ok ill do that...my computer seems to be running fine, but when i run an adaware scan it comes up with hundreds of infections...some are win32.trojan.startpage......another is win.32.trojandownloader...cant seem to get rid of these

[Essexboy]

What adware programme gives you that

Please visit this web page for instructions for downloading and running ComboFix

http://www.bleepingc...to-use-combofix

This includes installing the Windows XP Recovery Console in case you have not installed it yet. It is imperative that you install this as it will enable a system recovery in the event of problems

For more information on the Windows XP Recovery Console read http://support.microsoft.com/kb/314058.

Once you install the Recovery Console, when you reboot your computer, you'll see the option for the Recovery Console now as well. Don't select Recovery Console as we don't need it. By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows. That is normal.

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

[JPClark2323]

Hey it is lavasoft ad aware 2008...here is my combofix and hijackthis....thanks


ComboFix 08-07-19.1 - Dave 2008-07-19 16:54:01.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.232 [GMT -4:00]
Running from: C:\Documents and Settings\Dave\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Dave\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\taskkill.exe

.
((((((((((((((((((((((((( Files Created from 2008-06-19 to 2008-07-19 )))))))))))))))))))))))))))))))
.

2008-07-17 18:47 . 2008-07-17 18:47 <DIR> d-------- C:\Deckard
2008-07-08 15:28 . 2008-07-08 15:30 5,379,914 --a------ C:\Dolla ft. Akon & T Pain - Who The [bleep] Is that.mp3
2008-07-08 15:26 . 2008-07-08 15:27 5,147,783 --a------ C:\Kanye West - Flashing Lights.mp3
2008-07-08 15:22 . 2008-07-08 15:23 6,308,080 --a------ C:\Instrumentals - Shawty Lo - Dey Know.mp3
2008-07-08 15:22 . 2008-07-08 15:24 6,217,008 --a------ C:\Young Buck & The Outlawz - Driving Down The Freeway.mp3
2008-07-08 15:22 . 2008-07-08 15:23 2,219,826 --a------ C:\Shawty Lo - Dey Know.mp3
2008-07-08 12:57 . 2008-07-08 12:58 7,940,224 --a------ C:\T.I.-No Matter What.mp3
2008-07-08 12:53 . 2008-07-08 12:57 6,873,494 --a------ C:\Jadakiss - Why.mp3
2008-07-08 12:50 . 2008-07-08 12:50 4,381,824 --a------ C:\Bow Wow feat. Chris Brown - Shorty Like Mine.mp3
2008-07-08 12:46 . 2008-07-08 12:49 4,668,238 --a------ C:\Nelly - Ride With Me.mp3
2008-07-07 23:57 . 2008-07-08 00:00 4,710,528 --a------ C:\The All-American Rejects - Dirty Little Secrete.mp3
2008-07-07 23:54 . 2008-07-07 23:55 4,284,566 --a------ C:\The Killers - When You Were Young.mp3
2008-07-07 00:48 . 2008-07-07 00:49 4,675,584 --a------ C:\Jessica Simpson - With You.mp3
2008-07-07 00:46 . 2008-07-07 00:46 5,469,542 --a------ C:\Alicia Keys - As I Am - 05 - Like You'll Never See Me Again(1).mp3
2008-07-07 00:46 . 2008-07-07 00:46 5,004,190 --a------ C:\Alicia Keys - No One.mp3
2008-07-07 00:46 . 2008-07-07 00:46 4,708,764 --a------ C:\Alicia Keys - Falling.mp3
2008-07-07 00:41 . 2008-07-07 00:42 5,490,856 --a------ C:\Alicia Keys - If I Ain't Got You.mp3
2008-07-07 00:34 . 2008-07-07 00:40 3,092,524 --a------ C:\Jojo - Baby It`s You.mp3
2008-07-07 00:33 . 2008-07-07 00:35 7,153,675 --a------ C:\Kelly Clarkson - Miss Independent.mp3
2008-07-07 00:33 . 2008-07-07 00:34 3,514,496 --a------ C:\Kelly Clarkson - Because Of You.mp3
2008-07-07 00:33 . 2008-07-07 00:34 3,025,024 --a------ C:\Kelly Clarkson - Walk Away.mp3
2008-07-07 00:32 . 2008-07-07 00:35 4,787,186 --a------ C:\Carrie Underwood - All-American Girl.mp3
2008-07-07 00:31 . 2008-07-07 00:34 4,997,130 --a------ C:\Mariah Carey - Touch my body.mp3
2008-07-07 00:24 . 2008-07-07 00:25 5,727,787 --a------ C:\Mariah Carey - Shake It Off.mp3
2008-07-07 00:24 . 2008-07-07 00:27 4,126,382 --a------ C:\Mariah Carey - Always Be My Baby.mp3
2008-07-07 00:23 . 2008-07-07 00:27 7,169,506 --a------ C:\James Blunt - Same Mistake.mp3
2008-07-07 00:23 . 2008-07-07 00:28 4,417,827 --a------ C:\Celine Dion - Because You Loved Me.mp3
2008-07-07 00:23 . 2008-07-07 00:26 3,309,711 --a------ C:\Mariah Carey & Celine Dion - I Still Believe.mp3
2008-07-07 00:15 . 2008-07-07 00:16 3,449,545 --------- C:\Rick Astley - Never Gonna Give You Up.mp3
2008-07-07 00:12 . 2008-07-07 00:13 4,775,520 --a------ C:\Jessica Simpson - I Think I'm In Love With You.mp3
2008-07-07 00:07 . 2008-07-07 00:08 5,064,411 --a------ C:\Lil Wayne ft Jay-Z - Mr Carter.mp3
2008-07-07 00:01 . 2008-07-07 00:01 6,356,632 --a------ C:\Lil Wayne ft. T-Pain - The Carter III - Got Money.mp3
2008-07-07 00:00 . 2008-07-07 00:02 4,737,210 --a------ C:\Lil Wayne - Tha Carter III - 17 - Misunderstood.mp3
2008-07-06 23:34 . 2008-07-06 23:35 5,783,971 --a------ C:\Lil Wayne - Tha Carter III - 05 - Comfortable .mp3
2008-07-06 23:34 . 2008-07-06 23:36 5,069,017 --a------ C:\Lil Wayne - Tha Carter III - 13 - Good Girl Gone Bad.mp3
2008-07-06 19:13 . 2008-07-06 19:14 6,401,341 --a------ C:\Lil Wayne - Tha Carter III - 07 - Dr. Carter.mp3
2008-07-06 19:12 . 2008-07-06 19:14 14,211,995 --a------ C:\Lil Wayne - Tha Carter III - Dont Get It.mp3
2008-07-06 19:12 . 2008-07-06 19:14 7,470,219 --a------ C:\Lil' Wayne - Tha Carter III - 10 - Let The Beat Build.mp3
2008-07-06 19:12 . 2008-07-06 19:14 6,270,886 --a------ C:\Lil Wayne - The Carter III - 07 - Playing With Fire.mp3
2008-07-06 19:12 . 2008-07-06 19:19 6,267,754 --a------ C:\Lil Wayne - Tha Carter III - Playing With Fire.mp3
2008-07-06 19:12 . 2008-07-06 19:14 6,064,413 --a------ C:\Lil Wayne - Tha Carter III - Mrs. Officer.mp3
2008-07-06 19:12 . 2008-07-06 19:14 5,147,197 --a------ C:\Lil Wayne - Tha Carter III - La La (Ft. Busta Rhymes N Brisco).mp3
2008-07-06 19:12 . 2008-07-06 19:17 3,335,716 --a------ C:\Lil Wayne - The Carter III Leak - Love Me Or Hate Me(1).mp3
2008-06-21 19:53 . 2008-06-21 19:53 <DIR> d-------- C:\iPodMusic
2008-06-21 19:52 . 2008-06-21 19:52 <DIR> d-------- C:\Program Files\iDumpPro
2008-06-21 19:52 . 2008-06-21 19:52 <DIR> d-------- C:\Program Files\Common Files\Thraex Software
2008-06-21 19:52 . 2008-06-21 19:52 1,522,155 --a------ C:\WINDOWS\iDumpPro Uninstaller.exe
2008-06-21 10:24 . 2008-06-21 10:26 <DIR> d-------- C:\Program Files\iDump

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-08 19:34 --------- d-----w C:\Documents and Settings\Dave\Application Data\LimeWire
2008-07-06 20:28 --------- d-----w C:\Program Files\LimeWire
2008-07-04 19:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-06-30 22:11 7,304 ----a-w C:\WINDOWS\TMP0001.TMP
2008-06-20 23:40 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-20 23:40 --------- d-----w C:\Program Files\SpywareBlaster
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-13 13:10 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 18:38 --------- d-----w C:\Documents and Settings\Dave\Application Data\Kensington
2008-06-11 18:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-11 18:34 --------- d-----w C:\Program Files\Kensington
2008-06-09 21:04 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-06-09 17:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-09 17:20 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-06-09 17:20 --------- d-----w C:\Documents and Settings\Dave\Application Data\SUPERAntiSpyware.com
2008-06-09 16:22 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-09 04:31 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-06-09 02:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-09 02:23 --------- d-----w C:\Program Files\Lavasoft
2008-06-06 21:47 --------- d-----w C:\Program Files\EA Games
2008-06-05 20:04 34,296 ----a-w C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-05 20:04 15,864 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-05-24 00:28 --------- d-----w C:\Program Files\iTunes
2008-05-24 00:27 --------- d-----w C:\Program Files\iPod
2008-05-24 00:25 --------- d-----w C:\Program Files\QuickTime
2008-05-24 00:25 --------- d-----w C:\Program Files\Bonjour
2008-05-16 15:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-04-23 05:19 87,608 ----a-w C:\Documents and Settings\Dave\Application Data\ezpinst.exe
2007-04-23 05:19 47,360 ----a-w C:\Documents and Settings\Dave\Application Data\pcouffin.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-02-27 11:39 1310720]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 10:37 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25 6731312]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"kmw_run.exe"="kmw_run.exe" [2006-08-03 11:47 106496 C:\WINDOWS\system32\kmw_run.exe]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-02-27 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2007-03-09 11:09 63712 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
--a------ 2005-10-05 03:12 94208 C:\Program Files\Dell\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--a------ 2005-02-23 16:19 53248 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Kensington\\MouseWorks\\k_update.exe"=

R2 NMSAccessU;NMSAccessU;C:\Program Files\iDumpPro\NMSAccessU.exe [2007-10-12 05:34]
R3 KMW_KBD;Kensington Input Devices Class filter driver;C:\WINDOWS\system32\DRIVERS\KMW_KBD.sys [2006-08-03 11:46]
S3 KMW_SYS;Kensington MouseWorks Mouse filter driver;C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys [2006-08-03 11:47]
S3 KMW_USB;Kensington MouseWorks USB filter driver;C:\WINDOWS\system32\DRIVERS\KMW_USB.sys [2006-08-03 11:47]
.
Contents of the 'Scheduled Tasks' folder
"2008-07-08 02:48:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-07-04 19:00:09 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
- - - - ORPHANS REMOVED - - - -

Toolbar-ID - (no file)
HKLM-Run-MSWheel - (no file)


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-19 17:00:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-07-19 17:06:59 - machine was rebooted [Dave]
ComboFix-quarantined-files.txt 2008-07-19 21:06:30
ComboFix2.txt 2008-04-22 01:51:32

Pre-Run: 58,548,969,472 bytes free
Post-Run: 58,780,495,872 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

197 --- E O F --- 2008-07-12 16:14:03


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:22:04 PM, on 7/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\iDumpPro\NMSAccessU.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\kmw_run.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\iDumpPro\NMSAccessU.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 4512 bytes

[Essexboy]

Could you generate a report from adaware as your log looks OK

In addition I would like you to run another scanner

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

[JPClark2323]

ok i can do that...im out of town right now until friday for work...is there anyway i could back to you on friday?

