Post by: zeroFaTe on October 23, 2006, 11:22:13 PM
Scan saved at 12:01:08 AM, on 10/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PornPass Manager\isamonitor.exe
C:\Program Files\PornPass Manager\pmsngr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\PornPass Manager\pmmon.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\PornPass Manager\isamini.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe
C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://10609136514.football.sportsline.com/ (http://\"http://10609136514.football.sportsline.com/\")
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7b4d79df-9ef0-429d-a0e9-d9b138c6a53b} - C:\Program Files\PornPass Manager\isaddon.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Protection Bar - {8aed5df3-6e0b-4930-b1a5-f8aa8d757497} - C:\Program Files\PornPass Manager\iesplugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab (http://\"http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab\")
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab (http://\"http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab\")
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: contrabandists - {dfa61db1-388e-4c87-8d56-540fa229bcb4} - C:\WINDOWS\system32\dpfwu.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
Post by: guestolo on October 24, 2006, 12:26:38 AM
I want to ensure I'm not missing anything
Please supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents
Also
Download the latest version of [color=\"red\"]SmitfraudFix[/color] (http://\"http://siri.urz.free.fr/Fix/SmitfraudFix.zip\")[/url] (by S!Ri)
Extract the contents (a folder named SmitfraudFix) to your Desktop.
Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
By default, the log is located Here>>C:\Rapport.txt
[color=\"#3366FF\"]Note[/color] : [color=\"#FF0000\"]process.exe[/color] [color=\"#3366FF\"]is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.[/color]
Also
Download this file - Combofix.exe (http://\"http://download.bleepingcomputer.com/sUBs/combofix.exe\") and save it too desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
Post the log from combofix please
Recap, I would like to see
1. The uninstall list from Hijackthis
2. The log from Smitfraudfix
3. The log from combofix
Post by: zeroFaTe on October 25, 2006, 11:32:22 AM
3ivx D4 4.5.1 (remove only)
Ad-Aware SE Personal
Adobe Download Manager 2.0 (Remove Only)
Adobe Reader 7.0
Ahead InCD
Ahead InCD EasyWrite Reader
Air Utility
ANIO Service
ANIWZCS Service
AOL Instant Messenger
Azureus
Collab
DivX
DivX Player
DivX Web Player
FL Studio 5
HijackThis 1.99.1
Intel® PRO Network Adapters and Drivers
Internet Explorer Security Plugin 2006
InterVideo WinDVD 4
iPod for Windows 2005-09-23
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 6
Macromedia Flash Player 8
Macromedia Shockwave Player
McAfee SecurityCenter
McAfee VirusScan
Nero - Burning Rom
Nero Media Player
NeroVision Express 2
Panda spyXposer
Public Messenger ver 2.03
QuickTime
Realtek AC'97 Audio
Safety Alerter 2006
SATARaid
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
Starcraft
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
WordBiz version 1.8
XviD MPEG-4 Video Codec
SmitFraudFix
SmitFraudFix v2.113
Scan done at 12:27:00.81, Wed 10/25/2006
Run from C:\Documents and Settings\Nick\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\dpfwu.dll FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Nick
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Nick\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url FOUND !
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Nick\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url FOUND !
C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\PornPass Manager\ FOUND !
C:\Program Files\VirusBurster\ FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components]
"Source"="http://www.eselocos.com/images/jmt_2.jpg"
"SubscribedURL"="http://www.eselocos.com/images/jmt_2.jpg"
"FriendlyName"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"
[HKEY_CLASSES_ROOT\CLSID\{dfa61db1-388e-4c87-8d56-540fa229bcb4}\InProcServer32]
@="C:\WINDOWS\system32\dpfwu.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{dfa61db1-388e-4c87-8d56-540fa229bcb4}\InProcServer32]
@="C:\WINDOWS\system32\dpfwu.dll"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
combofix
Nick - 06-10-25 12:29:22.07 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Nick\Desktop"
((((((((((((((((((((((((((((((( Files Created from 2006-09-25 to 2006-10-25 ))))))))))))))))))))))))))))))))))
2006-10-25 12:26 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-10-25 12:26 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-10-25 12:26 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-10-25 12:26 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-10-22 23:31 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll
2006-10-22 09:52 106,496 --a------ C:\WINDOWS\system32\dpfwu.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-10-22 23:31 -------- d-------- C:\Program Files\Common Files\DriveCleaner 2006 Free
2006-10-22 23:31 -------- d-------- C:\Program Files\Common Files
2006-10-22 10:12 -------- d-------- C:\Program Files\VirusBurster
2006-10-22 10:12 -------- d-------- C:\Program Files\PornPass Manager
2006-10-22 08:47 -------- d-------- C:\Program Files\Starcraft
2006-10-21 10:28 -------- d-------- C:\Program Files\Azureus
2006-10-21 10:28 -------- d-------- C:\Documents and Settings\Nick\Application Data\Azureus
2006-09-19 20:27 -------- d-------- C:\Program Files\Lavasoft
2006-09-19 20:27 -------- d-------- C:\Documents and Settings\Nick\Application Data\Lavasoft
2006-09-19 13:24 -------- d-------- C:\Program Files\SpywareBlaster
2006-09-19 13:10 -------- d-------- C:\Program Files\Java
2006-09-19 00:52 -------- d-------- C:\Program Files\IrfanView
2006-09-13 01:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-10 16:51 -------- d-------- C:\Program Files\Internet Explorer
2006-09-10 16:20 -------- d-------- C:\Program Files\StealthBot
2006-09-10 16:19 -------- d-------- C:\Program Files\iTunes
2006-09-05 15:42 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-08-25 11:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 08:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 05:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 07:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-07-27 09:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMan"="SOUNDMAN.EXE"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
"InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"D-Link Air Utility"="C:\\Program Files\\D-Link\\Air Utility\\AirCFG.exe"
"ANIWZCSService"="C:\\Program Files\\Alpha Networks\\ANIWZCS Service\\WZCSLDR.exe"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"SDR6_Check"="\"C:\\Program Files\\Common Files\\DriveCleaner 2006 Free\\udcsdr.exe\""
"PAS_Check"="\"C:\\Program Files\\Common Files\\DriveCleaner 2006 Free\\udcpas.exe\""
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"Source"="http://www.eselocos.com/images/jmt_2.jpg"
"SubscribedURL"="http://www.eselocos.com/images/jmt_2.jpg"
"FriendlyName"=""
"Flags"=dword:00002001
"Position"=hex:2c,00,00,00,8d,02,00,00,13,00,00,00,8c,00,00,00,b9,00,00,00,e8,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000001
"OriginalStateInfo"=hex:18,00,00,00,68,02,00,00,e7,00,00,00,8c,00,00,00,ba,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,b0,00,00,00,77,00,00,00,8c,00,00,00,b9,00,\
00,00,01,00,00,40
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,58,02,00,00,ea,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"isamonitor.exe"="C:\\Program Files\\PornPass Manager\\isamonitor.exe"
"pmsngr.exe"="C:\\Program Files\\PornPass Manager\\pmsngr.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"contrabandists"="{dfa61db1-388e-4c87-8d56-540fa229bcb4}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
backup-20060919-131627-337
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (HOME-NICK-Nick).job
Completion time: 06-10-25 12:30:22.18
C:\ComboFix.txt ... 06-10-25 12:30
Post by: guestolo on October 26, 2006, 09:18:41 PM
Smitfraudfix is always updating
Can you delete your version of Smitfraudfix.zip and the Smitfraudfix folder on your desktop
Then, REDownload the latest version of [color=\"red\"]SmitfraudFix[/color] (http://\"http://siri.urz.free.fr/Fix/SmitfraudFix.zip\")[/url] (by S!Ri)
Extract the contents (a folder named SmitfraudFix) to your Desktop.
We should update your version of Sun Java to plug up security holes that malware can exploit
==Download the latest version of Java Runtime Environment (JRE) 5.0 Update 9 (http://\"http://java.sun.com/javase/downloads/index.jsp\")
- Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
- Click the "Download" button to the right.
- Check the box that says: "Accept License Agreement[/i]".
- The page will refresh.