[Essexboy]

No problem I will wait

[JPClark2323]

alrite im back...thanks for waiting! heres the first scan...im doing the ad aware scan now..thanks!

Malwarebytes' Anti-Malware 1.23
Database version: 1008
Windows 5.1.2600 Service Pack 2

7:28:09 PM 7/29/2008
mbam-log-7-29-2008 (19-28-09).txt

Scan type: Quick Scan
Objects scanned: 40126
Time elapsed: 10 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[JPClark2323]

i ran adaware and it did it again...i have some kind of virus that it wont delete...this is only about half the scan because it is so long...


Scan Results
Ad-Aware 2008 Free Edition
Log File Created on:2008-07-2919:47:31
Using Definitions File:C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\core.aawdef
Computer name:DAVID
Name of user performing scan:SYSTEM
Name of user ordering scan:Dave
Scan was not completed

System Information
File Version Information
Ad-Aware 2008 Settings
Extended Ad-Aware 2008 Settings
Database Information
Scan Statistics
Scan Detailed Statistics
Infections Found
Listing of running processes
System Information
Number of processors:1
Processor type:Intel® Pentium® M processor 1.50GHz
Memory Available:26%
Total Physical Memory:527822848 Bytes
Available Physical Memory:134430720 Bytes
Total Page File Size:1288093696 Bytes
Available On Page File:803872768 Bytes
Total Virtual Memory:2147352576 Bytes
Available Virtual Memory:1915973632 Bytes
OS:Microsoft Windows XP 5.1 (Build 2600)
[to top]
File Verion Information
File Version
CEAPI.dll 7,1,0,12
aawservice.exe 7,1,0,12
Ad-Aware.exe 7.1.0.10
[to top]
Ad-Aware 2008 Settings
Skipping files larger than:1048576 Bytes
Ignoring infections with lower TAI than:3
Safe Mode:False
[to top]
Extended Ad-Aware 2008 Settings
Unload malicious processes and modules
Unload Modules
Let Windows remove files at Start-Up
Deactivate Ad-Watch
Re-analyze Scan Result
Delete Restored Items
Write Protect System Files
Create Log file
Include basic settings
Include advanced settings
Include user and computer name
Environment information
Running processes
Running processes and modules
Include info about ignored objects in log file
[to top]
Database Info
Version number:81
Build Number:0
Build Date and Time:2008/05/1506:25:49
[to top]
Scan Statistics
Method:Full

Items Scanned:100238
Infections Detected:5000
Infections Removed:0
Infections Quarantined:0
Infections Ignored:0
[to top]
Scan Detailed Statistics
Type Critical Total
Process Scan 0 0
Registry Scan 0 0
Registry PE Scan 0 0
Hosts Scan 0 0
File Scan 0 0
Folder Scan 0 0
LSP Scan 0 0
ADS Scan 0 0
Cookie Scan 135 135
File Hash Scan 4865 4865
[to top]
Infections Found
Family Id Name Category TAI
725 Tracking Cookie DataMiner 3
[600000112] Browser: Internet Explorer Cookie: C:\Documents and Settings\Dave\Cookies\index.dat live365.com SaneID /
[600000415] Browser: Internet Explorer Cookie: C:\Documents and Settings\Dave\Cookies\index.dat revsci.net NETID01 /
[600000415] Browser: Internet Explorer Cookie: C:\Documents and Settings\Dave\Cookies\index.dat revsci.net NETSEGS_J05532 /
[600000434] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt casalemedia.com CMX4 /
[600000434] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt casalemedia.com CMJ /
[600000434] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt casalemedia.com CMX2 /
[600000434] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt casalemedia.com CMID /
[600000434] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt casalemedia.com CMX3 /
[600000434] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt casalemedia.com CMPP /
[600000434] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt casalemedia.com CMS /
[600000434] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt casalemedia.com CMX1 /
[600000434] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt casalemedia.com CMPS /
[600000447] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt apmebf.com S /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETSEGS_C07583 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net rsi_segs_1000000 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net rsi_cls_1000000 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETSEGS_K05540 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETSEGS_H07710 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETSEGS_C08729 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETSEGS_J05532 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETSEGS_H07709 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETSEGS_B08725 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETSEGS_J06575 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETSEGS_K06578 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt revsci.net NETID01 /
[600000578] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt unicast.com VWCUK200 /
[600000578] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt unicast.ign.com VWCUK200 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners1181 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIFirstHit1145 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter32454 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter34577 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAILastHit1154 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIinvited1010 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIFirstHit948 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIFirstHit1022 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAICampaignCounter1022 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAICampaignCounter1154 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter33518 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter33603 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners1064 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners1022 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAICampaignCounter948 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAILastHit948 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter27091 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners948 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAICampaignCounter1093 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter26736 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter31575 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com lastInviteTime /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAILastHit1064 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAICampaignCounter1064 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIinvited1093 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIinvited1154 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIinvited1064 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIFirstHit1064 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners936 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAILastHit1093 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter28671 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter31626 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIControlCounter1154 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners1010 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAICampaignCounter1010 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAILastHit1022 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners1093 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners1154 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIinvited1171 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners1145 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter33236 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAILastHit1145 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners1171 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com lastInvite /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIControlCounter1010 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIFirstHit1093 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBanners937 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIFirstHit1154 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIControlCounter1171 /
[600000555] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt insightexpressai.com IXAIBannerCounter31627 /
[600000408] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt serving-sys.com C3 /
[600000171] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt bs.serving-sys.com eyeblaster /
[600000408] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt serving-sys.com E2 /
[600000408] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt serving-sys.com U /
[600000408] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt serving-sys.com A2 /
[600000408] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt serving-sys.com D3 /
[600000408] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt serving-sys.com B2 /
[600000415] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt ads.revsci.net rsi_us_1000000 /adserver
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt network.realmedia.com mm247 /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com RMFW /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com NXCLICK2 /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com S247 /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com RMFL /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com BCN2008020167_01_Wyndham /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com RMFM /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com SData /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com S247S /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com RMID /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realmedia.com RMFD /
[600000457] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adopt.euroclick.com HS /
[600000457] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adopt.euroclick.com LO /
[600000457] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adopt.euroclick.com CTCI /
[600000457] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adopt.euroclick.com NSC_mc-bepqu.fvspdmjdl.dpn-iuuq /
[600000457] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adopt.euroclick.com DMEXP /
[600000457] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adopt.euroclick.com UI /
[600000400] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt tacoda.net TID /
[600000400] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt tacoda.net CMP /
[600000400] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt tacoda.net Xsd /
[600000400] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt tacoda.net ANRTT /
[600000400] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt tacoda.net TData /
[600000400] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt tacoda.net Tcc /
[600000304] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt tremor.adbureau.net GUID /
[600000449] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adultfriendfinder.com __utma /
[600000449] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adultfriendfinder.com __utmz /
[600000449] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adultfriendfinder.com ffadult_tr /
[600000449] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt adultfriendfinder.com HISTORY /
[600000557] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt myfreepaysite.com __utmz /
[600000557] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt myfreepaysite.com __utma /
[600000412] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt searchportal.information.com Spusr /
[600000056] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt toteme.com tcash_product /
[600000056] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt toteme.com s /
[600000056] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt toteme.com referer /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt p-real.com s_vi /
[600000461] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt ad.uk.tangozebra.com TZID /a
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realfootball365.com __utmz /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realfootball365.com __qca /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt www.realfootball365.com exp_last_visit /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt www.realfootball365.com exp_last_activity /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realfootball365.com __utma /
[600000661] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt kontera.com imprs /
[600000661] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt kontera.com cluid /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt ads.realtechnetwork.net ajcmp /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt ads.realtechnetwork.net ajess1_4C6A8F26BEA2BC343500F832 /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realtechnetwork.net u /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt ads.realtechnetwork.net ajefc /
[600000476] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt statcounter.com session_2355067 /
[600000476] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt statcounter.com session_3477688 /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Dave\Application Data\Mozilla\Firefox\Profiles/q7530px3.default\cookies.txt realitykings.com v1st /

1701 Win32.TrojanDownloader.Wimad Malware 10
[143325] File: C:\Documents and Settings\Dave\!\shitting girls 3.avi
[143325] File: C:\Documents and Settings\Dave\!\shitting girls 4.avi
[143325] File: C:\Documents and Settings\Dave\!\shitting girls 5.avi
[143325] File: C:\Documents and Settings\Dave\!\shitting girls 6.avi
[143325] File: C:\Documents and Settings\Dave\!\shitting girls 7.avi
[143325] File: C:\Documents and Settings\Dave\!\shitting girls 8.avi
[143325] File: C:\Documents and Settings\Dave\!\[bleep] [bleep] Bang Bang - PORNFINDER -.avi
[143325] File: C:\Documents and Settings\Dave\!\[bleep] [bleep] Bang Bang XXX CVCD Spanish.avi
[143325] File: C:\Documents and Settings\Dave\!\Shizuka Ichii.avi
[143325] File: C:\Documents and Settings\Dave\!\Shizuka Watanabe debut.avi
[143325] File: C:\Documents and Settings\Dave\!\SHL_MM.avi
[143325] File: C:\Documents and Settings\Dave\!\Shock A Zulu.wmv black guy with chicks.avi
[143325] File: C:\Documents and Settings\Dave\!\Shocking Matures AliceJerry(videos)porn.orge.pl.avi
[143325] File: C:\Documents and Settings\Dave\!\shocking pre-teen anal.mov.avi
[143325] File: C:\Documents and Settings\Dave\!\Shocking Stockings XX DivX Pr0nStarS.avi
[143325] File: C:\Documents and Settings\Dave\!\Shocking Teens - Hot Pussy Stretching.avi
[143325] File: C:\Documents and Settings\Dave\!\Shocking Teens - Raped by two big Cocks.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Shocking Teens - Tight Anal [bleep].wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Shooter.2007.REAL.PROPER.TS.XViD.Swesub-AkilleZ.avi
[143325] File: C:\Documents and Settings\Dave\!\Shopping in South Beach -Flower Tucci.avi
[143325] File: C:\Documents and Settings\Dave\!\Short And Sleazy XX Hardcore.avi
[143325] File: C:\Documents and Settings\Dave\!\Short clip Girl gets [bleep]ed aboard a plane.avi
[143325] File: C:\Documents and Settings\Dave\!\Short clip of Fay Parker from Taboo.avi
[143325] File: C:\Documents and Settings\Dave\!\Short clip Sleeping girl [bleep]ed.avi
[143325] File: C:\Documents and Settings\Dave\!\Short clip The cutest girl on the planet.avi
[143325] File: C:\Documents and Settings\Dave\!\Short clip Three teen lolitas squirting jucies.avi
[143325] File: C:\Documents and Settings\Dave\!\Short One In Bathroom.avi
[143325] File: C:\Documents and Settings\Dave\!\Shorter cum and teen clips 1.avi
[143325] File: C:\Documents and Settings\Dave\!\Shortest [bleep] movie in the world.avi
[143325] File: C:\Documents and Settings\Dave\!\Shorty.Iz.[bleep]in.Yo.Mama.2.DVD-Rip.Xvid-Mp3.ingles.avi
[143325] File: C:\Documents and Settings\Dave\!\Shorty.Iz.[bleep]in.Yo.Mama.2.XX viD.avi
[143325] File: C:\Documents and Settings\Dave\!\Shoulder Riding 2007-09--2008-02.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #1-#13_#15-#17.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #1.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #10.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #11.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #12.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #13.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #16.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #17.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #2.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #3.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #4.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #5.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #6.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #7.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #8.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku #9.avi
[143325] File: C:\Documents and Settings\Dave\!\Shounen Ai no Bigaku 15.avi
[143325] File: C:\Documents and Settings\Dave\!\Shove It Up My 3 XX Anal.avi
[143325] File: C:\Documents and Settings\Dave\!\Shoving a basketball into her tight pussy.avi
[143325] File: C:\Documents and Settings\Dave\!\show 3 girls hot sexe toys in pussy and finger.avi
[143325] File: C:\Documents and Settings\Dave\!\Show De Bolla.avi
[143325] File: C:\Documents and Settings\Dave\!\Show Me Gape.avi
[143325] File: C:\Documents and Settings\Dave\!\Showbaben_from_Sweden.rar.avi
[143325] File: C:\Documents and Settings\Dave\!\shower blowjob. Friend video tapes us in shower. Good blowjob!(H.avi
[143325] File: C:\Documents and Settings\Dave\!\Shower [bleep] - chick sux and fux in public shower.avi
[143325] File: C:\Documents and Settings\Dave\!\Shower Spycam - Carmen - WatchAZGirls.com - avi.avi
[143325] File: C:\Documents and Settings\Dave\!\Shower Spycam - Carmen - WatchAZGirls.com - mov.avi
[143325] File: C:\Documents and Settings\Dave\!\Showing off my hot girlfriend.avi
[143325] File: C:\Documents and Settings\Dave\!\Showtime - Pulp - PORNFINDER -.avi
[143325] File: C:\Documents and Settings\Dave\!\Showtime.avi
[143325] File: C:\Documents and Settings\Dave\!\Shoyonoid Makottchan.avi
[143325] File: C:\Documents and Settings\Dave\!\Shu Qi (Hsu Chi) - Unique Girl Taiwanese Soft Porn.avi
[143325] File: C:\Documents and Settings\Dave\!\Shu Qi (Hsu Chi) - Unique Girl Taiwanese Soft Pornuncorrupt.avi
[143325] File: C:\Documents and Settings\Dave\!\Shu Qi - Dreaming Naked Show.avi.avi
[143325] File: C:\Documents and Settings\Dave\!\Shugar.avi
[143325] File: C:\Documents and Settings\Dave\!\Shugarn Mature mam with JJ Huge Boobs.avi
[143325] File: C:\Documents and Settings\Dave\!\Shuri Himesaki - Endless Semen.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Shuri Himesaki.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Shuri Panty runaway.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Shuri Tit Sharking.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\SHUSAKU 1.avi
[143325] File: C:\Documents and Settings\Dave\!\Shut Up And [bleep] Me McX-PORNOLATiON.avi
[143325] File: C:\Documents and Settings\Dave\!\Shut.Up.And.Blow.Me!.DVDR.NTSC_-_AngryLocal.avi
[143325] File: C:\Documents and Settings\Dave\!\Shut.Up.And.[bleep].Me.White.Boy.2.English.XX viD.avi
[143325] File: C:\Documents and Settings\Dave\!\Shuttle Japan Bukkake Summit #17.avi
[143325] File: C:\Documents and Settings\Dave\!\Shuttle Japan Bukkake Summit #18.avi
[143325] File: C:\Documents and Settings\Dave\!\Shuttle Japan Bukkake.avi
[143325] File: C:\Documents and Settings\Dave\!\SHVDDL-84.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\shy agnes18 gets naked anyway.avi
[143325] File: C:\Documents and Settings\Dave\!\shy amateur collegebookworm hardcore doubleplugged.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy Asian Teen Violated and Dripping Wet Pussy Makes a Mess.avi
[143325] File: C:\Documents and Settings\Dave\!\shy but horny babe gets naked from 18club.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy girl Gangbang.avi
[143325] File: C:\Documents and Settings\Dave\!\shy girl sucking dick.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy Laren Striptease.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy Love - POV Centerfolds 3.avi
[143325] File: C:\Documents and Settings\Dave\!\shy love anal.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy Love from BabyGotBoobs.com.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy Love sucking dick from her knees.avi
[143325] File: C:\Documents and Settings\Dave\!\shy models turned into [bleep] whores - young models casting.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy Pigtailed Euro Teeny AGNESS Gets Her Tiny [bleep] Stretched.avi
[143325] File: C:\Documents and Settings\Dave\!\shy russian teen larisa masturbates -ARKAN.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy Teen Auditions For Porn.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy Virgin Bristish amateur Teens Home alone [bleep].avi
[143325] File: C:\Documents and Settings\Dave\!\Shy wife takes 2 black men.avi
[143325] File: C:\Documents and Settings\Dave\!\Shy Wife Using Vibrator on Webcam.avi
[143325] File: C:\Documents and Settings\Dave\!\shyamali-malakar-home-video-with-ex-boyfriend.zip.avi
[143325] File: C:\Documents and Settings\Dave\!\Shyla clit rub.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\shyla haze - Booty Call 4.avi
[143325] File: C:\Documents and Settings\Dave\!\Shyla Styles SharingMyWife.avi
[143325] File: C:\Documents and Settings\Dave\!\Shyla Styles.avi
[143325] File: C:\Documents and Settings\Dave\!\Shyla Stylez - Asses in Public.mpg.avi
[143325] File: C:\Documents and Settings\Dave\!\Shyla Stylez amp; Lexington Steel.avi
[143325] File: C:\Documents and Settings\Dave\!\Shyla Stylez [bleep]s and sucks on sink.avi
[143325] File: C:\Documents and Settings\Dave\!\Shyra (Extremely hot chick).avi
[143325] File: C:\Documents and Settings\Dave\!\Shyra BIG TITS and ROUND [bleep] Must See NOW.avi
[143325] File: C:\Documents and Settings\Dave\!\shyteacherspet -AllaurA.avi
[143325] File: C:\Documents and Settings\Dave\!\siane, the seductress.avi
[143325] File: C:\Documents and Settings\Dave\!\Sibel Kekilli Aka Dilara ( bekannt aus TV ) - Ihre Geilsten Acts.avi
[143325] File: C:\Documents and Settings\Dave\!\Sick [bleep].asf.avi
[143325] File: C:\Documents and Settings\Dave\!\Sid Deuce MegaPost.avi
[143325] File: C:\Documents and Settings\Dave\!\side9plus 4jan05 Ann Marie.avi
[143325] File: C:\Documents and Settings\Dave\!\Sidney Moon 03.mov.avi
[143325] File: C:\Documents and Settings\Dave\!\Sidney Moon.rar.avi
[143325] File: C:\Documents and Settings\Dave\!\Sidney Moon2.rar.avi
[143325] File: C:\Documents and Settings\Dave\!\Sienna Miller beautiful tits sex caught on camera.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Sienna West and Alexis Love.avi
[143325] File: C:\Documents and Settings\Dave\!\Sienna_West_-_BigTitsAtWork__5_14_07_-piger.free.fr-rlp.4_mobile.avi
[143325] File: C:\Documents and Settings\Dave\!\Sienna_West_-_BigTitsAtWork__5_14_07_-piger.free.fr-x264.avi
[143325] File: C:\Documents and Settings\Dave\!\sierra black, big boobs, bbw virtual sex perspective.mpg.avi
[143325] File: C:\Documents and Settings\Dave\!\Sierra in the movie Gangland White Boy Stomp.avi
[143325] File: C:\Documents and Settings\Dave\!\Sierra Virtual Sex .FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Sierra-Sex on Airplane.avi
[143325] File: C:\Documents and Settings\Dave\!\Silent.Night.XX viD-DivXfacTory.avi
[143325] File: C:\Documents and Settings\Dave\!\Silhouette and Ben.avi
[143325] File: C:\Documents and Settings\Dave\!\SILICONE INFERNO -skinny milf with HUGE BOOBS getting pussy li.avi
[143325] File: C:\Documents and Settings\Dave\!\Silk Mocha Pies (Syndee Capri) XX Black.avi
[143325] File: C:\Documents and Settings\Dave\!\Silkeborg Gymnasium.avi
[143325] File: C:\Documents and Settings\Dave\!\Silky Smooth-All Star Latinas.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint Cherry Jul.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint Rumica Power anal sex.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint - Ace In The Hole.avi.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint - Masturbation.mpeg.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint - Rocco Best Butt Fuc.avi.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint - Sylvia Does It Again.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint - The Academy 2004 www1.descargasweb.net.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint - The Academy 2004.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint And Nacho Vidal In Brasil XXX.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint At Jail.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia saint foot fetish.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint [bleep]ing Then Facial Cum.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint in Pink Stockings.avi