- Click on the link to download Windows Offline Installation Multi-language
Don't install it yet
Access your Add/remove programs via Control Panel
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
eg..J2SE Runtime Environment 5.0 Update 6
It should have the following icon next to it: (http://users.telenet.be/bluepatchy/miekiemoes/images/javaicon.gif)
Select it and click Remove
Do a "System scan only" with Hijackthis and put a check next to these entries:
O3 - Toolbar: Protection Bar - {8aed5df3-6e0b-4930-b1a5-f8aa8d757497} - C:\Program Files\PornPass Manager\iesplugin.dll
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O21 - SSODL: contrabandists - {dfa61db1-388e-4c87-8d56-540fa229bcb4} - C:\WINDOWS\system32\dpfwu.dll
After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis
REboot your computer into safe mode
If you didn't intentionally have this program installed
DriveCleaner 2006 Free
Open the folder
C:\Program Files\Common Files\DriveCleaner 2006 Free <-this folder
Look for an uninstaller, run it if found, if there is no uninstaller
Delete the DriveCleaner 2006 Free folder
* Clean your Cache and Cookies in IE:
- Go to Control Panel > Internet Options > General tab
- Click the "Delete Cookies" button
- Next to it, Click the "Delete Files" button
- When prompted, place a check in: "Delete all offline content", click OK
- Go to Tools > Options.
- Click Privacy in the menu on the left side of the Options window.
- Click the Clear button located to the right of each option (History, Cookies, Cache).
- Click OK to close the Options window
Alternatively, you can clear all information stored while browsing by clicking Clear All.
A confirmation dialog box will be shown before clearing the information.
[/list]* Clean other Temporary files + Recycle bin
- Go to start > run and type:
- Let it scan your system for files to remove.
- Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
- Press OK to remove them.
- Double-click smitfraudfix.cmd
- Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.
- You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.
- The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".
I'll need to see these later, by default they are also saved at C:\rapport.txt
Reboot back to Normal windows
Go to start > control panel > Display properties > Desktop > Customize Desktop... > Web tab
Uncheck and delete everything you find in there. (except for "My current home page")
Go ahead and install the latest version of Sun java from the installer on your desktop
After installation you can delete the installer
Can you do the following, I just want to check on something
Right click on Hijackthis.exe and rename it too zeroFaTe.exe
Run a fresh scan and save logfile with zeroFaTe.exe (Hijackthis)
Post a fresh Hijackthis log
also post the report from Smitfraudfix found here>>C:\Rapport.txt
Post by: zeroFaTe on October 27, 2006, 02:15:58 PM
Scan saved at 3:14:23 PM, on 10/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\msiexec.exe
C:\HJT\zerofate.exe.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab (http://\"http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab\")
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab (http://\"http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab\")
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
SmitFraudFix v2.114
Scan done at 15:02:16.96, Fri 10/27/2006
Run from C:\Documents and Settings\Nick\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists"
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\WINDOWS\system32\dpfwu.dll Deleted
C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted
C:\Program Files\PornPass Manager\ Deleted
C:\Program Files\VirusBurster\ Deleted
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
Post by: guestolo on October 28, 2006, 05:32:29 PM
How's everything running on your end?
I still see DriveCleaner 2006 Free in your log
Did the user want to hold onto this?
Was there an uninstaller in the DriveCleaner 2006 Free folder?
Post by: guestolo on October 30, 2006, 12:32:31 AM
Are you ready to clean yourself of it yet?
Post by: zeroFaTe on October 31, 2006, 04:34:34 PM
Post by: guestolo on October 31, 2006, 04:46:28 PM
Create a .bat file for me, I want to check on that uninstaller
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
Change the Save as Type to All Files.
Name the file as find.bat
Save this file on the desktop
Code: [Select]
@echo off
cd C:\Program Files\Common Files\DriveCleaner 2006 Free
dir /s /a > C:\find.txt
notepad C:\find.txt
del /q C:\find.txtDouble click on find.bat, a text file should open, copy>>paste the contents back here
EDIT>>Can you do the above .bat file, but also do this one please
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
Change the Save as Type to All Files.
Name the file as find2.bat
Save this file on the desktop
Code: [Select]
@echo off
cd C:\Program Files\DriveCleaner 2006 Free
dir /s /a > C:\find2.txt
notepad C:\find2.txt
del /q C:\find2.txtDouble click on find2.bat, a text file should open, copy>>paste the contents back here
Umm, hello, are you just popping in every couple of days with no info?
Why don't you have the user of the computer sign up and post the info, it may go faster
Post by: zeroFaTe on November 02, 2006, 09:30:12 PM
Volume Serial Number is 04E4-BB78
Directory of C:\Documents and Settings\Nick\Desktop
11/02/2006 09:27 PM <DIR> .
11/02/2006 09:27 PM <DIR> ..
10/27/2006 01:55 PM 3,307 222.rtf
09/19/2006 07:26 PM 2,855,080 aawsepersonal.exe
06/10/2005 09:44 PM 20,798,256 AdbeRdr70_enu_full.exe
10/19/2005 06:19 PM 160,256 AIMFix.exe
10/27/2005 03:04 PM 678 Azureus.lnk
04/09/2005 10:00 AM 393,216 bwchart.exe
09/18/2006 11:20 PM <DIR> Caitlin all
10/17/2005 03:47 PM 1,657 Collab.lnk
10/25/2006 11:28 AM 276,918 combofix.exe
11/02/2006 09:27 PM 132 find.bat
11/02/2006 09:27 PM 124 find2.bat
10/17/2005 03:47 PM 778 FL Studio 5.lnk
05/28/2005 09:35 PM 104 Internet.lnk
10/23/2005 10:54 PM 1,565 IrfanView Thumbnails.lnk
10/23/2005 10:54 PM 685 IrfanView.lnk
01/13/2006 12:08 PM <DIR> Music Videos
09/25/2005 04:02 PM 104 My Computer.lnk
03/15/2004 10:08 PM 19,846 nick's poem book.txt
10/27/2006 02:03 PM 1,420 rapport.txt
10/27/2006 02:02 PM <DIR> SmitfraudFix
10/27/2006 01:26 PM 601,128 SmitfraudFix.zip
09/19/2006 07:43 PM 933 Spybot - Search & Destroy.lnk
09/19/2006 07:43 PM 5,037,072 spybotsd14.exe
09/19/2006 12:21 PM 690 SpywareBlaster.lnk
05/28/2005 09:25 PM 1,576 Starcraft - Brood War.lnk
10/25/2006 11:24 AM 2 uninstall_list.txt
07/25/2006 02:07 AM <DIR> VirtualDubMod_1_5_10_2_All_inclusive
04/08/2006 01:15 AM 1,757,806 VirtualDubMod_1_5_10_2_All_inclusive.zip
11/09/2005 03:55 AM 654 Winamp.lnk
06/05/2005 05:53 PM 692 WinRAR.lnk
07/25/2006 01:25 AM 1,524 WordBiz.lnk
06/05/2005 05:52 PM 1,013,454 wrar35b5.exe
28 File(s) 32,929,657 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all
09/18/2006 11:20 PM <DIR> .
09/18/2006 11:20 PM <DIR> ..