[143325] File: C:\Documents and Settings\Dave\!\silvia saint movies.zip.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint y sus Amigas 2005Spanish.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint Y Sus Amigas DVD XviD MP3 XXX.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Saint(.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Shon sexy fox posing topless with her gun drawn.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia Sylvia Saint magnificent blonde.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Silvia_Saint_Masturbating.mpg.avi
[143325] File: C:\Documents and Settings\Dave\!\Simona Sexy Employee.avi
[143325] File: C:\Documents and Settings\Dave\!\Simona-03 - Sexy Employee.avi
[143325] File: C:\Documents and Settings\Dave\!\Simone Shine aka Nadezda.avi
[143325] File: C:\Documents and Settings\Dave\!\simone-fullscene.avi
[143325] File: C:\Documents and Settings\Dave\!\Simone. Cutie, [bleep] then swallow.avi
[143325] File: C:\Documents and Settings\Dave\!\Simone.avi
[143325] File: C:\Documents and Settings\Dave\!\simone18.com-girls18-video01.avi
[143325] File: C:\Documents and Settings\Dave\!\Simones Hausbesuche 45.avi
[143325] File: C:\Documents and Settings\Dave\!\SIMONY DIAMOND - Cum Hungry Leave Full.avi
[143325] File: C:\Documents and Settings\Dave\!\SIMONY DIAMOND - DPFanatics.avi
[143325] File: C:\Documents and Settings\Dave\!\Simony Diamond Hardcore.avi
[143325] File: C:\Documents and Settings\Dave\!\SIMONY DIAMOND.avi
[143325] File: C:\Documents and Settings\Dave\!\simonydiamond-gft-v40038-399.avi.avi
[143325] File: C:\Documents and Settings\Dave\!\Simpe [bleep]s E01 Daisy And Cheyne HD-wmv1280x720.avi
[143325] File: C:\Documents and Settings\Dave\!\SIMPLE 18Volume 2.avi
[143325] File: C:\Documents and Settings\Dave\!\Simplemente 18 Tan Jovenes Y Tan Zorras DVD XviD MP3 XXX 2005.avi
[143325] File: C:\Documents and Settings\Dave\!\Simplemente.18.Chocolate.Para.Adolescentes.Spanish.DVD.XviD.MP.avi
[143325] File: C:\Documents and Settings\Dave\!\SIMPLY 18 Volume 3.avi
[143325] File: C:\Documents and Settings\Dave\!\Simpson Twins - Bed and Breakfast.avi
[143325] File: C:\Documents and Settings\Dave\!\Simpson Twins - Cleaning Crew.avi
[143325] File: C:\Documents and Settings\Dave\!\Simpson Twins - Meet The Miltons.avi
[143325] File: C:\Documents and Settings\Dave\!\Simpson Twins - Milton Mania.avi
[143325] File: C:\Documents and Settings\Dave\!\Sin City Teen.avi
[143325] File: C:\Documents and Settings\Dave\!\Sindee Jennings - 18yearsold.avi
[143325] File: C:\Documents and Settings\Dave\!\Sindee Jennings Squirts Everywhere Hottest Clip Ever.avi
[143325] File: C:\Documents and Settings\Dave\!\SindeeJ_2HRBT1.avi
[143325] File: C:\Documents and Settings\Dave\!\Sindee_soak_me_sindee_big.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Sindy wird in alle öffnungen genommen.avi
[143325] File: C:\Documents and Settings\Dave\!\Sindy_Zigi-Zigi.com.avi.avi
[143325] File: C:\Documents and Settings\Dave\!\Sinfully.Sexy.XX 264-ShAQ.avi
[143325] File: C:\Documents and Settings\Dave\!\Singapore (Friend Naked 01)..FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Singapore - Chio bu staying below me changing.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Singapore - School Girl Petting With Boyfriend In Room.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Singapore - Suntec Toilet Hidden Cam.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Singapore girl naked in bath.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Singapore peep nude in kitchen.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Singapore Sin - Kitty, Mya Luanna, Lilly Thai, Kina Kai, Paris W.avi
[143325] File: C:\Documents and Settings\Dave\!\Singapore_peep (full version).avi
[143325] File: C:\Documents and Settings\Dave\!\Sinners.1.XX viD-PLEASURE ANAL.avi
[143325] File: C:\Documents and Settings\Dave\!\Sins of the flesh.avi
[143325] File: C:\Documents and Settings\Dave\!\sisblast.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Sissy Guy gets slaped and [bleep]ed by his girl.avi
[143325] File: C:\Documents and Settings\Dave\!\Sista 20.avi
[143325] File: C:\Documents and Settings\Dave\!\Sista 22.avi
[143325] File: C:\Documents and Settings\Dave\!\Sister In Kitchen.avi
[143325] File: C:\Documents and Settings\Dave\!\Sister seduces brother .must seee!!.avi
[143325] File: C:\Documents and Settings\Dave\!\sister takes off pajama bottom masturbates hidden cam (complet.avi
[143325] File: C:\Documents and Settings\Dave\!\sister takes off pajama bottoms masturbates.mpg.avi
[143325] File: C:\Documents and Settings\Dave\!\Sister Taking it Hard From Her Brother.avi
[143325] File: C:\Documents and Settings\Dave\!\Sisters - 2 sisters get drunk and party with 2 guys.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Sisters - Britney and Whitney Stevens.avi
[143325] File: C:\Documents and Settings\Dave\!\Sisters 18 year old best mate.avi
[143325] File: C:\Documents and Settings\Dave\!\Sisters and twins.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Sisters Sharing their First Lesbian Sex Experience.avi
[143325] File: C:\Documents and Settings\Dave\!\Sisters Wedding Night.avi
[143325] File: C:\Documents and Settings\Dave\!\Sisters WhitneyBritney.avi
[143325] File: C:\Documents and Settings\Dave\!\Site Rip 061212.avi
[143325] File: C:\Documents and Settings\Dave\!\Site rip of members slutfacials deluxepass com.avi
[143325] File: C:\Documents and Settings\Dave\!\SITE-RIP .mpg.avi
[143325] File: C:\Documents and Settings\Dave\!\SITERIP Americandaydreams 091006.avi
[143325] File: C:\Documents and Settings\Dave\!\Siterip of young2k com members area.avi
[143325] File: C:\Documents and Settings\Dave\!\Siterip www Milena-Velba com 03.10.06 by FrEaKaZoId111.avi
[143325] File: C:\Documents and Settings\Dave\!\SiteRip www.virginoff.com 2007-01-03.avi
[143325] File: C:\Documents and Settings\Dave\!\Six Mature Clips.avi
[143325] File: C:\Documents and Settings\Dave\!\Size Queens Vol.2 XX All Sex.avi
[143325] File: C:\Documents and Settings\Dave\!\Sizzling-Salsahot xxx!.avi
[143325] File: C:\Documents and Settings\Dave\!\sjodin.avi
[143325] File: C:\Documents and Settings\Dave\!\Sju.Skona.Skjut.2008.XXX.PAL.SWEDISH.COMPLETE.DVDR-HiV.avi
[143325] File: C:\Documents and Settings\Dave\!\skandal.avi
[143325] File: C:\Documents and Settings\Dave\!\Skandalen.avi
[143325] File: C:\Documents and Settings\Dave\!\Skin #2.avi
[143325] File: C:\Documents and Settings\Dave\!\SKIN DANCE.avi
[143325] File: C:\Documents and Settings\Dave\!\Skin.2.XX viD-DivXfacTory.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinney redhead teen.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Black Girl Riding HUGE Dick-TII4p.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny blonde in HOT homemade sex.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Blonde [bleep] With Small Tits Going Crazy With [bleep].avi
[143325] File: C:\Documents and Settings\Dave\!\skinny college amateur [bleep]ed oral, anal vaginal.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny cute [bleep]ed in a gym by 2 guys.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny danish Maria.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny euro teens - Smala euro ungdomar blir knullade.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Euro Teens VERY HOT !.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny French Teen.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny German girl - Sex Chaos bei Familie Dauergeil.avi.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny girl blowjob.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny girl blowjob2.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Mature Shorthair [bleep].FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\skinny petite teen gets injected by 2 huge cocks.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Puppy - University Girl.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Puppys - New Chick.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny rascist German skank.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Russain girl Ivana strip and [bleep] with her boyfriend.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Sloppy [bleep] Slurping, Spitting, and Sucking.avi
[143325] File: C:\Documents and Settings\Dave\!\skinny teen vs monstercock.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Teen With Natural Big Tits Gets [bleep]ed in Restroom.wmv.wm.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny teenager amateur strip show.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny teens - 2 young girls [bleep]ing outdoor (HOT).avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny Young [bleep].avi
[143325] File: C:\Documents and Settings\Dave\!\skinnysexy teen larissa [bleep][bleep]ed.avi
[143325] File: C:\Documents and Settings\Dave\!\SkinnyTGirl.avi
[143325] File: C:\Documents and Settings\Dave\!\Skinny_Puppy_Homemade_Newchick.rar.avi
[143325] File: C:\Documents and Settings\Dave\!\Skirt Lifting Vol.1.avi
[143325] File: C:\Documents and Settings\Dave\!\Skirt_Lifting_Japan_Vol2 Extras.rar.avi
[143325] File: C:\Documents and Settings\Dave\!\Sklavin Barbara.avi
[143325] File: C:\Documents and Settings\Dave\!\Skull [bleep]ing.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Angel - Kana Shimada.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Angel sex girl Atsumi Katou.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Angel Vol. 56 - Risa SKY-093.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Angel Vol.47 - Ririka SKY-081.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Angel Vol.59 - Rika Sakurai SKY-096.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky High - Sky Angel Vol. 58 - MIMI SKY-095.avi
[143325] File: C:\Documents and Settings\Dave\!\SKY HIGH Sky Angel Vol. 34 - Hotaru Akane(Uncensored ).avi
[143325] File: C:\Documents and Settings\Dave\!\Sky High-scand.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky lopez Buttman.avi
[143325] File: C:\Documents and Settings\Dave\!\SKY LOPEZ - Stripping and Masturbation.rar.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Lopez Anal with SCREENS link.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Lopez big tits pornstar nice scene(.avi
[143325] File: C:\Documents and Settings\Dave\!\sky lopez ddp.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky lopez Dez dirty.avi
[143325] File: C:\Documents and Settings\Dave\!\sky lopez lesbian [bleep].avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Lopez Nurse [bleep]ed in all holes by lucky patient.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Lopez Painted As A Wild Cat.FFF.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Lopez Porn.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Lopez Real Esate agent [bleep]s client in her office!.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky Lopez Weekend.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky.avi
[143325] File: C:\Documents and Settings\Dave\!\SkyAngel Rui Aikawa.avi
[143325] File: C:\Documents and Settings\Dave\!\Skylar from Bigmouthfuls.com.avi
[143325] File: C:\Documents and Settings\Dave\!\Skylar Knight in Asian Street Hookers.avi
[143325] File: C:\Documents and Settings\Dave\!\Skys day off - Sky Lopez.avi.avi
[143325] File: C:\Documents and Settings\Dave\!\Skyy - Mega Butts 18.wmv.avi
[143325] File: C:\Documents and Settings\Dave\!\Sky_Angel_Vol.27.avi
[143325] File: C:\Documents and Settings\Dave\!\Skånsk kuksugerska från palladium (swe).avi
[143325] File: C:\Documents and Settings\Dave\!\Skånsk kuksugerska från palladium.avi
[143325] File: C:\Documents and Settings\Dave\!\Skånsk porr-audition.avi

[Essexboy]

Hmm don't know why combofix didn't hit that

Please download ATF Cleaner by Atribune.
This program is for XP, Vista and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

THEN

1. Please open Notepad

• Click Start , then Run
• Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Folder::
C:\Documents and Settings\Dave\!

3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES

4. Save the above as CFScript.txt

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.




5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

• Combofix.txt
• A new HijackThis log.

[JPClark2323]

ComboFix 08-07-19.1 - Dave 2008-07-30 18:18:49.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.195 [GMT -4:00]
Running from: C:\Documents and Settings\Dave\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Dave\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Dave\!
C:\Documents and Settings\Dave\!\Våldtäktsmän i Motala.avi
C:\Documents and Settings\Dave\!\Våran fysiklärare Hasse.avi
C:\Documents and Settings\Dave\!\världens första porrfilm.mpeg.avi
C:\Documents and Settings\Dave\!\vivian18 gets naked in her tub in this video.avi
C:\Documents and Settings\Dave\!\vivian18 in her living room naked.avi
C:\Documents and Settings\Dave\!\vivian18 in her skimpy undies.avi
C:\Documents and Settings\Dave\!\Vivianne Bonus Bj - Very Hot !.avi
C:\Documents and Settings\Dave\!\vivica-fox-porn-scene-with-will-smith.zip.avi
C:\Documents and Settings\Dave\!\Vivica Charms In Teens.avi
C:\Documents and Settings\Dave\!\Vivica fox sex tape comming soon.avi
C:\Documents and Settings\Dave\!\Vivid-bad girls 9.avi
C:\Documents and Settings\Dave\!\Vivid - All Star Teens - Porn XXX.avi
C:\Documents and Settings\Dave\!\Vivid - And The Winner Is Taylor Hayes (Taylor Hayes, Raylene,.avi
C:\Documents and Settings\Dave\!\Vivid - Room Servicing (Devon, Chloe).avi
C:\Documents and Settings\Dave\!\Vivid Girl Of The Mounth Tia Bella Dr.avi
C:\Documents and Settings\Dave\!\Vivid Girls-How to Have a XXX Sex Life The Ultimate Vivid Guide.avi
C:\Documents and Settings\Dave\!\Vivid porn bloopers..FFF.avi
C:\Documents and Settings\Dave\!\Vivid Tease Me CD1.avi.avi
C:\Documents and Settings\Dave\!\VIVID.Faraway.2004.ShareConnector.avi.avi
C:\Documents and Settings\Dave\!\Vivids Private Reserve.avi
C:\Documents and Settings\Dave\!\Vivien masturbating herself very hard part 1.avi
C:\Documents and Settings\Dave\!\Vivien masturbating herself very hard part 2.avi
C:\Documents and Settings\Dave\!\Vivre sa Vie - Godard - 1962 - Francais.avi.avi
C:\Documents and Settings\Dave\!\VixenSilver.avi
C:\Documents and Settings\Dave\!\Vizontele.Tuuba.2004.PAL.DVDR.Turkish-BuZ.avi
C:\Documents and Settings\Dave\!\Vladmodel Vika Video.avi
C:\Documents and Settings\Dave\!\vlads 3 custom sets y120.avi
C:\Documents and Settings\Dave\!\Voeyur- Russian teen model.avi
C:\Documents and Settings\Dave\!\Vogue Vol.1.avi
C:\Documents and Settings\Dave\!\Vogue Vol.11.avi
C:\Documents and Settings\Dave\!\Vogue Vol.7.avi
C:\Documents and Settings\Dave\!\vol1.avi
C:\Documents and Settings\Dave\!\VolleyBALL HONEYS.avi
C:\Documents and Settings\Dave\!\Voluptuous babe with sexy tits get golden shower from couple.avi
C:\Documents and Settings\Dave\!\Voluptuous Xtra 6 - Big Busty Babes boned hard.avi
C:\Documents and Settings\Dave\!\Vomit - Facial- Hazel.FFF.avi
C:\Documents and Settings\Dave\!\Voracious.avi
C:\Documents and Settings\Dave\!\Vouyer Media - Frosty Finish.avi
C:\Documents and Settings\Dave\!\voyazteca 2.avi
C:\Documents and Settings\Dave\!\Voyer Videos 1.avi
C:\Documents and Settings\Dave\!\Voyer Videos 2.avi
C:\Documents and Settings\Dave\!\Voyer Videos 3.avi
C:\Documents and Settings\Dave\!\Voyer Videos 4.avi
C:\Documents and Settings\Dave\!\Voyeur- Teen [bleep] shaving.avi
C:\Documents and Settings\Dave\!\Voyeur- Topless girl at beach.FFF.avi
C:\Documents and Settings\Dave\!\Voyeur- xray pool..FFF.avi
C:\Documents and Settings\Dave\!\Voyeur-Russian Locker Room.FFF.avi
C:\Documents and Settings\Dave\!\Voyeur-Russian pee.FFF.avi
C:\Documents and Settings\Dave\!\Voyeur - Blond-Rose Panty .FFF.avi
C:\Documents and Settings\Dave\!\voyeur - blonde milf flashing fingering [bleep] pussy in public.avi
C:\Documents and Settings\Dave\!\Voyeur - couple has sex in underground parking.avi
C:\Documents and Settings\Dave\!\Voyeur - Girls caught masturbating (12 clips pick amp; choose).avi
C:\Documents and Settings\Dave\!\Voyeur - Hidden cam in womens lockerroom.avi
C:\Documents and Settings\Dave\!\Voyeur - Nudist beach.avi
C:\Documents and Settings\Dave\!\Voyeur - Schoolgirls showering (hidden cam).avi
C:\Documents and Settings\Dave\!\Voyeur - Sleeping girls ( 9 clips pick amp; choose ).avi
C:\Documents and Settings\Dave\!\Voyeur (Ir) Xcam X-Ray Xray Swim Comp 17.12Min.FFF.avi
C:\Documents and Settings\Dave\!\Voyeur 19yo Coed Julie Nude After Shower.avi
C:\Documents and Settings\Dave\!\Voyeur 700beach pictures.avi
C:\Documents and Settings\Dave\!\Voyeur Camera Cachée Nightshot.FFF.avi
C:\Documents and Settings\Dave\!\voyeur hidden cam.FFF.avi
C:\Documents and Settings\Dave\!\voyeur hidden public shower cam - korean.FFF.avi
C:\Documents and Settings\Dave\!\Voyeur Massage Room 7.FFF.avi
C:\Documents and Settings\Dave\!\Voyeur masturbating women.avi
C:\Documents and Settings\Dave\!\Voyeur MILF 2.avi
C:\Documents and Settings\Dave\!\voyeur nightshot - hidden - friend screwing drunk girlfriend.avi
C:\Documents and Settings\Dave\!\voyeur porn.avi
C:\Documents and Settings\Dave\!\Voyeur scat - Japanese girlswomen dropping monster dumps (hidde.avi
C:\Documents and Settings\Dave\!\Voyeur Teen Beach Nonude I.avi
C:\Documents and Settings\Dave\!\Voyeur Teen Beach Nonude II.avi
C:\Documents and Settings\Dave\!\Voyeur Teen Beach Nonude III.avi
C:\Documents and Settings\Dave\!\Voyeur Teen Beach Nonude IV.avi
C:\Documents and Settings\Dave\!\Voyeur Teen Lynn Nude After Shower Part2.avi
C:\Documents and Settings\Dave\!\Voyeur Teen Lynn Nude After Shower Part3.avi
C:\Documents and Settings\Dave\!\Voyeur Teen Lynn nude masturbating after shower.avi
C:\Documents and Settings\Dave\!\Voyeur video of sex between manager and employee.avi
C:\Documents and Settings\Dave\!\Voyeur.MILF.2.EngliSh.XX viD-.avi
C:\Documents and Settings\Dave\!\voyeur_indonesian girl filmed masturbating.FFF.avi
C:\Documents and Settings\Dave\!\VoyeurAsian Naniwa - Hidden Cam Locker Room.avi
C:\Documents and Settings\Dave\!\VoyeurAsian Peeping Holes Models Dressing And Toilet.avi
C:\Documents and Settings\Dave\!\Voyeurs - Best Anal Cocksuckers - 2 - PORNFINDER -.avi
C:\Documents and Settings\Dave\!\Voyeurwindow - cofeeshop.avi
C:\Documents and Settings\Dave\!\Voyeurwindow - In the hood.avi
C:\Documents and Settings\Dave\!\voymaster spycam xray.FFF.avi
C:\Documents and Settings\Dave\!\VU_Private_Amateur_Teenager_sex.mpg.avi
C:\Documents and Settings\Dave\!\w07d010v001 - Bring Um Young 19.avi
C:\Documents and Settings\Dave\!\W4B - Vicky - Ice Lolly amp; Honey 720p.avi
C:\Documents and Settings\Dave\!\Wacky Ned - Simpons Erotica Volume 1.avi
C:\Documents and Settings\Dave\!\Wacky Ned - Simpsons Erotica Volume1.avi
C:\Documents and Settings\Dave\!\wadatsumi_1-2_by .rar.avi
C:\Documents and Settings\Dave\!\Wadd The Life and Times of John C. Holmes(1999).avi
C:\Documents and Settings\Dave\!\Wallys Surprise.avi
C:\Documents and Settings\Dave\!\Wanda Curtis 1 Hotties.avi
C:\Documents and Settings\Dave\!\Wanda Curtis 2 Hotties.avi
C:\Documents and Settings\Dave\!\WandaS Nylon Feet And High Heels.FFF.avi
C:\Documents and Settings\Dave\!\Wanna Tijuana - Scene 10 - 701kbps.wmv.avi
C:\Documents and Settings\Dave\!\Wanna Wank.avi
C:\Documents and Settings\Dave\!\Warm Pink XX Hardcorewww.sex com.avi
C:\Documents and Settings\Dave\!\warm pussy ready to play.avi
C:\Documents and Settings\Dave\!\Warmes Dortmunder Goldwasser.avi
C:\Documents and Settings\Dave\!\WARNING GAY PORNBrent [bleep]s Logan (CorbinFisher.com).avi
C:\Documents and Settings\Dave\!\WARNING GAY PORNJR jerks cums all over (13 HOT CLIPS).avi
C:\Documents and Settings\Dave\!\Washing Machine Fun.avi
C:\Documents and Settings\Dave\!\Wasted Youth - 3 PORNFINDER -.avi
C:\Documents and Settings\Dave\!\Wasted Youth 3 XX Teen.avi
C:\Documents and Settings\Dave\!\Wasted.Youth.3-.avi
C:\Documents and Settings\Dave\!\Wasted.Youth.5.English.XX viD.avi
C:\Documents and Settings\Dave\!\Watch-us-[bleep]- 2006-02-17 Snowboarding.avi
C:\Documents and Settings\Dave\!\Watch Drunk Teen Girls Exploited And [bleep]ed.avi
C:\Documents and Settings\Dave\!\Watch Krystal Steal Now.avi
C:\Documents and Settings\Dave\!\Watch me [bleep] your friend.avi
C:\Documents and Settings\Dave\!\watch me [bleep] your wife.avi
C:\Documents and Settings\Dave\!\Watch ME Have Sex With YOUR Girlfriend!.avi
C:\Documents and Settings\Dave\!\watch mebang your wife _ reality pornpure HD quality.avi
C:\Documents and Settings\Dave\!\Watch my wife give head.avi
C:\Documents and Settings\Dave\!\watch sweet vivian18 take her clothes off.avi
C:\Documents and Settings\Dave\!\Watch Them Shoot DVD Especially for woman man masterbate handjob.avi
C:\Documents and Settings\Dave\!\watch this blonde play with her pussy.avi
C:\Documents and Settings\Dave\!\watch this lovers [bleep].avi
C:\Documents and Settings\Dave\!\Watch this very attractive blonde strip for you and then pleasur.avi
C:\Documents and Settings\Dave\!\Watch Us [bleep] - Colletion.avi