09/26/2004 08:53 PM 183,615 caitlin.jpg
09/18/2006 11:22 PM 256,822 Clipboard01.bmp
09/13/2006 09:50 PM <DIR> DszeroDs - Caitlin
09/13/2006 09:50 PM <DIR> GoBpUnKrOcKeRs -Caitlin
01/30/2005 10:03 PM 2,794,174 hawaii.bmp
02/16/2004 07:09 PM 2,817,556 homc..03 .tif
09/13/2006 09:49 PM <DIR> RyuhouEx - Caitlin
02/16/2004 07:06 PM 2,817,580 Scan0002.tif
10/29/2004 08:01 AM 620 Shortcut to Caitlin - gadzook.lnk
01/30/2005 10:02 PM 619 Shortcut to Scan0002.lnk
09/18/2006 11:22 PM 32,256 Thumbs.db
09/13/2006 09:49 PM <DIR> XfallenchaosX - caitlin middle
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin new
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin old
09/13/2006 09:49 PM <DIR> xxryuhouxx - caitlin
8 File(s) 8,903,242 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\DszeroDs - Caitlin
09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
05/24/2003 06:23 AM 4,208 2003-05-24 [Saturday].htm
06/04/2003 08:47 PM 1,756 2003-06-04 [Wednesday].htm
06/05/2003 06:37 PM 401 2003-06-05 [Thursday].htm
06/07/2003 04:40 PM 2,337 2003-06-07 [Saturday].htm
06/09/2003 09:30 PM 2,070 2003-06-09 [Monday].htm
06/10/2003 07:38 PM 14,563 2003-06-10 [Tuesday].htm
06/12/2003 09:18 PM 18,931 2003-06-12 [Thursday].htm
06/14/2003 05:06 PM 390 2003-06-14 [Saturday].htm
06/15/2003 09:48 PM 35,884 2003-06-15 [Sunday].htm
06/16/2003 09:47 PM 27,543 2003-06-16 [Monday].htm
06/17/2003 08:26 PM 3,694 2003-06-17 [Tuesday].htm
06/18/2003 03:36 PM 22,921 2003-06-18 [Wednesday].htm
06/19/2003 07:21 PM 11,709 2003-06-19 [Thursday].htm
06/20/2003 08:58 PM 5,804 2003-06-20 [Friday].htm
06/22/2003 01:09 PM 6,787 2003-06-22 [Sunday].htm
06/23/2003 05:05 PM 17,660 2003-06-23 [Monday].htm
06/25/2003 12:56 PM 7,187 2003-06-25 [Wednesday].htm
06/27/2003 03:50 PM 15,410 2003-06-27 [Friday].htm
07/06/2003 09:28 PM 5,168 2003-07-06 [Sunday].htm
07/07/2003 06:09 PM 21,267 2003-07-07 [Monday].htm
07/08/2003 04:55 PM 2,293 2003-07-08 [Tuesday].htm
07/13/2003 12:28 PM 2,378 2003-07-13 [Sunday].htm
07/14/2003 08:52 PM 11,916 2003-07-14 [Monday].htm
07/15/2003 07:32 PM 13,510 2003-07-15 [Tuesday].htm
07/19/2003 09:58 PM 14,734 2003-07-19 [Saturday].htm
07/26/2003 02:42 PM 14,938 2003-07-26 [Saturday].htm
07/27/2003 03:17 PM 550 2003-07-27 [Sunday].htm
08/11/2003 09:40 PM 4,268 2003-08-11 [Monday].htm
08/12/2003 11:13 AM 675 2003-08-12 [Tuesday].htm
08/14/2003 10:36 PM 12,800 2003-08-14 [Thursday].htm
08/15/2003 10:17 PM 7,932 2003-08-15 [Friday].htm
08/16/2003 08:14 PM 24,701 2003-08-16 [Saturday].htm
08/17/2003 05:01 PM 8,650 2003-08-17 [Sunday].htm
08/18/2003 07:04 PM 20,208 2003-08-18 [Monday].htm
08/19/2003 12:36 AM 27,747 2003-08-19 [Tuesday].htm
08/20/2003 09:54 PM 36,672 2003-08-20 [Wednesday].htm
08/21/2003 11:25 AM 2,461 2003-08-21 [Thursday].htm
08/22/2003 10:26 AM 3,368 2003-08-22 [Friday].htm
01/23/2004 11:10 PM 2,381 2004-01-23 [Friday].htm
01/25/2004 01:05 PM 2,368 events.txt
10/09/2004 11:02 PM 14 Me....txt
41 File(s) 440,254 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin
09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
04/25/2001 07:16 AM 9,249 2001-04-25 [Wednesday].htm
05/05/2001 10:31 AM 14,933 2001-05-05 [Saturday].htm
09/20/2001 08:45 PM 23,022 2001-09-20 [Thursday].htm
09/21/2001 01:26 AM 21,168 2001-09-21 [Friday].htm
04/09/2003 07:45 PM 13,845 2003-04-09 [Wednesday].htm
09/14/2006 04:40 PM <DIR> 2003-04-18 [Friday]
04/18/2003 10:32 PM 64,574 2003-04-18 [Friday].htm
04/19/2003 12:21 PM 1,909 2003-04-19 [Saturday].htm
04/20/2003 12:05 AM 11,873 2003-04-20 [Sunday].htm
05/26/2003 01:31 PM 9,781 2003-05-26 [Monday].htm
06/01/2003 04:37 PM 9,707 2003-06-01 [Sunday].htm
06/06/2003 06:15 PM 1,344 2003-06-06 [Friday].htm
01/25/2004 07:10 PM 4,610 2004-01-25 [Sunday].htm
06/01/2003 04:37 PM 277 events.txt
13 File(s) 186,292 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin\2003-04-18 [Friday]
09/14/2006 04:40 PM <DIR> .
09/14/2006 04:40 PM <DIR> ..
04/18/2003 07:32 PM 104,336 MVC-011S.JPG
09/14/2006 04:40 PM 5,632 Thumbs.db
2 File(s) 109,968 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\RyuhouEx - Caitlin
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
08/23/2003 08:14 PM 912 2003-08-23 [Saturday].htm
08/24/2003 06:21 PM 3,181 2003-08-24 [Sunday].htm
08/25/2003 01:14 PM 31,929 2003-08-25 [Monday].htm
08/26/2003 03:24 PM 19,349 2003-08-26 [Tuesday].htm
08/27/2003 03:04 PM 8,857 2003-08-27 [Wednesday].htm
08/28/2003 08:31 PM 7,746 2003-08-28 [Thursday].htm
08/29/2003 03:07 PM 12,340 2003-08-29 [Friday].htm
08/30/2003 02:57 PM 1,515 2003-08-30 [Saturday].htm
09/03/2003 06:59 PM 1,973 2003-09-03 [Wednesday].htm
09/07/2003 08:12 PM 17,033 2003-09-07 [Sunday].htm
09/08/2003 02:37 PM 13,073 2003-09-08 [Monday].htm
09/12/2003 01:49 PM 890 2003-09-12 [Friday].htm
09/14/2003 07:36 PM 17,727 2003-09-14 [Sunday].htm
09/15/2003 08:30 PM 2,160 2003-09-15 [Monday].htm
09/17/2003 07:12 PM 755 2003-09-17 [Wednesday].htm
09/19/2003 03:37 PM 3,721 2003-09-19 [Friday].htm
09/22/2003 08:31 PM 1,404 2003-09-22 [Monday].htm
09/24/2003 08:05 PM 6,813 2003-09-24 [Wednesday].htm
09/25/2003 08:19 PM 4,623 2003-09-25 [Thursday].htm
09/26/2003 02:59 PM 713 2003-09-26 [Friday].htm
09/29/2003 08:15 PM 1,859 2003-09-29 [Monday].htm
10/08/2003 06:27 PM 1,441 2003-10-08 [Wednesday].htm
10/09/2003 09:20 PM 6,395 2003-10-09 [Thursday].htm
10/10/2003 10:43 AM 5,340 2003-10-10 [Friday].htm
10/15/2003 08:19 PM 24,779 2003-10-15 [Wednesday].htm
10/17/2003 04:51 PM 1,504 2003-10-17 [Friday].htm
10/19/2003 04:44 PM 688 2003-10-19 [Sunday].htm
10/20/2003 07:54 PM 5,003 2003-10-20 [Monday].htm
10/22/2003 07:51 PM 18,172 2003-10-22 [Wednesday].htm
10/24/2003 02:12 PM 2,034 2003-10-24 [Friday].htm
10/26/2003 08:09 PM 5,619 2003-10-26 [Sunday].htm
10/27/2003 08:54 PM 12,243 2003-10-27 [Monday].htm
10/29/2003 08:00 PM 9,120 2003-10-29 [Wednesday].htm
10/30/2003 03:55 PM 6,331 2003-10-30 [Thursday].htm
10/31/2003 06:20 PM 619 2003-10-31 [Friday].htm
11/03/2003 09:46 PM 2,710 2003-11-03 [Monday].htm
11/04/2003 08:38 PM 5,569 2003-11-04 [Tuesday].htm
11/05/2003 01:50 PM 1,872 2003-11-05 [Wednesday].htm
11/05/2003 01:30 PM 3,046 events.txt
39 File(s) 271,058 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\XfallenchaosX - caitlin middle
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/29/2004 10:40 PM 978 2004-02-29 [Sunday].htm
03/29/2004 09:59 PM 2,358 2004-03-29 [Monday].htm
04/02/2004 09:16 PM 439 2004-04-02 [Friday].htm
04/03/2004 02:19 PM 997 2004-04-03 [Saturday].htm
04/11/2004 09:00 PM 1,566 2004-04-11 [Sunday].htm
04/15/2004 10:16 PM 11,595 2004-04-15 [Thursday].htm
04/27/2004 02:42 PM 1,133 2004-04-27 [Tuesday].htm
04/27/2004 07:30 PM 937 events.txt
8 File(s) 20,003 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin new
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
05/05/2004 08:06 PM 3,980 2004-05-05 [Wednesday].htm
05/10/2004 05:29 PM 69 events.txt
2 File(s) 4,049 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin old
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/27/2004 11:53 PM 1,462 2004-02-27 [Friday].htm
02/28/2004 02:34 PM 924 2004-02-28 [Saturday].htm
03/22/2004 09:05 PM 278 events.txt
3 File(s) 2,664 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
11/10/2003 10:10 PM 3,575 2003-11-10 [Monday].htm
11/11/2003 07:11 PM 728 2003-11-11 [Tuesday].htm
11/17/2003 05:33 PM 4,019 2003-11-17 [Monday].htm
11/19/2003 07:47 PM 1,370 2003-11-19 [Wednesday].htm
11/23/2003 10:04 PM 1,291 2003-11-23 [Sunday].htm
11/24/2003 08:11 PM 1,145 2003-11-24 [Monday].htm
12/02/2003 08:32 PM 912 2003-12-02 [Tuesday].htm
12/03/2003 10:32 PM 1,397 2003-12-03 [Wednesday].htm
12/04/2003 08:52 PM 5,769 2003-12-04 [Thursday].htm
12/06/2003 09:09 PM 27,591 2003-12-06 [Saturday].htm
12/13/2003 05:21 AM 1,466 2003-12-13 [Saturday].htm
12/19/2003 04:40 AM 5,451 2003-12-19 [Friday].htm
12/20/2003 07:10 AM 1,039 2003-12-20 [Saturday].htm
12/21/2003 12:14 PM 5,751 2003-12-21 [Sunday].htm
12/25/2003 11:28 PM 3,770 2003-12-25 [Thursday].htm
12/30/2003 06:38 PM 1,638 2003-12-30 [Tuesday].htm
12/31/2003 01:21 AM 1,355 2003-12-31 [Wednesday].htm
01/02/2004 03:00 AM 597 2004-01-02 [Friday].htm
01/03/2004 12:59 AM 3,883 2004-01-03 [Saturday].htm
01/12/2004 09:31 PM 2,529 2004-01-12 [Monday].htm
01/14/2004 09:36 PM 13,606 2004-01-14 [Wednesday].htm
01/15/2004 03:05 PM 773 2004-01-15 [Thursday].htm
09/14/2006 04:34 PM <DIR> 2004-01-18 [Sunday]
01/18/2004 03:05 AM 4,490 2004-01-18 [Sunday].htm
01/20/2004 07:30 PM 1,855 2004-01-20 [Tuesday].htm
01/21/2004 02:50 PM 3,563 2004-01-21 [Wednesday].htm
01/25/2004 07:47 PM 1,352 2004-01-25 [Sunday].htm
01/26/2004 07:58 PM 1,267 2004-01-26 [Monday].htm
01/27/2004 10:21 PM 4,354 2004-01-27 [Tuesday].htm
09/14/2006 04:34 PM <DIR> 2004-01-28 [Wednesday]
01/28/2004 09:01 PM 4,669 2004-01-28 [Wednesday].htm
01/29/2004 11:04 PM 976 2004-01-29 [Thursday].htm
02/04/2004 04:20 PM 2,271 2004-02-04 [Wednesday].htm
02/09/2004 10:39 PM 1,038 2004-02-09 [Monday].htm
09/14/2006 04:34 PM <DIR> 2004-02-16 [Monday]
02/16/2004 07:20 PM 33,702 2004-02-16 [Monday].htm
02/21/2004 04:32 PM 7,061 2004-02-21 [Saturday].htm
02/23/2004 08:42 PM 1,009 2004-02-23 [Monday].htm
02/27/2004 11:53 PM 1,706 2004-02-27 [Friday].htm
02/27/2004 11:50 PM 2,902 events.txt
37 File(s) 161,870 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-18 [Sunday]
09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
09/14/2006 04:34 PM 4,608 Thumbs.db
01/18/2004 03:05 AM 746,974 untitled.bmp
2 File(s) 751,582 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-28 [Wednesday]
09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
01/28/2004 09:01 PM 799,510 noname1075341676.bmp
09/14/2006 04:34 PM 6,144 Thumbs.db
2 File(s) 805,654 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-02-16 [Monday]
09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
02/16/2004 07:19 PM 304,381 03' fell down stairs.tif
02/16/2004 07:19 PM 518,964 Caitlin - gadzook
02/16/2004 07:19 PM 95,306 headshot.jpg
02/16/2004 07:19 PM 2,817,556 homc..03 .jpg
09/14/2006 04:36 PM 88,081 scan0001.jpg
02/16/2004 07:19 PM 1,612,356 Scan0001.tif
09/14/2006 04:39 PM 2,796,308 Scan0002.tif
02/16/2004 07:19 PM 8,619 spiderman_bnza_small nicks bowl.jpg
09/14/2006 04:39 PM 27,648 Thumbs.db
9 File(s) 8,269,219 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Music Videos
01/13/2006 12:08 PM <DIR> .
01/13/2006 12:08 PM <DIR> ..
01/13/2006 10:15 AM 56,049,646 311 - 311 fatchance live.mpg
01/13/2006 09:23 AM 31,752,811 311 - all mixed up (video).mpg
01/13/2006 10:57 AM 36,307,852 311 - Amber (Live On Last Call)(1).mpg
01/13/2006 08:52 AM 37,853,188 311 - beautiful disaster live mtv smf.mpg
01/13/2006 10:52 AM 39,359,264 311 - come original live at sokal.mpeg
01/13/2006 11:08 AM 44,130,436 311 - creatures for a while - creatures.mpg
01/13/2006 08:05 AM 29,631,000 311 - don't stay home.mpg
01/13/2006 11:10 AM 36,465,884 311 - Down (Live On Conan O'Brien).mpg
01/13/2006 11:23 AM 40,326,048 311 - down (live on david letterman).mpg
01/13/2006 11:27 AM 29,956,136 311 - Down.mpg
01/13/2006 09:15 AM 42,006,300 311 - feels so good (live).mpg
01/13/2006 09:49 AM 39,301,164 311 - First Straw (Live Kimmel).mpg
01/12/2006 06:44 PM 161 311 - First Straw.avs
01/13/2006 10:25 AM 8,299,742 311 - First Straw.wmv
01/13/2006 10:57 AM 43,533,168 311 - Flowing (video).mpg
01/13/2006 03:47 AM 158 311 - Homebrew.avs
01/13/2006 07:41 AM 7,976,446 311 - Homebrew.wmv
01/13/2006 10:07 AM 36,993,028 311 - i'll be here awhile acoustic (live in seattle).mpg
01/13/2006 09:19 AM 47,818,624 311 - love song 33.mpg
01/13/2006 01:32 AM 175 311 - lovesong_kilborne_2-19-04.avs
01/13/2006 06:18 AM 9,300,700 311 - lovesong_kilborne_2-19-04.wmv
01/13/2006 09:52 AM 27,787,266 311 - prisoner.mpg
01/13/2006 09:38 AM 37,569,784 311 - transistor.mpg
01/13/2006 05:45 AM 160 311 kilborne 512.avs
01/13/2006 07:54 AM 18,634,383 311 kilborne 512.wmv
01/13/2006 10:11 AM 10,265,436 311 lovesong Leno 061104.wmv
01/13/2006 01:51 AM 177 311 on kimmel 2003 - creatures512.avs
01/13/2006 09:32 AM 19,287,237 311 on kimmel 2003 - creatures512.wmv
01/13/2006 09:32 AM 43,155,141 311- beautiful_disaster.mpg
01/13/2006 09:43 AM 37,797,290 311- come original.mpg
01/13/2006 08:28 AM 43,806,804 311- do you right.mpeg
01/13/2006 09:25 AM 51,873,268 311-i'll be here awhile.mpg
01/13/2006 08:24 AM 31,946,756 311_-_amber-daveyscan-ucv.mpeg
01/12/2006 12:10 PM 166 311_Kimmel_DTOM_080505.avs
01/13/2006 12:27 AM 10,496,228 311_Kimmel_DTOM_080505.wmv
01/12/2006 11:56 AM 174 311_on_Sharon_Osbourne_2-20-04.avs
01/13/2006 08:44 AM 9,303,984 311_on_Sharon_Osbourne_2-20-04.wmv
01/13/2006 02:25 AM 186 Drumline on kilborne-512kbps-thatsnice-wmv.avs
01/13/2006 09:55 AM 14,826,035 Drumline on kilborne-512kbps-thatsnice-wmv.wmv
01/13/2006 12:10 PM 92,160 Thumbs.db
40 File(s) 973,904,566 bytes
Directory of C:\Documents and Settings\Nick\Desktop\SmitfraudFix
10/27/2006 02:02 PM <DIR> .