C:\Documents and Settings\Dave\!\Watch Us [bleep] - We Like to Lube.avi
C:\Documents and Settings\Dave\!\Watch us [bleep]ing Homemade video for Valentins day.avi
C:\Documents and Settings\Dave\!\watch your girldfriend -bestial - xxx [bleep] [bleep] muie lesbi viol.avi
C:\Documents and Settings\Dave\!\Watch4Beauty- Vicky - China Wood Oil 2007 HDV 720p.avi
C:\Documents and Settings\Dave\!\Watch4Beauty - Danae A aka Gina - Sunrays HD 720p.avi
C:\Documents and Settings\Dave\!\Watch4Beauty - Sonia - Darksome 2007 HDV 720p.avi
C:\Documents and Settings\Dave\!\Watch4Beauty Zoe - Workday 2007 HDV 720p.avi
C:\Documents and Settings\Dave\!\water905.avi.avi
C:\Documents and Settings\Dave\!\Waterbondage - 8 Scenes Porn XXX.avi
C:\Documents and Settings\Dave\!\Waterbondage Madison Bound Spread Eagle (Dildo Cold Water)wmv.avi
C:\Documents and Settings\Dave\!\Waterbondage Star Bound Spread Eagle (Dildo Cold Water)wmv.avi
C:\Documents and Settings\Dave\!\Watersports porn blooper.avi
C:\Documents and Settings\Dave\!\Wave VideoNight Nurses.avi
C:\Documents and Settings\Dave\!\Waver II.avi
C:\Documents and Settings\Dave\!\Waver III.avi
C:\Documents and Settings\Dave\!\Way of The Dragon XviD-DETOXATiON.avi
C:\Documents and Settings\Dave\!\wb-hc-clip-13.avi.avi
C:\Documents and Settings\Dave\!\wb-hc-clip-15.avi.avi
C:\Documents and Settings\Dave\!\wb-hc-fm-clip-1.wmv.avi
C:\Documents and Settings\Dave\!\wb-hc-hot-1.avi.avi
C:\Documents and Settings\Dave\!\wb-hc-nurse-clip-1.AVI.avi
C:\Documents and Settings\Dave\!\wb-hc-nurse-clip-2.AVI.avi
C:\Documents and Settings\Dave\!\wb-hc-nurse-clip-3.AVI.avi
C:\Documents and Settings\Dave\!\wb-hc-nurse-clip-4-5.avi.avi
C:\Documents and Settings\Dave\!\wb-lez-clip-1.avi
C:\Documents and Settings\Dave\!\wb-solo-clip-alex.avi.avi
C:\Documents and Settings\Dave\!\We All Scream For [bleep] Cream - PORNFINDER -.avi
C:\Documents and Settings\Dave\!\we are just dirty swingers - younger couple vs older couple.avi
C:\Documents and Settings\Dave\!\We [bleep] Em Young 2 XX Legal Teen- All Sex.avi
C:\Documents and Settings\Dave\!\We Like To Watch Young Girls XX Teens.avi
C:\Documents and Settings\Dave\!\We Live Together - Audrianna Cuming Party.mpg.avi
C:\Documents and Settings\Dave\!\We Live Together - Clit Raider.mpg.avi
C:\Documents and Settings\Dave\!\We Live Together - Dina - Spanish Lesson.mpg.avi
C:\Documents and Settings\Dave\!\We Live Together - Lexi (full).mpg.avi
C:\Documents and Settings\Dave\!\We live Together - Mary Strawberry.avi
C:\Documents and Settings\Dave\!\we live together - penny - triple hitter.mpg.avi
C:\Documents and Settings\Dave\!\We Swallow 5.avi
C:\Documents and Settings\Dave\!\We Want to Violate a Popular Friends Mother-JAPANESE.avi
C:\Documents and Settings\Dave\!\We.[bleep].Em.Young.XX Gonzo.avi
C:\Documents and Settings\Dave\!\Weapon.Of.[bleep].Destruction.2002 DivX-xDMNx.avi
C:\Documents and Settings\Dave\!\Weapons [bleep].Destruction.avi
C:\Documents and Settings\Dave\!\Weapons Of [bleep] Destruction 2.avi
C:\Documents and Settings\Dave\!\Weapons of [bleep] destruction 3.avi
C:\Documents and Settings\Dave\!\Weapons of [bleep] Destruction 4.avi
C:\Documents and Settings\Dave\!\Weapons Of [bleep] Destruction CD1.avi
C:\Documents and Settings\Dave\!\Weapons.Of.[bleep].Destruction.5.DISC2.XX viD-DivXfacTory.avi
C:\Documents and Settings\Dave\!\web cam captures.avi
C:\Documents and Settings\Dave\!\Web Cam Collection 1.avi
C:\Documents and Settings\Dave\!\Web Cam Collection 3.avi
C:\Documents and Settings\Dave\!\Web Cam Collection 4.avi
C:\Documents and Settings\Dave\!\Web Cam Collection 5.avi
C:\Documents and Settings\Dave\!\Web Cam Fun. Babes I got on webcam.avi
C:\Documents and Settings\Dave\!\web cam girl in wet knickers.mov.avi
C:\Documents and Settings\Dave\!\Web Cams 1.avi
C:\Documents and Settings\Dave\!\Web Cams 2.avi
C:\Documents and Settings\Dave\!\Web Cams 5.avi
C:\Documents and Settings\Dave\!\Web Cams 6.avi
C:\Documents and Settings\Dave\!\Webcam-brud.avi
C:\Documents and Settings\Dave\!\webcam-carmensexy.avi.avi
C:\Documents and Settings\Dave\!\webcam-liya.avi.avi
C:\Documents and Settings\Dave\!\webcam-lizzy.avi.avi
C:\Documents and Settings\Dave\!\Webcam - Aleah Very Hot Chick That Wants It Bad!.avi
C:\Documents and Settings\Dave\!\Webcam - Amateur Girl With Pierced Clit Gives Blowjob!.avi
C:\Documents and Settings\Dave\!\Webcam - Brunette Strip Dance In White Short Skirt Black Chemi.avi
C:\Documents and Settings\Dave\!\Webcam - Girl With Pierced Clit Gives Blowjob!.avi
C:\Documents and Settings\Dave\!\WEBCAM Amateur girl masturbating[bleep]ing dildo.avi
C:\Documents and Settings\Dave\!\Webcam and homemade teen sluts.avi
C:\Documents and Settings\Dave\!\webcam banana in pussy.avi
C:\Documents and Settings\Dave\!\WEBCAM BLOWJOB AND CUM ON FACEavi.avi
C:\Documents and Settings\Dave\!\WEBCAM BLOWJOB AND [bleep].avi
C:\Documents and Settings\Dave\!\WEBCAM Chick At Home - Just Video.avi
C:\Documents and Settings\Dave\!\Webcam clips.avi
C:\Documents and Settings\Dave\!\Webcam Girl - upped for your-tanga.forum.de.vu.avi
C:\Documents and Settings\Dave\!\Webcam Girl Anal Dildo HOT.avi
C:\Documents and Settings\Dave\!\Webcam girl Jetta 10 clips.avi
C:\Documents and Settings\Dave\!\Webcam girls.avi
C:\Documents and Settings\Dave\!\Webcam Gril Jane.avi
C:\Documents and Settings\Dave\!\webcam homemade dildo.avi
C:\Documents and Settings\Dave\!\Webcam Homemade.avi
C:\Documents and Settings\Dave\!\Webcam Loesje.avi
C:\Documents and Settings\Dave\!\Webcam masturbation - teens masturbating on cam.avi
C:\Documents and Settings\Dave\!\webcam of a wife playing with her pussy and very nude.avi.avi
C:\Documents and Settings\Dave\!\Webcam pictures of amateur mostlybusty teens 600 pictures Favo.avi
C:\Documents and Settings\Dave\!\Webcam porn clips various.avi
C:\Documents and Settings\Dave\!\webcam pussy rub.avi
C:\Documents and Settings\Dave\!\webcam pussy shaving.avi
C:\Documents and Settings\Dave\!\Webcam Sex - Hong Kong.FFF.avi
C:\Documents and Settings\Dave\!\Webcam sluts-cyberstorm.avi
C:\Documents and Settings\Dave\!\Webcam Sluts.avi
C:\Documents and Settings\Dave\!\Webcam Strip Tease.mpg.avi
C:\Documents and Settings\Dave\!\Webcam Striptease.avi
C:\Documents and Settings\Dave\!\Webcam teen blond strip and push it hard four you.avi
C:\Documents and Settings\Dave\!\webcam teen maria playing with dildo.avi
C:\Documents and Settings\Dave\!\Webcam [bleep] Spycam.avi
C:\Documents and Settings\Dave\!\Webcam! - Young Girl Dances In A Thong.avi
C:\Documents and Settings\Dave\!\webcam, amatörer.avi
C:\Documents and Settings\Dave\!\Webcam.Girls.Collection.7.16.Clips.avi
C:\Documents and Settings\Dave\!\Webcam.Girls.Collection.8.19.Clips.avi
C:\Documents and Settings\Dave\!\Webcam.Schlampen.German.2008.XX viD.avi
C:\Documents and Settings\Dave\!\Webcam_-_Mature_Masterbation.avi
C:\Documents and Settings\Dave\!\Webcam_-_Tanned_Hottie.avi
C:\Documents and Settings\Dave\!\webcam_ shaved_pussy_masturbating.FFF.avi
C:\Documents and Settings\Dave\!\Webcam__-_Blonde_Bang.avi
C:\Documents and Settings\Dave\!\Webcam_Ady.avi
C:\Documents and Settings\Dave\!\webcam_aleah_hotttttt.a.chick.that.begs.for.doggy.style.wmv.avi
C:\Documents and Settings\Dave\!\Webcam_Amateur_Scandininavian_Wife-Pierced_Clit.AVI.avi
C:\Documents and Settings\Dave\!\webcam_amator.avi
C:\Documents and Settings\Dave\!\Webcam_clip_dutch_Sabrinah.AVI.avi
C:\Documents and Settings\Dave\!\Webcam_Dorm_Room_Sex_On_Floor_Amateur_XXX_DIVX.avi
C:\Documents and Settings\Dave\!\Webcam_Dorm_Room_Sex_On_Floor_Amateur_XXX_DIVX.rar.avi
C:\Documents and Settings\Dave\!\webcam_masturbating.FFF.avi
C:\Documents and Settings\Dave\!\Webcam_Striptease_msn.avi.avi
C:\Documents and Settings\Dave\!\webcams and amateur video.avi
C:\Documents and Settings\Dave\!\webcams and amateur videos.avi
C:\Documents and Settings\Dave\!\Webcams Exposed - Watch Teen Cams.exe.avi
C:\Documents and Settings\Dave\!\WebCamShows.avi
C:\Documents and Settings\Dave\!\WebCamShows.Dom grymmaste Cambrudarna på nätet.avi
C:\Documents and Settings\Dave\!\Webcrawler Collection 1.avi
C:\Documents and Settings\Dave\!\wedding day hardcore xxx.avi
C:\Documents and Settings\Dave\!\Wedding Night Home Made sex Video.avi
C:\Documents and Settings\Dave\!\WeFooledHer.com - teen girls tricked into pussy [bleep]ing.avi
C:\Documents and Settings\Dave\!\Weihnachtsfeier wird zur fetten Orgie.avi
C:\Documents and Settings\Dave\!\Weirdest [bleep] Ever.avi
C:\Documents and Settings\Dave\!\WELCOME TO DEEP THROAT SCHOOL - teen with huge boobs sucking pri.avi
C:\Documents and Settings\Dave\!\Welcome To The House Of Fur Pi (with Raven Richards).mpg.avi
C:\Documents and Settings\Dave\!\Welcomed.Consensus.Female.Masturbation.VOL.2,3,4.avi
C:\Documents and Settings\Dave\!\welivetogether.ballin.XXX.SiteRipGoldenPirates.avi
C:\Documents and Settings\Dave\!\welivetogether.beaver.fever.XXX.SiteRipGoldenPirates.avi
C:\Documents and Settings\Dave\!\welivetogether.car.wash.XXX.SiteRipGoldenPirates.avi
C:\Documents and Settings\Dave\!\welivetogether.city.walk.titties.XXX.SiteRipGoldenPirates.avi
C:\Documents and Settings\Dave\!\welivetogether.close.to.perfect.XXX.SiteRipGoldenPirates.avi
C:\Documents and Settings\Dave\!\welivetogether.closed.for.coohie.XXX.SiteRipGoldenPirates.avi
.
((((((((((((((((((((((((( Files Created from 2008-06-28 to 2008-07-30 )))))))))))))))))))))))))))))))
.