10/27/2006 02:02 PM <DIR> ..
07/31/2004 05:50 PM 51,200 dumphive.exe
10/10/2006 10:34 PM 81,920 GenericRenosFix.exe
06/05/2003 08:13 PM 53,248 Process.exe
01/13/2005 08:41 PM 24,576 Reboot.exe
03/07/2006 09:45 PM 16,384 restart.exe
10/26/2006 10:56 PM 776,024 SmitfraudFix.cmd
09/19/2006 09:13 PM 20,480 SmiUpdate.exe
04/27/2006 04:49 PM 288,417 SrchSTS.exe
08/29/2006 06:43 PM 135,168 swreg.exe
01/09/2006 09:36 AM 40,960 swsc.exe
09/14/2006 11:34 PM 167,936 unzip.exe
11 File(s) 1,656,313 bytes
Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive
07/25/2006 02:07 AM <DIR> .
07/25/2006 02:07 AM <DIR> ..
08/25/2005 09:10 PM 40,960 AuxSetup.exe
04/08/2006 01:11 AM <DIR> aviproxy
11/14/2002 06:55 PM 56,832 AviSynthLexer.lexer
08/25/2005 10:44 PM 14,545 Codecs.ini
10/01/2003 05:31 PM 18,321 copying
03/10/2003 04:42 PM 125,440 corona.dll
04/22/2005 04:07 AM 184 Free-Codecs.txt
05/22/2002 05:18 AM 860 license_corona.txt
03/11/2003 10:10 PM 20,992 ogg.dll
04/08/2006 01:11 AM <DIR> plugins
03/17/2003 08:41 PM 1,263 readme_virtualdubmod_dlls.txt
04/25/2003 11:29 PM 146,944 SciLexer.dll
04/08/2006 01:11 AM <DIR> template
08/25/2005 09:10 PM 11,340 vdicmdrv.dll
08/25/2005 09:10 PM 9,804 vdremote.dll
08/25/2005 09:09 PM 7,244 vdsvrlnk.dll
12/01/2003 11:11 PM 74,186 VirtualDub.vdhelp
12/03/2003 08:26 PM 210,415 VirtualDubMod.chm
08/25/2005 09:17 PM 929,280 VirtualDubMod.exe
09/12/2004 12:22 PM 615 VirtualDubMod.exe.manifest
08/25/2005 09:17 PM 137,733 VirtualDubMod.vdi
03/11/2003 10:50 PM 48,640 vorbis.dll
07/25/2006 01:25 AM 699,177 WordBiz18.exe
20 File(s) 2,554,775 bytes
Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\aviproxy
04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 192 proxyoff.reg
10/01/2003 05:31 PM 192 proxyon.reg
10/01/2003 05:31 PM 1,076 readme.txt
3 File(s) 1,460 bytes
Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\plugins
04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 88 readme.txt
1 File(s) 88 bytes
Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\template
04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/30/2002 09:13 PM 40 avisource.avst
10/30/2002 09:13 PM 50 default.avst
10/30/2002 09:13 PM 54 directshow.avst
10/30/2002 09:13 PM 59 mpeg2dec.avst
10/30/2002 09:13 PM 48 mpegdecoder.avst
5 File(s) 251 bytes
Total Files Listed:
274 File(s) 1,030,972,965 bytes
56 Dir(s) 74,018,066,432 bytes free
Volume in drive C has no label.
Volume Serial Number is 04E4-BB78
Directory of C:\Documents and Settings\Nick\Desktop
11/02/2006 09:27 PM <DIR> .
11/02/2006 09:27 PM <DIR> ..
10/27/2006 01:55 PM 3,307 222.rtf
09/19/2006 07:26 PM 2,855,080 aawsepersonal.exe
06/10/2005 09:44 PM 20,798,256 AdbeRdr70_enu_full.exe
10/19/2005 06:19 PM 160,256 AIMFix.exe
10/27/2005 03:04 PM 678 Azureus.lnk
04/09/2005 10:00 AM 393,216 bwchart.exe
09/18/2006 11:20 PM <DIR> Caitlin all
10/17/2005 03:47 PM 1,657 Collab.lnk
10/25/2006 11:28 AM 276,918 combofix.exe
11/02/2006 09:27 PM 132 find.bat
11/02/2006 09:27 PM 124 find2.bat
10/17/2005 03:47 PM 778 FL Studio 5.lnk
05/28/2005 09:35 PM 104 Internet.lnk
10/23/2005 10:54 PM 1,565 IrfanView Thumbnails.lnk
10/23/2005 10:54 PM 685 IrfanView.lnk
01/13/2006 12:08 PM <DIR> Music Videos
09/25/2005 04:02 PM 104 My Computer.lnk
03/15/2004 10:08 PM 19,846 nick's poem book.txt
10/27/2006 02:03 PM 1,420 rapport.txt
10/27/2006 02:02 PM <DIR> SmitfraudFix
10/27/2006 01:26 PM 601,128 SmitfraudFix.zip
09/19/2006 07:43 PM 933 Spybot - Search & Destroy.lnk
09/19/2006 07:43 PM 5,037,072 spybotsd14.exe
09/19/2006 12:21 PM 690 SpywareBlaster.lnk
05/28/2005 09:25 PM 1,576 Starcraft - Brood War.lnk
10/25/2006 11:24 AM 2 uninstall_list.txt
07/25/2006 02:07 AM <DIR> VirtualDubMod_1_5_10_2_All_inclusive
04/08/2006 01:15 AM 1,757,806 VirtualDubMod_1_5_10_2_All_inclusive.zip
11/09/2005 03:55 AM 654 Winamp.lnk
06/05/2005 05:53 PM 692 WinRAR.lnk
07/25/2006 01:25 AM 1,524 WordBiz.lnk
06/05/2005 05:52 PM 1,013,454 wrar35b5.exe
28 File(s) 32,929,657 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all
09/18/2006 11:20 PM <DIR> .
09/18/2006 11:20 PM <DIR> ..
09/26/2004 08:53 PM 183,615 caitlin.jpg
09/18/2006 11:22 PM 256,822 Clipboard01.bmp
09/13/2006 09:50 PM <DIR> DszeroDs - Caitlin
09/13/2006 09:50 PM <DIR> GoBpUnKrOcKeRs -Caitlin
01/30/2005 10:03 PM 2,794,174 hawaii.bmp
02/16/2004 07:09 PM 2,817,556 homc..03 .tif
09/13/2006 09:49 PM <DIR> RyuhouEx - Caitlin
02/16/2004 07:06 PM 2,817,580 Scan0002.tif
10/29/2004 08:01 AM 620 Shortcut to Caitlin - gadzook.lnk
01/30/2005 10:02 PM 619 Shortcut to Scan0002.lnk
09/18/2006 11:22 PM 32,256 Thumbs.db
09/13/2006 09:49 PM <DIR> XfallenchaosX - caitlin middle
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin new
09/13/2006 09:49 PM <DIR> xfallenchaosx - caitlin old
09/13/2006 09:49 PM <DIR> xxryuhouxx - caitlin
8 File(s) 8,903,242 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\DszeroDs - Caitlin
09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
05/24/2003 06:23 AM 4,208 2003-05-24 [Saturday].htm
06/04/2003 08:47 PM 1,756 2003-06-04 [Wednesday].htm
06/05/2003 06:37 PM 401 2003-06-05 [Thursday].htm
06/07/2003 04:40 PM 2,337 2003-06-07 [Saturday].htm
06/09/2003 09:30 PM 2,070 2003-06-09 [Monday].htm
06/10/2003 07:38 PM 14,563 2003-06-10 [Tuesday].htm
06/12/2003 09:18 PM 18,931 2003-06-12 [Thursday].htm
06/14/2003 05:06 PM 390 2003-06-14 [Saturday].htm
06/15/2003 09:48 PM 35,884 2003-06-15 [Sunday].htm
06/16/2003 09:47 PM 27,543 2003-06-16 [Monday].htm
06/17/2003 08:26 PM 3,694 2003-06-17 [Tuesday].htm
06/18/2003 03:36 PM 22,921 2003-06-18 [Wednesday].htm
06/19/2003 07:21 PM 11,709 2003-06-19 [Thursday].htm
06/20/2003 08:58 PM 5,804 2003-06-20 [Friday].htm
06/22/2003 01:09 PM 6,787 2003-06-22 [Sunday].htm
06/23/2003 05:05 PM 17,660 2003-06-23 [Monday].htm
06/25/2003 12:56 PM 7,187 2003-06-25 [Wednesday].htm
06/27/2003 03:50 PM 15,410 2003-06-27 [Friday].htm
07/06/2003 09:28 PM 5,168 2003-07-06 [Sunday].htm
07/07/2003 06:09 PM 21,267 2003-07-07 [Monday].htm
07/08/2003 04:55 PM 2,293 2003-07-08 [Tuesday].htm
07/13/2003 12:28 PM 2,378 2003-07-13 [Sunday].htm
07/14/2003 08:52 PM 11,916 2003-07-14 [Monday].htm
07/15/2003 07:32 PM 13,510 2003-07-15 [Tuesday].htm
07/19/2003 09:58 PM 14,734 2003-07-19 [Saturday].htm
07/26/2003 02:42 PM 14,938 2003-07-26 [Saturday].htm
07/27/2003 03:17 PM 550 2003-07-27 [Sunday].htm
08/11/2003 09:40 PM 4,268 2003-08-11 [Monday].htm
08/12/2003 11:13 AM 675 2003-08-12 [Tuesday].htm
08/14/2003 10:36 PM 12,800 2003-08-14 [Thursday].htm
08/15/2003 10:17 PM 7,932 2003-08-15 [Friday].htm
08/16/2003 08:14 PM 24,701 2003-08-16 [Saturday].htm
08/17/2003 05:01 PM 8,650 2003-08-17 [Sunday].htm
08/18/2003 07:04 PM 20,208 2003-08-18 [Monday].htm
08/19/2003 12:36 AM 27,747 2003-08-19 [Tuesday].htm
08/20/2003 09:54 PM 36,672 2003-08-20 [Wednesday].htm
08/21/2003 11:25 AM 2,461 2003-08-21 [Thursday].htm
08/22/2003 10:26 AM 3,368 2003-08-22 [Friday].htm
01/23/2004 11:10 PM 2,381 2004-01-23 [Friday].htm
01/25/2004 01:05 PM 2,368 events.txt
10/09/2004 11:02 PM 14 Me....txt
41 File(s) 440,254 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin
09/13/2006 09:50 PM <DIR> .
09/13/2006 09:50 PM <DIR> ..
04/25/2001 07:16 AM 9,249 2001-04-25 [Wednesday].htm
05/05/2001 10:31 AM 14,933 2001-05-05 [Saturday].htm
09/20/2001 08:45 PM 23,022 2001-09-20 [Thursday].htm
09/21/2001 01:26 AM 21,168 2001-09-21 [Friday].htm
04/09/2003 07:45 PM 13,845 2003-04-09 [Wednesday].htm
09/14/2006 04:40 PM <DIR> 2003-04-18 [Friday]
04/18/2003 10:32 PM 64,574 2003-04-18 [Friday].htm
04/19/2003 12:21 PM 1,909 2003-04-19 [Saturday].htm
04/20/2003 12:05 AM 11,873 2003-04-20 [Sunday].htm
05/26/2003 01:31 PM 9,781 2003-05-26 [Monday].htm
06/01/2003 04:37 PM 9,707 2003-06-01 [Sunday].htm
06/06/2003 06:15 PM 1,344 2003-06-06 [Friday].htm
01/25/2004 07:10 PM 4,610 2004-01-25 [Sunday].htm
06/01/2003 04:37 PM 277 events.txt
13 File(s) 186,292 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\GoBpUnKrOcKeRs -Caitlin\2003-04-18 [Friday]
09/14/2006 04:40 PM <DIR> .
09/14/2006 04:40 PM <DIR> ..
04/18/2003 07:32 PM 104,336 MVC-011S.JPG
09/14/2006 04:40 PM 5,632 Thumbs.db
2 File(s) 109,968 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\RyuhouEx - Caitlin
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
08/23/2003 08:14 PM 912 2003-08-23 [Saturday].htm
08/24/2003 06:21 PM 3,181 2003-08-24 [Sunday].htm
08/25/2003 01:14 PM 31,929 2003-08-25 [Monday].htm
08/26/2003 03:24 PM 19,349 2003-08-26 [Tuesday].htm
08/27/2003 03:04 PM 8,857 2003-08-27 [Wednesday].htm
08/28/2003 08:31 PM 7,746 2003-08-28 [Thursday].htm
08/29/2003 03:07 PM 12,340 2003-08-29 [Friday].htm
08/30/2003 02:57 PM 1,515 2003-08-30 [Saturday].htm
09/03/2003 06:59 PM 1,973 2003-09-03 [Wednesday].htm
09/07/2003 08:12 PM 17,033 2003-09-07 [Sunday].htm
09/08/2003 02:37 PM 13,073 2003-09-08 [Monday].htm
09/12/2003 01:49 PM 890 2003-09-12 [Friday].htm
09/14/2003 07:36 PM 17,727 2003-09-14 [Sunday].htm
09/15/2003 08:30 PM 2,160 2003-09-15 [Monday].htm
09/17/2003 07:12 PM 755 2003-09-17 [Wednesday].htm
09/19/2003 03:37 PM 3,721 2003-09-19 [Friday].htm
09/22/2003 08:31 PM 1,404 2003-09-22 [Monday].htm
09/24/2003 08:05 PM 6,813 2003-09-24 [Wednesday].htm
09/25/2003 08:19 PM 4,623 2003-09-25 [Thursday].htm
09/26/2003 02:59 PM 713 2003-09-26 [Friday].htm
09/29/2003 08:15 PM 1,859 2003-09-29 [Monday].htm
10/08/2003 06:27 PM 1,441 2003-10-08 [Wednesday].htm
10/09/2003 09:20 PM 6,395 2003-10-09 [Thursday].htm
10/10/2003 10:43 AM 5,340 2003-10-10 [Friday].htm
10/15/2003 08:19 PM 24,779 2003-10-15 [Wednesday].htm
10/17/2003 04:51 PM 1,504 2003-10-17 [Friday].htm
10/19/2003 04:44 PM 688 2003-10-19 [Sunday].htm
10/20/2003 07:54 PM 5,003 2003-10-20 [Monday].htm
10/22/2003 07:51 PM 18,172 2003-10-22 [Wednesday].htm
10/24/2003 02:12 PM 2,034 2003-10-24 [Friday].htm
10/26/2003 08:09 PM 5,619 2003-10-26 [Sunday].htm
10/27/2003 08:54 PM 12,243 2003-10-27 [Monday].htm
10/29/2003 08:00 PM 9,120 2003-10-29 [Wednesday].htm
10/30/2003 03:55 PM 6,331 2003-10-30 [Thursday].htm
10/31/2003 06:20 PM 619 2003-10-31 [Friday].htm
11/03/2003 09:46 PM 2,710 2003-11-03 [Monday].htm
11/04/2003 08:38 PM 5,569 2003-11-04 [Tuesday].htm
11/05/2003 01:50 PM 1,872 2003-11-05 [Wednesday].htm
11/05/2003 01:30 PM 3,046 events.txt
39 File(s) 271,058 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\XfallenchaosX - caitlin middle
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/29/2004 10:40 PM 978 2004-02-29 [Sunday].htm
03/29/2004 09:59 PM 2,358 2004-03-29 [Monday].htm
04/02/2004 09:16 PM 439 2004-04-02 [Friday].htm
04/03/2004 02:19 PM 997 2004-04-03 [Saturday].htm
04/11/2004 09:00 PM 1,566 2004-04-11 [Sunday].htm
04/15/2004 10:16 PM 11,595 2004-04-15 [Thursday].htm
04/27/2004 02:42 PM 1,133 2004-04-27 [Tuesday].htm
04/27/2004 07:30 PM 937 events.txt
8 File(s) 20,003 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin new
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
05/05/2004 08:06 PM 3,980 2004-05-05 [Wednesday].htm
05/10/2004 05:29 PM 69 events.txt
2 File(s) 4,049 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xfallenchaosx - caitlin old
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
02/27/2004 11:53 PM 1,462 2004-02-27 [Friday].htm
02/28/2004 02:34 PM 924 2004-02-28 [Saturday].htm
03/22/2004 09:05 PM 278 events.txt
3 File(s) 2,664 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin
09/13/2006 09:49 PM <DIR> .