2008-07-29 18:48 . 2008-07-23 20:09 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-24 14:56 . 2008-07-24 14:54 8,947 ---hs---- C:\AlbumArt_{FA739A3E-E403-47FA-9EAA-2709453BD439}_Large.jpg
2008-07-24 14:56 . 2008-07-24 14:51 2,508 ---hs---- C:\AlbumArt_{FA739A3E-E403-47FA-9EAA-2709453BD439}_Small.jpg
2008-07-24 14:55 . 2008-07-24 14:52 12,387 ---hs---- C:\AlbumArt_{BAECCDC8-BCBE-4246-9D5E-0C421CC5B39A}_Large.jpg
2008-07-24 14:55 . 2008-07-24 14:55 5,336 ---hs---- C:\AlbumArt_{369DE3AC-50E0-4DCE-956D-857B3CBAAAC0}_Large.jpg
2008-07-24 14:55 . 2008-07-24 14:51 2,899 ---hs---- C:\AlbumArt_{BAECCDC8-BCBE-4246-9D5E-0C421CC5B39A}_Small.jpg
2008-07-24 14:55 . 2008-07-24 14:55 1,865 ---hs---- C:\AlbumArt_{369DE3AC-50E0-4DCE-956D-857B3CBAAAC0}_Small.jpg
2008-07-24 14:51 . 2008-07-24 14:50 11,153 ---hs---- C:\AlbumArt_{E2ED67F7-792D-4CA8-82D1-2397521B8084}_Large.jpg
2008-07-24 14:51 . 2008-07-24 14:50 2,821 ---hs---- C:\AlbumArt_{E2ED67F7-792D-4CA8-82D1-2397521B8084}_Small.jpg
2008-07-24 14:48 . 2008-07-24 14:47 9,355 ---hs---- C:\AlbumArt_{34F0D5AF-7790-49C3-B4D2-802485E855F9}_Large.jpg
2008-07-24 14:48 . 2008-07-24 14:47 2,395 ---hs---- C:\AlbumArt_{34F0D5AF-7790-49C3-B4D2-802485E855F9}_Small.jpg
2008-07-24 14:47 . 2008-07-24 14:46 10,337 ---hs---- C:\AlbumArt_{160629A4-83F0-4104-9EC2-DDFF729CE8D5}_Large.jpg
2008-07-24 14:47 . 2008-07-24 14:46 2,810 ---hs---- C:\AlbumArt_{160629A4-83F0-4104-9EC2-DDFF729CE8D5}_Small.jpg
2008-07-24 14:46 . 2008-07-24 14:56 362 ---hs---- C:\desktop.ini
2008-07-24 14:40 . 2008-07-24 14:46 8,989 ---hs---- C:\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Large.jpg
2008-07-24 14:40 . 2008-07-24 14:54 8,947 ---hs---- C:\Folder.jpg
2008-07-24 14:40 . 2008-07-24 14:51 2,508 ---hs---- C:\AlbumArtSmall.jpg
2008-07-24 14:40 . 2008-07-24 14:46 1,972 ---hs---- C:\AlbumArt_{4FC3015B-9D06-4C8A-BCD0-3199619B0F84}_Small.jpg
2008-07-24 14:29 . 2008-07-24 14:51 5,797,481 --a------ C:\Mase- Welcome Back.mp3
2008-07-24 14:28 . 2008-07-24 15:01 5,240,300 --a------ C:\Young Bloodz Ft Lil Jon - Presidential.mp3
2008-07-24 14:28 . 2008-07-24 14:31 4,861,700 --a------ C:\Ludacris- Welcome To Atlanta.mp3
2008-07-24 14:26 . 2008-07-24 15:01 4,839,552 --a------ C:\Young Jock - Its Going Down drty.mp3
2008-07-24 14:25 . 2008-07-24 15:00 8,349,628 --a------ C:\Fabolous - Breathe.mp3
2008-07-24 14:22 . 2008-07-24 15:00 7,196,181 --a------ C:\Lil Wayne - Go DJ.mp3
2008-07-24 14:19 . 2008-07-24 14:20 4,933,793 --a------ C:\Jay-z & Beyonce - Bonnie N Clyde 03.mp3
2008-07-24 14:07 . 2008-07-24 14:09 7,940,224 --a------ C:\TI - No Matter What.mp3
2008-07-19 17:45 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-19 17:43 . 2008-07-19 17:43 <DIR> d-------- C:\Program Files\Common Files\Java
2008-07-19 17:26 . 2008-07-19 17:35 <DIR> d-------- C:\Documents and Settings\Dave\.SunDownloadManager
2008-07-17 18:47 . 2008-07-17 18:47 <DIR> d-------- C:\Deckard
2008-07-08 15:28 . 2008-07-08 15:30 5,379,914 --a------ C:\Dolla ft. Akon & T Pain - Who The [bleep] Is that.mp3
2008-07-08 15:26 . 2008-07-08 15:27 5,147,783 --a------ C:\Kanye West - Flashing Lights.mp3
2008-07-08 15:22 . 2008-07-08 15:23 6,308,080 --a------ C:\Instrumentals - Shawty Lo - Dey Know.mp3
2008-07-08 15:22 . 2008-07-08 15:24 6,217,008 --a------ C:\Young Buck & The Outlawz - Driving Down The Freeway.mp3
2008-07-08 15:22 . 2008-07-08 15:23 2,219,826 --a------ C:\Shawty Lo - Dey Know.mp3
2008-07-08 12:57 . 2008-07-08 12:58 7,940,224 --a------ C:\T.I.-No Matter What.mp3
2008-07-08 12:53 . 2008-07-24 15:00 6,873,494 --a------ C:\Jadakiss - Why.mp3
2008-07-08 12:50 . 2008-07-08 12:50 4,381,824 --a------ C:\Bow Wow feat. Chris Brown - Shorty Like Mine.mp3
2008-07-08 12:46 . 2008-07-08 12:49 4,668,238 --a------ C:\Nelly - Ride With Me.mp3
2008-07-07 23:57 . 2008-07-08 00:00 4,710,528 --a------ C:\The All-American Rejects - Dirty Little Secrete.mp3
2008-07-07 23:54 . 2008-07-07 23:55 4,284,566 --a------ C:\The Killers - When You Were Young.mp3
2008-07-07 00:48 . 2008-07-07 00:49 4,675,584 --a------ C:\Jessica Simpson - With You.mp3
2008-07-07 00:46 . 2008-07-07 00:46 5,469,542 --a------ C:\Alicia Keys - As I Am - 05 - Like You'll Never See Me Again(1).mp3
2008-07-07 00:46 . 2008-07-07 00:46 5,004,190 --a------ C:\Alicia Keys - No One.mp3
2008-07-07 00:46 . 2008-07-07 00:46 4,708,764 --a------ C:\Alicia Keys - Falling.mp3
2008-07-07 00:41 . 2008-07-07 00:42 5,490,856 --a------ C:\Alicia Keys - If I Ain't Got You.mp3
2008-07-07 00:34 . 2008-07-07 00:40 3,092,524 --a------ C:\Jojo - Baby It`s You.mp3
2008-07-07 00:33 . 2008-07-07 00:35 7,153,675 --a------ C:\Kelly Clarkson - Miss Independent.mp3
2008-07-07 00:33 . 2008-07-07 00:34 3,514,496 --a------ C:\Kelly Clarkson - Because Of You.mp3
2008-07-07 00:33 . 2008-07-07 00:34 3,025,024 --a------ C:\Kelly Clarkson - Walk Away.mp3
2008-07-07 00:32 . 2008-07-07 00:35 4,787,186 --a------ C:\Carrie Underwood - All-American Girl.mp3
2008-07-07 00:31 . 2008-07-07 00:34 4,997,130 --a------ C:\Mariah Carey - Touch my body.mp3
2008-07-07 00:24 . 2008-07-07 00:25 5,727,787 --a------ C:\Mariah Carey - Shake It Off.mp3
2008-07-07 00:24 . 2008-07-07 00:27 4,126,382 --a------ C:\Mariah Carey - Always Be My Baby.mp3
2008-07-07 00:23 . 2008-07-07 00:27 7,169,506 --a------ C:\James Blunt - Same Mistake.mp3
2008-07-07 00:23 . 2008-07-07 00:28 4,417,827 --a------ C:\Celine Dion - Because You Loved Me.mp3
2008-07-07 00:23 . 2008-07-07 00:26 3,309,711 --a------ C:\Mariah Carey & Celine Dion - I Still Believe.mp3
2008-07-07 00:15 . 2008-07-07 00:16 3,449,545 --------- C:\Rick Astley - Never Gonna Give You Up.mp3
2008-07-07 00:12 . 2008-07-07 00:13 4,775,520 --a------ C:\Jessica Simpson - I Think I'm In Love With You.mp3
2008-07-07 00:07 . 2008-07-24 15:01 5,068,635 --a------ C:\Lil Wayne ft Jay-Z - Mr Carter.mp3
2008-07-07 00:01 . 2008-07-07 00:01 6,356,632 --a------ C:\Lil Wayne ft. T-Pain - The Carter III - Got Money.mp3
2008-07-07 00:00 . 2008-07-07 00:02 4,737,210 --a------ C:\Lil Wayne - Tha Carter III - 17 - Misunderstood.mp3
2008-07-06 23:34 . 2008-07-06 23:35 5,783,971 --a------ C:\Lil Wayne - Tha Carter III - 05 - Comfortable .mp3
2008-07-06 23:34 . 2008-07-06 23:36 5,069,017 --a------ C:\Lil Wayne - Tha Carter III - 13 - Good Girl Gone Bad.mp3
2008-07-06 19:13 . 2008-07-06 19:14 6,401,341 --a------ C:\Lil Wayne - Tha Carter III - 07 - Dr. Carter.mp3
2008-07-06 19:12 . 2008-07-06 19:14 14,211,995 --a------ C:\Lil Wayne - Tha Carter III - Dont Get It.mp3
2008-07-06 19:12 . 2008-07-06 19:14 7,470,219 --a------ C:\Lil' Wayne - Tha Carter III - 10 - Let The Beat Build.mp3
2008-07-06 19:12 . 2008-07-06 19:14 6,270,886 --a------ C:\Lil Wayne - The Carter III - 07 - Playing With Fire.mp3
2008-07-06 19:12 . 2008-07-06 19:19 6,267,754 --a------ C:\Lil Wayne - Tha Carter III - Playing With Fire.mp3
2008-07-06 19:12 . 2008-07-06 19:14 6,064,413 --a------ C:\Lil Wayne - Tha Carter III - Mrs. Officer.mp3
2008-07-06 19:12 . 2008-07-06 19:14 5,147,197 --a------ C:\Lil Wayne - Tha Carter III - La La (Ft. Busta Rhymes N Brisco).mp3
2008-07-06 19:12 . 2008-07-06 19:17 3,335,716 --a------ C:\Lil Wayne - The Carter III Leak - Love Me Or Hate Me(1).mp3
2008-06-21 19:53 . 2008-06-21 19:53 <DIR> d-------- C:\iPodMusic
2008-06-21 19:52 . 2008-06-21 19:52 <DIR> d-------- C:\Program Files\iDumpPro
2008-06-21 19:52 . 2008-06-21 19:52 <DIR> d-------- C:\Program Files\Common Files\Thraex Software
2008-06-21 19:52 . 2008-06-21 19:52 1,522,155 --a------ C:\WINDOWS\iDumpPro Uninstaller.exe
2008-06-21 10:24 . 2008-06-21 10:26 <DIR> d-------- C:\Program Files\iDump
2008-06-12 11:48 . 2008-06-13 09:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-12 11:48 . 2008-06-13 09:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 14:38 . 2008-06-11 14:38 <DIR> d-------- C:\Documents and Settings\Dave\Application Data\Kensington
2008-06-11 14:35 . 2008-06-30 18:11 7,304 --a------ C:\WINDOWS\TMP0001.TMP
2008-06-11 14:34 . 2008-06-11 14:34 <DIR> d-------- C:\Program Files\Kensington
2008-06-11 14:34 . 2006-08-03 11:47 176,128 --a------ C:\WINDOWS\system32\kmw_show.exe
2008-06-11 14:34 . 2006-08-03 11:47 110,592 --a------ C:\WINDOWS\system32\kmw_dll.dll
2008-06-11 14:34 . 2006-08-03 11:47 106,496 --a------ C:\WINDOWS\system32\kmw_run.exe
2008-06-11 14:34 . 2006-08-03 11:47 91,648 --a------ C:\WINDOWS\system32\drivers\KMW_SYS.sys
2008-06-11 14:34 . 2006-08-03 11:47 10,112 --a------ C:\WINDOWS\system32\drivers\KMW_USB.sys
2008-06-11 14:34 . 2006-08-03 11:46 5,376 --a------ C:\WINDOWS\system32\drivers\KMW_KBD.sys
2008-06-11 14:34 . 2006-08-03 11:46 4,736 --a------ C:\WINDOWS\system32\drivers\KMW_LIB.sys
2008-06-09 13:21 . 2008-06-09 13:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-09 13:20 . 2008-06-09 17:04 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-06-09 13:20 . 2008-06-09 13:20 <DIR> d-------- C:\Documents and Settings\Dave\Application Data\SUPERAntiSpyware.com
2008-06-09 01:07 . 2008-06-20 19:40 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-06-09 00:31 . 2008-07-23 20:09 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-08 22:23 . 2008-06-08 22:23 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-08 22:23 . 2008-06-09 13:20 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-08 22:23 . 2008-06-08 22:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-06 18:26 . 1995-12-15 02:10 346,112 -ra------ C:\WINDOWS\system\QTIM32.DLL
2008-06-06 17:47 . 2008-06-06 17:47 <DIR> d-------- C:\Program Files\EA Games