09/13/2006 09:49 PM <DIR> ..
11/10/2003 10:10 PM 3,575 2003-11-10 [Monday].htm
11/11/2003 07:11 PM 728 2003-11-11 [Tuesday].htm
11/17/2003 05:33 PM 4,019 2003-11-17 [Monday].htm
11/19/2003 07:47 PM 1,370 2003-11-19 [Wednesday].htm
11/23/2003 10:04 PM 1,291 2003-11-23 [Sunday].htm
11/24/2003 08:11 PM 1,145 2003-11-24 [Monday].htm
12/02/2003 08:32 PM 912 2003-12-02 [Tuesday].htm
12/03/2003 10:32 PM 1,397 2003-12-03 [Wednesday].htm
12/04/2003 08:52 PM 5,769 2003-12-04 [Thursday].htm
12/06/2003 09:09 PM 27,591 2003-12-06 [Saturday].htm
12/13/2003 05:21 AM 1,466 2003-12-13 [Saturday].htm
12/19/2003 04:40 AM 5,451 2003-12-19 [Friday].htm
12/20/2003 07:10 AM 1,039 2003-12-20 [Saturday].htm
12/21/2003 12:14 PM 5,751 2003-12-21 [Sunday].htm
12/25/2003 11:28 PM 3,770 2003-12-25 [Thursday].htm
12/30/2003 06:38 PM 1,638 2003-12-30 [Tuesday].htm
12/31/2003 01:21 AM 1,355 2003-12-31 [Wednesday].htm
01/02/2004 03:00 AM 597 2004-01-02 [Friday].htm
01/03/2004 12:59 AM 3,883 2004-01-03 [Saturday].htm
01/12/2004 09:31 PM 2,529 2004-01-12 [Monday].htm
01/14/2004 09:36 PM 13,606 2004-01-14 [Wednesday].htm
01/15/2004 03:05 PM 773 2004-01-15 [Thursday].htm
09/14/2006 04:34 PM <DIR> 2004-01-18 [Sunday]
01/18/2004 03:05 AM 4,490 2004-01-18 [Sunday].htm
01/20/2004 07:30 PM 1,855 2004-01-20 [Tuesday].htm
01/21/2004 02:50 PM 3,563 2004-01-21 [Wednesday].htm
01/25/2004 07:47 PM 1,352 2004-01-25 [Sunday].htm
01/26/2004 07:58 PM 1,267 2004-01-26 [Monday].htm
01/27/2004 10:21 PM 4,354 2004-01-27 [Tuesday].htm
09/14/2006 04:34 PM <DIR> 2004-01-28 [Wednesday]
01/28/2004 09:01 PM 4,669 2004-01-28 [Wednesday].htm
01/29/2004 11:04 PM 976 2004-01-29 [Thursday].htm
02/04/2004 04:20 PM 2,271 2004-02-04 [Wednesday].htm
02/09/2004 10:39 PM 1,038 2004-02-09 [Monday].htm
09/14/2006 04:34 PM <DIR> 2004-02-16 [Monday]
02/16/2004 07:20 PM 33,702 2004-02-16 [Monday].htm
02/21/2004 04:32 PM 7,061 2004-02-21 [Saturday].htm
02/23/2004 08:42 PM 1,009 2004-02-23 [Monday].htm
02/27/2004 11:53 PM 1,706 2004-02-27 [Friday].htm
02/27/2004 11:50 PM 2,902 events.txt
37 File(s) 161,870 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-18 [Sunday]
09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
09/14/2006 04:34 PM 4,608 Thumbs.db
01/18/2004 03:05 AM 746,974 untitled.bmp
2 File(s) 751,582 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-01-28 [Wednesday]
09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
01/28/2004 09:01 PM 799,510 noname1075341676.bmp
09/14/2006 04:34 PM 6,144 Thumbs.db
2 File(s) 805,654 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Caitlin all\xxryuhouxx - caitlin\2004-02-16 [Monday]
09/14/2006 04:34 PM <DIR> .
09/14/2006 04:34 PM <DIR> ..
02/16/2004 07:19 PM 304,381 03' fell down stairs.tif
02/16/2004 07:19 PM 518,964 Caitlin - gadzook
02/16/2004 07:19 PM 95,306 headshot.jpg
02/16/2004 07:19 PM 2,817,556 homc..03 .jpg
09/14/2006 04:36 PM 88,081 scan0001.jpg
02/16/2004 07:19 PM 1,612,356 Scan0001.tif
09/14/2006 04:39 PM 2,796,308 Scan0002.tif
02/16/2004 07:19 PM 8,619 spiderman_bnza_small nicks bowl.jpg
09/14/2006 04:39 PM 27,648 Thumbs.db
9 File(s) 8,269,219 bytes
Directory of C:\Documents and Settings\Nick\Desktop\Music Videos
01/13/2006 12:08 PM <DIR> .
01/13/2006 12:08 PM <DIR> ..