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-29 22:50 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-07-29 22:48 --------- d-----w C:\Documents and Settings\Dave\Application Data\LimeWire
2008-07-24 03:16 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-19 21:45 --------- d-----w C:\Program Files\Java
2008-07-06 20:28 --------- d-----w C:\Program Files\LimeWire
2008-07-04 19:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-06-20 23:40 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-09 16:22 --------- d-----w C:\Program Files\Common Files\Adobe
2007-04-23 05:19 87,608 ----a-w C:\Documents and Settings\Dave\Application Data\ezpinst.exe
2007-04-23 05:19 47,360 ----a-w C:\Documents and Settings\Dave\Application Data\pcouffin.sys
.

((((((((((((((((((((((((((((( snapshot@2008-07-19_17.06.03.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-24 03:16:02 10,134 ----a-r C:\WINDOWS\Installer\{DB5F474C-B584-417F-810B-DEBBC1893C2A}\ARPPRODUCTICON.exe
- 2007-07-12 05:22:00 135,168 ----a-w C:\WINDOWS\system32\java.exe
+ 2008-06-10 05:21:01 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2007-07-12 05:22:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2008-06-10 05:21:04 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2007-07-12 06:22:38 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2008-06-10 06:32:34 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-02-27 11:39 1310720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25 6731312]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"kmw_run.exe"="kmw_run.exe" [2006-08-03 11:47 106496 C:\WINDOWS\system32\kmw_run.exe]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-02-27 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a------ 2007-03-09 11:09 63712 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
--a------ 2005-10-05 03:12 94208 C:\Program Files\Dell\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--a------ 2005-02-23 16:19 53248 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Kensington\\MouseWorks\\k_update.exe"=

R2 NMSAccessU;NMSAccessU;C:\Program Files\iDumpPro\NMSAccessU.exe [2007-10-12 05:34]
R3 KMW_KBD;Kensington Input Devices Class filter driver;C:\WINDOWS\system32\DRIVERS\KMW_KBD.sys [2006-08-03 11:46]
S3 KMW_SYS;Kensington MouseWorks Mouse filter driver;C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys [2006-08-03 11:47]
S3 KMW_USB;Kensington MouseWorks USB filter driver;C:\WINDOWS\system32\DRIVERS\KMW_USB.sys [2006-08-03 11:47]
.
Contents of the 'Scheduled Tasks' folder
"2008-07-08 02:48:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-07-04 19:00:09 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-30 18:39:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\MOZILL~1\firefox.exe
.
**************************************************************************
.
Completion time: 2008-07-30 18:45:57 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-30 22:45:16
ComboFix2.txt 2008-07-19 21:07:00
ComboFix3.txt 2008-04-22 01:51:32

Pre-Run: 58,571,468,800 bytes free
Post-Run: 58,910,519,296 bytes free

1834 --- E O F --- 2008-07-12 16:14:03


ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:21:30 PM, on 7/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\iDumpPro\NMSAccessU.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\WINDOWS\system32\kmw_run.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [kmw_run.exe] kmw_run.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\iDumpPro\NMSAccessU.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 5058 bytes

[Essexboy]

Could you run another ad aware scan now and let me know the results