01/13/2006 10:15 AM 56,049,646 311 - 311 fatchance live.mpg
01/13/2006 09:23 AM 31,752,811 311 - all mixed up (video).mpg
01/13/2006 10:57 AM 36,307,852 311 - Amber (Live On Last Call)(1).mpg
01/13/2006 08:52 AM 37,853,188 311 - beautiful disaster live mtv smf.mpg
01/13/2006 10:52 AM 39,359,264 311 - come original live at sokal.mpeg
01/13/2006 11:08 AM 44,130,436 311 - creatures for a while - creatures.mpg
01/13/2006 08:05 AM 29,631,000 311 - don't stay home.mpg
01/13/2006 11:10 AM 36,465,884 311 - Down (Live On Conan O'Brien).mpg
01/13/2006 11:23 AM 40,326,048 311 - down (live on david letterman).mpg
01/13/2006 11:27 AM 29,956,136 311 - Down.mpg
01/13/2006 09:15 AM 42,006,300 311 - feels so good (live).mpg
01/13/2006 09:49 AM 39,301,164 311 - First Straw (Live Kimmel).mpg
01/12/2006 06:44 PM 161 311 - First Straw.avs
01/13/2006 10:25 AM 8,299,742 311 - First Straw.wmv
01/13/2006 10:57 AM 43,533,168 311 - Flowing (video).mpg
01/13/2006 03:47 AM 158 311 - Homebrew.avs
01/13/2006 07:41 AM 7,976,446 311 - Homebrew.wmv
01/13/2006 10:07 AM 36,993,028 311 - i'll be here awhile acoustic (live in seattle).mpg
01/13/2006 09:19 AM 47,818,624 311 - love song 33.mpg
01/13/2006 01:32 AM 175 311 - lovesong_kilborne_2-19-04.avs
01/13/2006 06:18 AM 9,300,700 311 - lovesong_kilborne_2-19-04.wmv
01/13/2006 09:52 AM 27,787,266 311 - prisoner.mpg
01/13/2006 09:38 AM 37,569,784 311 - transistor.mpg
01/13/2006 05:45 AM 160 311 kilborne 512.avs
01/13/2006 07:54 AM 18,634,383 311 kilborne 512.wmv
01/13/2006 10:11 AM 10,265,436 311 lovesong Leno 061104.wmv
01/13/2006 01:51 AM 177 311 on kimmel 2003 - creatures512.avs
01/13/2006 09:32 AM 19,287,237 311 on kimmel 2003 - creatures512.wmv
01/13/2006 09:32 AM 43,155,141 311- beautiful_disaster.mpg
01/13/2006 09:43 AM 37,797,290 311- come original.mpg
01/13/2006 08:28 AM 43,806,804 311- do you right.mpeg
01/13/2006 09:25 AM 51,873,268 311-i'll be here awhile.mpg
01/13/2006 08:24 AM 31,946,756 311_-_amber-daveyscan-ucv.mpeg
01/12/2006 12:10 PM 166 311_Kimmel_DTOM_080505.avs
01/13/2006 12:27 AM 10,496,228 311_Kimmel_DTOM_080505.wmv
01/12/2006 11:56 AM 174 311_on_Sharon_Osbourne_2-20-04.avs
01/13/2006 08:44 AM 9,303,984 311_on_Sharon_Osbourne_2-20-04.wmv
01/13/2006 02:25 AM 186 Drumline on kilborne-512kbps-thatsnice-wmv.avs
01/13/2006 09:55 AM 14,826,035 Drumline on kilborne-512kbps-thatsnice-wmv.wmv
01/13/2006 12:10 PM 92,160 Thumbs.db
40 File(s) 973,904,566 bytes
Directory of C:\Documents and Settings\Nick\Desktop\SmitfraudFix
10/27/2006 02:02 PM <DIR> .
10/27/2006 02:02 PM <DIR> ..
07/31/2004 05:50 PM 51,200 dumphive.exe
10/10/2006 10:34 PM 81,920 GenericRenosFix.exe
06/05/2003 08:13 PM 53,248 Process.exe
01/13/2005 08:41 PM 24,576 Reboot.exe
03/07/2006 09:45 PM 16,384 restart.exe
10/26/2006 10:56 PM 776,024 SmitfraudFix.cmd
09/19/2006 09:13 PM 20,480 SmiUpdate.exe
04/27/2006 04:49 PM 288,417 SrchSTS.exe
08/29/2006 06:43 PM 135,168 swreg.exe
01/09/2006 09:36 AM 40,960 swsc.exe
09/14/2006 11:34 PM 167,936 unzip.exe
11 File(s) 1,656,313 bytes
Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive
07/25/2006 02:07 AM <DIR> .
07/25/2006 02:07 AM <DIR> ..
08/25/2005 09:10 PM 40,960 AuxSetup.exe
04/08/2006 01:11 AM <DIR> aviproxy
11/14/2002 06:55 PM 56,832 AviSynthLexer.lexer
08/25/2005 10:44 PM 14,545 Codecs.ini
10/01/2003 05:31 PM 18,321 copying
03/10/2003 04:42 PM 125,440 corona.dll
04/22/2005 04:07 AM 184 Free-Codecs.txt
05/22/2002 05:18 AM 860 license_corona.txt
03/11/2003 10:10 PM 20,992 ogg.dll
04/08/2006 01:11 AM <DIR> plugins
03/17/2003 08:41 PM 1,263 readme_virtualdubmod_dlls.txt
04/25/2003 11:29 PM 146,944 SciLexer.dll
04/08/2006 01:11 AM <DIR> template
08/25/2005 09:10 PM 11,340 vdicmdrv.dll
08/25/2005 09:10 PM 9,804 vdremote.dll
08/25/2005 09:09 PM 7,244 vdsvrlnk.dll
12/01/2003 11:11 PM 74,186 VirtualDub.vdhelp
12/03/2003 08:26 PM 210,415 VirtualDubMod.chm
08/25/2005 09:17 PM 929,280 VirtualDubMod.exe
09/12/2004 12:22 PM 615 VirtualDubMod.exe.manifest
08/25/2005 09:17 PM 137,733 VirtualDubMod.vdi
03/11/2003 10:50 PM 48,640 vorbis.dll
07/25/2006 01:25 AM 699,177 WordBiz18.exe
20 File(s) 2,554,775 bytes
Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\aviproxy
04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 192 proxyoff.reg
10/01/2003 05:31 PM 192 proxyon.reg
10/01/2003 05:31 PM 1,076 readme.txt
3 File(s) 1,460 bytes
Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\plugins
04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/01/2003 05:31 PM 88 readme.txt
1 File(s) 88 bytes
Directory of C:\Documents and Settings\Nick\Desktop\VirtualDubMod_1_5_10_2_All_inclusive\template
04/08/2006 01:11 AM <DIR> .
04/08/2006 01:11 AM <DIR> ..
10/30/2002 09:13 PM 40 avisource.avst
10/30/2002 09:13 PM 50 default.avst
10/30/2002 09:13 PM 54 directshow.avst
10/30/2002 09:13 PM 59 mpeg2dec.avst
10/30/2002 09:13 PM 48 mpegdecoder.avst
5 File(s) 251 bytes
Total Files Listed:
274 File(s) 1,030,972,965 bytes
56 Dir(s) 74,018,095,104 bytes free
im sorry about the time. The user was out of town and i couldn't get to the computer. here's what u wanted.
Post by: guestolo on November 02, 2006, 09:59:13 PM
Navigate to C:\Program Files\DriveCleaner 2006 Free
Open the folder, is there an uninstaller?
Post by: zeroFaTe on November 03, 2006, 11:54:43 AM
Post by: guestolo on November 03, 2006, 11:22:15 PM
Double click on MyComputer icon>>Local C: drive
Program Files folder
See if there is a
DriveCleaner 2006 Free folder
Let's see a fresh log please
But first. do the following
Do a "System scan only" with Hijackthis and put a check next to these entries:
O4 - HKLM\..\Run: [PAS_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcpas.exe"
O4 - HKLM\..\Run: [SDR6_Check] "C:\Program Files\Common Files\DriveCleaner 2006 Free\udcsdr.exe"
After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis
Reboot the computer, then run a fresh scan and save logfile with Hijackthis and post it
Post by: zeroFaTe on November 06, 2006, 11:46:52 PM
Scan saved at 11:44:23 PM, on 11/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\D-Link\Air Utility\AirCFG.exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\HJT\zerofate.exe.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [D-Link Air Utility] C:\Program Files\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cab (http://\"http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab\")
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cab (http://\"http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab\")
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
Post by: guestolo on November 07, 2006, 01:01:34 AM
Post by: zeroFaTe on November 08, 2006, 10:08:48 AM
Post by: guestolo on November 08, 2006, 08:29:52 PM
Quote
It needs to be updated but it keeps asking me to pay even though the version on my pc was technically paid for.
I'm not sure what you mean by that
Is it legally paid for or isn't it?
What version is it?
There are free versions that do a good job, but you don't want to have more than one AV running on your system
Post by: zeroFaTe on November 10, 2006, 02:16:35 AM
Post by: guestolo on November 11, 2006, 04:36:23 PM
Do I have to mention to you the use of SpywareBlaster?
Also, use the Immunization feature in Spybot 1.4
You should have a good acknowledgement how to keep your system secure
/wink.gif\' class=\'bbc_emoticon\' alt=\';)\' />
Post by: zeroFaTe on November 13, 2006, 03:49:47 PM
Post by: guestolo on November 14, 2006, 12:33:51 AM
Take care ZeroFate
/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />